/**
* @brief create course
* @param type $public_code
* @param type $lang
* @param type $title
* @param string $description
* @param array $departments
* @param type $vis
* @param type $prof
* @param type $password
* @return boolean
*/
function create_course($public_code, $lang, $title, $description, $departments, $vis, $prof, $password = '') {
$code = strtoupper(new_code($departments[0]));
if (!create_course_dirs($code)) {
return false;
}
if (!$public_code) {
$public_code = $code;
}
$q = Database::get()->query("INSERT INTO course
SET code = ?s,
lang = ?s,
title = ?s,
keywords = '',
description = ?s,
visible = ?d,
prof_names = ?s,
public_code = ?s,
created = " . DBHelper::timeAfter() . ",
password = ?s,
glossary_expand = 0,
glossary_index = 1", $code, $lang, $title, $description, $vis, $prof, $public_code, $password);
if ($q) {
$course_id = $q->lastInsertID;
} else {
return false;
}
require_once 'include/lib/course.class.php';
$course = new Course();
$course->refresh($course_id, $departments);
return array($code, $course_id);
}
/**
* record users actions
* @param type $course_id
* @param type $module_id
* @param type $action_type
* @param type $details
* @return none;
*/
public static function record($course_id, $module_id, $action_type, $details)
{
// check `config` values for logging
if (get_config('disable_log_actions')) {
return;
} else {
if (get_config('disable_log_system_actions') and $module_id == 0) {
return;
} elseif (get_config('disable_log_course_actions')) {
return;
}
}
if (!isset($_SESSION['uid'])) {
// it is used only when logging login failures
$userid = 0;
} else {
$userid = $_SESSION['uid'];
// in all other cases
}
Database::get()->query("INSERT INTO log SET\n user_id = ?d,\n course_id = ?d,\n module_id = ?d,\n details = ?s,\n action_type = ?d,\n ts = " . DBHelper::timeAfter() . ",\n ip = ?s", $userid, $course_id, $module_id, serialize($details), $action_type, $_SERVER['SERVER_ADDR']);
return;
}
// check if mail address is valid
if (!empty($email) and !email_seems_valid($email)) {
$tool_content .= "<div class='alert alert-danger'>$langEmailWrong</div>";
user_info_form();
draw($tool_content, 0, null, $head_content);
exit();
} else {
$email = mb_strtolower(trim($email));
}
// Record user request
$q1 = Database::get()->query("INSERT INTO user_request SET
givenname = ?s, surname = ?s, username = ?s, password = ?s,
email = ?s, faculty_id = ?d, phone = ?s,
am = ?s, state = 1, status = ?d, verified_mail = ?d,
date_open = " . DBHelper::timeAfter() . ", comment = ?s, lang = ?s,
request_ip = ?s",
$givenname_form, $surname_form, $uname, $password, $email, $depid, $userphone,
$am, $status, $verified_mail, $usercomment, $language, $_SERVER['REMOTE_ADDR']);
$request_id = $q1->lastInsertID;
// email does not need verification -> mail helpdesk
if (!$email_verification_required) {
$emailAdministrator = get_config('email_sender');
$emailhelpdesk = get_config('email_helpdesk');
// send email
$MailMessage = $mailbody1 . $mailbody2 . "$givenname_form $surname_form\n\n" . $mailbody3
. $mailbody4 . $mailbody5 . "$mailbody6\n\n" . "$langFaculty: " . $tree->getFullPath($depid) . "
\n$langComments: $usercomment\n"
. "$langProfUname : $uname\n$langProfEmail : $email\n" . "$contactphone : $userphone\n\n\n$logo\n\n";
if (!send_mail($siteName, $emailAdministrator, $gunet, $emailhelpdesk, $mailsubject, $MailMessage, $charset, "Reply-To: $email")) {
}
}
//=======================================================
// create course modules
create_modules($new_course_id);
Database::get()->query("INSERT INTO course_user SET
course_id = ?d,
user_id = ?d,
status = 1,
tutor = 1,
reg_date = " . DBHelper::timeAfter() . ",
document_timestamp = " . DBHelper::timeAfter() . "",
intval($new_course_id), intval($uid));
Database::get()->query("INSERT INTO group_properties SET
course_id = ?d,
self_registration = 1,
multiple_registration = 0,
forum = 1,
private_forum = 0,
documents = 1,
wiki = 0,
agenda = 0", intval($new_course_id));
$course->refresh($new_course_id, $departments);
// create courses/<CODE>/index.php
course_index($code);
// check if hybridauth provider and provider user id is used (the
// validity of both is checked on a previous step in this script)
if (empty($provider) && empty($_POST['provider_id'])) {
$q1 = Database::get()->query("INSERT INTO user (surname, givenname, username, password, email,
status, am, phone, registered_at, expires_at,
lang, verified_mail, whitelist, description)
VALUES (?s, ?s, ?s, '$password_encrypted', ?s, " . USER_STUDENT . ", ?s, ?s, " . DBHelper::timeAfter() . ",
" . DBHelper::timeAfter(get_config('account_duration')) . ", ?s, $verified_mail, '', '')",
$surname_form, $givenname_form, $uname, $email, $am, $phone, $language);
} else {
$q1 = Database::get()->query("INSERT INTO user (surname, givenname, username, password, email,
status, am, phone, registered_at, expires_at,
lang, verified_mail, whitelist, description)
VALUES (?s, ?s, ?s, '$password_encrypted', ?s, " . USER_STUDENT . ", ?s, ?s, " . DBHelper::timeAfter() . ",
" . DBHelper::timeAfter(get_config('account_duration')) . ", ?s, $verified_mail, '', '')",
$surname_form, $givenname_form, $uname, $email, $am, $phone, $language);
if ($q1) {
Database::get()->query('INSERT INTO user_ext_uid
SET user_id = ?d, auth_id = ?d, uid = ?s',
$q1->lastInsertID, $auth, $user_data->identifier);
}
}
$last_id = $q1->lastInsertID;
$userObj->refresh($last_id, $departments);
user_hook($last_id);
//fill custom profile fields
process_profile_fields_data(array('uid' => $last_id, 'origin' => 'student_register'));
$terms[] = $user_type;
}
if (!empty($auth_type)) {
if ($auth_type >= 2) {
$criteria[] = 'password = ?s';
$terms[] = $auth_ids[$auth_type];
} elseif ($auth_type == 1) {
$criteria[] = 'password NOT IN (' . implode(', ', array_fill(0, count($auth_ids), '?s')) . ')';
$terms = array_merge($terms, $auth_ids);
}
}
if (!empty($email)) {
$criteria[] = 'email LIKE ?s';
$terms[] = '%' . $email . '%';
if ($search == 'inactive') {
$criteria[] = 'expires_at < ' . DBHelper::timeAfter();
}
// Department search
$depqryadd = '';
$dep = isset($_POST['department']) ? intval($_POST['department']) : 0;
if ($dep || isDepartmentAdmin()) {
$depqryadd = ', user_department';
$subs = array();
if ($dep) {
$subs = $tree->buildSubtrees(array($dep));
} else {
if (isDepartmentAdmin()) {
$subs = $user->getDepartmentIds($uid);
}
}
$count = 0;
if (isset($_POST['submit'])) {
foreach ($errors as $message) {
$tool_content .= "<div class='alert alert-warning'>{$message}</div>";
}
}
if ($all_set) {
$email_verification_required = get_config('email_verification_required');
$emailhelpdesk = get_config('email_helpdesk');
if (!$email_verification_required) {
$verified_mail = 2;
} else {
$verified_mail = 0;
}
// register user request
$status = $prof ? USER_TEACHER : USER_STUDENT;
$res = Database::get()->query("INSERT INTO user_request SET\n\t\t\tgivenname = ?s, surname = ?s, username = ?s, email = ?s,\n\t\t\tam = ?s, faculty_id = ?d, phone = ?s,\n\t\t\tstate = 1, status = {$status},\n\t\t\tverified_mail = ?d, date_open = " . DBHelper::timeAfter() . ",\n\t\t\tcomment = ?s, lang = ?s, request_ip = ?s", $givenname, $surname, $username, $usermail, $am, $department, $userphone, $verified_mail, $usercomment, $language, $_SERVER['REMOTE_ADDR']);
$request_id = $res->lastInsertID;
// email does not need verification -> mail helpdesk
if (!$email_verification_required) {
//----------------------------- Email Request Message --------------------------
$dep_body = $tree->getFullPath($department);
$subject = $prof ? $mailsubject : $mailsubject2;
$MailMessage = $mailbody1 . $mailbody2 . "{$givenname} {$surname}\n\n" . $mailbody3 . $mailbody4 . $mailbody5 . ($prof ? $mailbody6 : $mailbody8) . "\n\n{$langFaculty}: {$dep_body}\n{$langComments}: {$usercomment}\n" . "{$langAm}: {$am}\n" . "{$langProfUname}: {$username}\n{$langProfEmail} : {$usermail}\n" . "{$contactphone}: {$userphone}\n\n\n{$logo}\n\n";
$emailAdministrator = get_config('email_sender');
if (!send_mail($siteName, $emailAdministrator, '', $emailhelpdesk, $subject, $MailMessage, $charset, "Reply-To: {$usermail}")) {
$tool_content .= "<div class='alert alert-warning'>{$langMailErrorMessage} <a href='mailto:{$emailhelpdesk}' class='mainpage'>{$emailhelpdesk}</a>.</div>";
}
// User Message
$tool_content .= "<div class='alert alert-success'>" . ($prof ? $langDearProf : $langDearUser) . "!<br />{$success}</div><p>{$infoprof}<br /><br />{$click} <a href='{$urlServer}' class='mainpage'>{$langHere}</a> {$langBackPage}</p>";
} else {
$hmac = token_generate($username . $usermail . $request_id);
$dates[] = $date_ended->format("Y-m-d H:i:s");
} else {
$end_sql = 'end = NULL';
}
$newContent = purify($newContent);
if (isset($_POST['id'])) {
// modify announcement
$id = $_POST['id'];
Database::get()->query("UPDATE admin_announcement\n SET title = ?s, body = ?s, lang = ?s,\n `date` = " . DBHelper::timeAfter() . ", {$start_sql}, {$end_sql}\n WHERE id = ?d", $title, $newContent, $lang_admin_ann, $dates, $id);
$message = $langAdminAnnModify;
} else {
// add new announcement
// order
$orderMax = Database::get()->querySingle("SELECT MAX(`order`) as max FROM admin_announcement")->max;
$order = $orderMax + 1;
Database::get()->query("INSERT INTO admin_announcement\n SET title = ?s, \n body = ?s,\n visible = 1, \n lang = ?s,\n `date` = " . DBHelper::timeAfter() . ", \n `order` = ?d, \n {$start_sql}, \n {$end_sql}", $title, $newContent, $lang_admin_ann, $order, $dates);
$message = $langAdminAnnAdd;
}
}
// action message
if (isset($message) && !empty($message)) {
$tool_content .= "<div class='alert alert-success'>{$message}</div><br/>";
$displayAnnouncementList = true;
$displayForm = false;
//do not show form
}
// display form
if ($displayForm && isset($_GET['addAnnounce']) || isset($_GET['modify'])) {
$displayAnnouncementList = false;
// display add announcement command
$navigation[] = array("url" => "{$_SERVER['SCRIPT_NAME']}", "name" => $langAdminAn);
/**
* @brief create copy of an existing gradebook. (with same activities and no users).
* @global type $course_id
* @param type $gradebook_id
*/
function clone_gradebook($gradebook_id) {
global $course_id, $langCopyDuplicate;
$newTitle = get_gradebook_title($gradebook_id)." $langCopyDuplicate";
$newRange = get_gradebook_range($gradebook_id);
$new_gradebook_id = Database::get()->query("INSERT INTO gradebook SET course_id = ?d,
students_semester = 1, `range` = ?d,
active = 1, title = ?s", $course_id, $newRange, $newTitle)->lastInsertID;
Database::get()->query("INSERT INTO gradebook_activities (gradebook_id, title, activity_type, date, description, weight, module_auto_id, module_auto_type, auto, visible)
SELECT $new_gradebook_id, title, activity_type, " . DBHelper::timeAfter() . ", description, weight, module_auto_id, module_auto_type, auto, 1
FROM gradebook_activities WHERE gradebook_id = ?d", $gradebook_id);
}
foreach ($q as $data) {
Database::get()->query("UPDATE gradebook_book SET grade = $data->grade/$data->range WHERE id = $data->id");
}
}
if (!DBHelper::fieldExists('gradebook', 'end_date')) {
Database::get()->query("ALTER TABLE `gradebook` ADD `end_date` DATETIME NOT NULL");
Database::get()->query("UPDATE `gradebook` SET `end_date` = " . DBHelper::timeAfter(6*30*24*60*60) . ""); // 6 months after
}
if (!DBHelper::fieldExists('attendance', 'start_date')) {
Database::get()->query("ALTER TABLE `attendance` ADD `start_date` DATETIME NOT NULL");
Database::get()->query("UPDATE `attendance` SET `start_date` = " . DBHelper::timeAfter(-6*30*24*60*60) . ""); // 6 months after
}
if (!DBHelper::fieldExists('attendance', 'end_date')) {
Database::get()->query("ALTER TABLE `attendance` ADD `end_date` DATETIME NOT NULL");
Database::get()->query("UPDATE `attendance` SET `end_date` = " . DBHelper::timeAfter(6*30*24*60*60) . ""); // 6 months after
}
// Cancelled exercises total weighting fix
$exercises = Database::get()->queryArray("SELECT exercise.id AS id, exercise.course_id AS course_id, exercise_user_record.eurid AS eurid "
. "FROM exercise_user_record, exercise "
. "WHERE exercise_user_record.eid = exercise.id "
. "AND exercise_user_record.total_weighting = 0 "
. "AND exercise_user_record.attempt_status = 4");
foreach ($exercises as $exercise) {
$totalweight = Database::get()->querySingle("SELECT SUM(exercise_question.weight) AS totalweight
FROM exercise_question, exercise_with_questions
WHERE exercise_question.course_id = ?d
AND exercise_question.id = exercise_with_questions.question_id
AND exercise_with_questions.exercise_id = ?d", $exercise->course_id, $exercise->id)->totalweight;
Database::get()->query("UPDATE exercise_user_record SET total_weighting = ?f WHERE eurid = ?d", $totalweight, $exercise->eurid);
}
/**
* @brief register user to course
* @param type $uid
* @param type $course_code
* @return boolean
*/
function register($uid, $course_code)
{
$result = Database::get()->querySingle("SELECT code, id FROM course WHERE code = ?s OR public_code = ?s", $course_code, $course_code);
if ($result) {
Database::get()->query("INSERT INTO course_user\n SET course_id = ?d, user_id = ?d, status = " . USER_STUDENT . ",\n reg_date = " . DBHelper::timeAfter() . "", $result->id, $uid);
return true;
}
return false;
}
if (ctype_alnum($_POST['view_type'])) {
$view_type = $_POST['view_type'];
if ($view_type == "weekly" && ($_POST['start_date'] != '' && $_POST['start_date'] != '0000-00-00')) {
$view_type == "weekly";
} else {
$view_type = "units";
}
}
if (empty($_POST['start_date'])) {
$_POST['start_date'] = '0000-00-00';
}
if (empty($_POST['finish_date'])) {
$_POST['finish_date'] = '0000-00-00';
}
$description = purify($_POST['description']);
$result = Database::get()->query("INSERT INTO course SET\n code = ?s,\n lang = ?s,\n title = ?s,\n visible = ?d,\n course_license = ?d,\n prof_names = ?s,\n public_code = ?s,\n doc_quota = ?f,\n video_quota = ?f,\n group_quota = ?f,\n dropbox_quota = ?f,\n password = ?s,\n view_type = ?s,\n start_date = ?t,\n finish_date = ?t,\n keywords = '',\n created = " . DBHelper::timeAfter() . ",\n glossary_expand = 0,\n glossary_index = 1,\n description = ?s", $code, $language, $title, $_POST['formvisible'], intval($course_license), $prof_names, $code, $doc_quota * 1024 * 1024, $video_quota * 1024 * 1024, $group_quota * 1024 * 1024, $dropbox_quota * 1024 * 1024, $password, $view_type, $_POST['start_date'], $_POST['finish_date'], $description);
$new_course_id = $result->lastInsertID;
if (!$new_course_id) {
Session::Messages($langGeneralError);
redirect_to_home_page('modules/create_course/create_course.php');
}
//===================course format and start and finish date===============
if ($view_type == "weekly") {
//get the last inserted id as the course id
$course_id = $new_course_id;
$begin = new DateTime($_POST['start_date']);
//check if there is no end date
if ($_POST['finish_date'] == "" || $_POST['finish_date'] == '0000-00-00') {
$end = new DateTime($begin->format("Y-m-d"));
$end->add(new DateInterval('P26W'));
} else {
// register user request
$status = $prof ? USER_TEACHER : USER_STUDENT;
if(!empty($provider) && !empty($user_data->identifier)) {
$res = Database::get()->query("INSERT INTO user_request SET
givenname = ?s, surname = ?s, username = ?s, email = ?s,
am = ?s, faculty_id = ?d, phone = ?s,
state = 1, status = $status,
verified_mail = ?d, date_open = " . DBHelper::timeAfter() . ",
comment = ?s, lang = ?s, request_ip = ?s, " . $provider . "_uid = ?s",
$givenname, $surname, $username, $usermail, $am, $department, $userphone, $verified_mail, $usercomment, $language, $_SERVER['REMOTE_ADDR'], $user_data->identifier);
} else {
$res = Database::get()->query("INSERT INTO user_request SET
givenname = ?s, surname = ?s, username = ?s, email = ?s,
am = ?s, faculty_id = ?d, phone = ?s,
state = 1, status = $status,
verified_mail = ?d, date_open = " . DBHelper::timeAfter() . ",
comment = ?s, lang = ?s, request_ip = ?s",
$givenname, $surname, $username, $usermail, $am, $department, $userphone, $verified_mail, $usercomment, $language, $_SERVER['REMOTE_ADDR']);
}
$request_id = $res->lastInsertID;
//save custom profile fields values in pending table
process_profile_fields_data(array('user_request_id' => $request_id, 'pending' => true));
// email does not need verification -> mail helpdesk
if (!$email_verification_required) {
//----------------------------- Email Request Message --------------------------
$dep_body = $tree->getFullPath($department);
$subject = $prof ? $mailsubject : $mailsubject2;
$MailMessage = $mailbody1 . $mailbody2 . "$givenname $surname\n\n" .
$mailbody3 . $mailbody4 . $mailbody5 .
/**
* @brief clone attendance
* @global type $course_id
* @param type $attendance_id*
*/
function clone_attendance($attendance_id) {
global $course_id, $langCopyDuplicate;
$newTitle = get_attendance_title($attendance_id).$langCopyDuplicate;
$newLimit = get_attendance_limit($attendance_id);
$new_attendance_id = Database::get()->query("INSERT INTO attendance SET course_id = ?d,
students_semester = 1, `limit` = ?d,
active = 1, title = ?s", $course_id, $newLimit, $newTitle)->lastInsertID;
Database::get()->query("INSERT INTO attendance_activities (attendance_id, title, date, description, module_auto_id, module_auto_type, auto)
SELECT $new_attendance_id, title, " . DBHelper::timeAfter() . ", description, module_auto_id, module_auto_type, auto
FROM attendance_activities WHERE attendance_id = ?d", $attendance_id);
}
/**
* @brief create guest account or update password if it already exists
* @global type $langGuestName
* @global type $langGuestSurname
* @param type $username
* @param type $course_id
* @param type $password
* @return none
*/
function createguest($username, $course_id, $password) {
global $langGuestName, $langGuestSurname, $langGuestFail;
$hasher = new PasswordHash(8, false);
if ($password !== '') {
$password = $hasher->HashPassword($password);
}
$q = Database::get()->querySingle("SELECT user_id from course_user WHERE status=" . USER_GUEST . " AND course_id = $course_id");
if ($q) {
$guest_id = $q->user_id;
Database::get()->query("UPDATE user SET password = ?s WHERE id = ?d", $password, $guest_id);
} else {
$q = Database::get()->query("INSERT INTO user (surname, givenname, username, password, status, registered_at, expires_at, whitelist, description)
VALUES (?s, ?s, ?s, ?s, " . USER_GUEST . ", ".DBHelper::timeAfter().", ".DBHelper::timeAfter(get_config('account_duration')).", '','')",
$langGuestSurname, $langGuestName, $username, $password);
$guest_id = $q->lastInsertID;
}
Database::get()->query("INSERT IGNORE INTO course_user (course_id, user_id, status, reg_date)
VALUES (?d, ?d, " . USER_GUEST . ", ".DBHelper::timeAfter().")", $course_id, $guest_id);
return;
}
$endDate_obj = DateTime::createFromFormat('d-m-Y', $_POST['enddate']);
$stop_display = $endDate_obj->format('Y-m-d');
} else {
$stop_display = "0000-00-00";
}
if (!empty($_POST['id'])) {
$id = intval($_POST['id']);
Database::get()->query("UPDATE announcement SET content = ?s, title = ?s, `date` = " . DBHelper::timeAfter() . ", start_display = ?t, stop_display = ?t WHERE id = ?d", $newContent, $antitle, $start_display, $stop_display, $id);
$log_type = LOG_MODIFY;
$message = "<div class='alert alert-success'>{$langAnnModify}</div>";
} else {
// add new announcement
$orderMax = Database::get()->querySingle("SELECT MAX(`order`) AS maxorder FROM announcement\n WHERE course_id = ?d", $course_id)->maxorder;
$order = $orderMax + 1;
// insert
$id = Database::get()->query("INSERT INTO announcement\n SET content = ?s,\n title = ?s, `date` = " . DBHelper::timeAfter() . ",\n course_id = ?d, `order` = ?d,\n visible = 1,\n start_display = ?t,\n stop_display = ?t", $newContent, $antitle, $course_id, $order, $start_display, $stop_display)->lastInsertID;
$log_type = LOG_INSERT;
}
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_ANNOUNCEMENT, $id);
$txt_content = ellipsize_html(canonicalize_whitespace(strip_tags($_POST['newContent'])), 50, '+');
Log::record($course_id, MODULE_ID_ANNOUNCE, $log_type, array('id' => $id, 'email' => $send_mail, 'title' => $_POST['antitle'], 'content' => $txt_content));
// send email
if ($send_mail) {
$recipients_emaillist = "";
foreach ($_POST['recipients'] as $re) {
$recipients_emaillist .= empty($recipients_emaillist) ? "'{$re}'" : ",'{$re}'";
}
$emailContent = "{$professorMessage}: " . q($_SESSION['givenname']) . " " . q($_SESSION['surname']) . "<br>\n<br>\n" . q($_POST['antitle']) . "<br>\n<br>\n" . $_POST['newContent'];
$emailSubject = "{$professorMessage} ({$public_code} - " . q($title) . " - {$langAnnouncement})";
// select students email list
$countEmail = 0;
});
});
$(".btn-group button[data-calendar-view]").each(function() {
var $this = $(this);
$this.click(function() {
calendar.view($this.data("calendar-view"));
});
});'
."})
</script>";
// For statistics: record login
Database::get()->query("INSERT INTO logins
SET user_id = ?d, course_id = ?d, ip = ?s, date_time = " . DBHelper::timeAfter(),
$uid, $course_id, $_SERVER['REMOTE_ADDR']);
// opencourses hits sumation
$visitsopencourses = 0;
$hitsopencourses = 0;
if (get_config('opencourses_enable')) {
$cxml = CourseXMLElement::initFromFile($course_code);
$reslastupdate = Database::get()->querySingle("select datestamp from oai_record where course_id = ?d and deleted = ?d", $course_id, 0);
$lastupdate = null;
if ($reslastupdate) {
$lastupdate = strtotime($reslastupdate->datestamp);
}
if ($cxml && $lastupdate && (time() - $lastupdate > 24 * 60 * 60)) {
// need to refresh hits when no update occurred during the last 24 hours
CourseXMLElement::refreshCourse($course_id, $course_code);
$require_course_admin = true;
$require_help = true;
$helpTopic = 'User';
require_once '../../include/baseTheme.php';
require_once 'include/sendMail.inc.php';
require_once 'include/log.php';
$toolName = $langUsers;
$pageName = $langAddUser;
$navigation[] = array('url' => "index.php?course=$course_code", 'name' => $langUsers);
if (isset($_GET['add'])) {
$uid_to_add = intval(getDirectReference($_GET['add']));
$result = Database::get()->query("INSERT IGNORE INTO course_user (user_id, course_id, status, reg_date, document_timestamp)
VALUES (?d, ?d, " . USER_STUDENT . ", " . DBHelper::timeAfter() . ", " . DBHelper::timeAfter(). ")", $uid_to_add, $course_id);
Log::record($course_id, MODULE_ID_USERS, LOG_INSERT, array('uid' => $uid_to_add,
'right' => '+5'));
if ($result) {
Session::Messages( $langTheU . $langAdded, "alert alert-success");
//$tool_content .= "<div class='alert alert-success'>$langTheU $langAdded</div>";
// notify user via email
$email = uid_to_email($uid_to_add);
if (!empty($email) and email_seems_valid($email)) {
$emailsubject = "$langYourReg " . course_id_to_title($course_id);
$emailbody = "$langNotifyRegUser1 '" . course_id_to_title($course_id) . "' $langNotifyRegUser2 $langFormula \n$gunet";
send_mail('', '', '', $email, $emailsubject, $emailbody, $charset);
}
} else {
Session::Messages( $langAddError, "alert alert-warning");
if (!$email_verification_required) {
$verified_mail = 2;
} else {
$verified_mail = 0;
}
// check if mail address is valid
if (!empty($email) and !email_seems_valid($email)) {
$tool_content .= "<div class='alert alert-danger'>{$langEmailWrong}</div>";
user_info_form();
draw($tool_content, 0, null, $head_content);
exit;
} else {
$email = mb_strtolower(trim($email));
}
// Record user request
$q1 = Database::get()->query("INSERT INTO user_request SET\n givenname = ?s, surname = ?s, username = ?s, password = '******',\n email = ?s, faculty_id = ?d, phone = ?s,\n am = ?s, state = 1, status = ?d, verified_mail = ?d,\n date_open = " . DBHelper::timeAfter() . ", comment = ?s, lang = ?s,\n request_ip = ?s", $givenname_form, $surname_form, $uname, $email, $depid, $userphone, $am, $status, $verified_mail, $usercomment, $language, $_SERVER['REMOTE_ADDR']);
$request_id = $q1->lastInsertID;
// email does not need verification -> mail helpdesk
if (!$email_verification_required) {
$emailAdministrator = get_config('email_sender');
// send email
$MailMessage = $mailbody1 . $mailbody2 . "{$givenname_form} {$surname_form}\n\n" . $mailbody3 . $mailbody4 . $mailbody5 . "{$mailbody6}\n\n" . "{$langFaculty}: " . $tree->getFullPath($depid) . "\n \n{$langComments}: {$usercomment}\n" . "{$langProfUname} : {$uname}\n{$langProfEmail} : {$email}\n" . "{$contactphone} : {$userphone}\n\n\n{$logo}\n\n";
if (!send_mail($siteName, $emailAdministrator, $gunet, $emailhelpdesk, $mailsubject, $MailMessage, $charset, "Reply-To: {$email}")) {
$tool_content .= "<div class='alert alert-warning'>{$langMailErrorMessage} <a href='mailto:{$emailhelpdesk}'>{$emailhelpdesk}</a></div>";
draw($tool_content, 0);
exit;
}
$tool_content .= "<div class='alert alert-success'>{$greeting},<br />{$success}<br /></div><p>{$infoprof}</p><br />\n <p>« <a href='{$urlServer}'>{$langBack}</a></p>";
} else {
// email needs verification -> mail user
$hmac = token_generate($uname . $email . $request_id);
$(".btn-group button[data-calendar-nav]").each(function() {
var $this = $(this);
$this.click(function() {
calendar.navigate($this.data("calendar-nav"));
});
});
$(".btn-group button[data-calendar-view]").each(function() {
var $this = $(this);
$this.click(function() {
calendar.view($this.data("calendar-view"));
});
});' . "})\r\n </script>";
// For statistics: record login
Database::get()->query("INSERT INTO logins SET user_id = ?d, course_id = ?d, ip = '{$_SERVER['REMOTE_ADDR']}', date_time = " . DBHelper::timeAfter() . "", $uid, $course_id);
$action = new action();
$action->record(MODULE_ID_UNITS);
if (isset($_GET['from_search'])) {
// if we come from home page search
header("Location: {$urlServer}modules/search/search_incourse.php?all=true&search_terms={$_GET['from_search']}");
}
$course_info = Database::get()->querySingle("SELECT keywords, visible, prof_names, public_code, course_license, finish_date,\r\n view_type, start_date, finish_date, description, home_layout, course_image\r\n FROM course WHERE id = ?d", $course_id);
$keywords = q(trim($course_info->keywords));
$visible = $course_info->visible;
$professor = $course_info->prof_names;
$public_code = $course_info->public_code;
$course_license = $course_info->course_license;
$res = Database::get()->queryArray("SELECT cd.id, cd.title, cd.comments, cd.type, cdt.icon FROM course_description cd\r\n LEFT JOIN course_description_type cdt ON (cd.type = cdt.id)\r\n WHERE cd.course_id = ?d AND cd.visible = 1 ORDER BY cd.order", $course_id);
$tool_content .= "<div style='display: none'>";
if (count($res) > 0) {
/**
* @brief insert common docs
* @global type $course_id
* @global type $course_code
* @global string $group_sql
* @param type $file
* @param type $target_dir
*/
function insert_common_docs($file, $target_dir) {
global $course_id, $course_code, $group_sql;
$common_docs_dir_map = array();
if ($file->format == '.dir') {
$target_dir = make_path($target_dir, array($file->filename));
$r = Database::get()->querySingle("SELECT id FROM document WHERE $group_sql AND path = ?s", $target_dir);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r->id);
$common_docs_dir_map[$file->path] = $target_dir;
$q = Database::get()->queryArray("SELECT * FROM document
WHERE course_id = -1 AND
subsystem = " . COMMON . " AND
path LIKE ?s
ORDER BY path", $file->path . '/%');
foreach ($q as $file) {
$new_target_dir = $common_docs_dir_map[dirname($file->path)];
if ($file->format == '.dir') {
$new_dir = make_path($new_target_dir, array($file->filename));
$r2 = Database::get()->querySingle("SELECT id FROM document WHERE $group_sql AND path = ?s", $new_dir);
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r2->id);
$common_docs_dir_map[$file->path] = $new_dir;
} else {
insert_common_docs($file, $new_target_dir);
}
}
} else {
$path = preg_replace('|^.*/|', $target_dir . '/', $file->path);
if ($file->extra_path) {
$extra_path = $file->extra_path;
} else {
$extra_path = "common:$file->path";
}
$q = Database::get()->query("INSERT INTO document SET
course_id = ?d,
subsystem = " . MAIN . ",
path = ?s,
extra_path = ?s,
filename = ?s,
visible = 1,
comment = ?s,
title = ?s,
date = " . DBHelper::timeAfter() . ",
date_modified = " . DBHelper::timeAfter() . ",
format = ?s", $course_id, $path, $extra_path, $file->filename, $file->comment, $file->title, $file->format);
$id = $q->lastInsertID;
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $id);
}
}
function shib_cas_login($type)
{
global $surname, $givenname, $email, $status, $language, $urlServer, $is_admin, $is_power_user, $is_usermanage_user, $is_departmentmanage_user, $langUserAltAuth;
$alt_auth_stud_reg = get_config('alt_auth_stud_reg');
if ($alt_auth_stud_reg == 2) {
$autoregister = TRUE;
} else {
$autoregister = FALSE;
}
if ($type == 'shibboleth') {
$uname = $_SESSION['shib_uname'];
$email = $_SESSION['shib_email'];
$shib_surname = $_SESSION['shib_surname'];
$shibsettings = Database::get()->querySingle("SELECT auth_settings FROM auth WHERE auth_id = 6");
if ($shibsettings) {
if ($shibsettings->auth_settings != 'shibboleth' and $shibsettings->auth_settings != '') {
$shibseparator = $shibsettings->auth_settings;
}
if (strpos($shib_surname, $shibseparator)) {
$temp = explode($shibseparator, $shib_surname);
$givenname = $temp[0];
$surname = $temp[1];
}
}
} elseif ($type == 'cas') {
$uname = $_SESSION['cas_uname'];
$surname = $_SESSION['cas_surname'];
$givenname = $_SESSION['cas_givenname'];
$email = isset($_SESSION['cas_email']) ? $_SESSION['cas_email'] : '';
}
// user is authenticated, now let's see if he is registered also in db
if (get_config('case_insensitive_usernames')) {
$sqlLogin = "******";
} else {
$sqlLogin = "******";
}
$r = Database::get()->querySingle("SELECT id, surname, username, password, givenname, status, email, lang, verified_mail\n\t\t\t\t\t\tFROM user WHERE username {$sqlLogin}", $uname);
if ($r) {
// if user found
foreach ($r as $info) {
if ($info->password != $type) {
// has different auth method - redirect to home page
unset($_SESSION['shib_uname']);
unset($_SESSION['shib_email']);
unset($_SESSION['shib_surname']);
unset($_SESSION['cas_uname']);
unset($_SESSION['cas_email']);
unset($_SESSION['cas_surname']);
unset($_SESSION['cas_givenname']);
Session::Messages($langUserAltAuth, 'alert-danger');
redirect_to_home_page();
} else {
// don't force email address from CAS/Shibboleth.
// user might prefer a different one
if (!empty($info->email)) {
$email = $info->email;
}
if (!empty($info->status)) {
$status = $info->status;
}
// update user information
Database::get()->query("UPDATE user SET surname = ?s, givenname = ?s, email = ?s\n WHERE id = ?d", $surname, $givenname, $email, $info->id);
// check for admin privileges
$admin_rights = get_admin_rights($info->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1;
// admin user is always active
$_SESSION['is_admin'] = 1;
$is_admin = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
$is_power_user = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
$is_usermanage_user = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
$is_departmentmanage_user = 1;
}
$_SESSION['uid'] = $info->id;
if (isset($_SESSION['langswitch'])) {
$language = $_SESSION['langswitch'];
} else {
$language = $info->lang;
}
}
}
} elseif ($autoregister and !get_config('am_required')) {
// else create him automatically
if (get_config('email_verification_required')) {
$verified_mail = 0;
$_SESSION['mail_verification_required'] = 1;
} else {
$verified_mail = 2;
}
$_SESSION['uid'] = Database::get()->query("INSERT INTO user SET surname = ?, givenname = ?, password = ?, \n username = ?s, email = ?s, status = ?d, lang = 'el', \n registered_at = " . DBHelper::timeAfter() . ", expires_at = " . DBHelper::timeAfter(get_config('account_duration')) . ", whitelist = ''", $surname, $givenname, $type, $uname, $email, USER_STUDENT)->lastInsertID;
$language = $_SESSION['langswitch'] = 'el';
} else {
// user not registered, automatic registration disabled
// redirect to registration screen
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
session_destroy();
header("Location: {$urlServer}modules/auth/registration.php");
exit;
}
$_SESSION['uname'] = $uname;
$_SESSION['surname'] = $surname;
$_SESSION['givenname'] = $givenname;
$_SESSION['email'] = $email;
$_SESSION['status'] = $status;
//$_SESSION['is_admin'] = $is_admin;
$_SESSION['shib_user'] = 1;
// now we are shibboleth user
Database::get()->query("INSERT INTO loginout (loginout.id_user, loginout.ip, loginout.when, loginout.action)\n\t\t\t\t\tVALUES ({$_SESSION['uid']}, '{$_SERVER['REMOTE_ADDR']}', " . DBHelper::timeAfter() . ", 'LOGIN')");
if (get_config('email_verification_required') and get_mail_ver_status($_SESSION['uid']) == EMAIL_VERIFICATION_REQUIRED) {
$_SESSION['mail_verification_required'] = 1;
// init.php is already loaded so redirect from here
header("Location:" . $urlServer . "modules/auth/mail_verify_change.php");
}
}
Database::get()->query("UPDATE admin_announcement
SET title = ?s, body = ?s, lang = ?s,
`date` = " . DBHelper::timeAfter() . ", $start_sql, $end_sql
WHERE id = ?d", $title, $newContent, $lang_admin_ann, $dates, $id);
$message = $langAdminAnnModify;
} else {
// add new announcement
// order
$orderMax = Database::get()->querySingle("SELECT MAX(`order`) as max FROM admin_announcement")->max;
$order = $orderMax + 1;
Database::get()->query("INSERT INTO admin_announcement
SET title = ?s,
body = ?s,
visible = 1,
lang = ?s,
`date` = " . DBHelper::timeAfter() . ",
`order` = ?d,
$start_sql,
$end_sql", $title, $newContent, $lang_admin_ann, $order, $dates);
$message = $langAdminAnnAdd;
}
}
// action message
if (isset($message) && !empty($message)) {
$tool_content .= "<div class='alert alert-success'>$message</div><br/>";
$displayAnnouncementList = true;
$displayForm = false; //do not show form
}
// display form
} elseif (!empty($close)) {
switch ($close) {
case '1':
Database::get()->query("UPDATE user_request\n SET state = 2,\n date_closed = " . DBHelper::timeAfter() . "\n WHERE id = ?d", $id);
if ($list_status == 1) {
$tool_content .= "<div class='alert alert-info'>{$langProfessorRequestClosed}</div>";
} else {
$tool_content .= "<div class='alert alert-info'{$langRequestStudent}</div>";
}
break;
case '2':
$submit = isset($_POST['submit']) ? $_POST['submit'] : '';
if (!empty($submit)) {
// post the comment and do the delete action
if (!empty($_POST['comment'])) {
$sql = "UPDATE user_request\n SET state = 3,\n date_closed = " . DBHelper::timeAfter() . ",\n comment = ?s\n WHERE id = ?d";
if (Database::get()->query($sql, $_POST['comment'], $id)->affectedRows > 0) {
if (isset($_POST['sendmail']) and $_POST['sendmail'] == 1) {
$telephone = get_config('phone');
$administratorName = get_config('admin_name');
$emailhelpdesk = get_config('email_helpdesk');
$emailsubject = $langemailsubjectBlocked;
$emailbody = "{$langemailbodyBlocked}\n{$langComments}:> {$_POST['comment']}\n{$langManager} {$siteName}\n{$administratorName}\n{$langPhone}: {$telephone}\n{$langEmail}: {$emailhelpdesk}";
send_mail('', '', "{$_POST['prof_givenname']} {$_POST['prof_surname']}", $_POST['prof_email'], $emailsubject, $emailbody, $charset);
}
$tool_content .= "<div class='alert alert-success'>" . ($list_status == 1) ? $langTeacherRequestHasRejected : $langRequestReject;
$tool_content .= " {$langRequestMessageHasSent} <b>{$_POST['prof_email']}</b></div>";
$tool_content .= "<br><p><b>{$langComments}:</b><br />{$_POST['comment']}</p>\n";
}
}
} else {
public function setDocumentTimestamp($course_id, $timestamp = null)
{
if ($this->user_id and $this->status != USER_GUEST) {
if ($timestamp) {
Database::get()->query('UPDATE course_user
SET document_timestamp = ?t
WHERE user_id = ?d AND course_id = ?d', $timestamp, $this->user_id, $course_id);
} else {
Database::get()->query('UPDATE course_user
SET document_timestamp = ' . DBHelper::timeAfter() . '
WHERE user_id = ?d AND course_id = ?d', $this->user_id, $course_id);
}
$_SESSION['document_timestamp'][$course_id] = $timestamp ? $timestamp : date('Y-m-d H:i:s', time());
}
}
date_closed = " . DBHelper::timeAfter() . "
WHERE id = ?d", $id);
if ($list_status == 1) {
$tool_content .= "<div class='alert alert-info'>$langProfessorRequestClosed</div>";
} else {
$tool_content .= "<div class='alert alert-info'$langRequestStudent</div>";
}
break;
case '2':
$submit = isset($_POST['submit']) ? $_POST['submit'] : '';
if (!empty($submit)) {
// post the comment and do the delete action
if (!empty($_POST['comment'])) {
$sql = "UPDATE user_request
SET state = 3,
date_closed = " . DBHelper::timeAfter() . ",
comment = ?s
WHERE id = ?d";
if (Database::get()->query($sql, $_POST['comment'], $id)->affectedRows > 0) {
if (isset($_POST['sendmail']) and ( $_POST['sendmail'] == 1)) {
$telephone = get_config('phone');
$administratorName = get_config('admin_name');
$emailhelpdesk = get_config('email_helpdesk');
$emailsubject = $langemailsubjectBlocked;
$emailbody = "$langemailbodyBlocked
$langComments:> $_POST[comment]
$langManager $siteName
$administratorName
$langPhone: $telephone
$langEmail: $emailhelpdesk";
send_mail('', '', "$_POST[prof_givenname] $_POST[prof_surname]", $_POST['prof_email'], $emailsubject, $emailbody, $charset);
UPDATE `hierarchy` SET lft = (lft - maxrgt) + nodelft WHERE lft > maxrgt;
END IF;
END");
// encrypt the admin password into DB
$hasher = new PasswordHash(8, false);
$password_encrypted = $hasher->HashPassword($passForm);
$admin_uid = $db->query("INSERT INTO `user`
(`givenname`, `surname`, `username`, `password`, `email`, `status`, `lang`,
`registered_at`,`expires_at`, `verified_mail`, `whitelist`, `description`)
VALUES (?s, ?s, ?s, ?s, ?s, ?d, ?s, " . DBHelper::timeAfter() . ", " .
DBHelper::timeAfter(5 * 365 * 24 * 60 * 60) . ", ?d, ?s, ?s)",
$nameForm, '', $loginForm, $password_encrypted, $emailForm, 1, $lang, 1,
'*,,', 'Administrator')->lastInsertID;
$db->query("INSERT INTO loginout (`id_user`, `ip`, `when`, `action`)
VALUES (?d, ?s, " . DBHelper::timeAfter() . ", ?s)",
$admin_uid, $_SERVER['REMOTE_ADDR'], 'LOGIN');
$db->query("INSERT INTO admin (user_id, privilege) VALUES (?d, ?d)", $admin_uid, 0);
$db->query("CREATE TABLE `user_request` (
id INT(11) NOT NULL AUTO_INCREMENT,
givenname VARCHAR(60) NOT NULL DEFAULT '',
surname VARCHAR(60) NOT NULL DEFAULT '',
username VARCHAR(50) NOT NULL DEFAULT '',
password VARCHAR(255) NOT NULL DEFAULT '',
email VARCHAR(100) NOT NULL DEFAULT '',
verified_mail TINYINT(1) NOT NULL DEFAULT " . EMAIL_UNVERIFIED . ",
faculty_id INT(11) NOT NULL DEFAULT 0,
phone VARCHAR(20) NOT NULL DEFAULT '',
am VARCHAR(20) NOT NULL DEFAULT '',
$log_type = LOG_MODIFY;
$message = "<div class='alert alert-success'>$langAnnModify</div>";
if (isset($_POST['tags'])) {
$tagsArray = explode(',', $_POST['tags']);
$moduleTag = new ModuleElement($id);
$moduleTag->syncTags($tagsArray);
}
} else { // add new announcement
$orderMax = Database::get()->querySingle("SELECT MAX(`order`) AS maxorder FROM announcement
WHERE course_id = ?d", $course_id)->maxorder;
$order = $orderMax + 1;
// insert
$id = Database::get()->query("INSERT INTO announcement
SET content = ?s,
title = ?s, `date` = " . DBHelper::timeAfter() . ",
course_id = ?d, `order` = ?d,
visible = 1,
start_display = ?t,
stop_display = ?t", $newContent, $antitle, $course_id, $order, $start_display, $stop_display)->lastInsertID;
$log_type = LOG_INSERT;
if (isset($_POST['tags'])) {
$tagsArray = explode(',', $_POST['tags']);
$moduleTag = new ModuleElement($id);
$moduleTag->attachTags($tagsArray);
}
}
Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_ANNOUNCEMENT, $id);
$txt_content = ellipsize_html(canonicalize_whitespace(strip_tags($_POST['newContent'])), 50, '+');
Log::record($course_id, MODULE_ID_ANNOUNCE, $log_type, array('id' => $id,
$db->query("CREATE PROCEDURE `shift_left` (IN node INT(11), IN shift INT(11), IN maxrgt INT(11))\n LANGUAGE SQL\n BEGIN\n IF maxrgt > 0 THEN\n UPDATE `hierarchy` SET rgt = rgt - shift WHERE rgt > node AND rgt <= maxrgt;\n ELSE\n UPDATE `hierarchy` SET rgt = rgt - shift WHERE rgt > node;\n END IF;\n\n IF maxrgt > 0 THEN\n UPDATE `hierarchy` SET lft = lft - shift WHERE lft > node AND lft <= maxrgt;\n ELSE\n UPDATE `hierarchy` SET lft = lft - shift WHERE lft > node;\n END IF;\n END");
$db->query("DROP PROCEDURE IF EXISTS `shift_end`");
$db->query("CREATE PROCEDURE `shift_end` (IN p_lft INT(11), IN p_rgt INT(11), IN maxrgt INT(11))\n LANGUAGE SQL\n BEGIN\n UPDATE `hierarchy`\n SET lft = (lft - (p_lft - 1)) + maxrgt,\n rgt = (rgt - (p_lft - 1)) + maxrgt WHERE lft BETWEEN p_lft AND p_rgt;\n END");
$db->query("DROP PROCEDURE IF EXISTS `get_maxrgt`");
$db->query("CREATE PROCEDURE `get_maxrgt` (OUT maxrgt INT(11))\n LANGUAGE SQL\n BEGIN\n SELECT rgt INTO maxrgt FROM `hierarchy` ORDER BY rgt DESC LIMIT 1;\n END");
$db->query("DROP PROCEDURE IF EXISTS `get_parent`");
$db->query("CREATE PROCEDURE `get_parent` (IN p_lft INT(11), IN p_rgt INT(11))\n LANGUAGE SQL\n BEGIN\n SELECT * FROM `hierarchy` WHERE lft < p_lft AND rgt > p_rgt ORDER BY lft DESC LIMIT 1;\n END");
$db->query("DROP PROCEDURE IF EXISTS `delete_nodes`");
$db->query("CREATE PROCEDURE `delete_nodes` (IN p_lft INT(11), IN p_rgt INT(11))\n LANGUAGE SQL\n BEGIN\n DECLARE node_width INT(11);\n SET node_width = p_rgt - p_lft + 1;\n\n DELETE FROM `hierarchy` WHERE lft BETWEEN p_lft AND p_rgt;\n UPDATE `hierarchy` SET rgt = rgt - node_width WHERE rgt > p_rgt;\n UPDATE `hierarchy` SET lft = lft - node_width WHERE lft > p_lft;\n END");
$db->query("DROP PROCEDURE IF EXISTS `move_nodes`");
$db->query("CREATE PROCEDURE `move_nodes` (INOUT nodelft INT(11), IN p_lft INT(11), IN p_rgt INT(11))\n LANGUAGE SQL\n BEGIN\n DECLARE node_width, maxrgt INT(11);\n\n SET node_width = p_rgt - p_lft + 1;\n CALL get_maxrgt(maxrgt);\n\n CALL shift_end(p_lft, p_rgt, maxrgt);\n\n IF nodelft = 0 THEN\n CALL shift_left(p_rgt, node_width, 0);\n ELSE\n CALL shift_left(p_rgt, node_width, maxrgt);\n\n IF p_lft < nodelft THEN\n SET nodelft = nodelft - node_width;\n END IF;\n\n CALL shift_right(nodelft, node_width, maxrgt);\n\n UPDATE `hierarchy` SET rgt = (rgt - maxrgt) + nodelft WHERE rgt > maxrgt;\n UPDATE `hierarchy` SET lft = (lft - maxrgt) + nodelft WHERE lft > maxrgt;\n END IF;\n END");
// encrypt the admin password into DB
$hasher = new PasswordHash(8, false);
$password_encrypted = $hasher->HashPassword($passForm);
$admin_uid = $db->query("INSERT INTO `user`\n (`givenname`, `surname`, `username`, `password`, `email`, `status`,\n `registered_at`,`expires_at`, `verified_mail`, `whitelist`, `description`)\n VALUES (?s, ?s, ?s, ?s, ?s, ?d, " . DBHelper::timeAfter() . ", " . DBHelper::timeAfter(5 * 365 * 24 * 60 * 60) . ", ?d, ?s, ?s)", $nameForm, '', $loginForm, $password_encrypted, $emailForm, 1, 1, '*,,', 'Administrator')->affectedRows;
$db->query("INSERT INTO loginout (`id_user`, `ip`, `when`, `action`)\n VALUES (?d, ?s, " . DBHelper::timeAfter() . ", ?s)", $admin_uid, $_SERVER['REMOTE_ADDR'], 'LOGIN');
$db->query("INSERT INTO admin (user_id, privilege) VALUES (?d, ?d)", $admin_uid, 0);
#
# Table structure for table `user_request`
#
$db->query("CREATE TABLE user_request (\n id INT(11) NOT NULL AUTO_INCREMENT,\n givenname VARCHAR(60) NOT NULL DEFAULT '',\n surname VARCHAR(60) NOT NULL DEFAULT '',\n username VARCHAR(50) NOT NULL DEFAULT '',\n password VARCHAR(255) NOT NULL DEFAULT '',\n email VARCHAR(100) NOT NULL DEFAULT '',\n verified_mail TINYINT(1) NOT NULL DEFAULT " . EMAIL_UNVERIFIED . ",\n faculty_id INT(11) NOT NULL DEFAULT 0,\n phone VARCHAR(20) NOT NULL DEFAULT '',\n am VARCHAR(20) NOT NULL DEFAULT '',\n state INT(11) NOT NULL DEFAULT 0,\n date_open DATETIME DEFAULT NULL,\n date_closed DATETIME DEFAULT NULL,\n comment TEXT NOT NULL,\n lang VARCHAR(16) NOT NULL DEFAULT 'el',\n status TINYINT(4) NOT NULL DEFAULT 1,\n request_ip VARCHAR(45) NOT NULL DEFAULT '',\n PRIMARY KEY (id)) {$charset_spec}");
$db->query("CREATE TABLE `auth` (\n `auth_id` int(2) NOT NULL auto_increment,\n `auth_name` varchar(20) NOT NULL default '',\n `auth_settings` text ,\n `auth_instructions` text ,\n `auth_default` tinyint(1) NOT NULL default 0,\n PRIMARY KEY (`auth_id`))\n {$charset_spec}");
$db->query("INSERT INTO `auth` VALUES\n (1, 'eclass', '', '', 1),\n (2, 'pop3', '', '', 0),\n (3, 'imap', '', '', 0),\n (4, 'ldap', '', '', 0),\n (5, 'db', '', '', 0),\n (6, 'shibboleth', '', '', 0),\n (7, 'cas', '', '', 0)");
$eclass_stud_reg = intval($eclass_stud_reg);
$eclass_prof_reg = intval($eclass_prof_reg);
$student_upload_whitelist = 'pdf, ps, eps, tex, latex, dvi, texinfo, texi, zip, rar, tar, bz2, gz, 7z, xz, lha, lzh, z, Z, doc, docx, odt, ott, sxw, stw, fodt, txt, rtf, dot, mcw, wps, xls, xlsx, xlt, ods, ots, sxc, stc, fods, uos, csv, ppt, pps, pot, pptx, ppsx, odp, otp, sxi, sti, fodp, uop, potm, odg, otg, sxd, std, fodg, odb, mdb, ttf, otf, jpg, jpeg, png, gif, bmp, tif, tiff, psd, dia, svg, ppm, xbm, xpm, ico, avi, asf, asx, wm, wmv, wma, dv, mov, moov, movie, mp4, mpg, mpeg, 3gp, 3g2, m2v, aac, m4a, flv, f4v, m4v, mp3, swf, webm, ogv, ogg, mid, midi, aif, rm, rpm, ram, wav, mp2, m3u, qt, vsd, vss, vst';
$teacher_upload_whitelist = 'htm, html, js, css, xml, xsl, cpp, c, java, m, h, tcl, py, sgml, sgm, ini, ds_store';
$db->query("CREATE TABLE `config` (\n `key` VARCHAR(32) NOT NULL,\n `value` TEXT NOT NULL,\n PRIMARY KEY (`key`))");
$default_config = array('autojudge_connector', 'CodepadConnector', 'base_url', $urlForm, 'default_language', $lang, 'dont_display_login_form', 0, 'email_required', 0, 'email_from', 1, 'email_verification_required', 0, 'dont_mail_unverified_mails', 0, 'am_required', 0, 'dropbox_allow_student_to_student', 0, 'block_username_change', 0, 'enable_mobileapi', 1, 'code_key', generate_secret_key(32), 'display_captcha', 0, 'insert_xml_metadata', 0, 'doc_quota', 500, 'video_quota', 500, 'group_quota', 500, 'dropbox_quota', 500, 'user_registration', 1, 'alt_auth_stud_reg', 2, 'alt_auth_prof_reg', 2, 'eclass_stud_reg', $eclass_stud_reg, 'eclass_prof_reg', $eclass_prof_reg, 'course_multidep', 0, 'user_multidep', 0, 'restrict_owndep', 0, 'restrict_teacher_owndep', 0, 'max_glossary_terms', '250', 'phpSysInfoURL', $phpSysInfoURL, 'email_sender', $emailForm, 'admin_name', $nameForm, 'email_helpdesk', $helpdeskmail, 'site_name', $campusForm, 'phone', $helpdeskForm, 'fax', $faxForm, 'postaddress', $postaddressForm, 'institution', $institutionForm, 'institution_url', $institutionUrlForm, 'account_duration', '126144000', 'language', $lang, 'active_ui_languages', $active_ui_languages, 'student_upload_whitelist', $student_upload_whitelist, 'teacher_upload_whitelist', $teacher_upload_whitelist, 'theme', 'default', 'theme_options_id', 0, 'login_fail_check', 1, 'login_fail_threshold', 15, 'login_fail_deny_interval', 5, 'login_fail_forgive_interval', 24, 'actions_expire_interval', 12, 'log_expire_interval', 5, 'log_purge_interval', 12, 'course_metadata', 0, 'opencourses_enable', 0, 'enable_indexing', 1, 'enable_search', 1, 'version', ECLASS_VERSION);
$db->query("INSERT INTO `config` (`key`, `value`) VALUES " . implode(', ', array_fill(0, count($default_config) / 2, '(?s, ?s)')), $default_config);
// table for cron parameters
* ======================================================================== */
$require_admin = TRUE;
require_once '../../include/baseTheme.php';
$toolName = $langAddTime;
$navigation[] = array("url" => "index.php", "name" => $langAdmin);
$navigation[] = array('url' => 'search_user.php', 'name' => $langSearchUser);
// Main body
$activate = isset($_GET['activate']) ? $_GET['activate'] : ''; //variable of declaring the activation update
// update process for all the inactive records/users
if ((!empty($activate)) && ($activate == 1)) {
$tool_content .= action_bar(array(
array('title' => $langBack,
'url' => "index.php",
'icon' => 'fa-reply',
'level' => 'primary-label')));
// update
$countinactive = Database::get()->query("UPDATE user SET expires_at = ".DBHelper::timeAfter(15552000) . " WHERE expires_at<= CURRENT_DATE()")->affectedRows;
if ($countinactive > 0) {
$tool_content .= " " . $langRealised . " " . $countinactive . " " . $langChanges . " <br><br>";
} else {
$tool_content .= $langNoChanges;
}
}
draw($tool_content, 3);
