function editnote_submit(Pieform $form, array $values)
{
global $SESSION, $artefact, $goto;
db_begin();
$artefact->set('title', $values['title']);
$artefact->set('description', $values['description']);
$artefact->set('tags', $values['tags']);
$artefact->set('allowcomments', (int) $values['allowcomments']);
if (isset($values['perms'])) {
$artefact->set('rolepermissions', $values['perms']);
$artefact->set('dirty', true);
}
if (get_config('licensemetadata')) {
$artefact->set('license', $values['license']);
$artefact->set('licensor', $values['licensor']);
$artefact->set('licensorurl', $values['licensorurl']);
}
$artefact->commit();
// Attachments
$old = $artefact->attachment_id_list();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$artefact->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$artefact->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
// need to update the block_instances where this artefact is used - so they have
// the correct configuration artefactids
if ($blocks = get_column('view_artefact', 'block', 'artefact', $artefact->get('id'))) {
require_once get_config('docroot') . 'blocktype/lib.php';
foreach ($blocks as $block) {
$bi = new BlockInstance($block);
$configdata = $bi->get('configdata');
$configdata['artefactids'] = $new;
$bi->set('configdata', $configdata);
$bi->commit();
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('noteupdated', 'artefact.internal'), 'goto' => $goto);
if ($form->submitted_by_js()) {
// Redirect back to the note page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
public function process()
{
db_begin();
$data = $this->get('data');
$filename = get_config('dataroot') . $data['filename'];
$this->trace('Loading import from ' . $filename);
$this->snapshot('begin');
$options = LIBXML_COMPACT | LIBXML_NONET;
if (!($this->xml = simplexml_load_file($filename, 'SimpleXMLElement', $options))) {
// TODO: bail out in a much nicer way...
throw new ImportException($this, "FATAL: XML file is not well formed! Please consult Mahara's error log for more information");
}
$this->namespaces = array_flip($this->xml->getDocNamespaces());
$this->registerXpathNamespaces($this->xml);
$this->trace("Document loaded, entries: " . count($this->xml->entry));
$this->snapshot('loaded XML');
$this->ensure_document_valid();
$this->create_strategy_listing();
$this->snapshot('created strategy listing');
$this->strategy_listing_to_load_mapping();
$this->snapshot('converted strategy listing to load mapping');
$this->import_from_load_mapping();
$this->snapshot('imported data based on load mapping');
$this->import_completed();
db_commit();
}
function create_registered_user($profilefields = array())
{
global $registration, $SESSION, $USER;
require_once get_config('libroot') . 'user.php';
db_begin();
// Move the user record to the usr table from the registration table
$registrationid = $registration->id;
unset($registration->id);
unset($registration->expiry);
if ($expirytime = get_config('defaultaccountlifetime')) {
$registration->expiry = db_format_timestamp(time() + $expirytime);
}
$registration->lastlogin = db_format_timestamp(time());
$authinstance = get_record('auth_instance', 'institution', $registration->institution, 'authname', 'internal');
if (false == $authinstance) {
throw new ConfigException('No internal auth instance for institution');
}
$user = new User();
$user->active = 1;
$user->authinstance = $authinstance->id;
$user->firstname = $registration->firstname;
$user->lastname = $registration->lastname;
$user->email = $registration->email;
$user->username = get_new_username($user->firstname . $user->lastname);
$user->passwordchange = 1;
$user->salt = substr(md5(rand(1000000, 9999999)), 2, 8);
create_user($user, $profilefields);
// If the institution is 'mahara' then don't do anything
if ($registration->institution != 'mahara') {
$institutions = get_records_select_array('institution', "name != 'mahara'");
// If there is only one available, join it without requiring approval
if (count($institutions) == 1) {
$user->join_institution($registration->institution);
} else {
$user->add_institution_request($registration->institution);
}
}
if (!empty($registration->lang) && $registration->lang != 'default') {
set_account_preference($user->id, 'lang', $registration->lang);
}
// Delete the old registration record
delete_records('usr_registration', 'id', $registrationid);
db_commit();
// Log the user in and send them to the homepage
$USER = new LiveUser();
$USER->reanimate($user->id, $authinstance->id);
// A special greeting for special people
if (in_array($user->username, array('waawaamilk', 'Mjollnir`', 'Ned', 'richardm', 'fmarier', 'naveg'))) {
$SESSION->add_ok_msg('MAMA!!! Maharababy happy to see you :D :D!');
} else {
if ($user->username == 'htaccess') {
$SESSION->add_ok_msg('Welcome B-Quack, htaccess!');
} else {
$SESSION->add_ok_msg(get_string('registrationcomplete', 'mahara', get_config('sitename')));
}
}
$SESSION->set('resetusername', true);
redirect();
}
function editgroup_submit(Pieform $form, $values)
{
global $USER, $SESSION, $group_data;
db_begin();
$now = db_format_timestamp(time());
list($grouptype, $jointype) = explode('.', $values['grouptype']);
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'category' => empty($values['category']) ? null : intval($values['category']), 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public']), 'viewnotify' => intval($values['viewnotify'])), 'id');
// When jointype changes from invite/request to anything else,
// remove all open invitations/requests, ---
// Except for when jointype changes from request to open. Then
// we can just add group membership for everyone with an open
// request.
if ($group_data->jointype == 'invite' && $jointype != 'invite') {
delete_records('group_member_invite', 'group', $group_data->id);
} else {
if ($group_data->jointype == 'request') {
if ($jointype == 'open') {
$userids = get_column_sql('
SELECT u.id
FROM {usr} u JOIN {group_member_request} r ON u.id = r.member
WHERE r.group = ? AND u.deleted = 0', array($group_data->id));
if ($userids) {
foreach ($userids as $uid) {
group_add_user($group_data->id, $uid);
}
}
} else {
if ($jointype != 'request') {
delete_records('group_member_request', 'group', $group_data->id);
}
}
}
}
// When group type changes from course to standard, make sure that tutors
// are demoted to members.
if ($group_data->grouptype == 'course' && $grouptype != 'course') {
set_field('group_member', 'role', 'member', 'group', $values['id'], 'role', 'tutor');
}
// When a group changes from public -> private or vice versa, set the
// appropriate access permissions on the group homepage view.
if ($group_data->public != $values['public']) {
$homepageid = get_field('view', 'id', 'type', 'grouphomepage', 'group', $group_data->id);
if ($group_data->public && !$values['public']) {
delete_records('view_access', 'view', $homepageid, 'accesstype', 'public');
insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'loggedin'));
} else {
if (!$group_data->public && $values['public']) {
delete_records('view_access', 'view', $homepageid, 'accesstype', 'loggedin');
insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'public'));
}
}
}
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
db_commit();
redirect('/group/view.php?id=' . $values['id']);
}
/**
* Sets the specified account settings to the current user.
* A table with | Setting label | value | is expected.
*
* @Given /^I set the following account settings values:$/
* @param TableNode $table
*/
public function i_set_account_settings(TableNode $table)
{
global $USER;
$prefs = array();
foreach ($table->getHash() as $accountpref) {
$prefs[$accountpref['field']] = $accountpref['value'];
}
// Validate the settings
if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) {
if (strlen($prefs['urlid']) < 3) {
throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3));
} else {
if (record_exists('usr', 'urlid', $prefs['urlid'])) {
throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account'));
}
}
}
if (get_config('allowmobileuploads')) {
foreach ($prefs['mobileuploadtoken'] as $k => $text) {
if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account'));
}
}
}
// Update user's account settings
db_begin();
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
// Reset the sent and bounce counts otherwise mail will be disabled
// on the next send attempt
$u = new StdClass();
$u->email = $USER->get('email');
$u->id = $USER->get('id');
update_bounce_count($u, true);
update_send_count($u, true);
}
// Remember the user's language & theme prefs, so we can reload the page if they change them
$oldlang = $USER->get_account_preference('lang');
$oldtheme = $USER->get_account_preference('theme');
$oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups');
$oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby');
if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) {
// Make sure the mobile token is formatted / saved correctly
$prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']);
$new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|';
$USER->set_account_preference('mobileuploadtoken', $new_token_pref);
unset($prefs['mobileuploadtoken']);
}
// Set user account preferences
foreach ($expectedprefs as $eprefkey => $epref) {
if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) {
$USER->set_account_preference($eprefkey, $prefs[$eprefkey]);
}
}
db_commit();
}
function delete_all_notifications_submit()
{
global $USER, $SESSION;
$userid = $USER->get('id');
$type = param_variable('type', 'all');
$typesql = '';
if ($type != 'all') {
// Treat as comma-separated list of activity type names
$types = explode(',', preg_replace('/[^a-z,]+/', '', $type));
if ($types) {
$typesql = ' at.name IN (' . join(',', array_map('db_quote', $types)) . ')';
if (in_array('adminmessages', $types)) {
$typesql = '(' . $typesql . ' OR at.admin = 1)';
}
$typesql = ' AND ' . $typesql;
}
}
$from = "\n FROM {notification_internal_activity} a\n JOIN {activity_type} at ON a.type = at.id\n WHERE a.usr = ? {$typesql}";
$values = array($userid);
db_begin();
$count = 0;
$records = get_records_sql_array('SELECT a.id ' . $from, $values);
if ($records) {
$count = sizeof($records);
$ids = array();
foreach ($records as $row) {
$ids[] = $row->id;
}
// Remove parent pointers to messages we're about to delete
execute_sql('
UPDATE {notification_internal_activity}
SET parent = NULL
WHERE parent IN (
' . join(',', array_map('db_quote', $ids)) . '
)');
// delete
execute_sql('
DELETE FROM {notification_internal_activity}
WHERE id IN (
' . join(',', array_map('db_quote', $ids)) . '
)');
// The update_unread_delete db trigger on notification_internal_activity
// will update the unread column on the usr table.
}
db_commit();
$SESSION->add_ok_msg(get_string('deletednotifications1', 'activity', $count));
safe_require('module', 'multirecipientnotification');
if (PluginModuleMultirecipientnotification::is_active()) {
redirect(get_config('wwwroot') . 'module/multirecipientnotification/inbox.php?type=' . $type);
} else {
redirect(get_config('wwwroot') . 'account/activity/index.php?type=' . $type);
}
}
public static function deleteuser($event, $user)
{
db_begin();
// Before deleting the user's notifications, remove parent pointers to the
// messages we're about to delete. The temporary table in this query is
// required by MySQL
execute_sql("\n UPDATE {notification_internal_activity}\n SET parent = NULL\n WHERE parent IN (\n SELECT id FROM (\n SELECT id FROM {notification_internal_activity} WHERE usr = ?\n ) AS temp\n )", array($user['id']));
delete_records('notification_internal_activity', 'usr', $user['id']);
// Delete system messages from this user where the url points to their
// missing profile. They're mostly friend requests, which are now useless.
delete_records_select('notification_internal_activity', '"from" = ? AND type = (SELECT id FROM {activity_type} WHERE name = ?) AND url = ?', array($user['id'], 'maharamessage', get_config('wwwroot') . 'user/view.php?id=' . $user['id']));
db_commit();
}
function delete_tag_submit(Pieform $form, $values)
{
global $SESSION, $USER, $tag;
if (!($userid = $USER->get('id'))) {
redirect(get_config('wwwroot') . 'edittags.php?tag=' . urlencode($tag));
}
db_begin();
execute_sql("DELETE FROM {view_tag} WHERE tag = ? AND view IN (SELECT id FROM {view} WHERE \"owner\" = ?)", array($tag, $userid));
execute_sql("DELETE FROM {artefact_tag} WHERE tag = ? AND artefact IN (SELECT id FROM {artefact} WHERE \"owner\" = ?)", array($tag, $userid));
db_commit();
$SESSION->add_ok_msg(get_string('tagdeletedsuccessfully'));
redirect(get_config('wwwroot') . 'tags.php');
}
function create_registered_user($profilefields = array())
{
global $registration, $SESSION, $USER;
require_once get_config('libroot') . 'user.php';
db_begin();
// Move the user record to the usr table from the registration table
$registrationid = $registration->id;
unset($registration->id);
unset($registration->expiry);
if ($expirytime = get_config('defaultaccountlifetime')) {
$registration->expiry = db_format_timestamp(time() + $expirytime);
}
$registration->lastlogin = db_format_timestamp(time());
$authinstance = get_record('auth_instance', 'institution', $registration->institution, 'authname', 'internal');
if (false == $authinstance) {
// TODO: Specify exception
throw new Exception('No internal auth instance for institution');
}
$user = new User();
$user->username = $registration->username;
$user->password = $registration->password;
$user->salt = $registration->salt;
$user->passwordchange = 0;
$user->active = 1;
$user->authinstance = $authinstance->id;
$user->firstname = $registration->firstname;
$user->lastname = $registration->lastname;
$user->email = $registration->email;
create_user($user, $profilefields);
$user->add_institution_request($registration->institution);
if (!empty($registration->lang) && $registration->lang != 'default') {
set_account_preference($user->id, 'lang', $registration->lang);
}
// Delete the old registration record
delete_records('usr_registration', 'id', $registrationid);
db_commit();
// Log the user in and send them to the homepage
$USER = new LiveUser();
$USER->reanimate($user->id, $authinstance->id);
// A special greeting for special people
if (in_array($user->username, array('waawaamilk', 'Mjollnir`', 'Ned', 'richardm', 'fmarier'))) {
$SESSION->add_ok_msg('MAMA!!! Maharababy happy to see you :D :D!');
} else {
if ($user->username == 'htaccess') {
$SESSION->add_ok_msg('Welcome B-Quack, htaccess!');
} else {
$SESSION->add_ok_msg(get_string('registrationcomplete', 'mahara', get_config('sitename')));
}
}
redirect();
}
function editgroup_submit(Pieform $form, $values)
{
global $USER;
global $SESSION;
db_begin();
$now = db_format_timestamp(time());
list($grouptype, $jointype) = explode('.', $values['grouptype']);
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public'])), 'id');
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
db_commit();
redirect('/group/view.php?id=' . $values['id']);
}
function addmembers_submit(Pieform $form, $values)
{
global $SESSION, $group, $USER;
if (empty($values['users'])) {
redirect(get_config('wwwroot') . 'group/inviteusers.php?id=' . GROUP);
}
db_begin();
foreach ($values['users'] as $userid) {
group_invite_user($group, $userid, $USER->get('id'), 'member', true);
}
db_commit();
$SESSION->add_ok_msg(get_string('invitationssent', 'group', count($values['users'])));
redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
function edit_comment_submit(Pieform $form, $values)
{
global $viewid, $comment, $SESSION, $goto;
db_begin();
$comment->set('description', $values['message']);
$comment->set('private', 1 - (int) $values['ispublic']);
$comment->commit();
require_once 'activity.php';
$data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid);
activity_occurred('feedback', $data, 'artefact', 'comment');
db_commit();
$SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment'));
redirect($goto);
}
function addmembers_submit(Pieform $form, $values)
{
global $SESSION;
if (empty($values['users'])) {
redirect(get_config('wwwroot') . 'group/addmembers.php?id=' . GROUP);
}
db_begin();
foreach ($values['users'] as $userid) {
group_add_user(GROUP, $userid);
}
db_commit();
$SESSION->add_ok_msg(get_string('newmembersadded', 'group', count($values['users'])));
redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
function license_submit(Pieform $form, $values)
{
global $SESSION;
$data = new StdClass();
foreach (array('name', 'displayname', 'shortname', 'icon') as $f) {
$data->{$f} = trim($values[$f]);
}
db_begin();
delete_records('artefact_license', 'name', $data->name);
insert_record('artefact_license', $data);
db_commit();
$SESSION->add_ok_msg(get_string('licensesaved', 'admin'));
redirect('/admin/site/licenses.php');
}
function adminusers_submit(Pieform $form, $values)
{
global $SESSION;
db_begin();
execute_sql('UPDATE {usr}
SET admin = 0
WHERE admin = 1');
execute_sql('UPDATE {usr}
SET admin = 1
WHERE id IN (' . join(',', array_map('intval', $values['users'])) . ')');
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/admins.php');
}
/**
* Link form callback - link the accounts.
*
* @param \Pieform $form Pieform instance.
* @param array $values Submitted values.
*/
public function loginlink_submit(\Pieform $form, $values)
{
global $USER, $SESSION;
if ($this->authinstance === null || empty($this->oidcusername)) {
// User is not logged in. They should never reach here, but as a failsafe...
redirect('/');
}
db_begin();
delete_records('auth_remote_user', 'authinstance', $this->authinstance, 'localusr', $USER->id);
insert_record('auth_remote_user', (object) array('authinstance' => $this->authinstance, 'remoteusername' => $this->oidcusername, 'localusr' => $USER->id));
db_commit();
$SESSION->set('auth_oidc_linkdata', null);
@session_write_close();
redirect('/');
}
function submitview_submit(Pieform $form, $values)
{
global $SESSION, $USER, $viewid, $groupid, $group;
db_begin();
update_record('view', array('submittedgroup' => $groupid, 'submittedtime' => db_format_timestamp(time())), array('id' => $viewid));
$roles = get_column('grouptype_roles', 'role', 'grouptype', $group->grouptype, 'see_submitted_views', 1);
foreach ($roles as $role) {
$accessrecord = (object) array('view' => $viewid, 'group' => $groupid, 'role' => $role, 'visible' => 0, 'allowcomments' => 1, 'approvecomments' => 0);
ensure_record_exists('view_access', $accessrecord, $accessrecord);
}
ArtefactType::update_locked($USER->get('id'));
activity_occurred('groupmessage', array('subject' => get_string('viewsubmitted', 'view'), 'message' => get_string('viewsubmitted', 'view'), 'submittedview' => $viewid, 'viewowner' => $USER->get('id'), 'group' => $groupid, 'roles' => $roles, 'strings' => (object) array('urltext' => (object) array('key' => 'view'))));
db_commit();
$SESSION->add_ok_msg(get_string('viewsubmitted', 'view'));
redirect('/' . returnto());
}
function staffusers_submit(Pieform $form, $values)
{
global $SESSION;
db_begin();
execute_sql('UPDATE {usr}
SET staff = 0
WHERE staff = 1');
if ($values['users']) {
execute_sql('UPDATE {usr}
SET staff = 1
WHERE id IN (' . join(',', $values['users']) . ')');
}
db_commit();
$SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
redirect('/admin/users/staff.php');
}
function import_submit(Pieform $form, $values)
{
global $SESSION;
$date = time();
$nicedate = date('Y/m/d h:i:s', $date);
$uploaddir = get_config('dataroot') . 'import/test-' . $date . '/';
$filename = $uploaddir . $values['file']['name'];
check_dir_exists($uploaddir);
move_uploaded_file($values['file']['tmp_name'], $filename);
if ($values['file']['type'] == 'application/zip') {
// Unzip here
$command = sprintf('%s %s %s %s', escapeshellcmd(get_config('pathtounzip')), escapeshellarg($filename), get_config('unzipdirarg'), escapeshellarg($uploaddir));
$output = array();
exec($command, $output, $returnvar);
if ($returnvar != 0) {
$SESSION->add_error_msg('Unable to unzip the file');
redirect('/import/');
}
$filename = $uploaddir . 'leap2a.xml';
if (!is_file($filename)) {
$SESSION->add_error_msg('No leap2a.xml file detected - please check your export file again');
redirect('/import/');
}
}
// Create dummy user
$user = (object) array('username' => 'import_' . $date, 'password' => 'import1', 'firstname' => 'Imported', 'lastname' => 'User (' . $nicedate . ')', 'email' => '*****@*****.**');
$userid = create_user($user);
// And we're good to go
echo '<pre>';
$filename = substr($filename, strlen(get_config('dataroot')));
require_once dirname(dirname(__FILE__)) . '/import/lib.php';
safe_require('import', 'leap');
db_begin();
$importer = PluginImport::create_importer(null, (object) array('token' => '', 'usr' => $userid, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'data' => array('filename' => $filename), 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_STDOUT, 'profile' => true));
$importer->process();
// Now done, delete the temporary e-mail address if there's a new one
// A bit sucky, presumes only one email in the import
$email = artefact_instance_from_id(get_field('artefact', 'id', 'title', '*****@*****.**', 'artefacttype', 'email', 'owner', $userid));
$email->delete();
execute_sql('UPDATE {artefact_internal_profile_email} SET principal = 1 WHERE "owner" = ?', array($userid));
db_commit();
echo "\n\n";
echo 'Done. You can <a href="' . get_config('wwwroot') . '/admin/users/changeuser.php?id=' . $userid . '">change to this user</a> to inspect the result, ';
echo 'or <a href="' . get_config('wwwroot') . 'import/">try importing again</a>';
echo '</pre>';
exit;
}
function editgoalsandskills_submit(Pieform $form, array $values)
{
global $SESSION, $artefact, $USER;
require_once 'embeddedimage.php';
$newdescription = EmbeddedImage::prepare_embedded_images($values['description'], $values['artefacttype'], $USER->get('id'));
db_begin();
$artefact->set('title', get_string($values['artefacttype'], 'artefact.resume'));
$artefact->set('description', $newdescription);
$artefact->commit();
// Attachments
$old = $artefact->attachment_id_list();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
// only allow the attaching of files that exist and are editable by user
foreach ($new as $key => $fileid) {
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
unset($new[$key]);
}
}
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$artefact->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$artefact->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('goalandskillsaved', 'artefact.resume'), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php');
if ($form->submitted_by_js()) {
// Redirect back to the resume goals and skills page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
function set_version($version, $date)
{
db_begin();
$res = db_query("TRUNCATE TABLE database_startpoint");
if (!$res) {
// db error
echo "DB-ERROR-5: " . db_error() . "\n";
db_rollback();
return false;
}
$res = db_query("INSERT INTO database_startpoint (db_version, db_start_date) VALUES ('{$version}', '{$date}')");
if (!$res) {
// db error
echo "DB-ERROR-5: " . db_error() . "\n";
db_rollback();
return false;
}
echo "GForge Database Version: {$version} ({$date})\n";
db_commit();
}
function edit_comment_submit(Pieform $form, $values)
{
global $viewid, $comment, $SESSION, $goto, $USER;
require_once 'embeddedimage.php';
db_begin();
$comment->set('rating', valid_rating($values['rating']));
require_once get_config('libroot') . 'view.php';
$view = new View($viewid);
$owner = $view->get('owner');
$group = $comment->get('group');
$newdescription = EmbeddedImage::prepare_embedded_images($values['message'], 'comment', $comment->get('id'), $group);
$comment->set('description', $newdescription);
$approvecomments = $view->get('approvecomments');
if (!empty($group) && ($approvecomments || !$approvecomments && $view->user_comments_allowed($USER) == 'private') && $values['ispublic'] && !$USER->can_edit_view($view)) {
$comment->set('requestpublic', 'author');
} else {
if (($approvecomments || !$approvecomments && $view->user_comments_allowed($USER) == 'private') && $values['ispublic'] && (!empty($owner) && $owner != $comment->get('author'))) {
$comment->set('requestpublic', 'author');
} else {
$comment->set('private', 1 - (int) $values['ispublic']);
$comment->set('requestpublic', null);
}
}
$comment->commit();
require_once 'activity.php';
$data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid);
activity_occurred('feedback', $data, 'artefact', 'comment');
if ($comment->get('requestpublic') == 'author') {
if (!empty($owner)) {
edit_comment_notify($view, $comment->get('author'), $owner);
} else {
if (!empty($group)) {
$group_admins = group_get_admin_ids($group);
// TODO: need to notify the group admins bug #1197197
}
}
}
db_commit();
$SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment'));
redirect($goto);
}
function staffusers_submit(Pieform $form, $values)
{
global $SESSION, $USER;
$inst = $values['institution'];
if (empty($inst) || !$USER->can_edit_institution($inst)) {
$SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
redirect('/admin/users/institutionstaff.php');
}
db_begin();
execute_sql('UPDATE {usr_institution}
SET staff = 0
WHERE staff = 1 AND institution = ' . db_quote($inst));
if ($values['users']) {
execute_sql('UPDATE {usr_institution}
SET staff = 1
WHERE usr IN (' . join(',', array_map('intval', $values['users'])) . ') AND institution = ' . db_quote($inst));
}
db_commit();
$SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
redirect('/admin/users/institutionstaff.php?institution=' . $inst);
}
function groupadminsform_submit(Pieform $form, $values)
{
global $SESSION, $group, $admins;
$newadmins = array_diff($values['admins'], $admins);
$demoted = array_diff($admins, $values['admins']);
db_begin();
if ($demoted) {
$demoted = join(',', array_map('intval', $demoted));
execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id));
}
$dbnow = db_format_timestamp(time());
foreach ($newadmins as $id) {
if (record_exists('group_member', 'group', $group->id, 'member', $id)) {
execute_sql("\n UPDATE {group_member}\n SET role = 'admin'\n WHERE \"group\" = ? AND member = ?", array($group->id, $id));
} else {
insert_record('group_member', (object) array('group' => $group->id, 'member' => $id, 'role' => 'admin', 'ctime' => $dbnow, 'mtime' => $dbnow));
}
}
db_commit();
$SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function groupadminsform_submit(Pieform $form, $values)
{
global $SESSION, $group, $admins;
$newadmins = array_diff($values['admins'], $admins);
$demoted = array_diff($admins, $values['admins']);
db_begin();
if ($demoted) {
$demoted = join(',', array_map('intval', $demoted));
execute_sql("\n UPDATE {group_member}\n SET role = 'member'\n WHERE role = 'admin' AND \"group\" = ?\n AND member IN ({$demoted})", array($group->id));
}
$dbnow = db_format_timestamp(time());
foreach ($newadmins as $id) {
if (group_user_access($group->id, $id)) {
group_change_role($group->id, $id, 'admin');
} else {
group_add_user($group->id, $id, 'admin');
}
}
db_commit();
$SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function adminusers_submit(Pieform $form, $values)
{
global $SESSION, $USER;
$inst = $values['institution'];
if (empty($inst) || !$USER->can_edit_institution($inst)) {
$SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
redirect('/admin/users/institutionadmins.php');
}
db_begin();
execute_sql('UPDATE {usr_institution}
SET admin = 0
WHERE admin = 1 AND institution = ' . db_quote($inst));
if ($values['users']) {
execute_sql('UPDATE {usr_institution}
SET admin = 1
WHERE usr IN (' . join(',', $values['users']) . ') AND institution = ' . db_quote($inst));
}
require_once 'activity.php';
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/institutionadmins.php?institution=' . $inst);
}
/**
* Add the users to the system. Make sure that they have to change their
* password on next login also.
*/
function uploadcsv_submit(Pieform $form, $values)
{
global $SESSION, $CSVDATA, $FORMAT;
$formatkeylookup = array_flip($FORMAT);
$authinstance = (int) $values['authinstance'];
$authobj = get_record('auth_instance', 'id', $authinstance);
$institution = new Institution($authobj->institution);
$maxusers = $institution->maxuseraccounts;
if (!empty($maxusers)) {
$members = count_records_sql('
SELECT COUNT(*) FROM {usr} u INNER JOIN {usr_institution} i ON u.id = i.usr
WHERE i.institution = ? AND u.deleted = 0', array($institution->name));
if ($members + count($CSVDATA) > $maxusers) {
$SESSION->add_error_msg(get_string('uploadcsvfailedusersexceedmaxallowed', 'admin'));
redirect('/admin/users/uploadcsv.php');
}
}
log_info('Inserting users from the CSV file');
db_begin();
$addedusers = array();
foreach ($CSVDATA as $record) {
log_debug('adding user ' . $record[$formatkeylookup['username']]);
$user = new StdClass();
$user->authinstance = $authinstance;
$user->username = $record[$formatkeylookup['username']];
$user->firstname = $record[$formatkeylookup['firstname']];
$user->lastname = $record[$formatkeylookup['lastname']];
$user->password = $record[$formatkeylookup['password']];
$user->email = $record[$formatkeylookup['email']];
if (isset($formatkeylookup['studentid'])) {
$user->studentid = $record[$formatkeylookup['studentid']];
}
if (isset($formatkeylookup['preferredname'])) {
$user->preferredname = $record[$formatkeylookup['preferredname']];
}
$user->passwordchange = (int) $values['forcepasswordchange'];
$profilefields = new StdClass();
foreach ($FORMAT as $field) {
if ($field == 'username' || $field == 'password') {
continue;
}
$profilefields->{$field} = $record[$formatkeylookup[$field]];
}
$user->id = create_user($user, $profilefields, $institution, $authobj);
if ($values['emailusers']) {
$addedusers[] = $user;
}
}
db_commit();
// Only send e-mail to users after we're sure they have been inserted
// successfully
$straccountcreatedtext = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordtext' : 'accountcreatedtext';
$straccountcreatedhtml = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordhtml' : 'accountcreatedhtml';
if ($values['emailusers'] && $addedusers) {
foreach ($addedusers as $user) {
$failedusers = array();
try {
email_user($user, null, get_string('accountcreated', 'mahara', get_config('sitename')), get_string($straccountcreatedtext, 'mahara', $user->firstname, get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('sitename')), get_string($straccountcreatedhtml, 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('wwwroot'), get_config('sitename')));
} catch (EmailException $e) {
log_info($e->getMessage());
$failedusers[] = $user;
}
}
if ($failedusers) {
$message = get_string('uploadcsvsomeuserscouldnotbeemailed', 'admin') . "\n<ul>\n";
foreach ($failedusers as $user) {
$message .= '<li>' . full_name($user) . ' <' . hsc($user->email) . "></li>\n";
}
$message .= "</ul>\n";
$SESSION->add_info_msg($message, false);
}
}
log_info('Inserted ' . count($CSVDATA) . ' records');
$SESSION->add_ok_msg(get_string('uploadcsvusersaddedsuccessfully', 'admin'));
redirect('/admin/users/uploadcsv.php');
}
function editpost_submit(Pieform $form, $values)
{
global $USER, $SESSION, $blogpost, $blog;
require_once 'embeddedimage.php';
db_begin();
$postobj = new ArtefactTypeBlogPost($blogpost, null);
$postobj->set('title', $values['title']);
$postobj->set('description', $values['description']);
$postobj->set('tags', $values['tags']);
if (get_config('licensemetadata')) {
$postobj->set('license', $values['license']);
$postobj->set('licensor', $values['licensor']);
$postobj->set('licensorurl', $values['licensorurl']);
}
$postobj->set('published', !$values['draft']);
$postobj->set('allowcomments', (int) $values['allowcomments']);
if (!$blogpost) {
$postobj->set('parent', $blog);
$blogobj = new ArtefactTypeBlog($blog);
if ($blogobj->get('institution')) {
$postobj->set('institution', $blogobj->get('institution'));
} else {
if ($blogobj->get('group')) {
$postobj->set('group', $blogobj->get('group'));
} else {
$postobj->set('owner', $USER->id);
}
}
}
$postobj->commit();
$blogpost = $postobj->get('id');
// Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id
$postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id')));
// Attachments
$old = $postobj->attachment_id_list();
// $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array();
$new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
// only allow the attaching of files that exist and are editable by user
foreach ($new as $key => $fileid) {
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
unset($new[$key]);
}
}
if (!empty($new) || !empty($old)) {
foreach ($old as $o) {
if (!in_array($o, $new)) {
try {
$postobj->detach($o);
} catch (ArtefactNotFoundException $e) {
}
}
}
foreach ($new as $n) {
if (!in_array($n, $old)) {
try {
$postobj->attach($n);
} catch (ArtefactNotFoundException $e) {
}
}
}
}
db_commit();
$result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog);
if ($form->submitted_by_js()) {
// Redirect back to the blog page from within the iframe
$SESSION->add_ok_msg($result['message']);
$form->json_reply(PIEFORM_OK, $result, false);
}
$form->reply(PIEFORM_OK, $result);
}
// Check if unzip is available
// This is required for extracting leap2a zip file
if (!is_executable(get_config('pathtounzip'))) {
die_info(get_string('unzipnotinstalled', 'admin'));
}
$action = param_integer('action', PRINTUPLOADFORM_ACT);
switch ($action) {
case PRINTUPLOADFORM_ACT:
default:
print_upload_form();
break;
case PRINTIMPORTITEMSFORM_ACT:
print_import_items_form();
break;
case DOIMPORT_ACT:
db_begin();
if (isset($_POST['import_submit'])) {
save_decisions();
// Do import and print the results
do_import();
} else {
if (isset($_POST['cancel_import_submit'])) {
cancel_import();
}
}
db_commit();
break;
}
function print_upload_form()
{
$form = pieform(array('name' => 'import', 'method' => 'post', 'plugintype ' => 'core', 'pluginname' => 'import', 'elements' => array('leap2afile' => array('type' => 'file', 'title' => get_string('uploadleap2afile', 'admin'), 'rules' => array('required' => true)), 'submit' => array('type' => 'submit', 'value' => get_string('Import', 'import')))));
/**
* create - use this function to create a new entry in the database.
*
* @param string The filename of this document. Can be a URL.
* @param string The filetype of this document. If filename is URL, this should be 'URL';
* @param string The contents of this document (should be addslashes()'d before entry).
* @param int The doc_group id of the doc_groups table.
* @param string The title of this document.
* @param int The language id of the supported_languages table.
* @param string The description of this document.
* @return boolean success.
*/
function create($filename, $filetype, $data, $doc_group, $title, $language_id, $description)
{
if (strlen($title) < 5) {
$this->setError(_('Title Must Be At Least 5 Characters'));
return false;
}
if (strlen($description) < 10) {
$this->setError(_('Document Description Must Be At Least 10 Characters'));
return false;
}
/*
$perm =& $this->Group->getPermission( session_get_user() );
if (!$perm || !is_object($perm) || !$perm->isDocEditor()) {
$this->setPermissionDeniedError();
return false;
}
*/
$user_id = session_loggedin() ? user_getid() : 100;
$doc_initstatus = '3';
// If Editor - uploaded Documents are ACTIVE
if (session_loggedin()) {
$perm =& $this->Group->getPermission(session_get_user());
if ($perm && is_object($perm) && $perm->isDocEditor()) {
$doc_initstatus = '1';
}
}
// If $filetype is "text/plain", $body convert UTF-8 encoding.
if (strcasecmp($filetype, "text/plain") === 0 && function_exists('mb_convert_encoding') && function_exists('mb_detect_encoding')) {
$data = mb_convert_encoding($data, 'UTF-8', mb_detect_encoding($data));
}
$data1 = $data;
// key words for in-document search
$kw = new Parsedata($this->engine_path);
$kwords = $kw->get_parse_data(stripslashes($data1), htmlspecialchars($title1), htmlspecialchars($description), $filetype);
// $kwords = "";
$filesize = strlen($data);
$sql = "INSERT INTO doc_data (group_id,title,description,createdate,doc_group,\n\t\t\tstateid,language_id,filename,filetype,filesize,data,data_words,created_by)\n\t\t\tVALUES ('" . $this->Group->getId() . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'" . htmlspecialchars($description) . "',\n\t\t\t'" . time() . "',\n\t\t\t'{$doc_group}',\n\t\t\t'{$doc_initstatus}',\n\t\t\t'{$language_id}',\n\t\t\t'{$filename}',\n\t\t\t'{$filetype}',\n\t\t\t'{$filesize}',\n\t\t\t'" . base64_encode(stripslashes($data)) . "',\n\t\t\t'{$kwords}',\n\t\t\t'{$user_id}')";
db_begin();
$result = db_query($sql);
if (!$result) {
$this->setError('Error Adding Document: ' . db_error());
db_rollback();
return false;
}
$docid = db_insertid($result, 'doc_data', 'docid');
if (!$this->fetchData($docid)) {
db_rollback();
return false;
}
$this->sendNotice(true);
db_commit();
return true;
}
