function show_edit_form($id, $sid, $assign) { global $m, $langGradeOk, $tool_content, $course_code; $sub = Database::get()->querySingle("SELECT * FROM assignment_submit WHERE id = ?d", $sid); if (count($sub) > 0) { $uid_2_name = display_user($sub->uid); if (!empty($sub->group_id)) { $group_submission = "({$m['groupsubmit']} " . "<a href='../group/group_space.php?course={$course_code}&group_id={$sub->group_id}'>" . "{$m['ofgroup']} " . gid_to_name($sub->group_id) . "</a>)"; } else { $group_submission = ''; } $tool_content .= "\n <form method='post' action='index.php?course={$course_code}'>\n <input type='hidden' name='assignment' value='{$id}'>\n <input type='hidden' name='submission' value='{$sid}'>\n <fieldset>\n <legend>{$m['addgradecomments']}</legend>\n <table width='99%' class='tbl'>\n <tr>\n <th class='left' width='180'>{$m['username']}:</th>\n <td>{$uid_2_name} " . q($group_submission) . "</td>\n </tr>\n <tr>\n <th class='left'>{$m['sub_date']}:</th>\n <td>" . q($sub->submission_date) . "</td></tr>\n <tr>\n <th class='left'>{$m['filename']}:</th>\n <td><a href='index.php?course={$course_code}&get={$sub->id}'>" . q($sub->file_name) . "</a></td>\n </tr>\n <tr>\n <th class='left'>{$m['grade']}:</th>\n <td><input type='text' name='grade' maxlength='3' size='3' value='" . q($sub->grade) . "'></td></tr>\n <tr>\n <th class='left'>{$m['gradecomments']}:</th>\n <td><textarea cols='60' rows='3' name='comments'>" . q($sub->grade_comments) . "</textarea></td>\n </tr>\n <tr>\n <th><label for='email_button'>{$m['email_users']}:</label></th>\n <td><input type='checkbox' value='1' id='email_button' name='email'></td>\n </tr>\n <tr>\n <th class='left'> </th>\n <td><input class='btn btn-primary' type='submit' name='grade_comments' value='{$langGradeOk}'></td>\n </tr>\n </table>\n </fieldset>\n </form><br>"; } else { Session::Messages($m['WorkNoSubmission'], 'alert-danger'); redirect_to_home_page('modules/work/index.php?course=' . $course_code . '&id=' . $id); } }
$activeUsers = Database::get()->queryArray("SELECT uid as userID FROM attendance_users WHERE attendance_id = ?d", $attendance_id); if ($activeUsers) { foreach ($activeUsers as $result) { $userInp = intval(@$_POST[$result->userID]); //get the record from the teacher (input name is the user id) // //check if there is record for the user for this activity $checkForBook = Database::get()->querySingle("SELECT COUNT(id) as count, id FROM attendance_book WHERE attendance_activity_id = ?d AND uid = ?d", $actID, $result->userID); if ($checkForBook->count) { //update Database::get()->query("UPDATE attendance_book SET attend = ?d WHERE id = ?d ", $userInp, $checkForBook->id); } else { //insert Database::get()->query("INSERT INTO attendance_book SET uid = ?d, attendance_activity_id = ?d, attend = ?d, comments = ?s", $result->userID, $actID, $userInp, ''); } } Session::Messages($langAttendanceEdit, "alert-success"); redirect_to_home_page("modules/attendance/index.php"); } } //display the form and the list $result = Database::get()->querySingle("SELECT * FROM attendance_activities WHERE id = ?d", $actID); $tool_content .= "<div class='alert alert-info'>" . $result->title . "</div>"; //show all the students $resultUsers = Database::get()->queryArray("SELECT attendance_users.id as recID, attendance_users.uid as userID, user.surname as surname, user.givenname as name, user.am as am, course_user.reg_date as reg_date FROM attendance_users, user, course_user WHERE attendance_id = ?d AND attendance_users.uid = user.id AND `user`.id = `course_user`.`user_id` AND `course_user`.`course_id` = ?d ", $attendance_id, $course_id); if ($resultUsers) { //table to display the users $tool_content .= "\n <form method='post' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}&ins=" . $actID . "'>\n <table id='users_table{$course_id}' class='table-default custom_list_order'>\n <thead>\n <tr>\n <th width='1'>{$langID}</th>\n <th><div align='left' width='100'>{$langName} {$langSurname}</div></th>\n <th class='center' width='80'>{$langRegistrationDateShort}</th>\n <th class='center'>{$langAttendanceAbsences}</th>\n <th class='center'>{$langActions}</th>\n </tr>\n </thead>\n <tbody>"; $cnt = 0; foreach ($resultUsers as $resultUser) { $cnt++; $tool_content .= "\n <tr>\n <td>{$cnt}</td>\n <td> " . display_user($resultUser->userID) . " ({$langAm}: {$resultUser->am})</td>\n <td>" . nice_format($resultUser->reg_date) . "</td>\n <td>" . userAttendTotal($attendance_id, $resultUser->userID) . "/" . $attendance_limit . "</td>\n <td class='center'>\n <input class='form-control' type='checkbox' value='1' name='" . $resultUser->userID . "'";
} } Indexer::queueAsync(Indexer::REQUEST_REMOVEBYTOPIC, Indexer::RESOURCE_FORUMPOST, $topic_id); $number_of_topics = get_total_topics($forum_id); $num_topics = $number_of_topics - 1; if ($number_of_topics < 0) { $num_topics = 0; } Database::get()->query("DELETE FROM forum_topic WHERE id = ?d AND forum_id = ?d", $topic_id, $forum_id); Indexer::queueAsync(Indexer::REQUEST_REMOVE, Indexer::RESOURCE_FORUMTOPIC, $topic_id); Database::get()->query("UPDATE forum SET num_topics = ?d, num_posts = num_posts-$number_of_posts WHERE id = ?d AND course_id = ?d", $num_topics, $forum_id, $course_id); Database::get()->query("DELETE FROM forum_notify WHERE topic_id = ?d AND course_id = ?d", $topic_id, $course_id); Session::Messages($langDeletedMessage, 'alert-success'); redirect_to_home_page("modules/forum/viewforum.php?course=$course_code&forum=$forum_id"); } // modify topic notification if (isset($_GET['topicnotify'])) { if (isset($_GET['topic_id'])) { $topic_id = intval($_GET['topic_id']); } $rows = Database::get()->querySingle("SELECT COUNT(*) AS count FROM forum_notify WHERE user_id = ?d AND topic_id = ?d AND course_id = ?d", $uid, $topic_id, $course_id); if ($rows->count > 0) { Database::get()->query("UPDATE forum_notify SET notify_sent = ?d WHERE user_id = ?d AND topic_id = ?d AND course_id = ?d", $_GET['topicnotify'], $uid, $topic_id, $course_id); } else { Database::get()->query("INSERT INTO forum_notify SET user_id = ?d,
} elseif (isset($_GET['modifyCat']) || isset($_GET['newCat'])) { $pageName = isset($_GET['newCat']) ? $langNewCat : $langEditCat; $navigation = array(array("url" => "index.php?course={$course_code}", "name" => $langExercices), array("url" => "question_categories.php?course={$course_code}", "name" => $langQuestionCats)); $form_action_url = "{$_SERVER['SCRIPT_NAME']}?course={$course_code}"; $form_action_url .= isset($_GET['modifyCat']) ? "&modifyCat=" . intval($_GET['modifyCat']) : "&newCat=yes"; if (isset($_GET['modifyCat'])) { $q_cat = Database::get()->querySingle("SELECT * FROM exercise_question_cats WHERE question_cat_id = ?d", $_GET['modifyCat']); } $questionCatName = Session::has('questionCatName') ? Session::get('questionCatName') : (isset($q_cat) ? $q_cat->question_cat_name : ''); $tool_content .= action_bar(array(array('title' => $langBack, 'level' => 'primary-label', 'icon' => 'fa-reply', 'url' => "question_categories.php?course={$course_code}"))); $tool_content .= "\n <div class='form-wrapper'>\n <form class='form-horizontal' role='form' action='{$form_action_url}' method='post'>\n <div class='form-group " . (Session::getError('questionCatName') ? "has-error" : "") . "'>\n <label for='questionCatName' class='col-sm-2 control-label'>{$langTitle}:</label>\n <div class='col-sm-10'>\n <input name='questionCatName' type='text' class='form-control' id='questionCatName' placeholder='{$langTitle}' value='{$questionCatName}'>\n <span class='help-block'>" . Session::getError('questionCatName') . "</span>\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-10 col-sm-offset-2'>\n <input class='btn btn-primary' name='submitCat' type='submit' value='{$langSubmit}'>\n <a href='question_categories.php?course={$course_code}' class='btn btn-default'>{$langCancel}</a>\n </div>\n </div> \n </form>\n </div>"; } elseif (isset($_GET['deleteCat'])) { $q_cat_id = $_GET['deleteCat']; if (Database::get()->query("DELETE FROM exercise_question_cats WHERE question_cat_id = ?d AND course_id = ?d", $q_cat_id, $course_id)->affectedRows > 0) { Database::get()->query("UPDATE exercise_question SET category = ?d WHERE category = ?d AND course_id = ?d", 0, $q_cat_id, $course_id); Session::Messages($langDelCatSuccess, 'alert-success'); } redirect_to_home_page("modules/exercise/question_categories.php?course={$course_code}"); } else { $pageName = $langQuestionCats; $navigation[] = array("url" => "index.php?course={$course_code}", "name" => $langExercices); $tool_content .= action_bar(array(array('title' => $langNewCat, 'level' => 'primary-label', 'icon' => 'fa-plus-circle', 'url' => "question_categories.php?course={$course_code}&newCat=yes", 'button-class' => 'btn-success'), array('title' => $langBack, 'level' => 'primary', 'icon' => 'fa-reply', 'url' => "index.php?course={$course_code}"))); $q_cats = Database::get()->queryArray("SELECT * FROM exercise_question_cats WHERE course_id = ?d", $course_id); if (count($q_cats) > 0) { $tool_content .= "\n <div class='table-responsive'>\n <table class='table-default'>\n <tbody>\n <tr>\n <th>{$langTitle}</th>\n <th class='text-center'>" . icon('fa-gears') . "</th>\n </tr> \n "; foreach ($q_cats as $q_cat) { $action_button = action_button(array(array('title' => $langEdit, 'url' => "question_categories.php?course={$course_code}&modifyCat={$q_cat->question_cat_id}", 'icon' => 'fa-edit'), array('title' => $langDelete, 'url' => "question_categories.php?course={$course_code}&deleteCat={$q_cat->question_cat_id}", 'icon' => 'fa-times', 'confirm' => $langQuestionCatDelConfirrm, 'class' => 'delete'))); $tool_content .= "\n <tr>\n <td>{$q_cat->question_cat_name}</td>\n <td class='option-btn-cell'>{$action_button}</td>\n </tr>"; } $tool_content .= " \n </tbody>\n </table>\n </div>"; } else {
// Disable modules admin page $require_admin = true; require_once '../../include/baseTheme.php'; $navigation[] = array('url' => 'index.php', 'name' => $langAdmin); $pageName = $langDisableModules; if (isset($_POST['submit'])) { Database::get()->query('DELETE FROM module_disable'); if (isset($_POST['moduleDisable'])) { $optArray = implode(', ', array_fill(0, count($_POST['moduleDisable']), '(?d)')); Database::get()->query('INSERT INTO module_disable (module_id) VALUES ' . $optArray, array_keys($_POST['moduleDisable'])); } Session::Messages($langWikiEditionSucceed, 'alert-success'); redirect_to_home_page('modules/admin/modules.php'); } else { $disabled = array(); foreach (Database::get()->queryArray('SELECT module_id FROM module_disable') as $item) { $disabled[] = $item->module_id; } $tool_content .= action_bar(array( array('title' => $langBack, 'url' => $urlAppend . 'modules/admin/index.php', 'icon' => 'fa-reply', 'level' => 'primary-label')), false) . "<div class='alert alert-warning'>$langDisableModulesHelp</div> <div class='form-wrapper'> <form class='form-horizontal' role='form' action='modules.php' method='post'>";
} // indexing was previously on, but now set to off, need to empty it if (get_config('enable_indexing') && !$enable_indexing) { require_once 'modules/search/indexer.class.php'; Indexer::deleteAll(); } // update table `config` foreach ($config_vars as $varname => $what) { set_config($varname, $GLOBALS[$varname]); } // Display result message Session::flash('scheduleIndexing', $scheduleIndexing); Session::Messages($langFileUpdatedSuccess, 'alert-success'); redirect_to_home_page('modules/admin/eclassconf.php'); } // end of if($submit) else { // Display config.php edit form $head_content .= " <script> $(function() { $('body').scrollspy({ target: '#affixedSideNav' }); }); </script> "; // Display link to index.php $tool_content .= action_bar(array( array('title' => $langBack,
$recursion = array('unit' => $_POST['frequencyperiod'], 'repeat' => $_POST['frequencynumber'], 'end' => $_POST['enddate']); } $ev = add_event($event_title, $content, $startdate, $duration, $recursion); foreach($ev['event'] as $id) { $agdx->store($id); } } Session::Messages($langStoredOK, 'alert-success'); redirect_to_home_page("modules/agenda/index.php?course=$course_code"); } elseif (isset($_GET['delete']) && $_GET['delete'] == 'yes') { $resp = (isset($_GET['rep']) && $_GET['rep'] == 'yes')? delete_recursive_event($id):delete_event($id); $agdx->remove($id); $msgresp = ($resp['success'])? $langDeleteOK : $langDeleteError.": ".$resp['message']; $alerttype = ($resp['success'])? 'alert-success' : 'alert-error'; Session::Messages($msgresp, $alerttype); redirect_to_home_page("modules/agenda/index.php?course=$course_code"); } $is_recursive_event = false; if (isset($_GET['addEvent']) or isset($_GET['edit'])) { $pageName = $langAddEvent; $tool_content .= action_bar(array( array('title' => $langBack, 'url' => "$_SERVER[SCRIPT_NAME]?course=$course_code", 'icon' => 'fa-reply', 'level' => 'primary-label', 'show' => $is_editor))); $navigation[] = array("url" => $_SERVER['SCRIPT_NAME'] . "?course=$course_code", "name" => $langAgenda); $applytogroup = ''; if (isset($id) && $id) {
} if (isset($_GET['mod_pw'])) { header('Location: ' . bbb_join_moderator($_GET['meeting_id'], $_GET['mod_pw'], $_GET['att_pw'], $_SESSION['surname'], $_SESSION['givenname'])); } else { # Get session capacity $c = Database::get()->querySingle("SELECT sessionUsers FROM bbb_session where meeting_id=?s", $_GET['meeting_id']); $sess = Database::get()->querySingle("SELECT * FROM bbb_session WHERE meeting_id=?s", $_GET['meeting_id']); $serv = Database::get()->querySingle("SELECT * FROM bbb_servers WHERE id=?d", $sess->running_at); if ($c->sessionUsers > 0 && $c->sessionUsers < get_meeting_users($serv->server_key, $serv->api_url, $_GET['meeting_id'], $sess->mod_pw)) { $tool_content .= "<p class='noteit'><b>{$langNote}</b>:<br />{$langBBBMaxUsersJoinError}</p>"; break; } else { header('Location: ' . bbb_join_user($_GET['meeting_id'], $_GET['att_pw'], $_SESSION['surname'], $_SESSION['givenname'])); } } break; case 'import_video': publish_video_recordings($course_code, $_GET['id']); break; } } elseif (isset($_POST['new_bbb_session'])) { $startDate_obj = DateTime::createFromFormat('d-m-Y H:i', $_POST['start_session']); $start = $startDate_obj->format('Y-m-d H:i:s'); add_bbb_session($course_id, $_POST['title'], $_POST['desc'], $start, $_POST['type'], $_POST['status'], isset($_POST['notifyUsers']) ? '1' : '0', $_POST['minutes_before'], $_POST['external_users'], $_POST['record'], $_POST['sessionUsers']); Session::Messages($langBBBAddSuccessful, 'alert-success'); redirect_to_home_page("modules/bbb/index.php?course={$course_code}"); } else { bbb_session_details(); } add_units_navigation(TRUE); draw($tool_content, 2, null, $head_content);
$actDate = !empty($_POST['date']) ? $_POST['date'] : null; $visible = isset($_POST['visible']) ? 1 : 0; if ($_POST['id']) { //update $id = $_POST['id']; Database::get()->query("UPDATE attendance_activities SET `title` = ?s, date = ?t, description = ?s, `auto` = ?d WHERE id = ?d", $actTitle, $actDate, $actDesc, $auto, $id); Session::Messages("$langGradebookEdit", "alert-success"); redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id"); } else { //insert $insertAct = Database::get()->query("INSERT INTO attendance_activities SET attendance_id = ?d, title = ?s, `date` = ?t, description = ?s", $attendance_id, $actTitle, $actDate, $actDesc); Session::Messages("$langGradebookSucInsert","alert-success"); redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id"); } } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); $new_or_edit = $_POST['id'] ? "&modify=".getIndirectReference($_POST['id']) : "&addActivity=1"; redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=".$attendance_id.$new_or_edit); } } elseif (isset($_GET['delete'])) { delete_attendance_activity($attendance_id, getDirectReference($_GET['delete'])); redirect_to_home_page("modules/attendance/index.php?course=$course_code&attendance_id=$attendance_id"); // delete attendance } elseif (isset($_GET['delete_at'])) {
</div>"; if ($comments_enabled) { if ($post->getCommenting() == 1) { commenting_add_js(); //add js files needed for comments $comm = new Commenting('blogpost', $post->getId()); if ($blog_type == 'course_blog') { $tool_content .= $comm->put($course_code, $is_editor, $uid, true); } elseif ($blog_type == 'perso_blog') { $tool_content .= $comm->put(NULL, $is_blog_editor, $uid, true); } } } } else { Session::Messages($langBlogPostNotFound); redirect_to_home_page("modules/blog/index.php?$url_params"); } } //show all blog posts if ($action == "showBlog") { if ($blog_type == 'course_blog') { $allow_to_create = $blog->permCreate($is_editor, $stud_allow_create, $uid); } elseif ($blog_type == 'perso_blog') { $allow_to_create = $is_blog_editor; } $tool_content .= action_bar(array( array('title' => $langBlogAddPost, 'url' => "$_SERVER[SCRIPT_NAME]?$url_params&action=createPost",
<div class='col-sm-offset-3 col-sm-9'> <input class='btn btn-primary' type='submit' name='changePass' value='$langModify'> <a class='btn btn-default' href='{$urlServer}modules/admin/edituser.php?u=" . urlencode($_REQUEST['userid']) . "'>$langCancel</a> </div> </fieldset> ". generate_csrf_token_form_field() ." </form> </div>"; } else { $userid = intval($_POST['userid']); if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error(); if (empty($_POST['password_form']) || empty($_POST['password_form1'])) { Session::Messages($langFieldsMissing); redirect_to_home_page("modules/admin/password.php?userid=" . urlencode($userid)); } if ($_POST['password_form1'] !== $_POST['password_form']) { Session::Messages($langPassTwo); redirect_to_home_page("modules/admin/password.php?userid=" . urlencode($userid)); } // All checks ok. Change password! $hasher = new PasswordHash(8, false); $new_pass = $hasher->HashPassword($_POST['password_form']); Database::get()->query("UPDATE `user` SET `password` = ?s WHERE `id` = ?d", $new_pass, $userid); Session::Messages($langPassChanged); redirect_to_home_page("modules/admin/edituser.php?u=" . urlencode($userid)); } draw($tool_content, 3, null, $head_content);
* * @abstract This component is the core of eclass. Each and every file that * requires output to the user's browser must include this file and use * the draw method to output the UI to the user's browser. * * An exception of this scenario is when the user uses the personalised * interface. In that case function drawPerso needs to be called. * */ $navigation = array(); $sectionName = ''; $pageName = ''; $toolName = ''; require_once 'init.php'; if (isset($toolContent_ErrorExists)) { Session::Messages($toolContent_ErrorExists); if (!$uid) { $next = str_replace($urlAppend, '/', $_SERVER['REQUEST_URI']); header("Location:" . $urlServer . "main/login_form.php?next=" . urlencode($next)); } else { header("Location:" . $urlServer . "index.php"); } exit; } require_once 'template/template.inc.php'; require_once 'tools.php'; /** * Function draw * * This method processes all data to render the display. It is executed by * each tool. Is in charge of generating the interface and parse it to the user's browser.
$hits3 = array(); foreach ($hits2 as $hit2) { if (in_array($hit2->pkid, $subscribed)) { $hits3[] = $hit2; } } $hits = array_merge($hits1, $hits3); // eponymous user can also search for his subscribed courses } } else { $hits = $hits1; // anonymous can only access with visible 1 or 2 } // exit if not results if (count($hits) <= 0) { Session::Messages($langNoResult); redirect_to_home_page('modules/search/search.php'); } //////// PRINT RESULTS //////// $tool_content .= action_bar(array(array('title' => $langNewSearch, 'url' => "search.php", 'icon' => 'fa-plus-circle', 'level' => 'primary-label', 'button-class' => 'btn-success'))); $tool_content .= "\n <div class='alert alert-info'>{$langDoSearch}: <label>" . count($hits) . " {$langResults2}</label></div>\n <table class='table-default'>\n <tr> \n <th class='text-left'>" . $langCourse . " ({$langCode})</th>\n <th class='text-left'>{$langTeacher}</th>\n <th class='text-left'>{$langKeywords}</th>\n </tr>"; foreach ($hits as $hit) { $course = Database::get()->querySingle("SELECT code, title, public_code, prof_names, keywords FROM course WHERE id = ?d", $hit->pkid); // search in-course: Commented out @ 2014-11-24 because too costly to run 11 index sub-queries for each hit result $urlParam = ''; //if (isset($_POST['search_terms']) && search_in_course($_POST['search_terms'], $hit->pkid, $anonymous)) { // $urlParam = '?from_search=' . urlencode($_POST['search_terms']); //} $tool_content .= "<tr><td>\n <a href='../../courses/" . q($course->code) . "/" . $urlParam . "'>" . q($course->title) . "\n </a> (" . q($course->public_code) . ")</td>\n <td>" . q($course->prof_names) . "</td>\n <td>" . q($course->keywords) . "</td></tr>"; } $tool_content .= "</table>";
initialize_group_id(); initialize_group_info($group_id); $toolName = $langGroups; $pageName = $group_name; $navigation[] = array('url' => 'index.php?course=' . $course_code, 'name' => $langGroups); if (isset($_GET['selfReg'])) { if (!$is_member and $status != USER_GUEST and ($max_members == 0 or $member_count < $max_members)) { $id = Database::get()->query("INSERT INTO group_members SET user_id = ?d, group_id = ?d, description = ''", $uid, $group_id); $group = gid_to_name($group_id); Log::record($course_id, MODULE_ID_GROUPS, LOG_MODIFY, array('id' => $id, 'uid' => $uid, 'name' => $group)); Session::Messages($langGroupNowMember, 'alert-success'); redirect_to_home_page("modules/group/group_space.php?course=$course_code&group_id=$group_id"); } else { $tool_content .= "<div class='alert alert-danger'>$langForbidden</div>"; draw($tool_content, 2); exit; } } if (!$is_member and !$is_editor) { $tool_content .= "<div class='alert alert-danger'>$langForbidden</div>"; draw($tool_content, 2); exit; } if (isset($_GET['group_as'])) { $group_id = $_GET['group_id'];
function error($message) { global $urlServer; Session::Messages($message, 'alert-danger'); session_write_close(); header("Location: {$urlServer}"); exit; }
*/ include '../../include/init.php'; if (isset($_GET['course'])) { $code = $_GET['course']; $course_id = course_code_to_id($code); } else { $code = ''; $course_id = false; } if ($course_id === false) { header("HTTP/1.0 404 Not Found"); echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head>', '<title>404 Not Found</title></head><body>', '<h1>Not Found</h1><p>The requested course "', htmlspecialchars($code), '" does not exist.</p></body></html>'; exit; } if (!visible_module(MODULE_ID_BLOG)) { Session::Messages($langCheckPublicTools, 'alert-danger'); session_write_close(); $errorMessagePath = "../../"; if (!$uid) { $next = str_replace($urlAppend, '/', $_SERVER['REQUEST_URI']); header("Location:" . $urlSecure . "login_form.php?next=" . urlencode($next)); } else { header("Location:" . $urlServer . "index.php"); } exit; } $title = htmlspecialchars(Database::get()->querySingle("SELECT title FROM course WHERE id = ?d", $course_id)->title, ENT_NOQUOTES); $lastbuilddateobj = Database::get()->querySingle("SELECT DATE_FORMAT(`time`,'%a, %d %b %Y %T +0300') AS dateformat\r\n FROM blog_post WHERE course_id = ?d\r\n ORDER BY `time` DESC", $course_id); if (is_object($lastbuilddateobj)) { $lastbuilddate = $lastbuilddateobj->dateformat; }
//delete page //delete page case "delete": if ($wiki_title != "__MainPage__" and $is_editor) { //only a teacher can delete a page if ($wikiStore->pageExists($wikiId, $wiki_title)) { $wikiPage->loadPage($wiki_title); if ($wikiPage->delete()) { Session::Messages($langWikiPageDeleted, 'alert-success'); redirect_to_home_page("modules/wiki/page.php?course={$course_code}&wikiId={$wikiId}&action=show"); } else { Session::Messages($langWikiDeletePageError, 'alert-danger'); redirect_to_home_page("modules/wiki/page.php?course={$course_code}&action=show&title=" . rawurlencode($wiki_title) . "&wikiId={$wikiId}"); } } else { Session::Messages($langWikiPageNotFound); redirect_to_home_page("modules/wiki/page.php?course={$course_code}&wikiId={$wikiId}&action=show"); } } break; // page preview // page preview case "preview": if (!isset($content)) { $content = ''; } $tool_content .= claro_disp_wiki_preview($wikiRenderer, $wiki_title, $content); $tool_content .= claro_disp_wiki_preview_buttons($wikiId, $wiki_title, $content, $changelog); break; // view page // view page
</div> </form> </div>"; } else { if (isset($_SESSION['uid']) and $_GET['u'] == $_SESSION['uid']) { $q = Database::get()->query("DELETE from course_user WHERE course_id = ?d AND user_id = ?d", $cid, $_GET['u']); if ($q->affectedRows > 0) { Log::record($cid, MODULE_ID_USERS, LOG_DELETE, array('uid' => $_GET['u'], 'right' => 0)); $code = course_id_to_code($cid); // clear session access to lesson unset($_SESSION['dbname']); unset($_SESSION['cid_tmp']); unset($_SESSION['courses'][$code]); Session::Messages($langCoursDelSuccess, 'alert-success'); redirect_to_home_page('main/portfolio.php'); } else { $tool_content .= "<div class='alert alert-danger'>$langCoursError</div>"; } } $tool_content .= "<br><br><div align=right><a href='../index.php' class=mainpage>$langBack</a></div>"; } if (isset($_SESSION['uid'])) { draw($tool_content, 1); } else { draw($tool_content, 0); }
draw($tool_content, 2); exit(); } if(!$objExercise->selectScore() && !$is_editor) { redirect_to_home_page("modules/exercise/index.php?course=$course_code"); } } if (isset($_SESSION['objExercise'][$exerciseId])) { $objExercise = $_SESSION['objExercise'][$exerciseId]; } if ($is_editor && isset($_GET['purgeAttempID'])) { $eurid = $_GET['purgeAttempID']; $objExercise->purgeAttempt($eurid); Session::Messages($langPurgeExerciseResultsSuccess); redirect_to_home_page("modules/exercise/results.php?course=$course_code&exerciseId=$exerciseId"); } $exerciseTitle = $objExercise->selectTitle(); $exerciseDescription = $objExercise->selectDescription(); $exerciseDescription_temp = nl2br(make_clickable($exerciseDescription)); $tool_content .= " <div class='table-responsive'> <table class='table-default'> <tr> <th>" . q_math($exerciseTitle) . "</th> </tr>"; if($exerciseDescription_temp) { $tool_content .= " <tr>
$q = Database::get()->query('UPDATE user_department SET department = ?d WHERE user = ?d AND department = ?d', $dest_dep, $u, $old_dep); if ($q and $q->affectedRows) { $success_mgs[] = sprintf($langUserMoved, $line); $count++; } else { $error_mgs[] = sprintf($langUserMoveError, $line); } } } $line = strtok("\n"); } } if (isset($success_mgs)) Session::Messages($success_mgs, 'alert-success'); if (isset($error_mgs)) Session::Messages($error_mgs, 'alert-danger'); redirect_to_home_page('modules/admin/multiedituser.php'); } else { $usernames = ''; if (isset($_POST['dellall_submit']) or isset($_POST['activate_submit']) or isset($_POST['move_submit'])) { // get the incoming values $search = isset($_POST['search']) ? $_POST['search'] : ''; $c = isset($_POST['c']) ? intval($_POST['c']) : ''; $lname = isset($_POST['lname']) ? $_POST['lname'] : ''; $fname = isset($_POST['fname']) ? $_POST['fname'] : ''; $uname = isset($_POST['uname']) ? canonicalize_whitespace($_POST['uname']) : ''; $am = isset($_POST['am']) ? $_POST['am'] : ''; $verified_mail = isset($_POST['verified_mail']) ? intval($_POST['verified_mail']) : 3; $user_type = isset($_POST['user_type']) ? $_POST['user_type'] : '';
$extra_messages = "config/{$language_codes[$language]}.inc.php"; if (file_exists($extra_messages)) { include $extra_messages; } else { $extra_messages = false; } require "{$webDir}/lang/{$language}/messages.inc.php"; if ($extra_messages) { include $extra_messages; } if (!isset($_SESSION['csrf_token']) || empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = generate_csrf_token(); } if ($upgrade_begin = get_config('upgrade_begin')) { if (!defined('UPGRADE')) { Session::Messages(sprintf($langUpgradeInProgress, format_time_duration(time() - $upgrade_begin)), 'alert-warning'); if (!isset($guest_allowed) or !$guest_allowed) { redirect_to_home_page(); } } } // check if we are admin or power user or manageuser_user if (isset($_SESSION['is_admin']) and $_SESSION['is_admin']) { $is_admin = true; $is_power_user = true; $is_usermanage_user = true; $is_departmentmanage_user = true; } elseif (isset($_SESSION['is_power_user']) and $_SESSION['is_power_user']) { $is_power_user = true; $is_usermanage_user = true; $is_departmentmanage_user = true;
while ($line !== false) { // strip comments $line = preg_replace('/#.*/', '', trim($line)); if (!empty($line)) { // fetch uid $u = usernameToUid($line); // for real uids not equal to admin if ($u !== false && $u > 1) { // full deletion $success = deleteUser($u, true); // progress report if ($success === true) { Session::Messages("{$langUserWithId} {$line} {$langWasDeleted}", 'alert-success'); redirect_to_home_page('modules/admin/multideluser.php'); } else { Session::Messages("{$langErrorDelete}: {$line}", 'alert-danger'); redirect_to_home_page('modules/admin/multideluser.php'); } } } } redirect_to_home_page('modules/admin/multideluser.php'); } else { $usernames = ''; if (isset($_POST['dellall_submit'])) { // get the incoming values $search = isset($_POST['search']) ? $_POST['search'] : ''; $c = isset($_POST['c']) ? intval($_POST['c']) : ''; $lname = isset($_POST['lname']) ? $_POST['lname'] : ''; $fname = isset($_POST['fname']) ? $_POST['fname'] : ''; $uname = isset($_POST['uname']) ? canonicalize_whitespace($_POST['uname']) : '';
// -------------------------------- // notify users // -------------------------------- $subject_notify = "{$logo} - {$langNewForumNotify}"; $category_id = forum_category($forum_id); $cat_name = category_name($category_id); $c = course_code_to_title($course_code); $name = uid_to_name($uid); $title = course_id_to_title($course_id); $forum_message = "-------- {$langBodyMessage} ({$langSender}: {$name})\n{$message}--------"; $plain_forum_message = q(html2text($forum_message)); $body_topic_notify = "{$langBodyForumNotify} {$langInForums} '" . q($forum_name) . "' \n {$langInCat} '" . q($cat_name) . "' {$langTo} {$langCourseS} '{$c}' <br /><br />" . q($forum_message) . "<br />\n <br />{$gunet}<br /><a href='{$urlServer}courses/{$course_code}'>{$urlServer}courses/{$course_code}</a>"; $plain_body_topic_notify = "{$langBodyForumNotify} {$langInForums} '" . q($forum_name) . "' {$langInCat} '" . q($cat_name) . "' {$langTo} {$langCourseS} '{$c}' \n\n{$plain_forum_message} \n\n{$gunet}\n<a href='{$urlServer}courses/{$course_code}'>{$urlServer}courses/{$course_code}</a>"; $linkhere = " <a href='{$urlServer}main/profile/emailunsubscribe.php?cid={$course_id}'>{$langHere}</a>."; $unsubscribe = "<br /><br />{$langNote}: " . sprintf($langLinkUnsubscribe, $title); $plain_body_topic_notify .= $unsubscribe . $linkhere; $body_topic_notify .= $unsubscribe . $linkhere; $sql = Database::get()->queryArray("SELECT DISTINCT user_id FROM forum_notify\n\t\t\tWHERE (forum_id = ?d OR cat_id = ?d)\n\t\t\tAND notify_sent = 1 AND course_id = ?d AND user_id != ?d", $forum_id, $category_id, $course_id, $uid); foreach ($sql as $r) { if (get_user_email_notification($r->user_id, $course_id)) { $emailaddr = uid_to_email($r->user_id); send_mail_multipart('', '', '', $emailaddr, $subject_notify, $plain_body_topic_notify, $body_topic_notify, $charset); } } // end of notification Session::Messages($langStored, 'alert-success'); redirect_to_home_page("modules/forum/viewforum.php?course={$course_code}&forum={$forum_id}"); } else { $tool_content .= "\n <div class='form-wrapper'>\n <form class='form-horizontal' role='form' action='{$_SERVER['SCRIPT_NAME']}?course={$course_code}&topic={$topic}&forum={$forum_id}' method='post'>\n <fieldset>\n <div class='form-group'>\n <label for='subject' class='col-sm-2 control-label'>{$langSubject}:</label>\n <div class='col-sm-10'>\n <input type='text' name='subject' id='subject' class='form-control' maxlength='100'>\n </div>\n </div> \n <div class='form-group'>\n <label for='message' class='col-sm-2 control-label'>{$langBodyMessage}:</label>\n <div class='col-sm-10'>\n " . rich_text_editor('message', 14, 50, '') . "\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-10 col-sm-offset-2'>\n <input class='btn btn-primary' type='submit' name='submit' value='{$langSubmit}'>\n <a class='btn btn-default' href='viewforum.php?course={$course_code}&forum={$forum_id}'>{$langCancel}</a>\n </div>\n </div> \n\t</fieldset>\n\t</form>\n </div>"; } draw($tool_content, 2, null, $head_content);
//Session::set_flashdata($message, $class); redirect_to_home_page("modules/exercise/question_pool.php?course={$course_code}" . (isset($fromExercise) ? "&fromExercise={$fromExercise}" : "") . "&exerciseId={$exerciseId}"); } elseif (isset($_GET['recup']) && isset($fromExercise)) { $recup = intval($_GET['recup']); // construction of the Question object $objQuestionTmp = new Question(); // if the question exists if ($objQuestionTmp->read($recup)) { // adds the exercise ID into the list of exercises for the current question $objQuestionTmp->addToList($fromExercise); } // destruction of the Question object unset($objQuestionTmp); // adds the question ID into the list of questions for the current exercise $objExercise->addToList($recup); Session::Messages($langQuestionReused, 'alert-success'); redirect_to_home_page("modules/exercise/question_pool.php?course={$course_code}" . (isset($fromExercise) ? "&fromExercise={$fromExercise}" : "") . "&exerciseId={$exerciseId}"); } if (isset($fromExercise)) { $action_bar_options[] = array('title' => $langGoBackToEx, 'url' => "admin.php?course={$course_code}&exerciseId={$fromExercise}", 'icon' => 'fa-reply', 'level' => 'primary-label'); } else { $action_bar_options = array(array('title' => $langNewQu, 'url' => "admin.php?course={$course_code}&newQuestion=yes", 'icon' => 'fa-plus-circle', 'level' => 'primary-label', 'button-class' => 'btn-success'), array('title' => $langImportQTI, 'url' => "admin.php?course={$course_code}&importIMSQTI=yes", 'icon' => 'fa-download', 'level' => 'primary-label', 'button-class' => 'btn-success'), array('title' => $langExportQTI, 'url' => "question_pool.php?" . $_SERVER['QUERY_STRING'] . "&exportIMSQTI=yes", 'icon' => 'fa-upload', 'level' => 'primary-label', 'button-class' => 'btn-success')); } $tool_content .= action_bar($action_bar_options); if (isset($fromExercise)) { $result = Database::get()->queryArray("SELECT id, title FROM `exercise` WHERE course_id = ?d AND id <> ?d ORDER BY id", $course_id, $fromExercise); } else { $result = Database::get()->queryArray("SELECT id, title FROM `exercise` WHERE course_id = ?d ORDER BY id", $course_id); } $exercise_options = "<option value = '0'>-- {$langAllExercises} --</option>\n\n <option value = '-1' " . (isset($exerciseId) && $exerciseId == -1 ? "selected='selected'" : "") . ">-- {$langOrphanQuestions} --</option>\n"; foreach ($result as $row) {
view_type = ?s, start_date = ?t, finish_date = ?t, keywords = '', created = " . DBHelper::timeAfter() . ", glossary_expand = 0, glossary_index = 1, description = ?s", $code, $language, $title, $_POST['formvisible'], intval($course_license), $prof_names, $code, $doc_quota * 1024 * 1024, $video_quota * 1024 * 1024, $group_quota * 1024 * 1024, $dropbox_quota * 1024 * 1024, $password, $view_type, $_POST['start_date'], $_POST['finish_date'], $description); $new_course_id = $result->lastInsertID; if (!$new_course_id) { Session::Messages($langGeneralError); redirect_to_home_page('modules/create_course/create_course.php'); } //===================course format and start and finish date=============== if ($view_type == "weekly") { //get the last inserted id as the course id $course_id = $new_course_id; $begin = new DateTime($_POST['start_date']); //check if there is no end date if ($_POST['finish_date'] == "" || $_POST['finish_date'] == '0000-00-00') { $end = new DateTime($begin->format("Y-m-d")); $end->add(new DateInterval('P26W'));
title = ?s, file_id = ?d" , $sid, $qssid, $qtitle, $file_id); } } } if (isset($_POST['oldssid'])) { $oldssids = array(); foreach ($_POST['oldssid'] as $key => $oldssid) { $oldssids[] = intval($oldssid); } if (count($oldssids)) { Database::get()->query('DELETE FROM ebook_subsection WHERE id IN (' . implode(', ', $oldssids) . ')'); } } Session::Messages($langEBookSectionsModified, 'alert-success'); redirect_to_home_page('modules/ebook/edit.php?course=' . $course_code . '&id=' . $ebook_id); } else { $info = Database::get()->querySingle("SELECT * FROM `ebook` WHERE course_id = ?d AND id = ?d", $course_id, $ebook_id); if (!$info) { $tool_content .= "<div class='alert alert-warning'>$langNoEBook</div>"; } else { $pageName = $langEBookEdit; $basedir = $webDir . '/courses/' . $course_code . '/ebook/' . $ebook_id; $k = 0; list($paths, $files, $file_ids, $id_map) = find_html_files(); $sections = Database::get()->queryArray("SELECT id, public_id, title FROM ebook_section WHERE ebook_id = ?d ORDER BY CONVERT(public_id, UNSIGNED), public_id", $info->id);
$action_message = "<div class='alert alert-danger'>{$langFileNotFound}</div>"; } } // Visibility commands if (isset($_GET['mkVisibl']) || isset($_GET['mkInvisibl'])) { if (isset($_GET['mkVisibl'])) { $newVisibilityStatus = 1; $visibilityPath = $_GET['mkVisibl']; } else { $newVisibilityStatus = 0; $visibilityPath = $_GET['mkInvisibl']; } Database::get()->query("UPDATE document SET visible=?d\n WHERE {$group_sql} AND\n path = ?s", $newVisibilityStatus, $visibilityPath); $r = Database::get()->querySingle("SELECT id FROM document WHERE {$group_sql} AND path = ?s", $visibilityPath); Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r->id); Session::Messages($langViMod, 'alert-success'); redirect_to_home_page("modules/document/index.php?course={$course_code}"); } // Public accessibility commands if (isset($_GET['public']) || isset($_GET['limited'])) { $new_public_status = intval(isset($_GET['public'])); $path = isset($_GET['public']) ? $_GET['public'] : $_GET['limited']; Database::get()->query("UPDATE document SET public = ?d\n WHERE {$group_sql} AND\n path = ?s", $new_public_status, $path); $r = Database::get()->querySingle("SELECT id FROM document WHERE {$group_sql} AND path = ?s", $path); Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_DOCUMENT, $r->id); $action_message = "<div class='alert alert-success'>{$langViMod}</div>"; } } // teacher only // Common for teachers and students // define current directory
if (isset($_POST['submit'])) { if (empty($_POST['password_form']) or empty($_POST['password_form1']) or empty($_POST['old_pass'])) { Session::Messages($langFieldsMissing); header($passLocation); exit; } if (count($error_messages = acceptable_password($_POST['password_form'], $_POST['password_form1'])) > 0) { Session::Messages($langPassTwo); header($passLocation); exit; } // all checks ok. Change password! $myrow = Database::get()->querySingle("SELECT password FROM user WHERE id= ?d", $_SESSION['uid']); $hasher = new PasswordHash(8, false); $new_pass = $hasher->HashPassword($_REQUEST['password_form']); if ($hasher->CheckPassword($_REQUEST['old_pass'], $myrow->password)) { Database::get()->query("UPDATE user SET password = ?s\n WHERE id = ?d", $new_pass, $_SESSION['uid']); Log::record(0, 0, LOG_PROFILE, array('uid' => $_SESSION['uid'], 'pass_change' => 1)); Session::Messages($langPassChanged, 'alert-success'); redirect_to_home_page('main/profile/display_profile.php'); exit; } else { Session::Messages($langPassOldWrong); redirect_to_home_page('main/profile/profile.php'); } } $tool_content .= action_bar(array(array('title' => $langBack, 'url' => 'display_profile.php', 'icon' => 'fa-reply', 'level' => 'primary-label'))); if (!isset($_POST['changePass'])) { $tool_content .= "<div class='form-wrapper'>\n <form class='form-horizontal' role='form' method='post' action='{$passUrl}'>\n <fieldset>\n <div class='form-group'>\n <label for='old_pass' class='col-sm-2 control-label'>{$langOldPass}: </label>\n <div class='col-sm-8'>\n\t <input type='password' class='form-control' id='old_pass' name='old_pass' value='' autocomplete='off'>\n </div>\n </div>\n <div class='form-group'>\n <label for='password_form' class='col-sm-2 control-label'>{$langNewPass1}: </label>\n <div class='col-sm-8'>\n\t <input type='password' class='form-control' id='password_form' name='password_form' value='' autocomplete='off'>\n </div>\n <div class='col-sm-2 text-center padding-thin'>\n <span id='result'></span>\n </div>\n </div>\n <div class='form-group'>\n <label for='password_form1' class='col-sm-2 control-label'>{$langNewPass2}: </label>\n <div class='col-sm-8'>\n <input type='password' class='form-control' id='password_form1' name='password_form1' value='' autocomplete='off'>\n </div>\n </div>\n <div class='form-group'>\n <div class='col-sm-offset-2 col-sm-8'>\n <input type='submit' class='btn btn-primary' name='submit' value='{$langModify}'>\n <a href='display_profile.php' class='btn btn-default'>{$langCancel}</a>\n </div>\n </div>\n </fieldset>\n</form></div>"; } draw($tool_content, 1, null, $head_content);
* Contact address: GUnet Asynchronous eLearning Group, * Network Operations Center, University of Athens, * Panepistimiopolis Ilissia, 15784, Athens, Greece * e-mail: info@openeclass.org * ======================================================================== */ $require_current_course = true; $require_editor = true; require_once '../../include/baseTheme.php'; require_once 'modules/questionnaire/functions.php'; if (!isset($_GET['pid'])) { redirect_to_home_page(); } else { $pid = intval($_GET['pid']); } if (!$is_editor) { Session::Messages($langPollResultsAccess); redirect_to_home_page('modules/questionnaire/index.php?course=' . $course_code); } if (isset($_GET['enc']) and $_GET['enc'] == '1253') { $charset = 'Windows-1253'; } else { $charset = 'UTF-8'; } $full = isset($_GET['full']) && $_GET['full']; $crlf = "\r\n"; if (!isset($_GET['pid'])) { redirect_to_home_page(); } else { $pid = intval($_GET['pid']); } header("Content-Type: text/csv; charset={$charset}");
course_id = ?d, `order` = ?d" , $_POST['term'], $_POST['definition'], $url, purify($_POST['notes']), $category_id, $course_id, findorder($course_id)); $log_action = LOG_INSERT; $success_message = $langGlossaryAdded; } $id = $q->lastInsertID; Log::record($course_id, MODULE_ID_GLOSSARY, $log_action, array('id' => $id, 'term' => $_POST['term'], 'definition' => $_POST['definition'], 'url' => $url, 'notes' => purify($_POST['notes']))); if ($q and $q->affectedRows) { invalidate_glossary_cache(); Session::Messages($success_message, 'alert-success'); } redirect_to_home_page("modules/glossary/index.php?course=$course_code"); } else { $new_or_modify = isset($_POST['id']) ? "&edit=$_POST[id]" : "&add=1"; Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); redirect_to_home_page("modules/glossary/index.php?course=$course_code$new_or_modify"); } } if (isset($_GET['delete'])) { $id = getDirectReference($_GET['delete']); $term = Database::get()->querySingle("SELECT term FROM glossary WHERE ID = ?d", $id)->term; $q = Database::get()->query("DELETE FROM glossary WHERE id = ?d AND course_id = ?d", $id, $course_id); invalidate_glossary_cache(); Log::record($course_id, MODULE_ID_GLOSSARY, LOG_DELETE, array('id' => $id,