Exemplo n.º 1
0
 /**
  * @param int $id
  * @return bool|void
  */
 public function delete($id)
 {
     parent::delete($id);
     Event::addEvent(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
 }
Exemplo n.º 2
0
 /**
  * Cleans the student's results only for the Exercise tool (Not from the LP)
  * The LP results are NOT deleted by default, otherwise put $cleanLpTests = true
  * Works with exercises in sessions
  * @param bool $cleanLpTests
  * @param string $cleanResultBeforeDate
  *
  * @return int quantity of user's exercises deleted
  */
 public function clean_results($cleanLpTests = false, $cleanResultBeforeDate = null)
 {
     $table_track_e_exercises = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
     $table_track_e_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
     $sql_where = '  AND
                     orig_lp_id = 0 AND
                     orig_lp_item_id = 0';
     // if we want to delete results from LP too
     if ($cleanLpTests) {
         $sql_where = "";
     }
     // if we want to delete attempts before date $cleanResultBeforeDate
     // $cleanResultBeforeDate must be a valid UTC-0 date yyyy-mm-dd
     if (!empty($cleanResultBeforeDate)) {
         $cleanResultBeforeDate = Database::escape_string($cleanResultBeforeDate);
         if (api_is_valid_date($cleanResultBeforeDate)) {
             $sql_where .= "  AND exe_date <= '{$cleanResultBeforeDate}' ";
         } else {
             return 0;
         }
     }
     $sql = "SELECT exe_id\n                FROM {$table_track_e_exercises}\n                WHERE\n                    c_id = " . api_get_course_int_id() . " AND\n                    exe_exo_id = " . $this->id . " AND\n                    session_id = " . api_get_session_id() . " " . $sql_where;
     $result = Database::query($sql);
     $exe_list = Database::store_result($result);
     // deleting TRACK_E_ATTEMPT table
     // check if exe in learning path or not
     $i = 0;
     if (is_array($exe_list) && count($exe_list) > 0) {
         foreach ($exe_list as $item) {
             $sql = "DELETE FROM {$table_track_e_attempt}\n                        WHERE exe_id = '" . $item['exe_id'] . "'";
             Database::query($sql);
             $i++;
         }
     }
     $session_id = api_get_session_id();
     // delete TRACK_E_EXERCISES table
     $sql = "DELETE FROM {$table_track_e_exercises}\n                WHERE c_id = " . api_get_course_int_id() . "\n                AND exe_exo_id = " . $this->id . "\n                {$sql_where}\n                AND session_id = " . $session_id . "";
     Database::query($sql);
     Event::addEvent(LOG_EXERCISE_RESULT_DELETE, LOG_EXERCISE_ID, $this->id, null, null, api_get_course_int_id(), $session_id);
     return $i;
 }
Exemplo n.º 3
0
function WSUnsuscribeCoursesFromSession($params)
{
    if (!WSHelperVerifyKey($params)) {
        return return_error(WS_ERROR_SECRET_KEY);
    }
    // Initialisation
    $tbl_session_rel_course_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
    $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
    $tbl_session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
    $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
    $coursessessions_params = $params['coursessessions'];
    $results = array();
    $orig_course_id_value = array();
    $orig_session_id_value = array();
    foreach ($coursessessions_params as $coursesession_param) {
        $original_session_id_value = $coursesession_param['original_session_id_value'];
        $original_session_id_name = $coursesession_param['original_session_id_name'];
        $original_course_id_name = $coursesession_param['original_course_id_name'];
        $original_course_id_values = $coursesession_param['original_course_id_values'];
        $orig_session_id_value[] = $original_session_id_value;
        $id_session = SessionManager::getSessionIdFromOriginalId($original_session_id_value, $original_session_id_name);
        if (empty($id_session)) {
            $results[] = 0;
            continue;
        }
        // Get courses list from row_original_course_id_values
        $course_list = array();
        $courseIdList = [];
        foreach ($original_course_id_values as $row_original_course_list) {
            $course_code = Database::escape_string($row_original_course_list['course_code']);
            // Check whether exits $x_course_code into user_field_values table.
            $courseInfo = CourseManager::getCourseInfoFromOriginalId($row_original_course_list['course_code'], $original_course_id_name);
            if (empty($courseInfo) || isset($courseInfo) && $courseInfo['visibility'] == 0) {
                continue;
                // Course_code doesn't exist'
            }
            $course_list[] = $courseInfo['code'];
            $courseIdList[] = $courseInfo['real_id'];
        }
        if (empty($course_list)) {
            $results[] = 0;
            continue;
        }
        $orig_course_id_value[] = implode(',', $course_list);
        foreach ($courseIdList as $courseId) {
            $courseId = intval($courseId);
            Database::query("DELETE FROM {$tbl_session_rel_course}\n                            WHERE c_id ='{$courseId}' AND session_id='{$id_session}'");
            $result = Database::query("DELETE FROM {$tbl_session_rel_course_rel_user} WHERE c_id='{$courseId}' AND session_id = '{$id_session}'");
            Event::addEvent(LOG_SESSION_DELETE_COURSE, LOG_COURSE_ID, $courseId, api_get_utc_datetime(), api_get_user_id(), $courseId, $id_session);
            $return = Database::affected_rows($result);
        }
        $nbr_courses = 0;
        $sql = "SELECT nbr_courses FROM {$tbl_session} WHERE id = '{$id_session}'";
        $res_nbr_courses = Database::query($sql);
        $row_nbr_courses = Database::fetch_row($res_nbr_courses);
        if (Database::num_rows($res_nbr_courses) > 0) {
            $nbr_users = $row_nbr_courses[0] - $return;
        }
        // Update number of users in the session.
        $update_sql = "UPDATE {$tbl_session} SET nbr_courses= {$nbr_courses} WHERE id='{$id_session}' ";
        Database::query($update_sql);
        $results[] = 1;
        continue;
    }
    $count_results = count($results);
    $output = array();
    for ($i = 0; $i < $count_results; $i++) {
        $output[] = array('original_course_id_values' => $orig_course_id_value[$i], 'original_session_id_value' => $orig_session_id_value[$i], 'result' => $results[$i]);
    }
    return $output;
}
Exemplo n.º 4
0
 /**
  * Function register_course to create a record in the course table of the main database
  * @param array Course details (see code for details)
  * @return int  Created course ID
  * @todo use an array called $params instead of lots of params
  * @assert (null) === false
  */
 public static function register_course($params)
 {
     global $error_msg, $firstExpirationDelay;
     $title = $params['title'];
     $code = $params['code'];
     $visual_code = $params['visual_code'];
     $directory = $params['directory'];
     $tutor_name = isset($params['tutor_name']) ? $params['tutor_name'] : null;
     //$description        = $params['description'];
     $category_code = isset($params['course_category']) ? $params['course_category'] : '';
     $course_language = isset($params['course_language']) && !empty($params['course_language']) ? $params['course_language'] : api_get_setting('language.platform_language');
     $user_id = empty($params['user_id']) ? api_get_user_id() : intval($params['user_id']);
     $department_name = isset($params['department_name']) ? $params['department_name'] : null;
     $department_url = isset($params['department_url']) ? $params['department_url'] : null;
     $disk_quota = isset($params['disk_quota']) ? $params['disk_quota'] : null;
     if (!isset($params['visibility'])) {
         $default_course_visibility = api_get_setting('course.courses_default_creation_visibility');
         if ($default_course_visibility != '') {
             $visibility = $default_course_visibility;
         } else {
             $visibility = COURSE_VISIBILITY_OPEN_PLATFORM;
         }
     } else {
         $visibility = $params['visibility'];
     }
     $subscribe = isset($params['subscribe']) ? intval($params['subscribe']) : ($visibility == COURSE_VISIBILITY_OPEN_PLATFORM ? 1 : 0);
     $unsubscribe = isset($params['unsubscribe']) ? intval($params['unsubscribe']) : 0;
     $expiration_date = isset($params['expiration_date']) ? $params['expiration_date'] : null;
     $teachers = isset($params['teachers']) ? $params['teachers'] : null;
     $status = isset($params['status']) ? $params['status'] : null;
     $TABLECOURSE = Database::get_main_table(TABLE_MAIN_COURSE);
     $TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
     $ok_to_register_course = true;
     // Check whether all the needed parameters are present.
     if (empty($code)) {
         $error_msg[] = 'courseSysCode is missing';
         $ok_to_register_course = false;
     }
     if (empty($visual_code)) {
         $error_msg[] = 'courseScreenCode is missing';
         $ok_to_register_course = false;
     }
     if (empty($directory)) {
         $error_msg[] = 'courseRepository is missing';
         $ok_to_register_course = false;
     }
     if (empty($title)) {
         $error_msg[] = 'title is missing';
         $ok_to_register_course = false;
     }
     if (empty($expiration_date)) {
         $expiration_date = api_get_utc_datetime(time() + $firstExpirationDelay);
     } else {
         $expiration_date = api_get_utc_datetime($expiration_date);
     }
     if ($visibility < 0 || $visibility > 4) {
         $error_msg[] = 'visibility is invalid';
         $ok_to_register_course = false;
     }
     if (empty($disk_quota)) {
         $disk_quota = api_get_setting('document.default_document_quotum');
     }
     $time = api_get_utc_datetime();
     if (stripos($department_url, 'http://') === false && stripos($department_url, 'https://') === false) {
         $department_url = 'http://' . $department_url;
     }
     //just in case
     if ($department_url == 'http://') {
         $department_url = '';
     }
     $course_id = 0;
     if ($ok_to_register_course) {
         // Here we must add 2 fields.
         $sql = "INSERT INTO " . $TABLECOURSE . " SET\n                        code = '" . Database::escape_string($code) . "',\n                        directory = '" . Database::escape_string($directory) . "',\n                        course_language = '" . Database::escape_string($course_language) . "',\n                        title = '" . Database::escape_string($title) . "',\n                        description = '" . self::lang2db(get_lang('CourseDescription')) . "',\n                        category_code = '" . Database::escape_string($category_code) . "',\n                        visibility      = '" . $visibility . "',\n                        show_score      = '1',\n                        disk_quota      = '" . intval($disk_quota) . "',\n                        creation_date   = '{$time}',\n                        expiration_date = '" . $expiration_date . "',\n                        last_edit       = '{$time}',\n                        last_visit      = NULL,\n                        tutor_name = '" . Database::escape_string($tutor_name) . "',\n                        department_name = '" . Database::escape_string($department_name) . "',\n                        department_url = '" . Database::escape_string($department_url) . "',\n                        subscribe = '" . intval($subscribe) . "',\n                        unsubscribe = '" . intval($unsubscribe) . "',\n                        visual_code = '" . Database::escape_string($visual_code) . "'";
         Database::query($sql);
         $course_id = Database::insert_id();
         if ($course_id) {
             $sort = api_max_sort_value('0', api_get_user_id());
             // Default true
             $addTeacher = isset($params['add_user_as_teacher']) ? $params['add_user_as_teacher'] : true;
             if ($addTeacher) {
                 $i_course_sort = CourseManager::userCourseSort($user_id, $code);
                 if (!empty($user_id)) {
                     $sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n                                c_id     = '" . $course_id . "',\n                                user_id         = '" . intval($user_id) . "',\n                                status          = '1',\n                                is_tutor        = '0',\n                                sort            = '" . $i_course_sort . "',\n                                user_course_cat = '0'";
                     Database::query($sql);
                 }
             }
             if (!empty($teachers)) {
                 if (!is_array($teachers)) {
                     $teachers = array($teachers);
                 }
                 foreach ($teachers as $key) {
                     //just in case
                     if ($key == $user_id) {
                         continue;
                     }
                     if (empty($key)) {
                         continue;
                     }
                     $sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n                            c_id     = '" . Database::escape_string($course_id) . "',\n                            user_id         = '" . Database::escape_string($key) . "',\n                            status          = '1',\n                            is_tutor        = '0',\n                            sort            = '" . ($sort + 1) . "',\n                            user_course_cat = '0'";
                     Database::query($sql);
                 }
             }
             // Adding the course to an URL.
             if (api_is_multiple_url_enabled()) {
                 $url_id = 1;
                 if (api_get_current_access_url_id() != -1) {
                     $url_id = api_get_current_access_url_id();
                 }
                 UrlManager::add_course_to_url($course_id, $url_id);
             } else {
                 UrlManager::add_course_to_url($course_id, 1);
             }
             // Add event to the system log.
             $user_id = api_get_user_id();
             Event::addEvent(LOG_COURSE_CREATE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $course_id);
             $send_mail_to_admin = api_get_setting('course.send_email_to_admin_when_create_course');
             // @todo Improve code to send to all current portal administrators.
             if ($send_mail_to_admin == 'true') {
                 $siteName = api_get_setting('platform.site_name');
                 $recipient_email = api_get_setting('admin.administrator_email');
                 $recipient_name = api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname'));
                 $iname = api_get_setting('platform.institution');
                 $subject = get_lang('NewCourseCreatedIn') . ' ' . $siteName . ' - ' . $iname;
                 $message = get_lang('Dear') . ' ' . $recipient_name . ",\n\n" . get_lang('MessageOfNewCourseToAdmin') . ' ' . $siteName . ' - ' . $iname . "\n";
                 $message .= get_lang('CourseName') . ' ' . $title . "\n";
                 $message .= get_lang('Category') . ' ' . $category_code . "\n";
                 $message .= get_lang('Tutor') . ' ' . $tutor_name . "\n";
                 $message .= get_lang('Language') . ' ' . $course_language;
                 $userInfo = api_get_user_info($user_id);
                 $additionalParameters = array('smsType' => SmsPlugin::NEW_COURSE_BEEN_CREATED, 'userId' => $user_id, 'courseName' => $title, 'creatorUsername' => $userInfo['username']);
                 api_mail_html($recipient_name, $recipient_email, $subject, $message, $siteName, $recipient_email, null, null, null, $additionalParameters);
             }
         }
     }
     return $course_id;
 }
Exemplo n.º 5
0
 /**
  * @param $exe_id
  * @param $user_id
  * @param int $courseId
  * @param $question_id
  * @param int $sessionId
  */
 public static function delete_attempt_hotspot($exe_id, $user_id, $courseId, $question_id, $sessionId = null)
 {
     $table_track_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTSPOT);
     $exe_id = intval($exe_id);
     $user_id = intval($user_id);
     $courseId = intval($courseId);
     $question_id = intval($question_id);
     if (!isset($sessionId)) {
         $sessionId = api_get_session_id();
     }
     $sql = "DELETE FROM {$table_track_attempt}\n                WHERE   hotspot_exe_id = {$exe_id} AND\n                        hotspot_user_id = {$user_id} AND\n                        c_id = {$courseId} AND\n                        hotspot_question_id = {$question_id} ";
     Database::query($sql);
     Event::addEvent(LOG_QUESTION_RESULT_DELETE, LOG_EXERCISE_ATTEMPT_QUESTION_ID, $exe_id . '-' . $question_id, null, null, $courseId, $sessionId);
 }
Exemplo n.º 6
0
        <center>
            Are you sure you want to logout?<br/>
            <a onclick="load('logout', 'logout', 'none', {})">Yes</a> | <a
                onclick="load('home', 'none', 'none', {})">No</a>
        </center>
        <?php 
    } else {
        $_SESSION['user'] = $_SESSION['real'];
        unset($_SESSION['real']);
        ?>
        <script>
            window.location = 'main.php';
        </script>
        <?php 
    }
} else {
    if ($action == 'logout') {
        if (isset($_SESSION['user'])) {
            Event::addEvent($_SESSION['user']->getName() . ' has logged out.', $_SESSION['user'], 4);
        } else {
            Event::addEvent('A user\'s session has timed out.', new User(0), 4);
        }
        session_destroy();
        setcookie('user', null, time() - 60 * 60);
        ?>
    <script>
        window.location = 'index.php';
    </script>
    <?php 
    }
}
Exemplo n.º 7
0
 /**
  * Delete sessions categories
  * @author Jhon Hinojosa <*****@*****.**>, from existing code
  * @param	array	id_checked
  * @param	bool	include delete session
  * @param	bool	optional, true if the function is called by a webservice, false otherwise.
  * @return	void	Nothing, or false on error
  * The parameters is a array to delete sessions
  * */
 public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
 {
     $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
     $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
     if (is_array($id_checked)) {
         $id_checked = Database::escape_string(implode(',', $id_checked));
     } else {
         $id_checked = intval($id_checked);
     }
     //Setting session_category_id to 0
     $sql = "UPDATE {$tbl_session} SET session_category_id = 0\n                WHERE session_category_id IN (" . $id_checked . ")";
     Database::query($sql);
     $sql = "SELECT id FROM {$tbl_session} WHERE session_category_id IN (" . $id_checked . ")";
     $result = Database::query($sql);
     while ($rows = Database::fetch_array($result)) {
         $session_id = $rows['id'];
         if ($delete_session) {
             if ($from_ws) {
                 SessionManager::delete($session_id, true);
             } else {
                 SessionManager::delete($session_id);
             }
         }
     }
     $sql = "DELETE FROM {$tbl_session_category} WHERE id IN (" . $id_checked . ")";
     Database::query($sql);
     // Add event to system log
     $user_id = api_get_user_id();
     Event::addEvent(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
     return true;
 }
Exemplo n.º 8
0
                         $to = $email;
                         $subject = 'IRIN - New Account';
                         $headers = "MIME-Version: 1.0" . "\r\n";
                         $headers .= "Content-type: text/html; charset=iso-8859-1" . "\r\n";
                         $headers .= "From: IRIN <*****@*****.**>" . "\r\n";
                         $message = 'A new account has been created with your email address.<br /><br /><b>Login ID:</b> ' . $login . '<br /><b>New Password:</b> ' . $password . '<br /><b>Name:</b> ' . $name;
                         //mail($to, $subject, $message, $headers);
                         $mail->setFrom('*****@*****.**', 'IRIN');
                         $mail->addAddress($to);
                         $mail->Subject = $subject;
                         $mail->Body = $message;
                         if (!$mail->send()) {
                             throw new MailException($mail->ErrorInfo);
                         }
                         echo 'true';
                         Event::addEvent($name . '\'s account has been created.', $_SESSION['user'], 1);
                     }
                 }
             }
         }
     } else {
         if ($action == 'switch') {
             if (!isset($_SESSION['real'])) {
                 $_SESSION['real'] = $_SESSION['user'];
             }
             $_SESSION['user'] = new User($_GET['id']);
             ?>
 <script>
     window.location = 'main.php';
 </script>
 <?php 
Exemplo n.º 9
0
        <?php 
        } else {
            if ($do == 'add') {
                $version = $_POST['version'];
                ?>
        <?php 
                switch ($_POST['ver']) {
                    case "alpha":
                        $version .= '&alpha;';
                        break;
                    case "beta":
                        $version .= '&beta;';
                        break;
                }
                Version::create($version);
                Event::addEvent('Version ' . $version . ' has been added.', $_SESSION['user'], 1);
            }
        }
    } else {
        if ($action == 'current') {
            $version = new Version($_GET['id']);
            $version->makeCurrent();
            Event::addEvent('Version ' . $version->getVersion() . ' is now the current version.', $_SESSION['user'], 2);
            ?>
    <script>
        load('version', 'none', 'none');
    </script>
    <?php 
        }
    }
}
Exemplo n.º 10
0
session_start();
require_once '../classes/connection.class.php';
require_once '../classes/event.class.php';
$addeventobj = new Event();
/*echo '<pre>';
print_r($addeventobj);
echo '</pre>';
exit;
*/
$event_id = mysqli_real_escape_string($addeventobj->conxn, $_POST['event_id']);
$event_title = mysqli_real_escape_string($addeventobj->conxn, $_POST['title']);
$event_desc = mysqli_real_escape_string($addeventobj->conxn, $_POST['desc']);
$event_date = mysqli_real_escape_string($addeventobj->conxn, $_POST['date']);
$addeventobj->setEventID($event_id);
$addeventobj->setEventTitle($event_title);
$addeventobj->setEventDesc($event_desc);
$addeventobj->setEventDate($event_date);
//$adduserobj->setError($er);
//$adduserobj->setMessage($msg);
$addeventobj->addEvent();
/*echo '<pre>';
print_r ($adduserobj);
echo '</pre>';
exit;*/
if ($addeventobj) {
    header('location:../index.php?page=event&action=view');
    $_SESSION['msg'] = $addeventobj->msg = "The event has been added sucessfully";
} else {
    echo $_SESSION['msg'] = $addeventobj->msg = "Sorry the event has not been  added, please try again later";
}
Exemplo n.º 11
0
 /**
  * @param int $id
  * @return bool
  */
 public function delete($id)
 {
     if (parent::delete($id)) {
         SessionManager::clear_session_ref_promotion($id);
         Event::addEvent(LOG_PROMOTION_DELETE, LOG_PROMOTION_ID, $id, api_get_utc_datetime(), api_get_user_id());
     } else {
         return false;
     }
 }
Exemplo n.º 12
0
 /**
  * @param $locked
  */
 public function lock_all_items($locked)
 {
     if (api_get_setting('gradebook.gradebook_locking_enabled') == 'true') {
         $this->lock($locked);
         $evals_to_lock = $this->get_evaluations();
         if (!empty($evals_to_lock)) {
             foreach ($evals_to_lock as $item) {
                 $item->lock($locked);
             }
         }
         $link_to_lock = $this->get_links();
         if (!empty($link_to_lock)) {
             foreach ($link_to_lock as $item) {
                 $item->lock($locked);
             }
         }
         $event_type = LOG_GRADEBOOK_UNLOCKED;
         if ($locked == 1) {
             $event_type = LOG_GRADEBOOK_LOCKED;
         }
         Event::addEvent($event_type, LOG_GRADEBOOK_ID, $this->id);
     }
 }
 /**
  * Updates the group_rel_user table  with a given user and group ids
  * @author Julio Montoya
  * @param int  $user_id
  * @param int  $group_id
  * @param int  $relation_type
  *
  * @return bool
  **/
 public static function update_user_role($user_id, $group_id, $relation_type = GROUP_USER_PERMISSION_READER)
 {
     if (empty($user_id) || empty($group_id) || empty($relation_type)) {
         return false;
     }
     $em = Database::getManager();
     $group_id = intval($group_id);
     $user_id = intval($user_id);
     $usergroupUser = $em->getRepository('ChamiloCoreBundle:UsergroupRelUser')->findOneBy(['user' => $user_id, 'usergroup' => $group_id]);
     if (!$usergroupUser) {
         return false;
     }
     $usergroupUser->setRelationType($relation_type);
     $em->merge($usergroupUser);
     $em->flush();
     Event::addEvent(LOG_GROUP_PORTAL_USER_UPDATE_ROLE, LOG_GROUP_PORTAL_REL_USER_ARRAY, array('user_id' => $user_id, 'group_id' => $group_id, 'relation_type' => $relation_type));
     return true;
 }
Exemplo n.º 14
0
 /**
  * This function displays a wiki entry
  * @author Patrick Cool <*****@*****.**>, Ghent University
  * @author Juan Carlos Raña Trabado
  * @param string $newtitle
  * @return string html code
  **/
 public function display_wiki_entry($newtitle)
 {
     $tbl_wiki = $this->tbl_wiki;
     $tbl_wiki_conf = $this->tbl_wiki_conf;
     $condition_session = $this->condition_session;
     $groupfilter = $this->groupfilter;
     $page = $this->page;
     $session_id = api_get_session_id();
     $course_id = api_get_course_int_id();
     if ($newtitle) {
         $pageMIX = $newtitle;
         //display the page after it is created
     } else {
         $pageMIX = $page;
         //display current page
     }
     $filter = null;
     if (isset($_GET['view']) && $_GET['view']) {
         $_clean['view'] = (int) Database::escape_string($_GET['view']);
         $filter = ' AND w.id="' . $_clean['view'] . '"';
     }
     //first, check page visibility in the first page version
     $sql = 'SELECT * FROM ' . $tbl_wiki . '
             WHERE
                 c_id = ' . $course_id . ' AND
                 reflink="' . Database::escape_string($pageMIX) . '" AND
                ' . $groupfilter . $condition_session . '
           ORDER BY id ASC';
     $result = Database::query($sql);
     $row = Database::fetch_array($result);
     $KeyVisibility = $row['visibility'];
     // second, show the last version
     $sql = 'SELECT * FROM ' . $tbl_wiki . ' w , ' . $tbl_wiki_conf . ' wc
             WHERE
                 wc.c_id 	  = ' . $course_id . ' AND
                 w.c_id 		  = ' . $course_id . ' AND
                 wc.page_id	  = w.page_id AND
                 w.reflink	  = "' . Database::escape_string($pageMIX) . '" AND
                 w.session_id  = ' . $session_id . ' AND
                 w.' . $groupfilter . '  ' . $filter . '
             ORDER BY id DESC';
     $result = Database::query($sql);
     $row = Database::fetch_array($result);
     // we do not need a while loop since we are always displaying the last version
     //log users access to wiki (page_id)
     if (!empty($row['page_id'])) {
         Event::addEvent(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
     }
     //update visits
     if ($row['id']) {
         $sql = 'UPDATE ' . $tbl_wiki . ' SET hits=(hits+1) WHERE c_id = ' . $course_id . ' AND id=' . $row['id'] . '';
         Database::query($sql);
     }
     // if both are empty and we are displaying the index page then we display the default text.
     if ($row['content'] == '' and $row['title'] == '' and $page == 'index') {
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
             //Table structure for better export to pdf
             $default_table_for_content_Start = '<table align="center" border="0"><tr><td align="center">';
             $default_table_for_content_End = '</td></tr></table>';
             $content = $default_table_for_content_Start . sprintf(get_lang('DefaultContent'), api_get_path(WEB_IMG_PATH)) . $default_table_for_content_End;
             $title = get_lang('DefaultTitle');
         } else {
             return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
         }
     } else {
         $content = Security::remove_XSS(api_html_entity_decode($row['content']), COURSEMANAGERLOWSECURITY);
         $title = api_html_entity_decode($row['title']);
     }
     //assignment mode: identify page type
     $icon_assignment = null;
     if ($row['assignment'] == 1) {
         $icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'), '', ICON_SIZE_SMALL);
     } elseif ($row['assignment'] == 2) {
         $icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'), '', ICON_SIZE_SMALL);
     }
     //task mode
     $icon_task = null;
     if (!empty($row['task'])) {
         $icon_task = Display::return_icon('wiki_task.png', get_lang('StandardTask'), '', ICON_SIZE_SMALL);
     }
     //Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
     if ($KeyVisibility == "1" || api_is_allowed_to_edit(false, true) || api_is_platform_admin() || $row['assignment'] == 2 && $KeyVisibility == "0" && api_get_user_id() == $row['user_id']) {
         echo '<div id="wikititle">';
         $protect_page = null;
         $lock_unlock_protect = null;
         // page action: protecting (locking) the page
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
             if (self::check_protect_page() == 1) {
                 $protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'), '', ICON_SIZE_SMALL);
                 $lock_unlock_protect = 'unlock';
             } else {
                 $protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'), '', ICON_SIZE_SMALL);
                 $lock_unlock_protect = 'lock';
             }
         }
         if ($row['id']) {
             echo '<span style="float:right;">';
             echo '<a href="index.php?action=showpage&amp;actionpage=' . $lock_unlock_protect . '&amp;title=' . api_htmlentities(urlencode($page)) . '">' . $protect_page . '</a>';
             echo '</span>';
         }
         $visibility_page = null;
         $lock_unlock_visibility = null;
         //page action: visibility
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
             if (self::check_visibility_page() == 1) {
                 // TODO: FIX  This hides the icon eye closed to users of work they can see yours
                 //if(($row['assignment']==2 && $KeyVisibility=="0" && (api_get_user_id()==$row['user_id']))==false)
                 //{
                 //
                 // }
                 $visibility_page = Display::return_icon('visible.png', get_lang('ShowPageExtra'), '', ICON_SIZE_SMALL);
                 $lock_unlock_visibility = 'invisible';
             } else {
                 $visibility_page = Display::return_icon('invisible.png', get_lang('HidePageExtra'), '', ICON_SIZE_SMALL);
                 $lock_unlock_visibility = 'visible';
             }
         }
         if ($row['id']) {
             echo '<span style="float:right;">';
             echo '<a href="index.php?action=showpage&amp;actionpage=' . $lock_unlock_visibility . '&amp;title=' . api_htmlentities(urlencode($page)) . '">' . $visibility_page . '</a>';
             echo '</span>';
         }
         //page action: notification
         if (api_is_allowed_to_session_edit()) {
             if (self::check_notify_page($page) == 1) {
                 $notify_page = Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'), '', ICON_SIZE_SMALL);
                 $lock_unlock_notify_page = 'unlocknotify';
             } else {
                 $notify_page = Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'), '', ICON_SIZE_SMALL);
                 $lock_unlock_notify_page = 'locknotify';
             }
         }
         echo '<span style="float:right;">';
         echo '<a href="index.php?action=showpage&amp;actionpage=' . $lock_unlock_notify_page . '&amp;title=' . api_htmlentities(urlencode($page)) . '">' . $notify_page . '</a>';
         echo '</span>';
         //ONly available if row['id'] is set
         if ($row['id']) {
             //page action: export to pdf
             echo '<span style="float:right;">';
             echo '<form name="form_export2PDF" method="get" action="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?' . api_get_cidreq() . '" >';
             echo '<input type="hidden" name="action" value="export_to_pdf">';
             echo '<input type="hidden" name="wiki_id" value="' . $row['id'] . '">';
             echo '<input type="image" src="' . api_get_path(WEB_IMG_PATH) . 'icons/22/pdf.png" border ="0" title="' . get_lang('ExportToPDF') . '" alt="' . get_lang('ExportToPDF') . '" style=" width:22px; border:none; margin-top: -9px">';
             echo '</form>';
             echo '</span>';
             // Page action: copy last version to doc area
             if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
                 echo '<span style="float:right;">';
                 echo '<form name="form_export2DOC" method="get" action="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?' . api_get_cidreq() . '" >';
                 echo '<input type=hidden name="action" value="export2doc">';
                 echo '<input type=hidden name="doc_id" value="' . $row['id'] . '">';
                 echo '<input type="image" src="' . api_get_path(WEB_IMG_PATH) . 'icons/22/export_to_documents.png" border ="0" title="' . get_lang('ExportToDocArea') . '" alt="' . get_lang('ExportToDocArea') . '" style=" width:22px; border:none; margin-top: -6px">';
                 echo '</form>';
                 echo '</span>';
             }
             if (api_is_unoconv_installed()) {
                 echo '<span style="float:right;">';
                 echo '<a href="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?action=export_to_doc_file&id=' . $row['id'] . '">' . Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_SMALL) . '</a>';
                 echo '</span>';
             }
         }
         //export to print
         ?>
         <script>
         function goprint() {
             var a = window.open('','','width=800,height=600');
             a.document.open("text/html");
             a.document.write(document.getElementById('wikicontent').innerHTML);
             a.document.close();
             a.print();
         }
         </script>
         <?php 
         echo '<span style="float:right; cursor: pointer;">';
         echo Display::return_icon('printer.png', get_lang('Print'), array('onclick' => "javascript: goprint();"), ICON_SIZE_SMALL);
         echo '</span>';
         if (empty($title)) {
             $title = get_lang('DefaultTitle');
         }
         if (self::wiki_exist($title)) {
             echo $icon_assignment . '&nbsp;' . $icon_task . '&nbsp;' . api_htmlentities($title);
         } else {
             echo api_htmlentities($title);
         }
         echo '</div>';
         echo '<div id="wikicontent">' . self::make_wiki_link_clickable(self::detect_external_link(self::detect_anchor_link(self::detect_mail_link(self::detect_ftp_link(self::detect_irc_link(self::detect_news_link($content))))))) . '</div>';
         echo '<div id="wikifooter">' . get_lang('Progress') . ': ' . $row['progress'] * 10 . '%&nbsp;&nbsp;&nbsp;' . get_lang('Rating') . ': ' . $row['score'] . '&nbsp;&nbsp;&nbsp;' . get_lang('Words') . ': ' . self::word_count($content) . '</div>';
     }
     //end filter visibility
 }
Exemplo n.º 15
0
 /**
  * Set platform language
  * @param Integer The language id
  * @return void()
  */
 public static function set_platform_language($language_id)
 {
     if (empty($language_id) or intval($language_id) != $language_id) {
         return false;
     }
     $tbl_admin_languages = Database::get_main_table(TABLE_MAIN_LANGUAGE);
     $tbl_settings_current = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
     $sql_update = "SELECT english_name FROM " . $tbl_admin_languages . " WHERE id='" . Database::escape_string($language_id) . "'";
     $result = Database::query($sql_update);
     $lang = Database::fetch_array($result);
     $sql_update_2 = "UPDATE " . $tbl_settings_current . " SET selected_value='" . $lang['english_name'] . "' WHERE variable='platformLanguage'";
     $result_2 = Database::query($sql_update_2);
     Event::addEvent(LOG_PLATFORM_LANGUAGE_CHANGE, LOG_PLATFORM_LANGUAGE, $lang['english_name']);
     return $result_2 !== false;
 }
Exemplo n.º 16
0
                        }
                    }
                } else {
                    if ($action == 'delete') {
                        if ($do == 'none') {
                            ?>
        <a onclick="load('documents', 'delete', 'delete', {id: '<?php 
                            echo $_GET['id'];
                            ?>
'})">Continue?</a> (<b>NOTE:</b> This action cannot be reversed!)
        <?php 
                        } else {
                            if ($do == 'delete') {
                                $document = new Document($_GET['id']);
                                $document->delete();
                                Event::addEvent('Document ' . $document->getPrefix()->getPrefixAbbrev() . $document->getID() . ' has been deleted.', $_SESSION['user'], 3);
                                ?>
        <script>
            load('documents', 'view', 'none', {});
        </script>
        <?php 
                            }
                        }
                    } else {
                        if ($action == 'sign') {
                            $document = new Document($_GET['id']);
                            $document->sign($_SESSION['user']);
                            ?>
    <script>
        load('documents', 'view', 'none', {id: '<?php 
                            echo $_GET['id'];
Exemplo n.º 17
0
                     $fp = fopen($homep . $menuf . '_' . $lang . $ext, 'w');
                     fputs($fp, $home_menu);
                     home_tabs($homep . $menuf . '_' . $lang . $ext);
                     fclose($fp);
                     foreach ($_languages['name'] as $key => $value) {
                         $lang_name = $_languages['folder'][$key];
                         if (isset($_POST[$lang_name])) {
                             $fp = fopen($homep . $menuf . '_' . $lang_name . $ext, 'w');
                             fputs($fp, $home_menu);
                             home_tabs($homep . $menuf . '_' . $lang_name . $ext);
                             fclose($fp);
                         }
                     }
                 }
             }
             Event::addEvent(LOG_HOMEPAGE_CHANGED, $action, cut($link_name . ':' . $link_url, 254), api_get_utc_datetime(), api_get_user_id());
             break;
     }
     //end of switch($action)
     if (empty($errorMsg)) {
         header('Location: ' . $selfUrl . '?language=' . $languageGet);
         exit;
     }
 } else {
     //if POST[formSent] is not set
     switch ($action) {
         case 'open_link':
             // Previously, filtering of GET['link'] was done here but it left
             // a security threat. Filtering has now been moved outside conditions
             break;
         case 'delete_tabs':
Exemplo n.º 18
0
 /**
  * Delete sessions categories
  * @author Jhon Hinojosa <*****@*****.**>, from existing code
  * @param    array    id_checked
  * @param    bool    include delete session
  * @param    bool    optional, true if the function is called by a webservice, false otherwise.
  * @return    void    Nothing, or false on error
  * The parameters is a array to delete sessions
  **/
 public static function delete_session_category($id_checked, $delete_session = false, $from_ws = false)
 {
     $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
     $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
     if (is_array($id_checked)) {
         $id_checked = Database::escape_string(implode(',', $id_checked));
     } else {
         $id_checked = intval($id_checked);
     }
     //Setting session_category_id to 0
     $sql = "UPDATE {$tbl_session} SET session_category_id = 0 WHERE session_category_id IN (" . $id_checked . ")";
     Database::query($sql);
     $sql = "SELECT id FROM {$tbl_session} WHERE session_category_id IN (" . $id_checked . ")";
     $result = @Database::query($sql);
     while ($rows = Database::fetch_array($result)) {
         $session_id = $rows['id'];
         if ($delete_session) {
             if ($from_ws) {
                 SessionManager::delete_session($session_id, true);
             } else {
                 SessionManager::delete_session($session_id);
             }
         }
     }
     $sql = "DELETE FROM {$tbl_session_category} WHERE id IN (" . $id_checked . ")";
     $rs = Database::query($sql);
     $result = Database::affected_rows($rs);
     // Add event to system log
     $user_id = api_get_user_id();
     Event::addEvent(LOG_SESSION_CATEGORY_DELETE, LOG_SESSION_CATEGORY_ID, $id_checked, api_get_utc_datetime(), $user_id);
     // delete extra session fields where field variable is "PERIODO"
     $t_sf = Database::get_main_table(TABLE_MAIN_SESSION_FIELD);
     $t_sfv = Database::get_main_table(TABLE_MAIN_SESSION_FIELD_VALUES);
     $sql = "SELECT t_sfv.field_id FROM {$t_sfv} t_sfv, {$t_sf} t_sf  WHERE t_sfv.session_id = '{$id_checked}' AND t_sf.field_variable = 'PERIODO' ";
     $rs_field = Database::query($sql);
     $field_id = 0;
     if (Database::num_rows($rs_field) > 0) {
         $row_field = Database::fetch_row($rs_field);
         $field_id = $row_field[0];
         $sql_delete_sfv = "DELETE FROM {$t_sfv} WHERE session_id = '{$id_checked}' AND field_id = '{$field_id}'";
         $rs_delete_sfv = Database::query($sql_delete_sfv);
     }
     $sql = "SELECT * FROM {$t_sfv} WHERE field_id = '{$field_id}' ";
     $rs_field_id = Database::query($sql);
     if (Database::num_rows($rs_field_id) == 0) {
         $sql_delete_sf = "DELETE FROM {$t_sf} WHERE id = '{$field_id}'";
         $rs_delete_sf = Database::query($sql_delete_sf);
     }
     return true;
 }
Exemplo n.º 19
0
 switch ($_GET['category']) {
     case 'Regions':
         handle_regions();
         break;
     case 'Plugins':
         // Displaying the extensions: Plugins.
         // This will be available to all the sites (access_urls).
         $securityToken = isset($_GET['sec_token']) ? Security::remove_XSS($_GET['sec_token']) : null;
         if (isset($_POST['submit_dashboard_plugins']) && Security::check_token($securityToken)) {
             Security::clear_token();
             $affected_rows = DashboardManager::store_dashboard_plugins($_POST);
             if ($affected_rows) {
                 // add event to system log
                 $user_id = api_get_user_id();
                 $category = $_GET['category'];
                 Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
                 Display::display_confirmation_message(get_lang('DashboardPluginsUpdatedSuccessfully'));
             }
         }
         echo '<script>
             $(function(){
                 $("#tabs").tabs();
             });
             </script>';
         echo '<div id="tabs">';
         echo '<ul>';
         echo '<li><a href="#tabs-1">' . get_lang('Plugins') . '</a></li>';
         echo '<li><a href="#tabs-2">' . get_lang('DashboardPlugins') . '</a></li>';
         echo '<li><a href="#tabs-3">' . get_lang('ConfigureExtensions') . '</a></li>';
         echo '</ul>';
         echo '<div id="tabs-1">';
 /**
  * Updates the group_rel_user table  with a given user and group ids
  * @author Julio Montoya
  * @param int  $user_id
  * @param int  $group_id
  * @param int  $relation_type
  *
  * @return bool
  **/
 public static function update_user_role($user_id, $group_id, $relation_type = GROUP_USER_PERMISSION_READER)
 {
     $table_group_rel_user = Database::get_main_table(TABLE_MAIN_USER_REL_GROUP);
     if (empty($user_id) || empty($group_id) || empty($relation_type)) {
         return false;
     }
     $group_id = intval($group_id);
     $user_id = intval($user_id);
     $sql = "UPDATE {$table_group_rel_user}\n   \t\t\t\tSET relation_type = " . intval($relation_type) . "\n   \t\t\t\tWHERE\n                    user_id = {$user_id} AND\n                    group_id = {$group_id}\n            ";
     Database::query($sql);
     Event::addEvent(LOG_GROUP_PORTAL_USER_UPDATE_ROLE, LOG_GROUP_PORTAL_REL_USER_ARRAY, array('user_id' => $user_id, 'group_id' => $group_id, 'relation_type' => $relation_type));
     return true;
 }
Exemplo n.º 21
0
                $sql = "UPDATE {$user_table} SET active='" . $status . "' WHERE user_id='" . $user_id . "'";
                $result = Database::query($sql);
                //Send and email if account is active
                if ($status == 1) {
                    $user_info = api_get_user_info($user_id);
                    $recipient_name = api_get_person_name($user_info['firstname'], $user_info['lastname'], null, PERSON_NAME_EMAIL_ADDRESS);
                    $emailsubject = '[' . api_get_setting('platform.site_name') . '] ' . get_lang('YourReg') . ' ' . api_get_setting('platform.site_name');
                    $email_admin = api_get_setting('admin.administrator_email');
                    $sender_name = api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname'), null, PERSON_NAME_EMAIL_ADDRESS);
                    $emailbody = get_lang('Dear') . " " . stripslashes($recipient_name) . ",\n\n";
                    $emailbody .= sprintf(get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'), api_get_setting('platform.site_name')) . "\n";
                    $emailbody .= sprintf(get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'), api_get_path(WEB_PATH)) . ",\n\n";
                    $emailbody .= get_lang('HaveFun') . "\n\n";
                    //$emailbody.=get_lang('Problem'). "\n\n". get_lang('SignatureFormula');
                    $emailbody .= api_get_person_name(api_get_setting('admin.administrator_name'), api_get_setting('admin.administrator_surname')) . "\n" . get_lang('Manager') . " " . api_get_setting('platform.site_name') . "\nT. " . api_get_setting('administratorTelephone') . "\n" . get_lang('Email') . " : " . api_get_setting('emailAdministrator');
                    $additionalParameters = array('smsType' => SmsPlugin::ACCOUNT_APPROVED_CONNECT, 'userId' => $user_id);
                    $result = api_mail_html($recipient_name, $user_info['mail'], $emailsubject, $emailbody, $sender_name, $email_admin, null, null, $additionalParameters);
                    Event::addEvent(LOG_USER_ENABLE, LOG_USER_ID, $user_id);
                } else {
                    Event::addEvent(LOG_USER_DISABLE, LOG_USER_ID, $user_id);
                }
                echo $status;
            }
        } else {
            echo '-1';
        }
        break;
    default:
        echo '';
}
exit;
Exemplo n.º 22
0
 /**
  * function register_course to create a record in the course table of the main database
  * @param string    $course_sys_code
  * @param string    $course_screen_code
  * @param string    $course_repository
  * @param string    $course_db_name
  * @param string    $tutor_name
  * @param string    $category
  * @param string    $title              complete name of course
  * @param string    $course_language    lang for this course
  * @param string    $uid                uid of owner
  * @param integer                       Expiration date in unix time representation
  * @param array                         Optional array of teachers' user ID
  * @return int      0
  * @todo use an array called $params instead of lots of params
  */
 static function register_course($params)
 {
     global $error_msg, $firstExpirationDelay;
     $title = $params['title'];
     $code = $params['code'];
     $visual_code = $params['visual_code'];
     $directory = isset($params['directory']) ? $params['directory'] : null;
     $tutor_name = isset($params['tutor_name']) ? $params['tutor_name'] : null;
     $category_code = isset($params['category_code']) ? $params['category_code'] : null;
     $defaultLanguage = Container::getTranslator()->getLocale();
     $course_language = isset($params['course_language']) && !empty($params['course_language']) ? $params['course_language'] : $defaultLanguage;
     $user_id = empty($params['user_id']) ? api_get_user_id() : intval($params['user_id']);
     $department_name = isset($params['department_name']) ? $params['department_name'] : null;
     $department_url = isset($params['department_url']) ? $params['department_url'] : null;
     $disk_quota = isset($params['disk_quota']) ? $params['disk_quota'] : null;
     if (!isset($params['visibility'])) {
         $default_course_visibility = api_get_setting('course.courses_default_creation_visibility');
         if (isset($default_course_visibility)) {
             $visibility = $default_course_visibility;
         } else {
             $visibility = COURSE_VISIBILITY_OPEN_PLATFORM;
         }
     } else {
         $visibility = $params['visibility'];
     }
     $subscribe = isset($params['subscribe']) ? intval($params['subscribe']) : ($visibility == COURSE_VISIBILITY_OPEN_PLATFORM ? 1 : 0);
     $unsubscribe = isset($params['unsubscribe']) ? intval($params['unsubscribe']) : 0;
     $expiration_date = isset($params['expiration_date']) ? $params['expiration_date'] : null;
     $teachers = isset($params['teachers']) ? $params['teachers'] : null;
     $status = isset($params['status']) ? $params['status'] : null;
     $TABLECOURSE = Database::get_main_table(TABLE_MAIN_COURSE);
     $TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
     $ok_to_register_course = true;
     // Check whether all the needed parameters are present.
     if (empty($code)) {
         $error_msg[] = 'courseSysCode is missing';
         $ok_to_register_course = false;
     }
     if (empty($visual_code)) {
         $error_msg[] = 'courseScreenCode is missing';
         $ok_to_register_course = false;
     }
     if (empty($directory)) {
         $error_msg[] = 'courseRepository is missing';
         $ok_to_register_course = false;
     }
     if (empty($title)) {
         $error_msg[] = 'title is missing';
         $ok_to_register_course = false;
     }
     if (empty($expiration_date)) {
         $expiration_date = api_get_utc_datetime(time() + $firstExpirationDelay);
     } else {
         $expiration_date = api_get_utc_datetime($expiration_date);
     }
     if ($visibility < 0 || $visibility > 3) {
         $error_msg[] = 'visibility is invalid';
         $ok_to_register_course = false;
     }
     if (empty($disk_quota)) {
         $disk_quota = api_get_setting('document.default_document_quotum');
     }
     $time = api_get_utc_datetime();
     if (stripos($department_url, 'http://') === false && stripos($department_url, 'https://') === false) {
         $department_url = 'http://' . $department_url;
     }
     //just in case
     if ($department_url == 'http://') {
         $department_url = '';
     }
     $course_id = 0;
     if ($ok_to_register_course) {
         /** @var Course $course */
         $course = self::getCourseManager()->create();
         $course->setCode($code)->setDirectory($directory)->setCourseLanguage($course_language)->setTitle($title)->setDescription(get_lang('CourseDescription'))->setCategoryCode($category_code)->setVisibility($visibility)->setShowScore(1)->setDiskQuota($disk_quota)->setCreationDate(new \DateTime())->setExpirationDate(new \DateTime($expiration_date))->setDepartmentName($department_name)->setDepartmentUrl($department_url)->setSubscribe($subscribe)->setUnsubscribe($unsubscribe)->setVisualCode($visual_code);
         self::getCourseManager()->save($course, true);
         $course_id = $course->getId();
         /*// Here we must add 2 fields.
                   $sql = "INSERT INTO ".$TABLECOURSE . " SET
                         code            = '".Database :: escape_string($code) . "',
                         directory       = '".Database :: escape_string($directory) . "',
                         course_language = '".Database :: escape_string($course_language) . "',
                         title           = '".Database :: escape_string($title) . "',
                         description     = '".Database::escape_string(get_lang('CourseDescription')) . "',
                         category_code   = '".Database :: escape_string($category_code) . "',
                         visibility      = '".$visibility . "',
                         show_score      = '1',
                         disk_quota      = '".intval($disk_quota) . "',
                         creation_date   = '$time',
                         expiration_date = '".$expiration_date . "',
                         last_edit       = '$time',
                         last_visit      = NULL,
                         tutor_name      = '".Database :: escape_string($tutor_name) . "',
                         department_name = '".Database :: escape_string($department_name) . "',
                         department_url  = '".Database :: escape_string($department_url) . "',
                         subscribe       = '".intval($subscribe) . "',
                         unsubscribe     = '".intval($unsubscribe) . "',
                         visual_code     = '".Database :: escape_string($visual_code) . "'";
         
                     Database::query($sql);
                     $course_id  = Database::insert_id();*/
         //$course->addUsers()
         if ($course_id) {
             $settingsManager = Container::getCourseSettingsManager();
             $schemas = $settingsManager->getSchemas();
             $schemas = array_keys($schemas);
             /**
              * @var string $key
              * @var \Sylius\Bundle\SettingsBundle\Schema\SchemaInterface $schema
              */
             foreach ($schemas as $schema) {
                 $settings = $settingsManager->loadSettings($schema);
                 $settingsManager->setCourse($course);
                 $settingsManager->saveSettings($schema, $settings);
             }
             $sort = api_max_sort_value('0', api_get_user_id());
             $i_course_sort = CourseManager::userCourseSort($user_id, $code);
             if (!empty($user_id)) {
                 $sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n                            c_id     = '" . Database::escape_string($course_id) . "',\n                            user_id         = '" . intval($user_id) . "',\n                            status          = '1',\n                            tutor_id        = '0',\n                            sort            = '" . $i_course_sort . "',\n                            user_course_cat = '0'";
                 Database::query($sql);
             }
             if (!empty($teachers)) {
                 if (!is_array($teachers)) {
                     $teachers = array($teachers);
                 }
                 foreach ($teachers as $key) {
                     //just in case
                     if ($key == $user_id) {
                         continue;
                     }
                     if (empty($key)) {
                         continue;
                     }
                     $sql = "INSERT INTO " . $TABLECOURSUSER . " SET\n                            c_id     = '" . Database::escape_string($course_id) . "',\n                            user_id         = '" . Database::escape_string($key) . "',\n                            status          = '1',\n                            role            = '',\n                            tutor_id        = '0',\n                            sort            = '" . ($sort + 1) . "',\n                            user_course_cat = '0'";
                     Database::query($sql);
                 }
             }
             // Adding the course to an URL
             if (api_is_multiple_url_enabled()) {
                 $url_id = 1;
                 if (api_get_current_access_url_id() != -1) {
                     $url_id = api_get_current_access_url_id();
                 }
                 UrlManager::add_course_to_url($course_id, $url_id);
             } else {
                 UrlManager::add_course_to_url($course_id, 1);
             }
             // Add event to the system log.
             $user_id = api_get_user_id();
             Event::addEvent(LOG_COURSE_CREATE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $code);
             $send_mail_to_admin = api_get_setting('course.send_email_to_admin_when_create_course');
             // @todo Improve code to send to all current portal administrators.
             if ($send_mail_to_admin == 'true') {
                 $siteName = api_get_setting('platform.site_name');
                 $recipient_email = api_get_setting('platform.administrator_email');
                 $recipient_name = api_get_person_name(api_get_setting('platform.administrator_name'), api_get_setting('platform.administrator_surname'));
                 $iname = api_get_setting('platform.institution');
                 $subject = get_lang('NewCourseCreatedIn') . ' ' . $siteName . ' - ' . $iname;
                 $body = get_lang('Dear') . ' ' . $recipient_name . ",\n\n" . get_lang('MessageOfNewCourseToAdmin') . ' ' . $siteName . ' - ' . $iname . "\n";
                 $body .= get_lang('CourseName') . ' ' . $title . "\n";
                 $body .= get_lang('Category') . ' ' . $category_code . "\n";
                 $body .= get_lang('Tutor') . ' ' . $tutor_name . "\n";
                 $body .= get_lang('Language') . ' ' . $course_language;
                 //api_mail_html($recipient_name, $recipient_email, $subject, $message, $siteName, $recipient_email);
                 $message = \Swift_Message::newInstance()->setSubject($subject)->setFrom($recipient_email)->setTo($recipient_email)->setBody(Container::getTemplate()->render('ChamiloCoreBundle:Mailer:Course/new_course.html.twig', array('recipient_name' => $recipient_name, 'sitename' => $siteName, 'institution' => $iname, 'course_name' => $title, 'category' => $category_code, 'tutor' => $tutor_name, 'language' => $course_language)));
                 Container::getMailer()->send($message);
             }
         }
     }
     return $course_id;
 }
Exemplo n.º 23
0
 /**
  * Delete a course
  * This function deletes a whole course-area from the platform. When the
  * given course is a virtual course, the database and directory will not be
  * deleted.
  * When the given course is a real course, also all virtual courses refering
  * to the given course will be deleted.
  * Considering the fact that we remove all traces of the course in the main
  * database, it makes sense to remove all tracking as well (if stats databases exist)
  * so that a new course created with this code would not use the remains of an older
  * course.
  *
  * @param string The code of the course to delete
  * @todo When deleting a virtual course: unsubscribe users from that virtual
  * course from the groups in the real course if they are not subscribed in
  * that real course.
  * @todo Remove globals
  */
 public static function delete_course($code)
 {
     $table_course = Database::get_main_table(TABLE_MAIN_COURSE);
     $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
     $table_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
     $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
     $table_course_survey = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY);
     $table_course_survey_question = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION);
     $table_course_survey_question_option = Database::get_main_table(TABLE_MAIN_SHARED_SURVEY_QUESTION_OPTION);
     $table_course_rel_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
     $table_stats_hotpots = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES);
     $table_stats_attempt = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT);
     $table_stats_exercises = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES);
     $table_stats_access = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ACCESS);
     $table_stats_lastaccess = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LASTACCESS);
     $table_stats_course_access = Database::get_main_table(TABLE_STATISTIC_TRACK_E_COURSE_ACCESS);
     $table_stats_online = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
     $table_stats_default = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DEFAULT);
     $table_stats_downloads = Database::get_main_table(TABLE_STATISTIC_TRACK_E_DOWNLOADS);
     $table_stats_links = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LINKS);
     $table_stats_uploads = Database::get_main_table(TABLE_STATISTIC_TRACK_E_UPLOADS);
     $codeFiltered = Database::escape_string($code);
     $sql = "SELECT * FROM {$table_course} WHERE code='" . $codeFiltered . "'";
     $res = Database::query($sql);
     if (Database::num_rows($res) == 0) {
         return;
     }
     $sql = "SELECT * FROM {$table_course}\n                WHERE code = '" . $codeFiltered . "'";
     $res = Database::query($sql);
     $course = Database::fetch_array($res);
     $courseId = $course['id'];
     $count = 0;
     if (api_is_multiple_url_enabled()) {
         $url_id = 1;
         if (api_get_current_access_url_id() != -1) {
             $url_id = api_get_current_access_url_id();
         }
         UrlManager::delete_url_rel_course($courseId, $url_id);
         $count = UrlManager::getCountUrlRelCourse($courseId);
     }
     if ($count == 0) {
         self::create_database_dump($code);
         $course_tables = AddCourse::get_course_tables();
         // Cleaning c_x tables
         if (!empty($courseId)) {
             foreach ($course_tables as $table) {
                 $table = Database::get_course_table($table);
                 $sql = "DELETE FROM {$table} WHERE c_id = {$courseId} ";
                 Database::query($sql);
             }
         }
         $course_dir = api_get_path(SYS_COURSE_PATH) . $course['directory'];
         $archive_dir = api_get_path(SYS_ARCHIVE_PATH) . $course['directory'] . '_' . time();
         if (is_dir($course_dir)) {
             rename($course_dir, $archive_dir);
         }
         // Unsubscribe all users from the course
         $sql = "DELETE FROM {$table_course_user} WHERE c_id='" . $courseId . "'";
         Database::query($sql);
         // Delete the course from the sessions tables
         $sql = "DELETE FROM {$table_session_course} WHERE c_id='" . $courseId . "'";
         Database::query($sql);
         $sql = "DELETE FROM {$table_session_course_user} WHERE c_id='" . $courseId . "'";
         Database::query($sql);
         // Delete from Course - URL
         $sql = "DELETE FROM {$table_course_rel_url} WHERE c_id = '" . $courseId . "'";
         Database::query($sql);
         $sql = 'SELECT survey_id FROM ' . $table_course_survey . ' WHERE course_code="' . $codeFiltered . '"';
         $result_surveys = Database::query($sql);
         while ($surveys = Database::fetch_array($result_surveys)) {
             $survey_id = $surveys[0];
             $sql = 'DELETE FROM ' . $table_course_survey_question . ' WHERE survey_id="' . $survey_id . '"';
             Database::query($sql);
             $sql = 'DELETE FROM ' . $table_course_survey_question_option . ' WHERE survey_id="' . $survey_id . '"';
             Database::query($sql);
             $sql = 'DELETE FROM ' . $table_course_survey . ' WHERE survey_id="' . $survey_id . '"';
             Database::query($sql);
         }
         // Cleaning group categories
         $groupCategories = GroupManager::get_categories($course['code']);
         if (!empty($groupCategories)) {
             foreach ($groupCategories as $category) {
                 GroupManager::delete_category($category['id'], $course['code']);
             }
         }
         // Cleaning groups
         $groups = GroupManager::get_groups();
         if (!empty($groups)) {
             $groupList = array_column($groups, 'id');
             GroupManager::delete_groups($groupList);
         }
         // Delete the course from the stats tables
         $sql = "DELETE FROM {$table_stats_hotpots} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_attempt} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_exercises} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_access} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_lastaccess} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_course_access} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_online} WHERE c_id = {$courseId}";
         Database::query($sql);
         // Do not delete rows from track_e_default as these include course
         // creation and other important things that do not take much space
         // but give information on the course history
         //$sql = "DELETE FROM $table_stats_default WHERE c_id = $courseId";
         //Database::query($sql);
         $sql = "DELETE FROM {$table_stats_downloads} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_links} WHERE c_id = {$courseId}";
         Database::query($sql);
         $sql = "DELETE FROM {$table_stats_uploads} WHERE c_id = {$courseId}";
         Database::query($sql);
         // Delete the course from the database
         $sql = "DELETE FROM {$table_course} WHERE code = '" . $codeFiltered . "'";
         Database::query($sql);
         // delete extra course fields
         $extraFieldValues = new ExtraFieldValue('course');
         $extraFieldValues->deleteValuesByItem($courseId);
         // Add event to system log
         $user_id = api_get_user_id();
         Event::addEvent(LOG_COURSE_DELETE, LOG_COURSE_CODE, $code, api_get_utc_datetime(), $user_id, $courseId);
     }
 }
Exemplo n.º 24
0
 /**
  * This function displays a wiki entry
  * @author Patrick Cool <*****@*****.**>, Ghent University
  * @author Juan Carlos Raña Trabado
  * @param string $newtitle
  * @return string html code
  **/
 public function display_wiki_entry($newtitle)
 {
     $tbl_wiki = $this->tbl_wiki;
     $tbl_wiki_conf = $this->tbl_wiki_conf;
     $condition_session = $this->condition_session;
     $groupfilter = $this->groupfilter;
     $page = $this->page;
     $session_id = api_get_session_id();
     $course_id = api_get_course_int_id();
     if ($newtitle) {
         $pageMIX = $newtitle;
         //display the page after it is created
     } else {
         $pageMIX = $page;
         //display current page
     }
     $filter = null;
     if (isset($_GET['view']) && $_GET['view']) {
         $_clean['view'] = Database::escape_string($_GET['view']);
         $filter = ' AND w.id="' . $_clean['view'] . '"';
     }
     // First, check page visibility in the first page version
     $sql = 'SELECT * FROM ' . $tbl_wiki . '
             WHERE
                 c_id = ' . $course_id . ' AND
                 reflink="' . Database::escape_string($pageMIX) . '" AND
                ' . $groupfilter . $condition_session . '
             ORDER BY id ASC';
     $result = Database::query($sql);
     $row = Database::fetch_array($result, 'ASSOC');
     $KeyVisibility = $row['visibility'];
     // second, show the last version
     $sql = 'SELECT * FROM ' . $tbl_wiki . ' w
             INNER JOIN ' . $tbl_wiki_conf . ' wc
             ON (wc.page_id = w.page_id AND wc.c_id = w.c_id)
             WHERE
                 w.c_id 		  = ' . $course_id . ' AND
                 w.reflink	  = "' . Database::escape_string($pageMIX) . '" AND
                 w.session_id  = ' . $session_id . ' AND
                 w.' . $groupfilter . '  ' . $filter . '
             ORDER BY id DESC';
     $result = Database::query($sql);
     // we do not need a while loop since we are always displaying the last version
     $row = Database::fetch_array($result, 'ASSOC');
     //log users access to wiki (page_id)
     if (!empty($row['page_id'])) {
         Event::addEvent(LOG_WIKI_ACCESS, LOG_WIKI_PAGE_ID, $row['page_id']);
     }
     //update visits
     if ($row['id']) {
         $sql = 'UPDATE ' . $tbl_wiki . ' SET hits=(hits+1)
                 WHERE c_id = ' . $course_id . ' AND id=' . $row['id'] . '';
         Database::query($sql);
     }
     // if both are empty and we are displaying the index page then we display the default text.
     if ($row['content'] == '' && $row['title'] == '' && $page == 'index') {
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
             //Table structure for better export to pdf
             $default_table_for_content_Start = '<table align="center" border="0"><tr><td align="center">';
             $default_table_for_content_End = '</td></tr></table>';
             $content = $default_table_for_content_Start . sprintf(get_lang('DefaultContent'), api_get_path(WEB_IMG_PATH)) . $default_table_for_content_End;
             $title = get_lang('DefaultTitle');
         } else {
             return self::setMessage(Display::display_normal_message(get_lang('WikiStandBy'), false, true));
         }
     } else {
         $content = Security::remove_XSS($row['content']);
         $title = Security::remove_XSS($row['title']);
     }
     //assignment mode: identify page type
     $icon_assignment = null;
     if ($row['assignment'] == 1) {
         $icon_assignment = Display::return_icon('wiki_assignment.png', get_lang('AssignmentDescExtra'), '', ICON_SIZE_SMALL);
     } elseif ($row['assignment'] == 2) {
         $icon_assignment = Display::return_icon('wiki_work.png', get_lang('AssignmentWork'), '', ICON_SIZE_SMALL);
     }
     //task mode
     $icon_task = null;
     if (!empty($row['task'])) {
         $icon_task = Display::return_icon('wiki_task.png', get_lang('StandardTask'), '', ICON_SIZE_SMALL);
     }
     // Show page. Show page to all users if isn't hide page. Mode assignments: if student is the author, can view
     if ($KeyVisibility == "1" || api_is_allowed_to_edit(false, true) || api_is_platform_admin() || $row['assignment'] == 2 && $KeyVisibility == "0" && api_get_user_id() == $row['user_id']) {
         $actionsLeft = '';
         // menu edit page
         $editLink = '<a href="index.php?' . api_get_cidreq() . '&action=edit&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('edit') . '>' . Display::return_icon('edit.png', get_lang('EditThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
         if (api_is_allowed_to_edit(false, true)) {
             $actionsLeft .= $editLink;
         } else {
             if ((api_is_allowed_in_course() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) && $page != 'index') {
                 $actionsLeft .= $editLink;
             } else {
                 $actionsLeft .= '';
             }
         }
         $actionsRight = '';
         $protect_page = null;
         $lock_unlock_protect = null;
         // page action: protecting (locking) the page
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
             if (self::check_protect_page() == 1) {
                 $protect_page = Display::return_icon('lock.png', get_lang('PageLockedExtra'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_protect = 'unlock';
             } else {
                 $protect_page = Display::return_icon('unlock.png', get_lang('PageUnlockedExtra'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_protect = 'lock';
             }
         }
         if ($row['id']) {
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_protect . '&title=' . api_htmlentities(urlencode($page)) . '">' . $protect_page . '</a>';
         }
         $visibility_page = null;
         $lock_unlock_visibility = null;
         //page action: visibility
         if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
             if (self::check_visibility_page() == 1) {
                 $visibility_page = Display::return_icon('visible.png', get_lang('ShowPageExtra'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_visibility = 'invisible';
             } else {
                 $visibility_page = Display::return_icon('invisible.png', get_lang('HidePageExtra'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_visibility = 'visible';
             }
         }
         if ($row['id']) {
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_visibility . '&title=' . api_htmlentities(urlencode($page)) . '">' . $visibility_page . '</a>';
         }
         //page action: notification
         if (api_is_allowed_to_session_edit()) {
             if (self::check_notify_page($page) == 1) {
                 $notify_page = Display::return_icon('messagebox_info.png', get_lang('NotifyByEmail'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_notify_page = 'unlocknotify';
             } else {
                 $notify_page = Display::return_icon('mail.png', get_lang('CancelNotifyByEmail'), '', ICON_SIZE_MEDIUM);
                 $lock_unlock_notify_page = 'locknotify';
             }
         }
         // Only available if row['id'] is set
         if ($row['id']) {
             if (api_is_allowed_to_session_edit(false, true) && api_is_allowed_to_edit() || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
                 // menu discuss page
                 $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=discuss&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('discuss') . '>' . Display::return_icon('discuss.png', get_lang('DiscussThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
             }
             //menu history
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=history&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('history') . '>' . Display::return_icon('history.png', get_lang('ShowPageHistory'), '', ICON_SIZE_MEDIUM) . '</a>';
             //menu linkspages
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . 'action=links&title=' . api_htmlentities(urlencode($page)) . '" ' . self::is_active_navigation_tab('links') . '>' . Display::return_icon('what_link_here.png', get_lang('LinksPages'), '', ICON_SIZE_MEDIUM) . '</a>';
             //menu delete wikipage
             if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
                 $actionsRight .= '<a href="index.php?action=delete&' . api_get_cidreq() . '&title=' . api_htmlentities(urlencode($page)) . '"' . self::is_active_navigation_tab('delete') . '>' . Display::return_icon('delete.png', get_lang('DeleteThisPage'), '', ICON_SIZE_MEDIUM) . '</a>';
             }
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=showpage&actionpage=' . $lock_unlock_notify_page . '&title=' . api_htmlentities(urlencode($page)) . '">' . $notify_page . '</a>';
             // Page action: copy last version to doc area
             if (api_is_allowed_to_edit(false, true) || api_is_platform_admin()) {
                 $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export2doc&wiki_id=' . $row['id'] . '">' . Display::return_icon('export_to_documents.png', get_lang('ExportToDocArea'), '', ICON_SIZE_MEDIUM) . '</a>';
             }
             $actionsRight .= '<a href="index.php?' . api_get_cidreq() . '&action=export_to_pdf&wiki_id=' . $row['id'] . '">' . Display::return_icon('pdf.png', get_lang('ExportToPDF'), '', ICON_SIZE_MEDIUM) . '</a>';
             $unoconv = api_get_configuration_value('unoconv.binaries');
             if ($unoconv) {
                 $actionsRight .= '<a href="' . api_get_path(WEB_CODE_PATH) . 'wiki/index.php?action=export_to_doc_file&id=' . $row['id'] . '&' . api_get_cidreq() . '">' . Display::return_icon('export_doc.png', get_lang('ExportToDoc'), array(), ICON_SIZE_MEDIUM) . '</a>';
             }
             //export to print
             ?>
             <script>
                 function goprint() {
                     var a = window.open('','','width=800,height=600');
                     a.document.open("text/html");
                     a.document.write(document.getElementById('wikicontent').innerHTML);
                     a.document.close();
                     a.print();
                 }
             </script>
             <?php 
             $actionsRight .= Display::url(Display::return_icon('printer.png', get_lang('Print'), '', ICON_SIZE_MEDIUM), '#', array('onclick' => "javascript: goprint();"));
         }
         echo Display::toolbarAction('toolbar-wikistudent', array(0 => $actionsLeft, 1 => $actionsRight));
         if (empty($title)) {
             $pageTitle = get_lang('DefaultTitle');
         }
         if (self::wiki_exist($title)) {
             $pageTitle = $icon_assignment . '&nbsp;' . $icon_task . '&nbsp;' . api_htmlentities($title);
         } else {
             $pageTitle = api_htmlentities($title);
         }
         $pageWiki = self::make_wiki_link_clickable(self::detect_external_link(self::detect_anchor_link(self::detect_mail_link(self::detect_ftp_link(self::detect_irc_link(self::detect_news_link($content)))))));
         $footerWiki = '<div id="wikifooter">' . get_lang('Progress') . ': ' . $row['progress'] * 10 . '%&nbsp;&nbsp;&nbsp;' . get_lang('Rating') . ': ' . $row['score'] . '&nbsp;&nbsp;&nbsp;' . get_lang('Words') . ': ' . self::word_count($content) . '</div>';
         echo Display::panel($pageWiki, $pageTitle, $footerWiki);
     }
     //end filter visibility
 }
Exemplo n.º 25
0
            </table>
        </form>
        <div id="loading" class="alert alert-info" role="alert" style="display: none">

        </div>
        <?php 
        } else {
            if ($do == 'add') {
                extract($_POST);
                Year::create($year, $era);
                if ($era == 1) {
                    $dis = $year . ' UFY';
                } else {
                    $dis = $year . ' IRY';
                }
                Event::addEvent('Year ' . $dis . ' has been added.', $_SESSION['user'], 1);
            }
        }
    } else {
        if ($action == 'current') {
            $year = new Year($_GET['id']);
            $year->makeCurrent();
            Event::addEvent('Year ' . $year->getFullYear() . ' is now the current year.', $_SESSION['user'], 2);
            ?>
    <script>
        load('irclockup', 'none', 'none');
    </script>
    <?php 
        }
    }
}
Exemplo n.º 26
0
                        <td><?php 
                echo $user->getClearance()->getClearanceName();
                ?>
</td>
                    </tr>
                    <tr>
                        <th><label for="merits">Merits</label></th>
                        <td><input type="number" id="merits" name="merits" value="<?php 
                echo $user->getMerits();
                ?>
" required /></td>
                    </tr>
                    <tr>
                        <td colspan=2><button id="edit" name="edit" class="btn btn-primary" type="button" onclick="editMerits()">Edit</button></td>
                    </tr>
                </table>
            </form>
            <div id="loading" class="alert alert-info" role="alert" style="display: none">

            </div>
            <?php 
            } else {
                if ($do == 'edit') {
                    extract($_POST);
                    $user->changeMerits($merits);
                    Event::addEvent($user->getName() . '\'s merits have been modified.', $_SESSION['user'], 2);
                }
            }
        }
    }
}
Exemplo n.º 27
0
 /**
  * Disables or enables a user
  * @param int user_id
  * @param int Enable or disable
  * @return void
  * @assert (-1,0) === false
  * @assert (1,1) === true
  */
 private static function change_active_state($user_id, $active)
 {
     if (strval(intval($user_id)) != $user_id) {
         return false;
     }
     if ($user_id < 1) {
         return false;
     }
     $user_id = intval($user_id);
     $table_user = Database::get_main_table(TABLE_MAIN_USER);
     $sql = "UPDATE {$table_user} SET active = '{$active}' WHERE id = {$user_id}";
     $r = Database::query($sql);
     $ev = LOG_USER_DISABLE;
     if ($active == 1) {
         $ev = LOG_USER_ENABLE;
     }
     if ($r !== false) {
         Event::addEvent($ev, LOG_USER_ID, $user_id);
     }
     return $r;
 }
Exemplo n.º 28
0
/**
 * Wrapper for the templates
 *
 * @author Patrick Cool <*****@*****.**>, Ghent University, Belgium
 * @author Julio Montoya.
 * @version August 2008
 * @since Dokeos 1.8.6
 */
function handle_templates()
{
    /* Drive-by fix to avoid undefined var warnings, without repeating
     * isset() combos all over the place. */
    $action = isset($_GET['action']) ? $_GET['action'] : "invalid";
    if ($action != 'add') {
        echo '<div class="actions" style="margin-left: 1px;">';
        echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
        echo '</div>';
    }
    if ($action == 'add' || $action == 'edit' && is_numeric($_GET['id'])) {
        add_edit_template();
        // Add event to the system log.
        $user_id = api_get_user_id();
        $category = $_GET['category'];
        Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
    } else {
        if ($action == 'delete' && is_numeric($_GET['id'])) {
            delete_template($_GET['id']);
            // Add event to the system log
            $user_id = api_get_user_id();
            $category = $_GET['category'];
            Event::addEvent(LOG_CONFIGURATION_SETTINGS_CHANGE, LOG_CONFIGURATION_SETTINGS_CATEGORY, $category, api_get_utc_datetime(), $user_id);
        }
        display_templates();
    }
}
Exemplo n.º 29
0
    $controller->logout($redirect);
}
/* Table definitions */
/* Constants and CONFIGURATION parameters */
/** @todo these configuration settings should move to the Chamilo config settings. */
/** Defines wether or not anonymous visitors can see a list of the courses on the Chamilo homepage that are open to the world. */
$_setting['display_courses_to_anonymous_users'] = 'true';
/* LOGIN */
/**
 * Registers in the track_e_default table (view in important activities in admin
 * interface) a possible attempted break in, sending auth data through get.
 * @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it.
 */
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
    $i = api_get_anonymous_id();
    Event::addEvent(LOG_ATTEMPTED_FORCED_LOGIN, 'tried_hacking_get', $_SERVER['REMOTE_ADDR'] . (empty($_POST['login']) ? '' : '/' . $_POST['login']), null, $i);
    echo 'Attempted breakin - sysadmins notified.';
    session_destroy();
    die;
}
// Delete session neccesary for legal terms
if (api_get_setting('allow_terms_conditions') == 'true') {
    Session::erase('term_and_condition');
}
//If we are not logged in and customapages activated
if (!api_get_user_id() && CustomPages::enabled()) {
    if (Request::get('loggedout')) {
        CustomPages::display(CustomPages::LOGGED_OUT);
    } else {
        CustomPages::display(CustomPages::INDEX_UNLOGGED);
    }
Exemplo n.º 30
0
            <td style="vertical-align: middle"><?php 
        echo $code->getPurpose();
        ?>
</td>
            <td style="vertical-align: middle"><?php 
        echo $code->getDate();
        ?>
</td>
        </tr>
        <?php 
    }
    ?>
    </table>
    <?php 
} else {
    if ($action == 'generate') {
        /*$rand = rand(100, 999);
            $date = date('mdy');
            $name = strtoupper($_SESSION['user']->getName()[0] . $_SESSION['user']->getName()[1]);
        
            $abbrev = '';
        
            foreach (explode(' ', $_SESSION['user']->getAdmin()->getAdminRank()) as $word) {
                $abbrev .= strtoupper($word[0]);
            }*/
        $code = CodeGen::generateCode($_SESSION['user']);
        CodeGen::add($code, $_SESSION['user'], $_POST['purpose']);
        Event::addEvent($_SESSION['user']->getName() . ' has generated an approval code.', $_SESSION['user'], 1);
        echo $code;
    }
}