public static function ajaxGetDashboardWidget($name)
{
$container = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer');
$objResponse = new XajaxResponse();
$xml = '<void/>';
$domain_da = $container->getCurrentDomain()->getDataAccess();
$perm = new \Innomatic\Desktop\Auth\DesktopPanelAuthorizator($domain_da, $container->getCurrentUser()->getGroup());
// Check if the widget exists in the widgets list
$widget_query = $domain_da->execute('SELECT * FROM domain_dashboards_widgets WHERE name=' . $domain_da->formatText($name));
if ($widget_query->getNumberRows() > 0) {
$allowed = true;
$panel = $widget_query->getFields('panel');
// Do not show widgets tied to a panel when the panel is not accessible to the current user
if (strlen($panel)) {
$node_id = $perm->getNodeIdFromFileName($panel);
if ($perm->check($node_id, \Innomatic\Desktop\Auth\DesktopPanelAuthorizator::NODETYPE_PAGE) == \Innomatic\Desktop\Auth\DesktopPanelAuthorizator::NODE_NOTENABLED) {
$allowed = false;
}
}
if ($allowed) {
$class = $widget_query->getFields('class');
// Check if the class exists
if (class_exists($class, true)) {
// Fetch the widget xml definition
$widget = new $class();
$xml = $widget->getWidgetXml();
}
}
}
// Create the widget html and send it to the dashboard
$html = WuiXml::getContentFromXml('', $xml);
$objResponse->addAssign('widget_' . $name, 'innerHTML', $html);
return $objResponse;
}
function search_sessions($needle, $type)
{
global $_configuration, $tbl_session_rel_access_url, $tbl_session, $user_id;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$assigned_sessions_to_hrm = SessionManager::get_sessions_followed_by_drh($user_id);
$assigned_sessions_id = array_keys($assigned_sessions_to_hrm);
$without_assigned_sessions = '';
if (count($assigned_sessions_id) > 0) {
$without_assigned_sessions = " AND s.id NOT IN(" . implode(',', $assigned_sessions_id) . ")";
}
if ($_configuration['multiple_access_urls']) {
$sql = " SELECT s.id, s.name FROM {$tbl_session} s LEFT JOIN {$tbl_session_rel_access_url} a ON (s.id = a.session_id)\n\t\t\t\t\t\tWHERE s.name LIKE '{$needle}%' {$without_assigned_sessions} AND access_url_id = " . api_get_current_access_url_id() . "";
} else {
$sql = "SELECT s.id, s.name FROM {$tbl_session} s\n\t\t\t\tWHERE s.name LIKE '{$needle}%' {$without_assigned_sessions} ";
}
$rs = Database::query($sql);
$return .= '<select id="origin" name="NoAssignedSessionsList[]" multiple="multiple" size="20" style="width:340px;">';
while ($session = Database::fetch_array($rs)) {
$return .= '<option value="' . $session['id'] . '" title="' . htmlspecialchars($session['name'], ENT_QUOTES) . '">' . $session['name'] . '</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_sessions_multiple', 'innerHTML', api_utf8_encode($return));
}
return $xajax_response;
}
/**
* Search users by username, firstname or lastname, based on the given
* search string
* @param string Search string
* @param int Deprecated param
* @return string Xajax response block
* @assert () === false
*/
public static function search_users($needle, $id)
{
global $tbl_user, $tbl_access_url_rel_user;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
// search users where username or firstname or lastname begins likes $needle
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$sql = 'SELECT u.user_id, username, lastname, firstname FROM ' . $tbl_user . ' u ' . ' WHERE (username LIKE "' . $needle . '%" ' . ' OR firstname LIKE "' . $needle . '%" ' . ' OR lastname LIKE "' . $needle . '%") ' . $order_clause . ' LIMIT 11';
$rs = Database::query($sql);
$i = 0;
while ($user = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\'' . addslashes($user['user_id']) . '\',\'' . api_get_person_name(addslashes($user['firstname']), addslashes($user['lastname'])) . ' (' . addslashes($user['username']) . ')' . '\')">' . api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ')</a><br />';
} else {
$return .= '...<br />';
}
}
}
$xajax_response->addAssign('ajax_list_users', 'innerHTML', api_utf8_encode($return));
return $xajax_response;
}
/**
* Search sessions by name, based on a search string
* @param string Search string
* @param int Deprecated param
* @return string Xajax response block
* @assert () === false
*/
function search_sessions($needle, $id)
{
global $tbl_session;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
// search sessiones where username or firstname or lastname begins likes $needle
$sql = 'SELECT id, name FROM ' . $tbl_session . ' u
WHERE (name LIKE "' . $needle . '%")
ORDER BY name, id
LIMIT 11';
$rs = Database::query($sql);
$i = 0;
while ($session = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$return .= '<a href="#" onclick="add_user_to_url(\'' . addslashes($session['id']) . '\',\'' . addslashes($session['name']) . ' (' . addslashes($session['id']) . ')' . '\')">' . $session['name'] . ' </a><br />';
} else {
$return .= '...<br />';
}
}
}
$xajax_response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
return $xajax_response;
}
function search_courses($needle, $type)
{
global $_configuration, $tbl_course, $tbl_course_rel_access_url, $user_id;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
$assigned_courses_to_hrm = CourseManager::get_courses_followed_by_drh($user_id);
$assigned_courses_code = array_keys($assigned_courses_to_hrm);
foreach ($assigned_courses_code as &$value) {
$value = "'" . $value . "'";
}
$without_assigned_courses = '';
if (count($assigned_courses_code) > 0) {
$without_assigned_courses = " AND c.code NOT IN(" . implode(',', $assigned_courses_code) . ")";
}
if ($_configuration['multiple_access_urls']) {
$sql = "SELECT c.code, c.title FROM {$tbl_course} c LEFT JOIN {$tbl_course_rel_access_url} a ON (a.course_code = c.code)\n WHERE c.code LIKE '{$needle}%' {$without_assigned_courses} AND access_url_id = " . api_get_current_access_url_id() . "";
} else {
$sql = "SELECT c.code, c.title FROM {$tbl_course} c\n WHERE c.code LIKE '{$needle}%' {$without_assigned_courses} ";
}
$rs = Database::query($sql);
$return .= '<select id="origin" name="NoAssignedCoursesList[]" multiple="multiple" size="20" style="width:340px;">';
while ($course = Database::fetch_array($rs)) {
$return .= '<option value="' . $course['code'] . '" title="' . htmlspecialchars($course['title'], ENT_QUOTES) . '">' . $course['title'] . ' (' . $course['code'] . ')</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
}
return $xajax_response;
}
function search_users($needle, $type)
{
global $_configuration, $tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
$assigned_users_id = array_keys($assigned_users_to_hrm);
$without_assigned_users = '';
if (count($assigned_users_id) > 0) {
$without_assigned_users = " AND user.user_id NOT IN(" . implode(',', $assigned_users_id) . ")";
}
if ($_configuration['multiple_access_urls']) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user LEFT JOIN {$tbl_access_url_rel_user} au ON (au.user_id = user.user_id)\n\t\t\tWHERE " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND user.user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id}) {$without_assigned_users} AND access_url_id = " . api_get_current_access_url_id() . "";
} else {
$sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\tWHERE " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id}) {$without_assigned_users}";
}
$rs = Database::query($sql);
$return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
while ($user = Database::fetch_array($rs)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<option value="' . $user['user_id'] . '" title="' . htmlspecialchars($person_name, ENT_QUOTES) . '">' . $person_name . ' (' . $user['username'] . ')</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
}
return $xajax_response;
}
/**
* Search for a list of available courses by title or code, based on
* a given string
* @param string String to search for
* @param int Deprecated param
* @return string A formatted, xajax answer block
* @assert () === false
*/
function search_courses($needle, $id)
{
global $tbl_course;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
// search courses where username or firstname or lastname begins likes $needle
$sql = 'SELECT code, title FROM ' . $tbl_course . ' u ' . ' WHERE (title LIKE "' . $needle . '%" ' . ' OR code LIKE "' . $needle . '%" ' . ' ) ' . ' ORDER BY title, code ' . ' LIMIT 11';
$rs = Database::query($sql);
$i = 0;
while ($course = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\'' . addslashes($course['code']) . '\',\'' . addslashes($course['title']) . ' (' . addslashes($course['code']) . ')' . '\')">' . $course['title'] . ' (' . $course['code'] . ')</a><br />';
} else {
$return .= '...<br />';
}
}
}
$xajax_response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
return $xajax_response;
}
public static function ajaxGetDashboardWidget($name)
{
$objResponse = new XajaxResponse();
$xml = \Innomatic\Desktop\Dashboard\WidgetHelper::getWidgetXml($name);
// Create the widget html and send it to the dashboard
$html = WuiXml::getContentFromXml('', $xml);
$objResponse->addAssign('widget_' . $name, 'innerHTML', $html);
return $objResponse;
}
function GetPropertyValues($resource, $propname, $propvalue)
{
$SYSLOG = SYSLOG::getInstance();
$result = new XajaxResponse();
$values = $SYSLOG->GetResourcePropertyValues($resource, $propname);
if (empty($values) || count($values) > 19) {
$result->assign('propertyvaluedata', 'innerHTML', '<input type="text" size="20" name="propertyvalue" id="propertyvalue"' . (strlen($propvalue) ? ' value="' . $propvalue . '"' : '') . '>');
} else {
$options = '<SELECT size="1" name="propertyvalue" id="propertyvalue">';
$options .= '<OPTION value="">' . trans('- all -') . '</OPTION>';
foreach ($values as $value) {
$data = array('resource' => $resource, 'name' => $propname, 'value' => $value);
$SYSLOG->DecodeMessageData($data);
$options .= '<OPTION value="' . $value . '"' . (strlen($propvalue) && $propvalue == $value ? ' selected' : '') . '>' . (strlen($data['value']) > 50 ? substr($data['value'], 0, 50) . '...' : $data['value']) . '</OPTION>';
}
$options .= '</SELECT>';
$result->assign('propertyvaluedata', 'innerHTML', $options);
}
return $result;
}
/**
*
* @deprecated
*
*/
public function ajaxInnomaticStickFrame($args)
{
$objResponse = new XajaxResponse();
$name = $args[0];
$top = $args[1];
$left = $args[2];
$empty = new \Shared\Wui\WuiDivframe($name);
$session_args = $empty->retrieveSession();
if (isset($session_args['top'])) {
unset($session_args['top']);
unset($session_args['left']);
$sScript = "var myImg = document.getElementById('pin_" . $name . "');";
$sScript .= "myImg.src='" . $empty->mThemeHandler->mIconsBase . $empty->mThemeHandler->mIconsSet['mini']['flag']['base'] . '/mini/' . $empty->mThemeHandler->mIconsSet['mini']['flag']['file'] . "';";
$objResponse->addScript($sScript);
} else {
$session_args['top'] = $top;
$session_args['left'] = $left;
$sScript = "var myImg = document.getElementById('pin_" . $name . "');";
$sScript .= "myImg.src='" . $empty->mThemeHandler->mIconsBase . $empty->mThemeHandler->mIconsSet['mini']['lock']['base'] . '/mini/' . $empty->mThemeHandler->mIconsSet['mini']['lock']['file'] . "';";
$objResponse->addScript($sScript);
}
$empty->storeSession($session_args);
return $objResponse->getXML();
}
function search_coachs($needle)
{
global $tbl_user;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
// search users where username or firstname or lastname begins likes $needle
$sql = 'SELECT username, lastname, firstname FROM ' . $tbl_user . ' user
WHERE (username LIKE "' . $needle . '%"
OR firstname LIKE "' . $needle . '%"
OR lastname LIKE "' . $needle . '%")
AND status=1' . $order_clause . ' LIMIT 10';
if (api_is_multiple_url_enabled()) {
$tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = 'SELECT username, lastname, firstname FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = ' . $access_url_id . ' AND (username LIKE "' . $needle . '%"
OR firstname LIKE "' . $needle . '%"
OR lastname LIKE "' . $needle . '%")
AND status=1' . $order_clause . ' LIMIT 10';
}
}
$rs = Database::query($sql);
while ($user = Database::fetch_array($rs)) {
$return .= '<a href="javascript: void(0);" onclick="javascript: fill_coach_field(\'' . $user['username'] . '\')">' . api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ')</a><br />';
}
}
$xajax_response->addAssign('ajax_list_coachs', 'innerHTML', api_utf8_encode($return));
return $xajax_response;
}
/**
* Search for a session based on a given search string
* @param string A search string
* @param string A search box type (single or anything else)
* @return string XajaxResponse
* @assert ('abc','single') !== ''
*/
function search_courses($needle, $type)
{
global $tbl_session;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
$sql = 'SELECT * FROM ' . $tbl_session . ' WHERE name LIKE "' . $needle . '%" ORDER BY id';
$rs = Database::query($sql);
$course_list = array();
$return .= '<select id="origin" name="NoSessionCategoryList[]" multiple="multiple" size="20" style="width:340px;">';
while ($course = Database::fetch_array($rs)) {
$course_list[] = $course['id'];
$return .= '<option value="' . $course['id'] . '" title="' . htmlspecialchars($course['name'], ENT_QUOTES) . '">' . $course['name'] . '</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
}
$_SESSION['course_list'] = $course_list;
return $xajax_response;
}
/**
* This function updates the progress bar
* @param div_id where the progress bar is displayed
* @param upload_id the identifier given in the field UPLOAD_IDENTIFIER
*/
function updateProgress($div_id, $upload_id, $waitAfterupload = false)
{
$objResponse = new XajaxResponse();
$ul_info = uploadprogress_get_info($upload_id);
$percent = intval($ul_info['bytes_uploaded'] * 100 / $ul_info['bytes_total']);
if ($waitAfterupload && $ul_info['est_sec'] < 2) {
$percent = 100;
$objResponse->addAssign($div_id . '_label', 'innerHTML', get_lang('UploadFile') . ' : ' . $percent . ' %');
$objResponse->addAssign($div_id . '_waiter_frame', 'innerHTML', '<img src="' . api_get_path(WEB_CODE_PATH) . 'img/progress_bar.gif" />');
$objResponse->addScript('clearInterval("myUpload.__progress_bar_interval")');
}
$objResponse->addAssign($div_id . '_label', 'innerHTML', get_lang('UploadFile') . ' : ' . $percent . ' %');
$objResponse->addAssign($div_id . '_filled', 'style.width', $percent . '%');
return $objResponse;
}
function search($needle, $type)
{
global $tbl_user, $elements_in;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
if ($type == 'single') {
// search users where username or firstname or lastname begins likes $needle
/* $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user
WHERE (username LIKE "'.$needle.'%"
OR firstname LIKE "'.$needle.'%"
OR lastname LIKE "'.$needle.'%") AND user.user_id<>"'.$user_anonymous.'" AND user.status<>'.DRH.''.
$order_clause.
' LIMIT 11';*/
} else {
$list = CourseManager::get_courses_list(0, 0, 2, 'ASC', -1, $needle);
}
$i = 0;
if ($type == 'single') {
/*
while ($user = Database :: fetch_array($rs)) {
$i++;
if ($i<=10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_session(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));*/
} else {
$return .= '<select id="elements_not_in" name="elements_not_in_name[]" multiple="multiple" size="15" style="width:360px;">';
foreach ($list as $row) {
if (!in_array($row['id'], array_keys($elements_in))) {
$return .= '<option value="' . $row['id'] . '">' . $row['title'] . ' (' . $row['visual_code'] . ')</option>';
}
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_multiple', 'innerHTML', api_utf8_encode($return));
}
}
return $xajax_response;
}
function search_users($needle, $type)
{
global $tbl_user, $tbl_group_rel_user, $group_id;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous = api_get_anonymous_id();
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$cond_user_id = '';
if (!empty($id_session)) {
$group_id = Database::escape_string($group_id);
// check id_user from session_rel_user table
$sql = 'SELECT id_user FROM ' . $tbl_group_rel_user . ' WHERE usergroup_id ="' . (int) $group_id . '"';
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = (int) $row[0];
}
}
if (count($user_ids) > 0) {
$cond_user_id = ' AND user_id NOT IN(' . implode(",", $user_ids) . ')';
}
}
if ($type == 'single') {
// search users where username or firstname or lastname begins likes $needle
$sql = 'SELECT user_id, username, lastname, firstname FROM ' . $tbl_user . ' user
WHERE ( username LIKE "' . $needle . '%" OR
firstname LIKE "' . $needle . '%" OR
lastname LIKE "' . $needle . '%"
) AND
user_id<>"' . $user_anonymous . '"' . $order_clause . ' LIMIT 11';
} else {
$sql = 'SELECT user_id, username, lastname, firstname FROM ' . $tbl_user . ' user
WHERE ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND user_id<>"' . $user_anonymous . '"' . $cond_user_id . $order_clause;
}
if (api_is_multiple_url_enabled()) {
$tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
if ($type == 'single') {
$sql = 'SELECT user.user_id, username, lastname, firstname
FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = ' . $access_url_id . ' AND (
username LIKE "' . $needle . '%" OR
firstname LIKE "' . $needle . '%" OR
lastname LIKE "' . $needle . '%")
AND user.user_id <> "' . $user_anonymous . '"' . $order_clause . ' LIMIT 11';
} else {
$sql = 'SELECT user.user_id, username, lastname, firstname
FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = ' . $access_url_id . ' AND
' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND
user.user_id<>"' . $user_anonymous . '"' . $cond_user_id . $order_clause;
}
}
}
$rs = Database::query($sql);
$i = 0;
if ($type == 'single') {
while ($user = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
} else {
global $nosessionUsersList;
$return .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($user = Database::fetch_array($rs)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<option value="' . $user['user_id'] . '">' . $person_name . ' (' . $user['username'] . ')</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
}
}
return $xajax_response;
}
/**
* This is the main communications engine of xajax. The engine handles all
* incoming xajax requests, calls the apporiate PHP functions (or
* class/object methods) and passes the XML responses back to the
* Javascript response handler. If your RequestURI is the same as your Web
* page then this function should be called before any headers or HTML has
* been sent.
*/
public function processRequests()
{
$requestMode = -1;
$sFunctionName = "";
$bFoundFunction = true;
$bFunctionIsCatchAll = false;
$sFunctionNameForSpecial = "";
$aArgs = array();
$sPreResponse = "";
$bEndRequest = false;
$sResponse = "";
$requestMode = $this->getRequestMode();
if ($requestMode == -1) {
return;
}
if ($requestMode == XAJAX_POST) {
$sFunctionName = $_POST["xajax"];
if (!empty($_POST["xajaxargs"])) {
$aArgs = $_POST["xajaxargs"];
}
} else {
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
$sFunctionName = $_GET["xajax"];
if (!empty($_GET["xajaxargs"])) {
$aArgs = $_GET["xajaxargs"];
}
}
// Use xajax error handler if necessary
if ($this->bErrorHandler) {
$GLOBALS['xajaxErrorHandlerText'] = "";
set_error_handler("xajaxErrorHandler");
}
if ($this->sPreFunction) {
if (!$this->_isFunctionCallable($this->sPreFunction)) {
$bFoundFunction = false;
$objResponse = new XajaxResponse();
$objResponse->addAlert("Unknown Pre-Function " . $this->sPreFunction);
$sResponse = $objResponse->getXML();
}
}
//include any external dependencies associated with this function name
if (array_key_exists($sFunctionName, $this->aFunctionIncludeFiles)) {
ob_start();
include_once $this->aFunctionIncludeFiles[$sFunctionName];
ob_end_clean();
}
if ($bFoundFunction) {
$sFunctionNameForSpecial = $sFunctionName;
if (!array_key_exists($sFunctionName, $this->aFunctions)) {
if ($this->sCatchAllFunction) {
$sFunctionName = $this->sCatchAllFunction;
$bFunctionIsCatchAll = true;
} else {
$bFoundFunction = false;
$objResponse = new XajaxResponse();
$objResponse->addAlert("Unknown Function {$sFunctionName}.");
$sResponse = $objResponse->getXML();
}
} elseif ($this->aFunctionRequestTypes[$sFunctionName] != $requestMode) {
$bFoundFunction = false;
$objResponse = new XajaxResponse();
$objResponse->addAlert("Incorrect Request Type.");
$sResponse = $objResponse->getXML();
}
}
if ($bFoundFunction) {
for ($i = 0; $i < sizeof($aArgs); $i++) {
// If magic quotes is on, then we need to strip the slashes from the args
if (get_magic_quotes_gpc() == 1 && is_string($aArgs[$i])) {
$aArgs[$i] = stripslashes($aArgs[$i]);
}
if (stristr($aArgs[$i], "<xjxobj>") != false) {
$aArgs[$i] = $this->_xmlToArray("xjxobj", $aArgs[$i]);
} elseif (stristr($aArgs[$i], "<xjxquery>") != false) {
$aArgs[$i] = $this->_xmlToArray("xjxquery", $aArgs[$i]);
} elseif ($this->bDecodeUTF8Input) {
$aArgs[$i] = $this->_decodeUTF8Data($aArgs[$i]);
}
}
if ($this->sPreFunction) {
$mPreResponse = $this->_callFunction($this->sPreFunction, array($sFunctionNameForSpecial, $aArgs));
if (is_array($mPreResponse) && $mPreResponse[0] === false) {
$bEndRequest = true;
$sPreResponse = $mPreResponse[1];
} else {
$sPreResponse = $mPreResponse;
}
if (is_a($sPreResponse, "xajaxResponse")) {
$sPreResponse = $sPreResponse->getXML();
}
if ($bEndRequest) {
$sResponse = $sPreResponse;
}
}
if (!$bEndRequest) {
if (!$this->_isFunctionCallable($sFunctionName)) {
$objResponse = new XajaxResponse();
$objResponse->addAlert("The Registered Function {$sFunctionName} Could Not Be Found.");
$sResponse = $objResponse->getXML();
} else {
if ($bFunctionIsCatchAll) {
$aArgs = array($sFunctionNameForSpecial, $aArgs);
}
$sResponse = $this->_callFunction($sFunctionName, $aArgs);
}
if (is_a($sResponse, "xajaxResponse")) {
$sResponse = $sResponse->getXML();
}
if (!is_string($sResponse) || strpos($sResponse, "<xjx>") === false) {
$objResponse = new XajaxResponse();
$objResponse->addAlert("No XML Response Was Returned By Function {$sFunctionName}.");
$sResponse = $objResponse->getXML();
} elseif ($sPreResponse != "") {
$sNewResponse = new XajaxResponse($this->sEncoding, $this->bOutputEntities);
$sNewResponse->loadXML($sPreResponse);
$sNewResponse->loadXML($sResponse);
$sResponse = $sNewResponse->getXML();
}
}
}
$sContentHeader = "Content-type: text/xml;";
if ($this->sEncoding && strlen(trim($this->sEncoding)) > 0) {
$sContentHeader .= " charset=" . $this->sEncoding;
}
header($sContentHeader);
if ($this->bErrorHandler && !empty($GLOBALS['xajaxErrorHandlerText'])) {
$sErrorResponse = new XajaxResponse();
$sErrorResponse->addAlert("** PHP Error Messages: **" . $GLOBALS['xajaxErrorHandlerText']);
if ($this->sLogFile) {
$fH = @fopen($this->sLogFile, "a");
if (!$fH) {
$sErrorResponse->addAlert("** Logging Error **\n\nxajax was unable to write to the error log file:\n" . $this->sLogFile);
} else {
fwrite($fH, "** xajax Error Log - " . strftime("%b %e %Y %I:%M:%S %p") . " **" . $GLOBALS['xajaxErrorHandlerText'] . "\n\n\n");
fclose($fH);
}
}
$sErrorResponse->loadXML($sResponse);
$sResponse = $sErrorResponse->getXML();
}
if ($this->bCleanBuffer) {
while (@ob_end_clean()) {
}
}
print $sResponse;
if ($this->bErrorHandler) {
restore_error_handler();
}
if ($this->bExitAllowed) {
\Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->halt();
}
}
public static function ajaxSaveRolesPermissions($permissions)
{
// Build list of checked roles/permissions
$permissions = explode(',', $permissions);
$checkedPermissions = array();
foreach ($permissions as $id => $permission) {
$permission = str_replace('cbrole_', '', $permission);
list($roleId, $permissionId) = explode('-', $permission);
$checkedPermissions[$roleId][$permissionId] = true;
}
// Get list of all roles and permissions
$rolesList = \Innomatic\Domain\User\Role::getAllRoles();
$permissionsList = \Innomatic\Domain\User\Permission::getAllPermissions();
// Check which permissions have been checked
foreach ($rolesList as $roleId => $roleData) {
$role = new \Innomatic\Domain\User\Role($roleId);
foreach ($permissionsList as $permissionId => $permissionData) {
if (isset($checkedPermissions[$roleId][$permissionId])) {
$role->assignPermission($permissionId);
} else {
$role->unassignPermission($permissionId);
}
}
}
$html = WuiXml::getContentFromXml('', \ProfilesPanelController::getRolesPermissionsXml());
$objResponse = new XajaxResponse();
$objResponse->addAssign("roleslist", "innerHTML", $html);
return $objResponse;
}
function search_users($needle, $type, $relation_type)
{
global $tbl_user, $tbl_user_rel_access_url, $tbl_group_rel_user, $group_id, $_configuration;
$xajax_response = new XajaxResponse();
$return = $return_origin = $return_destination = '';
$without_user_id = $without_user_id = $condition_relation = '';
if (!empty($group_id) && !empty($relation_type)) {
$group_id = intval($group_id);
$relation_type = intval($relation_type);
// get user_id from relation type and group id
$sql = "SELECT user_id FROM {$tbl_group_rel_user}\n\t\t\t\tWHERE group_id = '{$group_id}'\n\t\t\t\tAND relation_type IN (" . GROUP_USER_PERMISSION_ADMIN . "," . GROUP_USER_PERMISSION_READER . "," . GROUP_USER_PERMISSION_PENDING_INVITATION . "," . GROUP_USER_PERMISSION_MODERATOR . ", " . GROUP_USER_PERMISSION_HRM . ") ";
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = $row[0];
}
$without_user_id = " AND user.user_id NOT IN(" . implode(',', $user_ids) . ") ";
}
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (" . GROUP_USER_PERMISSION_PENDING_INVITATION . "," . GROUP_USER_PERMISSION_READER . ") ";
} else {
$condition_relation = " AND groups.relation_type = '{$relation_type}' ";
}
// data for destination user list
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname\n\t\t\t\tFROM {$tbl_group_rel_user} groups\n\t\t\t\tINNER JOIN {$tbl_user} user ON user.user_id = groups.user_id\n\t\t\t\tWHERE groups.group_id = '{$group_id}' {$condition_relation} ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($row = Database::fetch_array($rs_destination)) {
$person_name = api_get_person_name($row['firstname'], $row['lastname']);
$return_destination .= '<option value="' . $row['user_id'] . '">' . $person_name . ' (' . $row['username'] . ')</option>';
}
$return_destination .= '</select>';
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
}
$xajax_response->addAssign('ajax_destination_list', 'innerHTML', api_utf8_encode($return_destination));
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response->addAssign('ajax_destination_list', 'innerHTML', api_utf8_encode($return_destination));
if ($type == 'single') {
$return .= '';
$xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
} else {
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response->addAssign('ajax_origin_list_multiple', 'innerHTML', api_utf8_encode($return_origin));
}
}
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous = api_get_anonymous_id();
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
if ($type == 'single') {
if (!empty($group_id) && !empty($relation_type)) {
// search users where username or firstname or lastname begins likes $needle
$sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\tWHERE (username LIKE '{$needle}%' OR firstname LIKE '{$needle}%' OR lastname LIKE '{$needle}%')\n\t\t\t\t\t\tAND user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} LIMIT 11";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\t\t\tINNER JOIN {$tbl_user_rel_access_url} url_user ON (url_user.user_id=user.user_id)\n\t\t\t\t\t\t\t\tWHERE access_url_id = '{$access_url_id}' AND (username LIKE '{$needle}%' OR firstname LIKE '{$needle}%' OR lastname LIKE '{$needle}%')\n\t\t\t\t\t\t\t\tAND user.user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} LIMIT 11 ";
}
}
$rs_single = Database::query($sql);
$i = 0;
while ($user = Database::fetch_array($rs_single)) {
$i++;
if ($i <= 10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
} else {
$xajax_response->addAlert(get_lang('YouMustChooseARelationType'));
$xajax_response->addClear('user_to_add', 'value');
}
} else {
// multiple
if (!empty($group_id) && !empty($relation_type)) {
$sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t WHERE " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} ";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\t\t\tINNER JOIN {$tbl_user_rel_access_url} url_user ON (url_user.user_id=user.user_id)\n\t\t\t\t\t\t\t\tWHERE access_url_id = '{$access_url_id}'\n\t\t\t\t\t\t\t\tAND " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%'\n\t\t\t\t\t\t\t\tAND user.user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} ";
}
}
$rs_multiple = Database::query($sql);
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($user = Database::fetch_array($rs_multiple)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return_origin .= '<option value="' . $user['user_id'] . '">' . $person_name . ' (' . $user['username'] . ')</option>';
}
$return_origin .= '</select>';
$xajax_response->addAssign('ajax_origin_list_multiple', 'innerHTML', api_utf8_encode($return_origin));
}
}
}
return $xajax_response;
}
/**
*
* @param string $needle
* @return XajaxResponse
*/
public static function searchCourseCategoryAjax($needle)
{
$response = new XajaxResponse();
$return = '';
if (!empty($needle)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$needle = Database::escape_string($needle);
// search courses where username or firstname or lastname begins likes $needle
$sql = 'SELECT id, name FROM ' . Database::get_main_table(TABLE_MAIN_CATEGORY) . ' u
WHERE name LIKE "' . $needle . '%" AND (parent_id IS NULL or parent_id = 0)
ORDER BY name
LIMIT 11';
$result = Database::query($sql);
$i = 0;
while ($data = Database::fetch_array($result)) {
$i++;
if ($i <= 10) {
$return .= '<a
href="javascript: void(0);"
onclick="javascript: add_user_to_url(\'' . addslashes($data['id']) . '\',\'' . addslashes($data['name']) . ' \')">' . $data['name'] . ' </a><br />';
} else {
$return .= '...<br />';
}
}
}
$response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
return $response;
}
/**
* Searches a course, given a search string and a type of search box
* @param string $needle Search string
* @param string $type Type of search box ('single' or anything else)
* @return string XajaxResponse
* @assert () !== null
* @assert ('abc', 'single') !== null
* @assert ('abc', 'multiple') !== null
*/
public static function search_courses($needle, $type)
{
global $tbl_course, $tbl_session_rel_course, $id_session;
$course_title = null;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$cond_course_code = '';
if (!empty($id_session)) {
$id_session = intval($id_session);
// check course_code from session_rel_course table
$sql = 'SELECT course_code FROM ' . $tbl_session_rel_course . '
WHERE id_session = ' . $id_session;
$res = Database::query($sql);
$course_codes = '';
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$course_codes .= '\'' . $row[0] . '\',';
}
$course_codes = substr($course_codes, 0, strlen($course_codes) - 1);
$cond_course_code = ' AND course.code NOT IN(' . $course_codes . ') ';
}
}
if ($type == 'single') {
// search users where username or firstname or lastname begins likes $needle
$sql = 'SELECT course.code, course.visual_code, course.title, session_rel_course.id_session
FROM ' . $tbl_course . ' course
LEFT JOIN ' . $tbl_session_rel_course . ' session_rel_course
ON course.code = session_rel_course.course_code
AND session_rel_course.id_session = ' . intval($id_session) . '
WHERE
course.visual_code LIKE "' . $needle . '%" OR
course.title LIKE "' . $needle . '%"';
} else {
$sql = 'SELECT course.code, course.visual_code, course.title
FROM ' . $tbl_course . ' course
WHERE
course.visual_code LIKE "' . $needle . '%" ' . $cond_course_code . '
ORDER BY course.code ';
}
global $_configuration;
if ($_configuration['multiple_access_urls']) {
$tbl_course_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
if ($type == 'single') {
$sql = 'SELECT course.code, course.visual_code, course.title, session_rel_course.id_session
FROM ' . $tbl_course . ' course
LEFT JOIN ' . $tbl_session_rel_course . ' session_rel_course
ON course.code = session_rel_course.course_code
AND session_rel_course.id_session = ' . intval($id_session) . '
INNER JOIN ' . $tbl_course_rel_access_url . ' url_course ON (url_course.course_code=course.code)
WHERE
access_url_id = ' . $access_url_id . ' AND
(course.visual_code LIKE "' . $needle . '%" OR
course.title LIKE "' . $needle . '%" )';
} else {
$sql = 'SELECT course.code, course.visual_code, course.title
FROM ' . $tbl_course . ' course, ' . $tbl_course_rel_access_url . ' url_course
WHERE
url_course.course_code=course.code AND
access_url_id = ' . $access_url_id . ' AND
course.visual_code LIKE "' . $needle . '%" ' . $cond_course_code . '
ORDER BY course.code ';
}
}
}
$rs = Database::query($sql);
$course_list = array();
if ($type == 'single') {
while ($course = Database::fetch_array($rs)) {
$course_list[] = $course['code'];
$course_title = str_replace("'", "\\'", $course_title);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_course_to_session(\'' . $course['code'] . '\',\'' . $course_title . ' (' . $course['visual_code'] . ')' . '\')">' . $course['title'] . ' (' . $course['visual_code'] . ')</a><br />';
}
$xajax_response->addAssign('ajax_list_courses_single', 'innerHTML', api_utf8_encode($return));
} else {
$return .= '<select id="origin" name="NoSessionCoursesList[]" multiple="multiple" size="20" style="width:340px;">';
while ($course = Database::fetch_array($rs)) {
$course_list[] = $course['code'];
$course_title = str_replace("'", "\\'", $course_title);
$return .= '<option value="' . $course['code'] . '" title="' . htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
}
}
$_SESSION['course_list'] = $course_list;
return $xajax_response;
}
function search_sessions($needle, $type)
{
global $session_in_promotion;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$session_list = SessionManager::get_sessions_list(array('s.name' => array('operator' => 'LIKE', 'value' => "{$needle}%")));
$return .= '<select id="session_not_in_promotion" name="session_not_in_promotion_name[]" multiple="multiple" size="15" style="width:360px;">';
foreach ($session_list as $row) {
if (!in_array($row['id'], array_keys($session_in_promotion))) {
$return .= '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
}
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_multiple', 'innerHTML', api_utf8_encode($return));
}
return $xajax_response;
}
function search_courses($id_session, $type)
{
global $tbl_course, $tbl_session_rel_course, $course_list;
$xajax_response = new XajaxResponse();
$select_destination = '';
$return = null;
if (!empty($type)) {
$id_session = intval($id_session);
if ($type == 'origin') {
$course_list = SessionManager::get_course_list_by_session_id($id_session);
$temp_course_list = array();
$return .= '<select id="origin" name="SessionCoursesListOrigin[]" style="width:380px;" onclick="javascript: checkSelected(this.id,\'copy_option_2\',\'title_option2\',\'destination\');">';
foreach ($course_list as $course) {
$temp_course_list[] = "'{$course['code']}'";
$return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
}
$return .= '</select>';
$_SESSION['course_list'] = $temp_course_list;
$_SESSION['session_origin'] = $id_session;
// Build select for destination sessions where is not included current session from select origin
if (!empty($id_session)) {
$sessions = SessionManager::get_sessions_list(array(), array('name', 'ASC'));
$select_destination .= '<select name="sessions_list_destination" width="380px" onchange = "javascript: xajax_search_courses(this.value,\'destination\');">';
$select_destination .= '<option value = "0">-- ' . get_lang('SelectASession') . ' --</option>';
foreach ($sessions as $session) {
if ($id_session == $session['id']) {
continue;
}
if (!empty($session['category_name'])) {
$session['category_name'] = ' (' . $session['category_name'] . ') ';
}
$select_destination .= '<option value="' . $session['id'] . '">' . $session['name'] . ' ' . $session['category_name'] . '</option>';
}
$select_destination .= '</select>';
$xajax_response->addAssign('ajax_sessions_list_destination', 'innerHTML', api_utf8_encode($select_destination));
} else {
$select_destination .= '<select name="sessions_list_destination" width="380px" onchange = "javascript: xajax_search_courses(this.value,\'destination\');">';
$select_destination .= '<option value = "0">' . get_lang('ThereIsNotStillASession') . '</option>';
$select_destination .= '</select>';
$xajax_response->addAssign('ajax_sessions_list_destination', 'innerHTML', api_utf8_encode($select_destination));
}
// Select multiple destination empty
$select_multiple_empty = '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;"></select>';
// Send response by ajax
$xajax_response->addAssign('ajax_list_courses_origin', 'innerHTML', api_utf8_encode($return));
$xajax_response->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($select_multiple_empty));
} else {
//Left Select - Destination
$list_courses_origin = implode(',', $_SESSION['course_list']);
$session_origin = $_SESSION['session_origin'];
// Search courses by id_session where course codes is include en courses list destination
$sql = "SELECT c.code, c.visual_code, c.title, src.id_session\n FROM {$tbl_course} c, {$tbl_session_rel_course} src\n WHERE src.course_code = c.code\n AND src.id_session = '" . intval($id_session) . "'";
//AND c.code IN ($list_courses_origin)";
$rs = Database::query($sql);
$course_list_destination = array();
$return .= '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;" >';
while ($course = Database::fetch_array($rs)) {
$course_list_destination[] = $course['code'];
$return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
}
$return .= '</select>';
$_SESSION['course_list_destination'] = $course_list_destination;
// Send response by ajax
$xajax_response->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($return));
}
}
return $xajax_response;
}
function jdGetDirectory($callback, $folder, $getFiles = false, $filter = '*')
{
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.file');
$folder = JPath::clean(JPATH_ROOT . DS . $folder);
JPath::check($folder);
$response = new XajaxResponse();
if (!is_dir($folder)) {
return $response;
}
$result = array();
$dirs = JFolder::folders($folder, '', false, true);
foreach ($dirs as $dir) {
$dirData = array();
$dirData['permission'] = substr(sprintf("%o", fileperms($dir)), -3);
if ($getFiles) {
$fileData = array();
$files = glob($folder . DS . $filter);
foreach ($files as $f) {
$fileData[$f]['permission'] = substr(sprintf("%o", fileperms($f)), -3);
}
}
$result[$dir]['info'] = $dirData;
$result[$dir]['files'] = $fileData;
}
$response->script($callback . '(' . JHTMLBehavior::_getJSObject($result) . ')');
return $response;
}
function searchCourses($idSession, $type)
{
$xajaxResponse = new XajaxResponse();
$return = null;
$courseCode = api_get_course_id();
if (!empty($type)) {
$idSession = intval($idSession);
$courseList = SessionManager::get_course_list_by_session_id($idSession);
$return .= '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;" >';
foreach ($courseList as $course) {
$course_list_destination[] = $course['code'];
if ($course['code'] != $courseCode) {
continue;
}
$courseTitle = str_replace("'", "\\'", $course['title']);
$return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
}
$return .= '</select>';
$_SESSION['course_list_destination'] = $course_list_destination;
// Send response by ajax
$xajaxResponse->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($return));
}
return $xajaxResponse;
}
function search_users($needle, $type)
{
global $tbl_user, $tbl_session_rel_user, $id_session;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
//normal behaviour
if ($type == 'any_session' && $needle == 'false') {
$type = 'multiple';
$needle = '';
}
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
$cond_user_id = '';
//Only for single & multiple
if (in_array($type, array('single', 'multiple'))) {
if (!empty($id_session)) {
$id_session = intval($id_session);
// check id_user from session_rel_user table
$sql = 'SELECT id_user FROM ' . $tbl_session_rel_user . '
WHERE id_session ="' . $id_session . '" AND relation_type<>' . SESSION_RELATION_TYPE_RRHH . ' ';
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = (int) $row[0];
}
}
if (count($user_ids) > 0) {
$cond_user_id = ' AND user.user_id NOT IN(' . implode(",", $user_ids) . ')';
}
}
}
switch ($type) {
case 'single':
// search users where username or firstname or lastname begins likes $needle
$sql = 'SELECT user.user_id, username, lastname, firstname, official_code
FROM ' . $tbl_user . ' user
WHERE (username LIKE "' . $needle . '%" OR firstname LIKE "' . $needle . '%"
OR lastname LIKE "' . $needle . '%") AND user.status<>6 AND user.status<>' . DRH . '' . $order_clause . ' LIMIT 11';
break;
case 'multiple':
$sql = 'SELECT user.user_id, username, lastname, firstname, official_code
FROM ' . $tbl_user . ' user
WHERE ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND user.status<>' . DRH . ' AND user.status<>6 ' . $cond_user_id . $order_clause;
break;
case 'any_session':
$sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname, official_code
FROM ' . $tbl_user . ' user
LEFT OUTER JOIN ' . $tbl_session_rel_user . ' s ON (s.id_user = user.user_id)
WHERE s.id_user IS null AND user.status<>' . DRH . ' AND
user.status<>6 ' . $cond_user_id . $order_clause;
break;
}
if (api_is_multiple_url_enabled()) {
$tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
switch ($type) {
case 'single':
$sql = 'SELECT user.user_id, username, lastname, firstname, official_code
FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = ' . $access_url_id . ' AND (username LIKE "' . $needle . '%"
OR firstname LIKE "' . $needle . '%"
OR lastname LIKE "' . $needle . '%") AND user.status<>6 AND user.status<>' . DRH . ' ' . $order_clause . ' LIMIT 11';
break;
case 'multiple':
$sql = 'SELECT user.user_id, username, lastname, firstname , official_code
FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = ' . $access_url_id . ' AND
' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND
user.status<>' . DRH . ' AND
user.status<>6 ' . $cond_user_id . $order_clause;
break;
case 'any_session':
$sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname, official_code
FROM ' . $tbl_user . ' user
LEFT OUTER JOIN ' . $tbl_session_rel_user . ' s ON (s.id_user = user.user_id)
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE
access_url_id = ' . $access_url_id . ' AND
s.id_user IS null AND
user.status<>' . DRH . ' AND
user.status<>6 ' . $cond_user_id . $order_clause;
break;
}
}
}
$rs = Database::query($sql);
$i = 0;
if ($type == 'single') {
while ($user = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ') ' . $user['official_code'];
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_session(\'' . $user['user_id'] . '\',\'' . $person_name . ' ' . '\')">' . $person_name . ' </a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
} else {
global $nosessionUsersList;
$return .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($user = Database::fetch_array($rs)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ') ' . $user['official_code'];
$return .= '<option value="' . $user['user_id'] . '">' . $person_name . ' </option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
}
}
return $xajax_response;
}
function search_users($needle, $type)
{
global $tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id;
$xajax_response = new XajaxResponse();
$return = '';
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
$assigned_users_id = array_keys($assigned_users_to_hrm);
$without_assigned_users = '';
$westernOrder = api_is_western_name_order();
if ($westernOrder) {
$order_clause = " ORDER BY firstname, lastname";
} else {
$order_clause = " ORDER BY lastname, firstname";
}
if (count($assigned_users_id) > 0) {
$without_assigned_users = " AND user.user_id NOT IN(" . implode(',', $assigned_users_id) . ")";
}
if (api_is_multiple_url_enabled()) {
$sql = "SELECT user.user_id, username, lastname, firstname\n FROM {$tbl_user} user\n LEFT JOIN {$tbl_access_url_rel_user} au ON (au.user_id = user.user_id)\n WHERE\n " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND\n status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND\n user.user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id})\n {$without_assigned_users} AND\n access_url_id = " . api_get_current_access_url_id() . "\n {$order_clause}\n ";
} else {
$sql = "SELECT user_id, username, lastname, firstname\n FROM {$tbl_user} user\n WHERE\n " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND\n status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND\n user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id})\n {$without_assigned_users}\n {$order_clause}\n ";
}
$rs = Database::query($sql);
$xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
if ($type == 'single') {
$tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$access_url_id = api_get_current_access_url_id();
$sql = 'SELECT user.user_id, username, lastname, firstname
FROM ' . $tbl_user . ' user
INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
WHERE
access_url_id = ' . $access_url_id . ' AND
(
username LIKE "' . $needle . '%" OR
firstname LIKE "' . $needle . '%" OR
lastname LIKE "' . $needle . '%"
) AND
user.status<>6 AND user.status<>' . DRH . ' ' . $order_clause . ' LIMIT 11';
$rs = Database::query($sql);
$i = 0;
while ($user = Database::fetch_array($rs)) {
$i++;
if ($i <= 10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
} else {
$return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
while ($user = Database::fetch_array($rs)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<option value="' . $user['user_id'] . '" title="' . htmlspecialchars($person_name, ENT_QUOTES) . '">' . $person_name . ' (' . $user['username'] . ')</option>';
}
$return .= '</select>';
$xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
}
}
return $xajax_response;
}