Пример #1
0
    
    cpf_validate_format_valitron($v);
    
    if (!$v->validate()) {
        Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
    } else {
        // register user
        $depid = intval(isset($_POST['department']) ? $_POST['department'] : 0);
        $verified_mail = intval($_POST['verified_mail_form']);
        $all_set = register_posted_variables(array(
            'auth_form' => true,
            'uname_form' => true,
            'surname_form' => true,
            'givenname_form' => true,
            'email_form' => true,
            'language_form' => true,
            'am_form' => false,
            'phone_form' => false,
            'password' => true,
            'pstatus' => true,
            'rid' => false,
            'submit' => true));

        if ($auth_form == 1) { // eclass authentication
            validateNode(intval($depid), isDepartmentAdmin());
            $hasher = new PasswordHash(8, false);
            $password_encrypted = $hasher->HashPassword($_POST['password']);
        } else {
            $password_encrypted = $auth_ids[$_POST['auth_form']];
        }
        $uid = Database::get()->query("INSERT INTO user
Пример #2
0
if (isset($_POST['create_restored_course'])) {
    if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error();
    $currentCourseCode = $course_code;

    $restoreThis = $webDir . '/courses/tmpUnzipping/' .
        $uid . '/' . safe_filename();
    mkdir($restoreThis, 0755, true);
    archiveTables($course_id, $course_code, $restoreThis);
    recurse_copy($webDir . '/courses/' . $course_code,
        $restoreThis . '/html');

    register_posted_variables(array(
        'course_code' => true,
        'course_lang' => true,
        'course_title' => true,
        'course_desc' => true,
        'course_vis' => true,
        'course_prof' => true), 'all');

    create_restored_course($tool_content, $restoreThis, $course_code, $course_lang, $course_title, $course_desc, $course_vis, $course_prof);
    $course_code = $currentCourseCode; // revert course code to the correct value
} else {
    $desc = Database::get()->querySingle("SELECT description FROM course WHERE id = ?d", $course_id)->description;
    $old_deps = array();
    Database::get()->queryFunc("SELECT department FROM course_department WHERE course = ?d",
        function ($dep) use ($treeObj, &$old_deps) {
            $old_deps[] = array('name' => $treeObj->getFullPath($dep->department));
        }, $course_id);

    $tool_content = course_details_form($public_code, $currentCourseName, $titulaires, $currentCourseLanguage, null, $visible, $desc, $old_deps);
Пример #3
0
    $dbPassForm = $helpdeskmail = $faxForm = $postaddressForm = '';
    $eclass_stud_reg = 2;
    $eclass_prof_reg = 1;
    
} else {
    register_posted_variables(array(
        'lang' => true,
        'dbHostForm' => true,
        'dbUsernameForm' => true,
        'dbNameForm' => true,
        'dbPassForm' => true,
        'dbMyAdmin' => true,
        'urlForm' => true,        
        'nameForm' => true,
        'loginForm' => true,
        'passForm' => true,
        'campusForm' => true,
        'helpdeskForm' => true,
        'helpdeskmail' => true,
        'faxForm' => true,
        'postaddressForm' => true,
        'eclass_stud_reg' => true,
        'eclass_prof_reg' => true,
        'emailForm' => true,
        'lang' => true,
        'institutionForm' => true,
        'institutionUrlForm' => true));   
}

function hidden_vars($names) {
    $out = '';
    foreach ($names as $name) {
Пример #4
0
        $('input[name=l_radio]').change(function () {
            if ($('#cc_license').is(":checked")) {
                showCCFields();
            } else {
                hideCCFields();
            }
        }).change();

    });

/* ]]> */
</script>
hContent;

register_posted_variables(array('title' => true, 'password' => true, 'prof_names' => true));
if (empty($prof_names)) {
    $prof_names = "$_SESSION[givenname] $_SESSION[surname]";
}

// departments and validation
$allow_only_defaults = get_config('restrict_teacher_owndep') && !$is_admin;
$allowables = array();
if ($allow_only_defaults) {
    // Method: getDepartmentIdsAllowedForCourseCreation
    // fetches only specific tree nodes, not their sub-children
    //$user->getDepartmentIdsAllowedForCourseCreation($uid);
    // the code below searches for the allow_course flag in the user's department subtrees
    $userdeps = $user->getDepartmentIds($uid);
    $subs = $tree->buildSubtreesFull($userdeps);
    foreach ($subs as $node) {
Пример #5
0
    draw($tool_content, 0);
    exit;
}
if ($prof and !$eclass_prof_reg) {
    $tool_content .= "<div class='alert alert-danger'>{$langForbidden}</div>";
    draw($tool_content, 0);
    exit;
}
if (!$prof and $eclass_stud_reg != 1) {
    $tool_content .= "<div class='alert alert-danger'>{$langForbidden}</div>";
    draw($tool_content, 0);
    exit;
}
$am_required = !$prof && get_config('am_required');
$errors = array();
$all_set = register_posted_variables(array('usercomment' => true, 'givenname' => true, 'surname' => true, 'username' => true, 'userphone' => $prof, 'usermail' => true, 'am' => $am_required, 'department' => true, 'captcha_code' => false));
if (!$all_set) {
    $errors[] = $langFieldsMissing;
}
if (!email_seems_valid($usermail)) {
    $errors[] = $langEmailWrong;
    $all_set = false;
} else {
    $usermail = mb_strtolower(trim($usermail));
}
// check if the username is already in use
$username = canonicalize_whitespace($username);
if (user_exists($username)) {
    $errors[] = $langUserFree;
    $all_set = false;
}
Пример #6
0
}
    
if ($is_editor) {
    $agdx = new AgendaIndexer();
    // modify visibility
    if (isset($_GET['mkInvisibl']) and $_GET['mkInvisibl'] == true) {
        Database::get()->query("UPDATE agenda SET visible = 0 WHERE course_id = ?d AND id = ?d", $course_id, $id);
        $agdx->store($id);
        redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1");
    } elseif (isset($_GET['mkVisibl']) and ( $_GET['mkVisibl'] == true)) {
        Database::get()->query("UPDATE agenda SET visible = 1 WHERE course_id = ?d AND id = ?d", $course_id, $id);
        $agdx->store($id);
        redirect_to_home_page("modules/agenda/index.php?course=$course_code&v=1");
    }
    if (isset($_POST['event_title'])) {
        register_posted_variables(array('startdate' => true, 'event_title' => true, 'content' => true, 'duration' => true));
        $content = purify($content);
        if (isset($_POST['id']) and !empty($_POST['id'])) {  // update event
            $id = $_POST['id'];
            $recursion = null;
            if (!empty($_POST['frequencyperiod']) && intval($_POST['frequencynumber']) > 0 && !empty($_POST['enddate'])) {
                $recursion = array('unit' => $_POST['frequencyperiod'], 'repeat' => $_POST['frequencynumber'], 'end' => $_POST['enddate']);
            }            
            if(isset($_POST['rep']) && $_POST['rep'] == 'yes'){
                $resp = update_recursive_event($id, $event_title, $startdate, $duration, $content, $recursion);
            } else {
                $resp = update_event($id, $event_title, $startdate, $duration, $content, $recursion);
            }
            $agdx->store($id);
        } else { // add new event
            $recursion = null;
Пример #7
0
$_POST['restoreThis'] = null;
// satisfy course_details_form()
if (isset($_POST['create_restored_course'])) {
    $tool_content = "posted";
    $currentCourseCode = $course_code;
    $success = doArchive($course_id, $course_code);
    if ($success !== 0) {
        $retArr = unpack_zip_inner($webDir . "/courses/archive/{$course_code}/{$course_code}-" . date('Ymd') . ".zip");
        $restoreEntry = null;
        foreach ($retArr as $entry) {
            if ($entry['course'] === $course_code) {
                $restoreEntry = $entry;
            }
        }
        if ($restoreEntry !== null) {
            $_POST['restoreThis'] = $restoreEntry['path'];
            // assign the real value to the variable, but no real essence here
            register_posted_variables(array('restoreThis' => true, 'course_code' => true, 'course_lang' => true, 'course_title' => true, 'course_desc' => true, 'course_vis' => true, 'course_prof' => true), 'all', 'autounquote');
            create_restored_course($tool_content, $restoreThis, $course_code, $course_lang, $course_title, $course_vis, $course_prof);
            $tool_content .= "</p><br /><center><p><a href='index.php?course={$currentCourseCode}'>{$langBack}</a></p></center>";
            $course_code = $currentCourseCode;
            // revert course code to the correct value
        }
    }
} else {
    $tool_content = course_details_form($public_code, $currentCourseName, $titulaires, $currentCourseLanguage, null, $visible, '', null);
}
load_js('jstree');
list($js, $html) = $treeObj->buildCourseNodePicker();
$head_content .= $js;
draw($tool_content, 2, null, $head_content);
Пример #8
0
    Log::record($course_id, MODULE_ID_USERS, LOG_INSERT, array('uid' => $uid_to_add, 'right' => '+5'));
    if ($result) {
        $tool_content .= "<div class='alert alert-success'>{$langTheU} {$langAdded}</div>";
        // notify user via email
        $email = uid_to_email($uid_to_add);
        if (!empty($email) and email_seems_valid($email)) {
            $emailsubject = "{$langYourReg} " . course_id_to_title($course_id);
            $emailbody = "{$langNotifyRegUser1} '" . course_id_to_title($course_id) . "' {$langNotifyRegUser2} {$langFormula} \n{$gunet}";
            send_mail('', '', '', $email, $emailsubject, $emailbody, $charset);
        }
    } else {
        $tool_content .= "<div class='alert alert-warning'>{$langAddError}</div>";
    }
    $tool_content .= "<br /><p><a href='{$_SERVER['SCRIPT_NAME']}?course={$course_code}'>{$langAddBack}</a></p><br />\n";
} else {
    register_posted_variables(array('search_surname' => true, 'search_givenname' => true, 'search_username' => true, 'search_am' => true), 'any');
    $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "index.php?course={$course_code}", 'icon' => 'fa-reply', 'level' => 'primary-label')));
    $tool_content .= "<div class='alert alert-info'>{$langAskUser}</div>\n                <div class='form-wrapper'>\n                <form class='form-horizontal' role='form' method='post' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}'>                \n                <fieldset>\n                <div class='form-group'>\n                <label for='surname' class='col-sm-2 control-label'>{$langSurname}:</label>\n                <div class='col-sm-10'>\n                    <input class='form-control' id='surname' type='text' name='search_surname' value='" . q($search_surname) . "' placeholder='{$langSurname}'></div>\n                </div>\n                <div class='form-group'>\n                <label for='name' class='col-sm-2 control-label'>{$langName}:</label>\n                <div class='col-sm-10'>\n                    <input class='form-control' id='name' type='text' name='search_givenname' value='" . q($search_givenname) . "' placeholder='{$langName}'></div>\n                </div>\n                <div class='form-group'>\n                <label for='username' class='col-sm-2 control-label'>{$langUsername}:</label>\n                <div class='col-sm-10'>\n                    <input class='form-control' id='username' type='text' name='search_username' value='" . q($search_username) . "' placeholder='{$langUsername}'></div>\n                </div>\n                <div class='form-group'>\n                <label for='am' class='col-sm-2 control-label'>{$langAm}:</label>\n                <div class='col-sm-10'>\n                    <input class='form-control' id='am' type='text' name='search_am' value='" . q($search_am) . "' placeholder='{$langAm}'></div>\n                </div>\n                <div class='col-sm-offset-2 col-sm-10'>\n                    <input class='btn btn-primary' type='submit' name='search' value='{$langSearch}'>\n                    <a class='btn btn-default' href='index.php?course={$course_code}'>{$langCancel}</a>\n                </div>\n                </fieldset>\n                </form>\n                </div>";
    $search = array();
    $values = array();
    foreach (array('surname', 'givenname', 'username', 'am') as $term) {
        $tvar = 'search_' . $term;
        if (!empty($GLOBALS[$tvar])) {
            $search[] = "u.{$term} LIKE ?s";
            $values[] = $GLOBALS[$tvar] . '%';
        }
    }
    $query = join(' AND ', $search);
    if (!empty($query)) {
        Database::get()->query("CREATE TEMPORARY TABLE lala AS\n                    SELECT user_id FROM course_user WHERE course_id = ?d", $course_id);
        $result = Database::get()->queryArray("SELECT u.id, u.surname, u.givenname, u.username, u.am FROM\n                                                user u LEFT JOIN lala c ON u.id = c.user_id WHERE\n                                                c.user_id IS NULL AND {$query}", $values);
Пример #9
0
$require_admin = TRUE;
require_once '../../include/baseTheme.php';
require_once 'modules/auth/auth.inc.php';
$toolName = $langAuthChangeUser;
$navigation[] = array('url' => 'index.php', 'name' => $langAdmin);
$navigation[] = array('url' => 'auth.php', 'name' => $langUserAuthentication);
if (isset($_GET['auth'])) {
    $auth = $_GET['auth'];
    $_SESSION['auth_temp'] = $auth;
}
if (!isset($auth)) {
    $auth = $_SESSION['auth_temp'];
}
$tool_content .= action_bar(array(array('title' => $langBack, 'url' => "auth.php", 'icon' => 'fa-reply', 'level' => 'primary-label')));
$auth_change = isset($_REQUEST['auth_change']) ? intval($_REQUEST['auth_change']) : false;
register_posted_variables(array('submit' => true));
if ($submit && $auth && $auth_change) {
    if (Database::get()->query("UPDATE user SET password=?s WHERE password=?s AND id != 1", $auth_ids[$auth_change], $auth_ids[$auth])->affectedRows >= 1) {
        $tool_content .= "<div class='alert alert-success'>{$langAuthChangeYes}</div";
        draw($tool_content, 3);
    }
}
$auth_methods = get_auth_active_methods();
foreach ($auth_methods as $key => $value) {
    // remove current auth method
    if ($auth == $value or $value == 1) {
        // cannot change to eclass native method
        unset($auth_methods[$key]);
    }
}
foreach ($auth_methods as $value) {
Пример #10
0
/**
 * @brief add / edit video category
 * @global type $course_id
 * @global type $langCategoryAdded
 * @global type $langCategoryModded
 * @global type $categoryname
 * @global type $description
 */
function submit_video_category() {
    global $langCategoryAdded, $langCategoryModded,
    $categoryname, $description, $course_id;

    register_posted_variables(array('categoryname' => true,
        'description' => true), 'all', 'trim');
    $description = purify($description);
    if (isset($_POST['id'])) {
        Database::get()->query("UPDATE `video_category` SET name = ?s,
                                        description = ?s WHERE id = ?d", $categoryname, $description, $_POST['id']);
        $catlinkstatus = $langCategoryModded;
    } else {
        Database::get()->query("INSERT INTO `video_category` SET name = ?s,
                                description = ?s, course_id = ?d", $categoryname, $description, $course_id);
        $catlinkstatus = $langCategoryAdded;
    }
}
Пример #11
0
$head_content .= "pwStrengthGood: '" . js_escape($langPwStrengthGood) . "', ";
$head_content .= "pwStrengthStrong: '" . js_escape($langPwStrengthStrong) . "'";
$head_content .= <<<hContent
    };

    \$(document).ready(function() {
        \$('#password').keyup(function() {
            \$('#result').html(checkStrength(\$('#password').val()))
        });
    });

/* ]]> */
</script>
hContent;
$reqtype = '';
$all_set = register_posted_variables(array('auth' => true, 'uname' => true, 'surname_form' => true, 'givenname_form' => true, 'email_form' => true, 'verified_mail_form' => false, 'language' => true, 'department' => true, 'am' => false, 'phone' => false, 'password' => true, 'pstatus' => true, 'rid' => false, 'submit' => true));
$submit = isset($_POST['submit']) ? $_POST['submit'] : '';
if (isset($_GET['id'])) {
    $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "../admin/index.php", 'icon' => 'fa-reply', 'level' => 'primary-label'), array('title' => $langBackRequests, 'url' => "../admin/listreq.php{$reqtype}", 'icon' => 'fa-reply', 'level' => 'primary'), array('title' => $langRejectRequest, 'url' => "listreq.php?id={$_GET['id']}&amp;close=2", 'icon' => 'fa-ban', 'level' => 'primary'), array('title' => $langClose, 'url' => "listreq.php?id={$_GET['id']}&amp;close=1", 'icon' => 'fa-close', 'level' => 'primary')));
} else {
    if (isset($rid) and $rid) {
        $backlink = "{$_SERVER['SCRIPT_NAME']}?id={$rid}";
    } else {
        $backlink = $_SERVER['SCRIPT_NAME'];
    }
    $tool_content .= action_bar(array(array('title' => $langBack, 'url' => "../admin/index.php", 'icon' => 'fa-reply', 'level' => 'primary-label'), array('title' => $langBackRequests, 'url' => "../admin/listreq.php{$reqtype}", 'icon' => 'fa-reply', 'level' => 'primary', 'show' => isset($submit) and $success)));
}
if ($submit) {
    // register user
    $depid = intval(isset($_POST['department']) ? $_POST['department'] : 0);
    $proflanguage = $session->validate_language_code(@$_POST['language']);
Пример #12
0
    if (get_config("display_captcha")) {
        $tool_content .= "<div class='form-group'>                    \n                      <div class='col-sm-offset-2 col-sm-10'><img id='captcha' src='{$urlAppend}include/securimage/securimage_show.php' alt='CAPTCHA Image' /></div><br>\n                      <label for='Captcha' class='col-sm-2 control-label'>{$langCaptcha}:</label>\n                      <div class='col-sm-10'><input type='text' name='captcha_code' maxlength='6'/></div>\n                    </div>";
    }
    $tool_content .= "<div class='col-sm-offset-2 col-sm-10'>\n                        <input class='btn btn-primary' type='submit' name='submit' value='" . q($langRegistration) . "' />\n                    </div>\n        </fieldset>\n      </form>\n      </div>";
} else {
    if (get_config('email_required')) {
        $email_arr_value = true;
    } else {
        $email_arr_value = false;
    }
    if (get_config('am_required')) {
        $am_arr_value = true;
    } else {
        $am_arr_value = false;
    }
    $missing = register_posted_variables(array('uname' => true, 'surname_form' => true, 'givenname_form' => true, 'password' => true, 'password1' => true, 'email' => $email_arr_value, 'phone' => false, 'am' => $am_arr_value));
    if (!isset($_POST['department'])) {
        $departments = array();
        $missing = false;
    } else {
        $departments = $_POST['department'];
    }
    $registration_errors = array();
    // check if there are empty fields
    if (!$missing) {
        $registration_errors[] = $langFieldsMissing;
    } else {
        $uname = canonicalize_whitespace($uname);
        // check if the username is already in use
        $username_check = Database::get()->querySingle("SELECT username FROM user WHERE username = ?s", $uname);
        if ($username_check) {
Пример #13
0
         $wiki->setACL($wikiACL);
         $wiki->setGroupId($id);
         $wikiId = $wiki->save();
         $mainPageContent = $langWikiMainPageContent;
         $wikiPage = new WikiPage($wikiId);
         $wikiPage->create($uid, '__MainPage__', $mainPageContent, '', date("Y-m-d H:i:s"), true);
         /*             * ************************************ */
         Log::record($course_id, MODULE_ID_GROUPS, LOG_INSERT, array('id' => $id, 'name' => "{$langGroup} {$group_num}", 'max_members' => $group_max, 'secret_directory' => $secretDirectory));
     }
     if ($group_quantity == 1) {
         $message = "{$group_quantity} {$langGroupAdded}";
     } else {
         $message = "{$group_quantity} {$langGroupsAdded}";
     }
 } elseif (isset($_POST['properties'])) {
     register_posted_variables(array('self_reg' => true, 'multi_reg' => true, 'private_forum' => true, 'has_forum' => true, 'documents' => true, 'wiki' => true), 'all');
     Database::get()->query("UPDATE group_properties SET\n                                 self_registration = ?d,\n                                 multiple_registration = ?d,\n                                 private_forum = ?d,\n                                 forum = ?d,\n                                 documents = ?d,\n                                 wiki = ?d WHERE course_id = ?d", $self_reg, $multi_reg, $private_forum, $has_forum, $documents, $wiki, $course_id);
     $message = $langGroupPropertiesModified;
 } elseif (isset($_REQUEST['delete_all'])) {
     /*         * ************Delete All Group Wikis********** */
     $sql = "SELECT id " . "FROM wiki_properties " . "WHERE group_id " . "IN (SELECT id FROM `group` WHERE course_id = ?d)";
     $results = Database::get()->queryArray($sql, $course_id);
     if (is_array($results)) {
         foreach ($results as $result) {
             $wikiStore = new WikiStore();
             $wikiStore->deleteWiki($result->id);
         }
     }
     /*         * ******************************************** */
     /*         * ************Delete All Group Forums********** */
     $results = Database::get()->queryArray("SELECT `forum_id` FROM `group` WHERE `course_id` = ?d AND `forum_id` <> 0 AND `forum_id` IS NOT NULL", $course_id);
Пример #14
0
/**
 /*
* Mass change user's mail verification status
* @author Kapetanakis Giannis <*****@*****.**>
* @abstract This component massively changes user's verification status.
*
*/
$require_admin = TRUE;
require_once '../../include/baseTheme.php';
$toolName = $langMailVerification;
$navigation[] = array('url' => 'index.php', 'name' => $langAdmin);
$tool_content .= action_bar(array(array('title' => $langBack, 'url' => "{$_SERVER['PHP_SELF']}", 'icon' => 'fa-reply', 'level' => 'primary-label')));
$mr = get_config('email_required') ? $m['yes'] : $m['no'];
$mv = get_config('email_verification_required') ? $m['yes'] : $m['no'];
$mm = get_config('dont_mail_unverified_mails') ? $m['yes'] : $m['no'];
register_posted_variables(array('submit' => true, 'submit0' => true, 'submit1' => true, 'submit2' => true, 'old_mail_ver' => true, 'new_mail_ver' => true));
$mail_ver_data[0] = $langMailVerificationPendingU;
$mail_ver_data[1] = $langMailVerificationYesU;
$mail_ver_data[2] = $langMailVerificationNoU;
if (!empty($submit) && (isset($old_mail_ver) && isset($new_mail_ver))) {
    if ($old_mail_ver != $new_mail_ver) {
        $old_mail_ver = intval($old_mail_ver);
        $new_mail_ver = intval($new_mail_ver);
        $count = Database::get()->query("UPDATE `user` set verified_mail=?s WHERE verified_mail=?s AND user_id!=1", $new_mail_ver, $old_mail_ver)->affectedRows;
        if ($count > 0) {
            $user = $count == 1 ? $langOfUser : $langUsersS;
            $tool_content .= "<div class='alert alert-success'>{$langMailVerificationChanged} {$m['from']} «{$mail_ver_data[$old_mail_ver]}» {$m['in']} «{$mail_ver_data[$new_mail_ver]}» {$m['in']} {$count} {$user}</div>";
        } else {
            $tool_content .= "<div class='alert alert-danger'>{$langMailVerificationChangedNoAdmin}</div>";
        }
    } else {
Пример #15
0
                'givenname' => true,
                'surname' => true,
                'username' => true,
                'userphone' => $prof,
                'usermail' => true,
                'am' => $am_required,
                'department' => true,
    'captcha_code' => false,
    'provider' => false,
    'provider_name' => false,
    'provider_id' => false);

//add custom profile fields required variables
augment_registered_posted_variables_arr($var_arr);

$all_set = register_posted_variables($var_arr);

if (!$all_set) {
    $errors[] = $langFieldsMissing;
}

if (!email_seems_valid($usermail)) {
    $errors[] = $langEmailWrong;
    $all_set = false;
} else {
    $usermail = mb_strtolower(trim($usermail));
}

// check if the username is already in use
$username = canonicalize_whitespace($username);
if (user_exists($username)) {
Пример #16
0
require_once 'videolinkindexer.class.php';
require_once 'exerciseindexer.class.php';
require_once 'forumindexer.class.php';
require_once 'forumtopicindexer.class.php';
require_once 'forumpostindexer.class.php';
require_once 'documentindexer.class.php';
require_once 'unitindexer.class.php';
require_once 'unitresourceindexer.class.php';
$pageName = $langSearch;
if (!get_config('enable_search')) {
    $tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>";
    draw($tool_content, 2);
    exit;
}
$found = false;
register_posted_variables(array('announcements' => true, 'agenda' => true, 'course_units' => true, 'documents' => true, 'exercises' => true, 'forums' => true, 'links' => true, 'video' => true), 'all');
if (isset($_GET['all'])) {
    $all = intval($_GET['all']);
    $announcements = $agenda = $course_units = $documents = $exercises = $forums = $links = $video = 1;
}
if (isset($_REQUEST['search_terms'])) {
    $search_terms = addslashes($_REQUEST['search_terms']);
}
if (empty($search_terms)) {
    // display form
    $tool_content .= "\n        <form method='post' action='{$_SERVER['SCRIPT_NAME']}'>\n        <fieldset>\n        <legend>{$langSearchCriteria}</legend>\n        <table width='100%' class='tbl'>\n        <tr>\n          <th class='left' width='120'>{$langOR}</th>\n          <td colspan='2'><input name='search_terms' type='text' size='80'/></td>\n        </tr>\n        <tr>\n          <th width='30%' class='left' valign='top' rowspan='4'>{$langSearchIn}</th>\n          <td width='35%'><input type='checkbox' name='announcements' checked='checked' />{$langAnnouncements}</td>\n          <td width='35%'><input type='checkbox' name='agenda' checked='checked' />{$langAgenda}</td>\n        </tr>\n        <tr>\n          <td><input type='checkbox' name='course_units' checked='checked' />{$langCourseUnits}</td>\n          <td><input type='checkbox' name='documents' checked='checked' />{$langDoc}</td>\n        </tr>\n        <tr>\n          <td><input type='checkbox' name='forums' checked='checked' />{$langForums}</td>\n          <td><input type='checkbox' name='exercises' checked='checked' />{$langExercices}</td>\n        </tr>\n       <tr>\n          <td><input type='checkbox' name='video' checked='checked' />{$langVideo}</td>\n          <td><input type='checkbox' name='links' checked='checked' />{$langLinks}</td>\n       </tr>\n       <tr>\n         <th>&nbsp;</th>\n         <td colspan='2' class='right'><input class='btn btn-primary' type='submit' name='submit' value='{$langDoSearch}' /></td>\n       </tr>\n       </table>\n       </fieldset>\n       </form>";
} else {
    // ResourceIndexers require course_id inside the input data array (POST, but we do not want to pass it through the form)
    $_POST['course_id'] = $course_id;
    // Search Terms might come from GET, but we want to pass it alltogether with POST in ResourceIndexers
    $_POST['search_terms'] = $search_terms;
Пример #17
0
    
    $var_arr = array('am_form' => get_config('am_required') and $myrow->status != 1,
                    'desc_form' => false,
                    'phone_form' => false,
                    'email_form' => get_config('email_required'),
                    'surname_form' => !$is_admin,
                    'givenname_form' => true,
                    'username_form' => true,
                    'email_public' => false,
                    'phone_public' => false,
                    'am_public' => false);
    
    //add custom profile fields required variables
    augment_registered_posted_variables_arr($var_arr);
    
    $all_ok = register_posted_variables($var_arr, 'all');

    $departments = null;
    if (!get_config('restrict_owndep')) {
        if (!isset($_POST['department']) and !$is_admin) {
            $all_ok = false;
        } else {
            $departments = $_POST['department'];
        }
    }
    $email_public = valid_access($email_public);
    $phone_public = valid_access($phone_public);
    $am_public = valid_access($am_public);

    // upload user picture
    if (isset($_FILES['userimage']) && is_uploaded_file($_FILES['userimage']['tmp_name'])) {
Пример #18
0
} else {
    $is_valid = true;
    if (isset($_SESSION['was_validated']['auth_user_info'])) {
        $auth_user_info = $_SESSION['was_validated']['auth_user_info'];
    }
}
// -----------------------------------------
// registration
// -----------------------------------------
if ($is_valid) {
    $ext_info = !isset($auth_user_info);
    $ext_mail = !(isset($auth_user_info['email']) && $auth_user_info['email']);
    if (isset($_POST['p']) and $_POST['p'] == 1) {
        $ok = register_posted_variables(array('submit' => false, 'uname' => true, 'email' => $email_required && $ext_mail, 'surname_form' => $ext_info, 'givenname_form' => $ext_info, 'am' => $am_required, 'department' => true, 'usercomment' => $comment_required, 'userphone' => $phone_required), 'all');
    } else {
        $ok = register_posted_variables(array('submit' => false, 'email' => $email_required && $ext_mail, 'surname_form' => $ext_info, 'givenname_form' => $ext_info, 'am' => $am_required, 'department' => true, 'userphone' => $phone_required), 'all');
    }
    if (!$ok and $submit) {
        $tool_content .= "<div class='alert alert-danger'>{$langFieldsMissing}</div>";
    }
    $depid = intval($department);
    if (isset($auth_user_info)) {
        $givenname_form = $auth_user_info['firstname'];
        $surname_form = $auth_user_info['lastname'];
        if (!$email and !empty($auth_user_info['email'])) {
            $email = $auth_user_info['email'];
        }
    }
    if (!empty($email) and !email_seems_valid($email)) {
        $ok = NULL;
        $tool_content .= "<div class='alert alert-danger'>{$langEmailWrong}</div>";
Пример #19
0
require_once '../../include/baseTheme.php';
require_once 'include/sendMail.inc.php';
require_once 'include/phpass/PasswordHash.php';
require_once 'include/lib/pwgen.inc.php';
require_once 'include/lib/user.class.php';
require_once 'include/lib/hierarchy.class.php';
require_once 'hierarchy_validations.php';
$tree = new Hierarchy();
$user = new User();
load_js('jstree');
$pageName = $langMultiRegUser;
$navigation[] = array('url' => 'index.php', 'name' => $langAdmin);
$error = '';
$acceptable_fields = array('first', 'last', 'email', 'id', 'phone', 'username', 'password');
if (isset($_POST['submit'])) {
    register_posted_variables(array('email_public' => true, 'am_public' => true, 'phone_public' => true), 'all', 'intval');
    $send_mail = isset($_POST['send_mail']) && $_POST['send_mail'];
    $unparsed_lines = '';
    $new_users_info = array();
    $newstatus = $_POST['type'] == 'prof' ? 1 : 5;
    $departments = isset($_POST['facid']) ? $_POST['facid'] : array();
    $am = $_POST['am'];
    $fields = preg_split('/[ \\t,]+/', $_POST['fields'], -1, PREG_SPLIT_NO_EMPTY);
    foreach ($fields as $field) {
        if (!in_array($field, $acceptable_fields)) {
            $tool_content = "<div class='alert alert-danger'>{$langMultiRegFieldError} <b>" . q($field) . "</b></div>";
            draw($tool_content, 3, 'admin');
            exit;
        }
    }
    // validation for departments
Пример #20
0
 *                  Panepistimiopolis Ilissia, 15784, Athens, Greece
 *                  e-mail: info@openeclass.org
 * ======================================================================== */
$require_current_course = FALSE;
require_once '../../include/baseTheme.php';
require_once 'indexer.class.php';
require_once 'courseindexer.class.php';
$pageName = $langSearch;
// exit if search is disabled
if (!get_config('enable_search')) {
    $tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>";
    draw($tool_content, 0);
    exit;
}
// exit if no POST data
if (!register_posted_variables(array('search_terms' => false, 'search_terms_title' => false, 'search_terms_keywords' => false, 'search_terms_instructor' => false, 'search_terms_coursecode' => false, 'search_terms_description' => false), 'any')) {
    $tool_content .= CourseIndexer::getDetailedSearchForm();
    draw($tool_content, 0);
    exit;
}
// search in the index
$idx = new Indexer();
$hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST));
// courses with visible 1 or 2
// Additional Access Rights
$anonymous = false;
if (isset($uid) and $uid) {
    $anonymous = true;
    $hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false));
    // courses with visible 0 or 3
    if ($uid == 0) {
Пример #21
0
$message = '';
// Once modifications have been done, the user validates and arrives here
if (isset($_POST['modify'])) { 
    $v = new Valitron\Validator($_POST);
    $v->rule('required', array('name'));
    $v->rule('required', array('maxStudent'));
    $v->rule('numeric', array('maxStudent'));
    $v->rule('min', array('maxStudent'), 1);
    $v->labels(array(
        'name' => "$langTheField $langNewGroups",
        'maxStudent' => "$langTheField $langMax $langGroupPlacesThis"
    ));    
    if($v->validate()) {
        // Update main group settings
        register_posted_variables(array('name' => true, 'description' => true), 'all');
        register_posted_variables(array('maxStudent' => true), 'all');
        $student_members = $member_count - count($tutors);
        if ($maxStudent != 0 and $student_members > $maxStudent) {
            $maxStudent = $student_members;
            $message .= "<div class='alert alert-warning'>$langGroupMembersUnchanged</div>";
        }                
		$category_id = intval($_POST['selectcategory']);
        Database::get()->query("UPDATE `group`
                                        SET name = ?s,
                                            description = ?s,
                                            max_members = ?d,
                                            category_id = ?d
                                        WHERE id = ?d", $name, $description, $maxStudent, $category_id, $group_id);

        Database::get()->query("UPDATE forum SET name = ?s WHERE id =
                            (SELECT forum_id FROM `group` WHERE id = ?d)
Пример #22
0
        $am_arr_value = false;
    }
    
    $var_arr = array('uname' => true,
                    'surname_form' => true,
                    'givenname_form' => true,
                    'password' => true,
                    'password1' => true,
                    'email' => $email_arr_value,
                    'phone' => false,
                    'am' => $am_arr_value);
    
    //add custom profile fields required variables
    augment_registered_posted_variables_arr($var_arr);
    
    $missing = register_posted_variables($var_arr);

    if (!isset($_POST['department'])) {
        $departments = array();
        $missing = false;
    } else {
        $departments = $_POST['department'];
    }

    $registration_errors = array();
    // check if there are empty fields
    if (!$missing) {
        $registration_errors[] = $langFieldsMissing;
    } else {
        $uname = canonicalize_whitespace($uname);
        // check if the username is already in use
Пример #23
0
/**
 * @brief Enter the modified info submitted from the category form into the database
 * @global type $course_id
 * @global type $langCategoryAdded
 * @global type $langCategoryModded
 * @global type $categoryname
 * @global type $description
 */
function submit_category() {
    global $course_id, $langCategoryAdded, $langCategoryModded,
    $categoryname, $description;

    register_posted_variables(array('categoryname' => true,
                                    'description' => true), 'all', 'trim');
    $set_sql = "SET name = ?s, description = ?s";
    $terms = array($categoryname, purify($description));

    if (isset($_POST['id'])) {
        $id = getDirectReference($_POST['id']);
        Database::get()->query("UPDATE `link_category` $set_sql WHERE course_id = ?d AND id = ?d", $terms, $course_id, $id);
        $log_type = LOG_MODIFY;
    } else {
        $order = Database::get()->querySingle("SELECT MAX(`order`) as maxorder FROM `link_category`
                                      WHERE course_id = ?d", $course_id)->maxorder;
        $order++;
        $id = Database::get()->query("INSERT INTO `link_category` $set_sql, course_id = ?d, `order` = ?d", $terms, $course_id, $order)->lastInsertID;
        $log_type = LOG_INSERT;
    }
    $txt_description = ellipsize(canonicalize_whitespace(strip_tags($description)), 50, '+');
    Log::record($course_id, MODULE_ID_LINKS, $log_type, array('id' => $id,
        'category' => $categoryname,
        'description' => $txt_description));
}
Пример #24
0
        'enable_search' => true,
        'enable_common_docs' => true,
        'enable_social_sharing_links' => true,
        'login_fail_check' => true,
        'login_fail_threshold' => true,
        'login_fail_deny_interval' => true,
        'login_fail_forgive_interval' => true,
        'actions_expire_interval' => true,
        'log_expire_interval' => true,
        'log_purge_interval' => true,
        'course_metadata' => true,
        'opencourses_enable' => true,
        'mydocs_student_enable' => true,
        'mydocs_teacher_enable' => true);

    register_posted_variables($config_vars, 'all', 'intval');

    if (isset($_POST['mydocs_student_quota'])) {
        set_config('mydocs_student_quota', floatval($_POST['mydocs_student_quota']));
    }
    if (isset($_POST['mydocs_teacher_quota'])) {
        set_config('mydocs_teacher_quota', floatval($_POST['mydocs_teacher_quota']));
    }

    if (!in_array($_POST['course_guest'], array('on', 'off', 'link'))) {
        set_config('course_guest', 'off');
    } else {
        set_config('course_guest', $_POST['course_guest']);
    }

    if ($GLOBALS['opencourses_enable'] == 1) {
Пример #25
0
    @unlink($image_path . '_' . IMAGESIZE_SMALL . '.jpg');
    Database::get()->query("UPDATE user SET has_icon = 0 WHERE id = ?d", $uid);
    Log::record(0, 0, LOG_PROFILE, array('uid' => intval($_SESSION['uid']), 'deleteimage' => 1));
    exit;
}
if (isset($_POST['submit'])) {
    // First process language changes
    if (!file_exists($webDir . '/courses/userimg/')) {
        mkdir($webDir . '/courses/userimg/', 0775);
        touch($webDir . "courses/userimg/index.php");
    }
    $subscribe = (isset($_POST['subscribe']) and $_POST['subscribe'] == 'yes') ? '1' : '0';
    $old_language = $language;
    $langcode = $language = $_SESSION['langswitch'] = $_POST['userLanguage'];
    Database::get()->query("UPDATE user SET lang = ?s WHERE id = ?d", $langcode, $uid);
    $all_ok = register_posted_variables(array('am_form' => get_config('am_required') and $myrow->status != 1, 'desc_form' => false, 'phone_form' => false, 'email_form' => get_config('email_required'), 'surname_form' => !$is_admin, 'givenname_form' => true, 'username_form' => true, 'email_public' => false, 'phone_public' => false, 'am_public' => false), 'all');
    $departments = null;
    if (!get_config('restrict_owndep')) {
        if (!isset($_POST['department']) and !$is_admin) {
            $all_ok = false;
        } else {
            $departments = $_POST['department'];
        }
    }
    $email_public = valid_access($email_public);
    $phone_public = valid_access($phone_public);
    $am_public = valid_access($am_public);
    // upload user picture
    if (isset($_FILES['userimage']) && is_uploaded_file($_FILES['userimage']['tmp_name'])) {
        validateUploadedFile($_FILES['userimage']['name'], 1);
        $type = $_FILES['userimage']['type'];
Пример #26
0
$navigation[] = array('url' => 'auth.php', 'name' => $langUserAuthentication);
$debugCAS = true;

if (isset($_REQUEST['auth']) && is_numeric($_REQUEST['auth'])) {
    $auth = intval($_REQUEST['auth']); // $auth gets the integer value of the auth method if it is set
} else {
    $auth = false;
}

register_posted_variables(array('imaphost' => true, 'pop3host' => true,
    'ldaphost' => true, 'ldap_base' => true,
    'ldapbind_dn' => true, 'ldapbind_pw' => true,
    'ldap_login_attr' => true, 'ldap_login_attr2' => true,
    'ldap_id_attr' => true,
    'dbhost' => true, 'dbtype' => true, 'dbname' => true,
    'dbuser' => true, 'dbpass' => true, 'dbtable' => true,
    'dbfielduser' => true, 'dbfieldpass' => true, 'dbpassencr' => true,
    'shibemail' => true, 'shibuname' => true,
    'shibcn' => true, 'checkseparator' => true,
    'submit' => true, 'auth_instructions' => true, 'auth_title' => true,
	'hybridauth_id_key' => true, 'hybridauth_secret' => true, 'hybridauth_instructions' => true,
    'test_username' => true), 'all');

$test_password = isset($_POST['test_password']) ? $_POST['test_password'] : '';

if ($auth == 7) {
    if ($submit) {
        $_SESSION['cas_do'] = true;
        // $_POST is lost after we come back from CAS
        foreach (array('cas_host', 'cas_port', 'cas_context', 'cas_cachain',
                        'casusermailattr', 'casuserfirstattr', 'casuserlastattr',
Пример #27
0
function submit_category() {
    global $course_id, $langCategoryAdded, $langCategoryModded,
    $categoryname, $description, $langFormErrors, $course_code;
			
	
    register_posted_variables(array('categoryname' => true,
                                    'description' => true), 'all', 'trim');
    $set_sql = "SET name = ?s, description = ?s";
    $terms = array($categoryname, purify($description));
	$v = new Valitron\Validator($_POST);
	$v->rule('required', array('categoryname'));
	if($v->validate()) {

		if (isset($_POST['id'])) {
			$id = getDirectReference($_POST['id']);
			Database::get()->query("UPDATE `group_category` $set_sql WHERE course_id = ?d AND id = ?d", $terms, $course_id, $id);
			$log_type = LOG_MODIFY;
		}
		else {
			$id = Database::get()->query("INSERT INTO `group_category` $set_sql, course_id = ?d", $terms, $course_id)->lastInsertID;
			$log_type = LOG_INSERT;
		}

    $txt_description = ellipsize(canonicalize_whitespace(strip_tags($description)), 50, '+');
    Log::record($course_id, MODULE_ID_LINKS, $log_type, array('id' => $id,
        'category' => $categoryname,
        'description' => $txt_description));
	} 
	else {
        Session::flashPost()->Messages($langFormErrors)->Errors($v->errors());
        redirect_to_home_page("modules/group/group_category.php?course=$course_code&addcategory=1");
		}

}