public static function ajaxGetDashboardWidget($name)
 {
     $container = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer');
     $objResponse = new XajaxResponse();
     $xml = '<void/>';
     $domain_da = $container->getCurrentDomain()->getDataAccess();
     $perm = new \Innomatic\Desktop\Auth\DesktopPanelAuthorizator($domain_da, $container->getCurrentUser()->getGroup());
     // Check if the widget exists in the widgets list
     $widget_query = $domain_da->execute('SELECT * FROM domain_dashboards_widgets WHERE name=' . $domain_da->formatText($name));
     if ($widget_query->getNumberRows() > 0) {
         $allowed = true;
         $panel = $widget_query->getFields('panel');
         // Do not show widgets tied to a panel when the panel is not accessible to the current user
         if (strlen($panel)) {
             $node_id = $perm->getNodeIdFromFileName($panel);
             if ($perm->check($node_id, \Innomatic\Desktop\Auth\DesktopPanelAuthorizator::NODETYPE_PAGE) == \Innomatic\Desktop\Auth\DesktopPanelAuthorizator::NODE_NOTENABLED) {
                 $allowed = false;
             }
         }
         if ($allowed) {
             $class = $widget_query->getFields('class');
             // Check if the class exists
             if (class_exists($class, true)) {
                 // Fetch the widget xml definition
                 $widget = new $class();
                 $xml = $widget->getWidgetXml();
             }
         }
     }
     // Create the widget html and send it to the dashboard
     $html = WuiXml::getContentFromXml('', $xml);
     $objResponse->addAssign('widget_' . $name, 'innerHTML', $html);
     return $objResponse;
 }
function search_sessions($needle, $type)
{
    global $_configuration, $tbl_session_rel_access_url, $tbl_session, $user_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $assigned_sessions_to_hrm = SessionManager::get_sessions_followed_by_drh($user_id);
        $assigned_sessions_id = array_keys($assigned_sessions_to_hrm);
        $without_assigned_sessions = '';
        if (count($assigned_sessions_id) > 0) {
            $without_assigned_sessions = " AND s.id NOT IN(" . implode(',', $assigned_sessions_id) . ")";
        }
        if ($_configuration['multiple_access_urls']) {
            $sql = " SELECT s.id, s.name FROM {$tbl_session} s LEFT JOIN {$tbl_session_rel_access_url} a ON (s.id = a.session_id)\n\t\t\t\t\t\tWHERE  s.name LIKE '{$needle}%' {$without_assigned_sessions} AND access_url_id = " . api_get_current_access_url_id() . "";
        } else {
            $sql = "SELECT s.id, s.name FROM {$tbl_session} s\n\t\t\t\tWHERE  s.name LIKE '{$needle}%' {$without_assigned_sessions} ";
        }
        $rs = Database::query($sql);
        $return .= '<select id="origin" name="NoAssignedSessionsList[]" multiple="multiple" size="20" style="width:340px;">';
        while ($session = Database::fetch_array($rs)) {
            $return .= '<option value="' . $session['id'] . '" title="' . htmlspecialchars($session['name'], ENT_QUOTES) . '">' . $session['name'] . '</option>';
        }
        $return .= '</select>';
        $xajax_response->addAssign('ajax_list_sessions_multiple', 'innerHTML', api_utf8_encode($return));
    }
    return $xajax_response;
}
 /**
  * Search users by username, firstname or lastname, based on the given
  * search string
  * @param string Search string
  * @param int Deprecated param
  * @return string Xajax response block
  * @assert () === false
  */
 public static function search_users($needle, $id)
 {
     global $tbl_user, $tbl_access_url_rel_user;
     $xajax_response = new XajaxResponse();
     $return = '';
     if (!empty($needle)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
         $needle = Database::escape_string($needle);
         // search users where username or firstname or lastname begins likes $needle
         $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
         $sql = 'SELECT u.user_id, username, lastname, firstname FROM ' . $tbl_user . ' u ' . ' WHERE (username LIKE "' . $needle . '%" ' . ' OR firstname LIKE "' . $needle . '%" ' . ' OR lastname LIKE "' . $needle . '%") ' . $order_clause . ' LIMIT 11';
         $rs = Database::query($sql);
         $i = 0;
         while ($user = Database::fetch_array($rs)) {
             $i++;
             if ($i <= 10) {
                 $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\'' . addslashes($user['user_id']) . '\',\'' . api_get_person_name(addslashes($user['firstname']), addslashes($user['lastname'])) . ' (' . addslashes($user['username']) . ')' . '\')">' . api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ')</a><br />';
             } else {
                 $return .= '...<br />';
             }
         }
     }
     $xajax_response->addAssign('ajax_list_users', 'innerHTML', api_utf8_encode($return));
     return $xajax_response;
 }
 /**
  * Search sessions by name, based on a search string
  * @param string Search string
  * @param int Deprecated param
  * @return string Xajax response block
  * @assert () === false
  */
 function search_sessions($needle, $id)
 {
     global $tbl_session;
     $xajax_response = new XajaxResponse();
     $return = '';
     if (!empty($needle)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
         $needle = Database::escape_string($needle);
         // search sessiones where username or firstname or lastname begins likes $needle
         $sql = 'SELECT id, name FROM ' . $tbl_session . ' u
                 WHERE (name LIKE "' . $needle . '%")
                 ORDER BY name, id
                 LIMIT 11';
         $rs = Database::query($sql);
         $i = 0;
         while ($session = Database::fetch_array($rs)) {
             $i++;
             if ($i <= 10) {
                 $return .= '<a href="#" onclick="add_user_to_url(\'' . addslashes($session['id']) . '\',\'' . addslashes($session['name']) . ' (' . addslashes($session['id']) . ')' . '\')">' . $session['name'] . ' </a><br />';
             } else {
                 $return .= '...<br />';
             }
         }
     }
     $xajax_response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
     return $xajax_response;
 }
function search_courses($needle, $type)
{
    global $_configuration, $tbl_course, $tbl_course_rel_access_url, $user_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $needle = Database::escape_string($needle);
        $assigned_courses_to_hrm = CourseManager::get_courses_followed_by_drh($user_id);
        $assigned_courses_code = array_keys($assigned_courses_to_hrm);
        foreach ($assigned_courses_code as &$value) {
            $value = "'" . $value . "'";
        }
        $without_assigned_courses = '';
        if (count($assigned_courses_code) > 0) {
            $without_assigned_courses = " AND c.code NOT IN(" . implode(',', $assigned_courses_code) . ")";
        }
        if ($_configuration['multiple_access_urls']) {
            $sql = "SELECT c.code, c.title FROM {$tbl_course} c LEFT JOIN {$tbl_course_rel_access_url} a ON (a.course_code = c.code)\n                WHERE  c.code LIKE '{$needle}%' {$without_assigned_courses} AND access_url_id = " . api_get_current_access_url_id() . "";
        } else {
            $sql = "SELECT c.code, c.title FROM {$tbl_course} c\n                WHERE  c.code LIKE '{$needle}%' {$without_assigned_courses} ";
        }
        $rs = Database::query($sql);
        $return .= '<select id="origin" name="NoAssignedCoursesList[]" multiple="multiple" size="20" style="width:340px;">';
        while ($course = Database::fetch_array($rs)) {
            $return .= '<option value="' . $course['code'] . '" title="' . htmlspecialchars($course['title'], ENT_QUOTES) . '">' . $course['title'] . ' (' . $course['code'] . ')</option>';
        }
        $return .= '</select>';
        $xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
    }
    return $xajax_response;
}
function search_users($needle, $type)
{
    global $_configuration, $tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
        $assigned_users_id = array_keys($assigned_users_to_hrm);
        $without_assigned_users = '';
        if (count($assigned_users_id) > 0) {
            $without_assigned_users = " AND user.user_id NOT IN(" . implode(',', $assigned_users_id) . ")";
        }
        if ($_configuration['multiple_access_urls']) {
            $sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user LEFT JOIN {$tbl_access_url_rel_user} au ON (au.user_id = user.user_id)\n\t\t\tWHERE  " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND user.user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id}) {$without_assigned_users} AND access_url_id = " . api_get_current_access_url_id() . "";
        } else {
            $sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\tWHERE  " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id}) {$without_assigned_users}";
        }
        $rs = Database::query($sql);
        $return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
        while ($user = Database::fetch_array($rs)) {
            $person_name = api_get_person_name($user['firstname'], $user['lastname']);
            $return .= '<option value="' . $user['user_id'] . '" title="' . htmlspecialchars($person_name, ENT_QUOTES) . '">' . $person_name . ' (' . $user['username'] . ')</option>';
        }
        $return .= '</select>';
        $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
    }
    return $xajax_response;
}
 /**
  * Search for a list of available courses by title or code, based on
  * a given string
  * @param string String to search for
  * @param int Deprecated param
  * @return string A formatted, xajax answer block
  * @assert () === false
  */
 function search_courses($needle, $id)
 {
     global $tbl_course;
     $xajax_response = new XajaxResponse();
     $return = '';
     if (!empty($needle)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
         $needle = Database::escape_string($needle);
         // search courses where username or firstname or lastname begins likes $needle
         $sql = 'SELECT code, title FROM ' . $tbl_course . ' u ' . ' WHERE (title LIKE "' . $needle . '%" ' . ' OR code LIKE "' . $needle . '%" ' . ' ) ' . ' ORDER BY title, code ' . ' LIMIT 11';
         $rs = Database::query($sql);
         $i = 0;
         while ($course = Database::fetch_array($rs)) {
             $i++;
             if ($i <= 10) {
                 $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_url(\'' . addslashes($course['code']) . '\',\'' . addslashes($course['title']) . ' (' . addslashes($course['code']) . ')' . '\')">' . $course['title'] . ' (' . $course['code'] . ')</a><br />';
             } else {
                 $return .= '...<br />';
             }
         }
     }
     $xajax_response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
     return $xajax_response;
 }
 public static function ajaxGetDashboardWidget($name)
 {
     $objResponse = new XajaxResponse();
     $xml = \Innomatic\Desktop\Dashboard\WidgetHelper::getWidgetXml($name);
     // Create the widget html and send it to the dashboard
     $html = WuiXml::getContentFromXml('', $xml);
     $objResponse->addAssign('widget_' . $name, 'innerHTML', $html);
     return $objResponse;
 }
Пример #9
0
function GetPropertyValues($resource, $propname, $propvalue)
{
    $SYSLOG = SYSLOG::getInstance();
    $result = new XajaxResponse();
    $values = $SYSLOG->GetResourcePropertyValues($resource, $propname);
    if (empty($values) || count($values) > 19) {
        $result->assign('propertyvaluedata', 'innerHTML', '<input type="text" size="20" name="propertyvalue" id="propertyvalue"' . (strlen($propvalue) ? ' value="' . $propvalue . '"' : '') . '>');
    } else {
        $options = '<SELECT size="1" name="propertyvalue" id="propertyvalue">';
        $options .= '<OPTION value="">' . trans('- all -') . '</OPTION>';
        foreach ($values as $value) {
            $data = array('resource' => $resource, 'name' => $propname, 'value' => $value);
            $SYSLOG->DecodeMessageData($data);
            $options .= '<OPTION value="' . $value . '"' . (strlen($propvalue) && $propvalue == $value ? ' selected' : '') . '>' . (strlen($data['value']) > 50 ? substr($data['value'], 0, 50) . '...' : $data['value']) . '</OPTION>';
        }
        $options .= '</SELECT>';
        $result->assign('propertyvaluedata', 'innerHTML', $options);
    }
    return $result;
}
Пример #10
0
 /**
  *
  * @deprecated
  *
  */
 public function ajaxInnomaticStickFrame($args)
 {
     $objResponse = new XajaxResponse();
     $name = $args[0];
     $top = $args[1];
     $left = $args[2];
     $empty = new \Shared\Wui\WuiDivframe($name);
     $session_args = $empty->retrieveSession();
     if (isset($session_args['top'])) {
         unset($session_args['top']);
         unset($session_args['left']);
         $sScript = "var myImg = document.getElementById('pin_" . $name . "');";
         $sScript .= "myImg.src='" . $empty->mThemeHandler->mIconsBase . $empty->mThemeHandler->mIconsSet['mini']['flag']['base'] . '/mini/' . $empty->mThemeHandler->mIconsSet['mini']['flag']['file'] . "';";
         $objResponse->addScript($sScript);
     } else {
         $session_args['top'] = $top;
         $session_args['left'] = $left;
         $sScript = "var myImg = document.getElementById('pin_" . $name . "');";
         $sScript .= "myImg.src='" . $empty->mThemeHandler->mIconsBase . $empty->mThemeHandler->mIconsSet['mini']['lock']['base'] . '/mini/' . $empty->mThemeHandler->mIconsSet['mini']['lock']['file'] . "';";
         $objResponse->addScript($sScript);
     }
     $empty->storeSession($session_args);
     return $objResponse->getXML();
 }
Пример #11
0
function search_coachs($needle)
{
    global $tbl_user;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
        // search users where username or firstname or lastname begins likes $needle
        $sql = 'SELECT username, lastname, firstname FROM ' . $tbl_user . ' user
				WHERE (username LIKE "' . $needle . '%"
				OR firstname LIKE "' . $needle . '%"
				OR lastname LIKE "' . $needle . '%")
				AND status=1' . $order_clause . ' LIMIT 10';
        if (api_is_multiple_url_enabled()) {
            $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
            $access_url_id = api_get_current_access_url_id();
            if ($access_url_id != -1) {
                $sql = 'SELECT username, lastname, firstname FROM ' . $tbl_user . ' user
				INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
				WHERE access_url_id = ' . $access_url_id . '  AND (username LIKE "' . $needle . '%"
				OR firstname LIKE "' . $needle . '%"
				OR lastname LIKE "' . $needle . '%")
				AND status=1' . $order_clause . ' LIMIT 10';
            }
        }
        $rs = Database::query($sql);
        while ($user = Database::fetch_array($rs)) {
            $return .= '<a href="javascript: void(0);" onclick="javascript: fill_coach_field(\'' . $user['username'] . '\')">' . api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ')</a><br />';
        }
    }
    $xajax_response->addAssign('ajax_list_coachs', 'innerHTML', api_utf8_encode($return));
    return $xajax_response;
}
 /**
  * Search for a session based on a given search string
  * @param string A search string
  * @param string A search box type (single or anything else)
  * @return string XajaxResponse
  * @assert ('abc','single') !== ''
  */
 function search_courses($needle, $type)
 {
     global $tbl_session;
     $xajax_response = new XajaxResponse();
     $return = '';
     if (!empty($needle) && !empty($type)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
         $needle = Database::escape_string($needle);
         $sql = 'SELECT * FROM ' . $tbl_session . ' WHERE name LIKE "' . $needle . '%" ORDER BY id';
         $rs = Database::query($sql);
         $course_list = array();
         $return .= '<select id="origin" name="NoSessionCategoryList[]" multiple="multiple" size="20" style="width:340px;">';
         while ($course = Database::fetch_array($rs)) {
             $course_list[] = $course['id'];
             $return .= '<option value="' . $course['id'] . '" title="' . htmlspecialchars($course['name'], ENT_QUOTES) . '">' . $course['name'] . '</option>';
         }
         $return .= '</select>';
         $xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
     }
     $_SESSION['course_list'] = $course_list;
     return $xajax_response;
 }
Пример #13
0
/**
 * This function updates the progress bar
 * @param div_id where the progress bar is displayed
 * @param upload_id the identifier given in the field UPLOAD_IDENTIFIER
 */
function updateProgress($div_id, $upload_id, $waitAfterupload = false)
{
    $objResponse = new XajaxResponse();
    $ul_info = uploadprogress_get_info($upload_id);
    $percent = intval($ul_info['bytes_uploaded'] * 100 / $ul_info['bytes_total']);
    if ($waitAfterupload && $ul_info['est_sec'] < 2) {
        $percent = 100;
        $objResponse->addAssign($div_id . '_label', 'innerHTML', get_lang('UploadFile') . ' : ' . $percent . ' %');
        $objResponse->addAssign($div_id . '_waiter_frame', 'innerHTML', '<img src="' . api_get_path(WEB_CODE_PATH) . 'img/progress_bar.gif" />');
        $objResponse->addScript('clearInterval("myUpload.__progress_bar_interval")');
    }
    $objResponse->addAssign($div_id . '_label', 'innerHTML', get_lang('UploadFile') . ' : ' . $percent . ' %');
    $objResponse->addAssign($div_id . '_filled', 'style.width', $percent . '%');
    return $objResponse;
}
function search($needle, $type)
{
    global $tbl_user, $elements_in;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = Database::escape_string($needle);
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        if ($type == 'single') {
            // search users where username or firstname or lastname begins likes $needle
            /*  $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user
                    WHERE (username LIKE "'.$needle.'%"
                    OR firstname LIKE "'.$needle.'%"
                OR lastname LIKE "'.$needle.'%") AND user.user_id<>"'.$user_anonymous.'"   AND user.status<>'.DRH.''.
                $order_clause.
                ' LIMIT 11';*/
        } else {
            $list = CourseManager::get_courses_list(0, 0, 2, 'ASC', -1, $needle);
        }
        $i = 0;
        if ($type == 'single') {
            /*
                        while ($user = Database :: fetch_array($rs)) {
                            $i++;
                            if ($i<=10) {
                                $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                                $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_session(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
                            } else {
                                $return .= '...<br />';
                            }
                        }
                        $xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));*/
        } else {
            $return .= '<select id="elements_not_in" name="elements_not_in_name[]" multiple="multiple" size="15" style="width:360px;">';
            foreach ($list as $row) {
                if (!in_array($row['id'], array_keys($elements_in))) {
                    $return .= '<option value="' . $row['id'] . '">' . $row['title'] . ' (' . $row['visual_code'] . ')</option>';
                }
            }
            $return .= '</select>';
            $xajax_response->addAssign('ajax_list_multiple', 'innerHTML', api_utf8_encode($return));
        }
    }
    return $xajax_response;
}
Пример #15
0
function search_users($needle, $type)
{
    global $tbl_user, $tbl_group_rel_user, $group_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = Database::escape_string($needle);
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $user_anonymous = api_get_anonymous_id();
        $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
        $cond_user_id = '';
        if (!empty($id_session)) {
            $group_id = Database::escape_string($group_id);
            // check id_user from session_rel_user table
            $sql = 'SELECT id_user FROM ' . $tbl_group_rel_user . ' WHERE usergroup_id ="' . (int) $group_id . '"';
            $res = Database::query($sql);
            $user_ids = array();
            if (Database::num_rows($res) > 0) {
                while ($row = Database::fetch_row($res)) {
                    $user_ids[] = (int) $row[0];
                }
            }
            if (count($user_ids) > 0) {
                $cond_user_id = ' AND user_id NOT IN(' . implode(",", $user_ids) . ')';
            }
        }
        if ($type == 'single') {
            // search users where username or firstname or lastname begins likes $needle
            $sql = 'SELECT user_id, username, lastname, firstname FROM ' . $tbl_user . ' user
					WHERE ( username LIKE "' . $needle . '%" OR
					        firstname LIKE "' . $needle . '%" OR
					        lastname LIKE "' . $needle . '%"
                          ) AND
					      user_id<>"' . $user_anonymous . '"' . $order_clause . ' LIMIT 11';
        } else {
            $sql = 'SELECT user_id, username, lastname, firstname FROM ' . $tbl_user . ' user
					WHERE ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND user_id<>"' . $user_anonymous . '"' . $cond_user_id . $order_clause;
        }
        if (api_is_multiple_url_enabled()) {
            $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
            $access_url_id = api_get_current_access_url_id();
            if ($access_url_id != -1) {
                if ($type == 'single') {
                    $sql = 'SELECT user.user_id, username, lastname, firstname
					FROM ' . $tbl_user . ' user
					INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
					WHERE access_url_id = ' . $access_url_id . '  AND (
					    username LIKE "' . $needle . '%" OR
					    firstname LIKE "' . $needle . '%" OR
					    lastname LIKE "' . $needle . '%")
					    AND user.user_id <> "' . $user_anonymous . '"' . $order_clause . ' LIMIT 11';
                } else {
                    $sql = 'SELECT user.user_id, username, lastname, firstname
					FROM ' . $tbl_user . ' user
					INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
					WHERE access_url_id = ' . $access_url_id . ' AND
					       ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND
					       user.user_id<>"' . $user_anonymous . '"' . $cond_user_id . $order_clause;
                }
            }
        }
        $rs = Database::query($sql);
        $i = 0;
        if ($type == 'single') {
            while ($user = Database::fetch_array($rs)) {
                $i++;
                if ($i <= 10) {
                    $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                    $return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
                } else {
                    $return .= '...<br />';
                }
            }
            $xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
        } else {
            global $nosessionUsersList;
            $return .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
            while ($user = Database::fetch_array($rs)) {
                $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                $return .= '<option value="' . $user['user_id'] . '">' . $person_name . ' (' . $user['username'] . ')</option>';
            }
            $return .= '</select>';
            $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
        }
    }
    return $xajax_response;
}
Пример #16
0
 /**
  * This is the main communications engine of xajax. The engine handles all
  * incoming xajax requests, calls the apporiate PHP functions (or
  * class/object methods) and passes the XML responses back to the
  * Javascript response handler. If your RequestURI is the same as your Web
  * page then this function should be called before any headers or HTML has
  * been sent.
  */
 public function processRequests()
 {
     $requestMode = -1;
     $sFunctionName = "";
     $bFoundFunction = true;
     $bFunctionIsCatchAll = false;
     $sFunctionNameForSpecial = "";
     $aArgs = array();
     $sPreResponse = "";
     $bEndRequest = false;
     $sResponse = "";
     $requestMode = $this->getRequestMode();
     if ($requestMode == -1) {
         return;
     }
     if ($requestMode == XAJAX_POST) {
         $sFunctionName = $_POST["xajax"];
         if (!empty($_POST["xajaxargs"])) {
             $aArgs = $_POST["xajaxargs"];
         }
     } else {
         header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
         header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
         header("Cache-Control: no-cache, must-revalidate");
         header("Pragma: no-cache");
         $sFunctionName = $_GET["xajax"];
         if (!empty($_GET["xajaxargs"])) {
             $aArgs = $_GET["xajaxargs"];
         }
     }
     // Use xajax error handler if necessary
     if ($this->bErrorHandler) {
         $GLOBALS['xajaxErrorHandlerText'] = "";
         set_error_handler("xajaxErrorHandler");
     }
     if ($this->sPreFunction) {
         if (!$this->_isFunctionCallable($this->sPreFunction)) {
             $bFoundFunction = false;
             $objResponse = new XajaxResponse();
             $objResponse->addAlert("Unknown Pre-Function " . $this->sPreFunction);
             $sResponse = $objResponse->getXML();
         }
     }
     //include any external dependencies associated with this function name
     if (array_key_exists($sFunctionName, $this->aFunctionIncludeFiles)) {
         ob_start();
         include_once $this->aFunctionIncludeFiles[$sFunctionName];
         ob_end_clean();
     }
     if ($bFoundFunction) {
         $sFunctionNameForSpecial = $sFunctionName;
         if (!array_key_exists($sFunctionName, $this->aFunctions)) {
             if ($this->sCatchAllFunction) {
                 $sFunctionName = $this->sCatchAllFunction;
                 $bFunctionIsCatchAll = true;
             } else {
                 $bFoundFunction = false;
                 $objResponse = new XajaxResponse();
                 $objResponse->addAlert("Unknown Function {$sFunctionName}.");
                 $sResponse = $objResponse->getXML();
             }
         } elseif ($this->aFunctionRequestTypes[$sFunctionName] != $requestMode) {
             $bFoundFunction = false;
             $objResponse = new XajaxResponse();
             $objResponse->addAlert("Incorrect Request Type.");
             $sResponse = $objResponse->getXML();
         }
     }
     if ($bFoundFunction) {
         for ($i = 0; $i < sizeof($aArgs); $i++) {
             // If magic quotes is on, then we need to strip the slashes from the args
             if (get_magic_quotes_gpc() == 1 && is_string($aArgs[$i])) {
                 $aArgs[$i] = stripslashes($aArgs[$i]);
             }
             if (stristr($aArgs[$i], "<xjxobj>") != false) {
                 $aArgs[$i] = $this->_xmlToArray("xjxobj", $aArgs[$i]);
             } elseif (stristr($aArgs[$i], "<xjxquery>") != false) {
                 $aArgs[$i] = $this->_xmlToArray("xjxquery", $aArgs[$i]);
             } elseif ($this->bDecodeUTF8Input) {
                 $aArgs[$i] = $this->_decodeUTF8Data($aArgs[$i]);
             }
         }
         if ($this->sPreFunction) {
             $mPreResponse = $this->_callFunction($this->sPreFunction, array($sFunctionNameForSpecial, $aArgs));
             if (is_array($mPreResponse) && $mPreResponse[0] === false) {
                 $bEndRequest = true;
                 $sPreResponse = $mPreResponse[1];
             } else {
                 $sPreResponse = $mPreResponse;
             }
             if (is_a($sPreResponse, "xajaxResponse")) {
                 $sPreResponse = $sPreResponse->getXML();
             }
             if ($bEndRequest) {
                 $sResponse = $sPreResponse;
             }
         }
         if (!$bEndRequest) {
             if (!$this->_isFunctionCallable($sFunctionName)) {
                 $objResponse = new XajaxResponse();
                 $objResponse->addAlert("The Registered Function {$sFunctionName} Could Not Be Found.");
                 $sResponse = $objResponse->getXML();
             } else {
                 if ($bFunctionIsCatchAll) {
                     $aArgs = array($sFunctionNameForSpecial, $aArgs);
                 }
                 $sResponse = $this->_callFunction($sFunctionName, $aArgs);
             }
             if (is_a($sResponse, "xajaxResponse")) {
                 $sResponse = $sResponse->getXML();
             }
             if (!is_string($sResponse) || strpos($sResponse, "<xjx>") === false) {
                 $objResponse = new XajaxResponse();
                 $objResponse->addAlert("No XML Response Was Returned By Function {$sFunctionName}.");
                 $sResponse = $objResponse->getXML();
             } elseif ($sPreResponse != "") {
                 $sNewResponse = new XajaxResponse($this->sEncoding, $this->bOutputEntities);
                 $sNewResponse->loadXML($sPreResponse);
                 $sNewResponse->loadXML($sResponse);
                 $sResponse = $sNewResponse->getXML();
             }
         }
     }
     $sContentHeader = "Content-type: text/xml;";
     if ($this->sEncoding && strlen(trim($this->sEncoding)) > 0) {
         $sContentHeader .= " charset=" . $this->sEncoding;
     }
     header($sContentHeader);
     if ($this->bErrorHandler && !empty($GLOBALS['xajaxErrorHandlerText'])) {
         $sErrorResponse = new XajaxResponse();
         $sErrorResponse->addAlert("** PHP Error Messages: **" . $GLOBALS['xajaxErrorHandlerText']);
         if ($this->sLogFile) {
             $fH = @fopen($this->sLogFile, "a");
             if (!$fH) {
                 $sErrorResponse->addAlert("** Logging Error **\n\nxajax was unable to write to the error log file:\n" . $this->sLogFile);
             } else {
                 fwrite($fH, "** xajax Error Log - " . strftime("%b %e %Y %I:%M:%S %p") . " **" . $GLOBALS['xajaxErrorHandlerText'] . "\n\n\n");
                 fclose($fH);
             }
         }
         $sErrorResponse->loadXML($sResponse);
         $sResponse = $sErrorResponse->getXML();
     }
     if ($this->bCleanBuffer) {
         while (@ob_end_clean()) {
         }
     }
     print $sResponse;
     if ($this->bErrorHandler) {
         restore_error_handler();
     }
     if ($this->bExitAllowed) {
         \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->halt();
     }
 }
 public static function ajaxSaveRolesPermissions($permissions)
 {
     // Build list of checked roles/permissions
     $permissions = explode(',', $permissions);
     $checkedPermissions = array();
     foreach ($permissions as $id => $permission) {
         $permission = str_replace('cbrole_', '', $permission);
         list($roleId, $permissionId) = explode('-', $permission);
         $checkedPermissions[$roleId][$permissionId] = true;
     }
     // Get list of all roles and permissions
     $rolesList = \Innomatic\Domain\User\Role::getAllRoles();
     $permissionsList = \Innomatic\Domain\User\Permission::getAllPermissions();
     // Check which permissions have been checked
     foreach ($rolesList as $roleId => $roleData) {
         $role = new \Innomatic\Domain\User\Role($roleId);
         foreach ($permissionsList as $permissionId => $permissionData) {
             if (isset($checkedPermissions[$roleId][$permissionId])) {
                 $role->assignPermission($permissionId);
             } else {
                 $role->unassignPermission($permissionId);
             }
         }
     }
     $html = WuiXml::getContentFromXml('', \ProfilesPanelController::getRolesPermissionsXml());
     $objResponse = new XajaxResponse();
     $objResponse->addAssign("roleslist", "innerHTML", $html);
     return $objResponse;
 }
function search_users($needle, $type, $relation_type)
{
    global $tbl_user, $tbl_user_rel_access_url, $tbl_group_rel_user, $group_id, $_configuration;
    $xajax_response = new XajaxResponse();
    $return = $return_origin = $return_destination = '';
    $without_user_id = $without_user_id = $condition_relation = '';
    if (!empty($group_id) && !empty($relation_type)) {
        $group_id = intval($group_id);
        $relation_type = intval($relation_type);
        // get user_id from relation type and group id
        $sql = "SELECT user_id FROM {$tbl_group_rel_user}\n\t\t\t\tWHERE group_id = '{$group_id}'\n\t\t\t\tAND relation_type IN (" . GROUP_USER_PERMISSION_ADMIN . "," . GROUP_USER_PERMISSION_READER . "," . GROUP_USER_PERMISSION_PENDING_INVITATION . "," . GROUP_USER_PERMISSION_MODERATOR . ", " . GROUP_USER_PERMISSION_HRM . ") ";
        $res = Database::query($sql);
        $user_ids = array();
        if (Database::num_rows($res) > 0) {
            while ($row = Database::fetch_row($res)) {
                $user_ids[] = $row[0];
            }
            $without_user_id = " AND user.user_id NOT IN(" . implode(',', $user_ids) . ") ";
        }
        if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
            $condition_relation = " AND groups.relation_type IN (" . GROUP_USER_PERMISSION_PENDING_INVITATION . "," . GROUP_USER_PERMISSION_READER . ") ";
        } else {
            $condition_relation = " AND groups.relation_type = '{$relation_type}' ";
        }
        // data for destination user list
        $sql = "SELECT user.user_id, user.username, user.lastname, user.firstname\n\t\t\t\tFROM {$tbl_group_rel_user} groups\n\t\t\t\tINNER JOIN  {$tbl_user} user ON user.user_id = groups.user_id\n\t\t\t\tWHERE groups.group_id = '{$group_id}' {$condition_relation} ";
        $rs_destination = Database::query($sql);
        if (Database::num_rows($rs_destination) > 0) {
            $return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
            while ($row = Database::fetch_array($rs_destination)) {
                $person_name = api_get_person_name($row['firstname'], $row['lastname']);
                $return_destination .= '<option value="' . $row['user_id'] . '">' . $person_name . ' (' . $row['username'] . ')</option>';
            }
            $return_destination .= '</select>';
        } else {
            $return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
        }
        $xajax_response->addAssign('ajax_destination_list', 'innerHTML', api_utf8_encode($return_destination));
    } else {
        $return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
        $xajax_response->addAssign('ajax_destination_list', 'innerHTML', api_utf8_encode($return_destination));
        if ($type == 'single') {
            $return .= '';
            $xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
        } else {
            $return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
            $xajax_response->addAssign('ajax_origin_list_multiple', 'innerHTML', api_utf8_encode($return_origin));
        }
    }
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = Database::escape_string($needle);
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $user_anonymous = api_get_anonymous_id();
        $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
        if ($type == 'single') {
            if (!empty($group_id) && !empty($relation_type)) {
                // search users where username or firstname or lastname begins likes $needle
                $sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\tWHERE (username LIKE '{$needle}%' OR firstname LIKE '{$needle}%' OR lastname LIKE '{$needle}%')\n\t\t\t\t\t\tAND user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} LIMIT 11";
                if ($_configuration['multiple_access_urls']) {
                    $access_url_id = api_get_current_access_url_id();
                    if ($access_url_id != -1) {
                        $sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\t\t\tINNER JOIN {$tbl_user_rel_access_url} url_user ON (url_user.user_id=user.user_id)\n\t\t\t\t\t\t\t\tWHERE access_url_id = '{$access_url_id}'  AND (username LIKE '{$needle}%' OR firstname LIKE '{$needle}%' OR lastname LIKE '{$needle}%')\n\t\t\t\t\t\t\t\tAND user.user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} LIMIT 11 ";
                    }
                }
                $rs_single = Database::query($sql);
                $i = 0;
                while ($user = Database::fetch_array($rs_single)) {
                    $i++;
                    if ($i <= 10) {
                        $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                        $return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
                    } else {
                        $return .= '...<br />';
                    }
                }
                $xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
            } else {
                $xajax_response->addAlert(get_lang('YouMustChooseARelationType'));
                $xajax_response->addClear('user_to_add', 'value');
            }
        } else {
            // multiple
            if (!empty($group_id) && !empty($relation_type)) {
                $sql = "SELECT user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t        WHERE " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} ";
                if ($_configuration['multiple_access_urls']) {
                    $access_url_id = api_get_current_access_url_id();
                    if ($access_url_id != -1) {
                        $sql = "SELECT user.user_id, username, lastname, firstname FROM {$tbl_user} user\n\t\t\t\t\t\t\t\tINNER JOIN {$tbl_user_rel_access_url} url_user ON (url_user.user_id=user.user_id)\n\t\t\t\t\t\t\t\tWHERE access_url_id = '{$access_url_id}'\n\t\t\t\t\t\t\t\tAND " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%'\n\t\t\t\t\t\t\t\tAND user.user_id<>'{$user_anonymous}' {$without_user_id} {$order_clause} ";
                    }
                }
                $rs_multiple = Database::query($sql);
                $return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
                while ($user = Database::fetch_array($rs_multiple)) {
                    $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                    $return_origin .= '<option value="' . $user['user_id'] . '">' . $person_name . ' (' . $user['username'] . ')</option>';
                }
                $return_origin .= '</select>';
                $xajax_response->addAssign('ajax_origin_list_multiple', 'innerHTML', api_utf8_encode($return_origin));
            }
        }
    }
    return $xajax_response;
}
Пример #19
0
 /**
  *
  * @param string $needle
  * @return XajaxResponse
  */
 public static function searchCourseCategoryAjax($needle)
 {
     $response = new XajaxResponse();
     $return = '';
     if (!empty($needle)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
         $needle = Database::escape_string($needle);
         // search courses where username or firstname or lastname begins likes $needle
         $sql = 'SELECT id, name FROM ' . Database::get_main_table(TABLE_MAIN_CATEGORY) . ' u
                 WHERE name LIKE "' . $needle . '%" AND (parent_id IS NULL or parent_id = 0)
                 ORDER BY name
                 LIMIT 11';
         $result = Database::query($sql);
         $i = 0;
         while ($data = Database::fetch_array($result)) {
             $i++;
             if ($i <= 10) {
                 $return .= '<a
                 href="javascript: void(0);"
                 onclick="javascript: add_user_to_url(\'' . addslashes($data['id']) . '\',\'' . addslashes($data['name']) . ' \')">' . $data['name'] . ' </a><br />';
             } else {
                 $return .= '...<br />';
             }
         }
     }
     $response->addAssign('ajax_list_courses', 'innerHTML', api_utf8_encode($return));
     return $response;
 }
    /**
     * Searches a course, given a search string and a type of search box
     * @param string $needle Search string
     * @param string $type Type of search box ('single' or anything else)
     * @return string XajaxResponse
     * @assert () !== null
     * @assert ('abc', 'single') !== null
     * @assert ('abc', 'multiple') !== null
     */
    public static function search_courses($needle, $type)
    {
        global $tbl_course, $tbl_session_rel_course, $id_session;
        $course_title = null;
        $xajax_response = new XajaxResponse();
        $return = '';
        if (!empty($needle) && !empty($type)) {
            // xajax send utf8 datas... datas in db can be non-utf8 datas
            $charset = api_get_system_encoding();
            $needle = api_convert_encoding($needle, $charset, 'utf-8');
            $cond_course_code = '';
            if (!empty($id_session)) {
                $id_session = intval($id_session);
                // check course_code from session_rel_course table
                $sql = 'SELECT course_code FROM ' . $tbl_session_rel_course . '
						WHERE id_session = ' . $id_session;
                $res = Database::query($sql);
                $course_codes = '';
                if (Database::num_rows($res) > 0) {
                    while ($row = Database::fetch_row($res)) {
                        $course_codes .= '\'' . $row[0] . '\',';
                    }
                    $course_codes = substr($course_codes, 0, strlen($course_codes) - 1);
                    $cond_course_code = ' AND course.code NOT IN(' . $course_codes . ') ';
                }
            }
            if ($type == 'single') {
                // search users where username or firstname or lastname begins likes $needle
                $sql = 'SELECT course.code, course.visual_code, course.title, session_rel_course.id_session
					FROM ' . $tbl_course . ' course
					LEFT JOIN ' . $tbl_session_rel_course . ' session_rel_course
						ON course.code = session_rel_course.course_code
						AND session_rel_course.id_session = ' . intval($id_session) . '
					WHERE
						course.visual_code LIKE "' . $needle . '%" OR
						course.title LIKE "' . $needle . '%"';
            } else {
                $sql = 'SELECT course.code, course.visual_code, course.title
						FROM ' . $tbl_course . ' course
						WHERE
							course.visual_code LIKE "' . $needle . '%" ' . $cond_course_code . '
						ORDER BY course.code ';
            }
            global $_configuration;
            if ($_configuration['multiple_access_urls']) {
                $tbl_course_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
                $access_url_id = api_get_current_access_url_id();
                if ($access_url_id != -1) {
                    if ($type == 'single') {
                        $sql = 'SELECT course.code, course.visual_code, course.title, session_rel_course.id_session
								FROM ' . $tbl_course . ' course
								LEFT JOIN ' . $tbl_session_rel_course . ' session_rel_course
									ON course.code = session_rel_course.course_code
									AND session_rel_course.id_session = ' . intval($id_session) . '
								INNER JOIN ' . $tbl_course_rel_access_url . ' url_course ON (url_course.course_code=course.code)
								WHERE
									access_url_id = ' . $access_url_id . ' AND
									(course.visual_code LIKE "' . $needle . '%" OR
									course.title LIKE "' . $needle . '%" )';
                    } else {
                        $sql = 'SELECT course.code, course.visual_code, course.title
								FROM ' . $tbl_course . ' course, ' . $tbl_course_rel_access_url . ' url_course
								WHERE
									url_course.course_code=course.code AND
									access_url_id = ' . $access_url_id . ' AND
									course.visual_code LIKE "' . $needle . '%" ' . $cond_course_code . '
								ORDER BY course.code ';
                    }
                }
            }
            $rs = Database::query($sql);
            $course_list = array();
            if ($type == 'single') {
                while ($course = Database::fetch_array($rs)) {
                    $course_list[] = $course['code'];
                    $course_title = str_replace("'", "\\'", $course_title);
                    $return .= '<a href="javascript: void(0);" onclick="javascript: add_course_to_session(\'' . $course['code'] . '\',\'' . $course_title . ' (' . $course['visual_code'] . ')' . '\')">' . $course['title'] . ' (' . $course['visual_code'] . ')</a><br />';
                }
                $xajax_response->addAssign('ajax_list_courses_single', 'innerHTML', api_utf8_encode($return));
            } else {
                $return .= '<select id="origin" name="NoSessionCoursesList[]" multiple="multiple" size="20" style="width:340px;">';
                while ($course = Database::fetch_array($rs)) {
                    $course_list[] = $course['code'];
                    $course_title = str_replace("'", "\\'", $course_title);
                    $return .= '<option value="' . $course['code'] . '" title="' . htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
                }
                $return .= '</select>';
                $xajax_response->addAssign('ajax_list_courses_multiple', 'innerHTML', api_utf8_encode($return));
            }
        }
        $_SESSION['course_list'] = $course_list;
        return $xajax_response;
    }
function search_sessions($needle, $type)
{
    global $session_in_promotion;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $session_list = SessionManager::get_sessions_list(array('s.name' => array('operator' => 'LIKE', 'value' => "{$needle}%")));
        $return .= '<select id="session_not_in_promotion" name="session_not_in_promotion_name[]" multiple="multiple" size="15" style="width:360px;">';
        foreach ($session_list as $row) {
            if (!in_array($row['id'], array_keys($session_in_promotion))) {
                $return .= '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
            }
        }
        $return .= '</select>';
        $xajax_response->addAssign('ajax_list_multiple', 'innerHTML', api_utf8_encode($return));
    }
    return $xajax_response;
}
function search_courses($id_session, $type)
{
    global $tbl_course, $tbl_session_rel_course, $course_list;
    $xajax_response = new XajaxResponse();
    $select_destination = '';
    $return = null;
    if (!empty($type)) {
        $id_session = intval($id_session);
        if ($type == 'origin') {
            $course_list = SessionManager::get_course_list_by_session_id($id_session);
            $temp_course_list = array();
            $return .= '<select id="origin" name="SessionCoursesListOrigin[]" style="width:380px;" onclick="javascript: checkSelected(this.id,\'copy_option_2\',\'title_option2\',\'destination\');">';
            foreach ($course_list as $course) {
                $temp_course_list[] = "'{$course['code']}'";
                $return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
            }
            $return .= '</select>';
            $_SESSION['course_list'] = $temp_course_list;
            $_SESSION['session_origin'] = $id_session;
            // Build select for destination sessions where is not included current session from select origin
            if (!empty($id_session)) {
                $sessions = SessionManager::get_sessions_list(array(), array('name', 'ASC'));
                $select_destination .= '<select name="sessions_list_destination" width="380px" onchange = "javascript: xajax_search_courses(this.value,\'destination\');">';
                $select_destination .= '<option value = "0">-- ' . get_lang('SelectASession') . ' --</option>';
                foreach ($sessions as $session) {
                    if ($id_session == $session['id']) {
                        continue;
                    }
                    if (!empty($session['category_name'])) {
                        $session['category_name'] = ' (' . $session['category_name'] . ') ';
                    }
                    $select_destination .= '<option value="' . $session['id'] . '">' . $session['name'] . ' ' . $session['category_name'] . '</option>';
                }
                $select_destination .= '</select>';
                $xajax_response->addAssign('ajax_sessions_list_destination', 'innerHTML', api_utf8_encode($select_destination));
            } else {
                $select_destination .= '<select name="sessions_list_destination" width="380px" onchange = "javascript: xajax_search_courses(this.value,\'destination\');">';
                $select_destination .= '<option value = "0">' . get_lang('ThereIsNotStillASession') . '</option>';
                $select_destination .= '</select>';
                $xajax_response->addAssign('ajax_sessions_list_destination', 'innerHTML', api_utf8_encode($select_destination));
            }
            // Select multiple destination empty
            $select_multiple_empty = '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;"></select>';
            // Send response by ajax
            $xajax_response->addAssign('ajax_list_courses_origin', 'innerHTML', api_utf8_encode($return));
            $xajax_response->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($select_multiple_empty));
        } else {
            //Left Select - Destination
            $list_courses_origin = implode(',', $_SESSION['course_list']);
            $session_origin = $_SESSION['session_origin'];
            // Search courses by id_session where course codes is include en courses list destination
            $sql = "SELECT c.code, c.visual_code, c.title, src.id_session\n                    FROM {$tbl_course} c, {$tbl_session_rel_course} src\n                    WHERE src.course_code = c.code\n                    AND src.id_session = '" . intval($id_session) . "'";
            //AND c.code IN ($list_courses_origin)";
            $rs = Database::query($sql);
            $course_list_destination = array();
            $return .= '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;" >';
            while ($course = Database::fetch_array($rs)) {
                $course_list_destination[] = $course['code'];
                $return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
            }
            $return .= '</select>';
            $_SESSION['course_list_destination'] = $course_list_destination;
            // Send response by ajax
            $xajax_response->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($return));
        }
    }
    return $xajax_response;
}
Пример #23
0
function jdGetDirectory($callback, $folder, $getFiles = false, $filter = '*')
{
    jimport('joomla.filesystem.file');
    jimport('joomla.filesystem.file');
    $folder = JPath::clean(JPATH_ROOT . DS . $folder);
    JPath::check($folder);
    $response = new XajaxResponse();
    if (!is_dir($folder)) {
        return $response;
    }
    $result = array();
    $dirs = JFolder::folders($folder, '', false, true);
    foreach ($dirs as $dir) {
        $dirData = array();
        $dirData['permission'] = substr(sprintf("%o", fileperms($dir)), -3);
        if ($getFiles) {
            $fileData = array();
            $files = glob($folder . DS . $filter);
            foreach ($files as $f) {
                $fileData[$f]['permission'] = substr(sprintf("%o", fileperms($f)), -3);
            }
        }
        $result[$dir]['info'] = $dirData;
        $result[$dir]['files'] = $fileData;
    }
    $response->script($callback . '(' . JHTMLBehavior::_getJSObject($result) . ')');
    return $response;
}
function searchCourses($idSession, $type)
{
    $xajaxResponse = new XajaxResponse();
    $return = null;
    $courseCode = api_get_course_id();
    if (!empty($type)) {
        $idSession = intval($idSession);
        $courseList = SessionManager::get_course_list_by_session_id($idSession);
        $return .= '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;" >';
        foreach ($courseList as $course) {
            $course_list_destination[] = $course['code'];
            if ($course['code'] != $courseCode) {
                continue;
            }
            $courseTitle = str_replace("'", "\\'", $course['title']);
            $return .= '<option value="' . $course['code'] . '" title="' . @htmlspecialchars($course['title'] . ' (' . $course['visual_code'] . ')', ENT_QUOTES, api_get_system_encoding()) . '">' . $course['title'] . ' (' . $course['visual_code'] . ')</option>';
        }
        $return .= '</select>';
        $_SESSION['course_list_destination'] = $course_list_destination;
        // Send response by ajax
        $xajaxResponse->addAssign('ajax_list_courses_destination', 'innerHTML', api_utf8_encode($return));
    }
    return $xajaxResponse;
}
Пример #25
0
function search_users($needle, $type)
{
    global $tbl_user, $tbl_session_rel_user, $id_session;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        //normal behaviour
        if ($type == 'any_session' && $needle == 'false') {
            $type = 'multiple';
            $needle = '';
        }
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = Database::escape_string($needle);
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
        $cond_user_id = '';
        //Only for single & multiple
        if (in_array($type, array('single', 'multiple'))) {
            if (!empty($id_session)) {
                $id_session = intval($id_session);
                // check id_user from session_rel_user table
                $sql = 'SELECT id_user FROM ' . $tbl_session_rel_user . '
                    WHERE id_session ="' . $id_session . '" AND relation_type<>' . SESSION_RELATION_TYPE_RRHH . ' ';
                $res = Database::query($sql);
                $user_ids = array();
                if (Database::num_rows($res) > 0) {
                    while ($row = Database::fetch_row($res)) {
                        $user_ids[] = (int) $row[0];
                    }
                }
                if (count($user_ids) > 0) {
                    $cond_user_id = ' AND user.user_id NOT IN(' . implode(",", $user_ids) . ')';
                }
            }
        }
        switch ($type) {
            case 'single':
                // search users where username or firstname or lastname begins likes $needle
                $sql = 'SELECT user.user_id, username, lastname, firstname, official_code
                        FROM ' . $tbl_user . ' user
                        WHERE (username LIKE "' . $needle . '%" OR firstname LIKE "' . $needle . '%"
                            OR lastname LIKE "' . $needle . '%") AND user.status<>6 AND user.status<>' . DRH . '' . $order_clause . ' LIMIT 11';
                break;
            case 'multiple':
                $sql = 'SELECT user.user_id, username, lastname, firstname, official_code
                        FROM ' . $tbl_user . ' user
                        WHERE ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND user.status<>' . DRH . ' AND user.status<>6 ' . $cond_user_id . $order_clause;
                break;
            case 'any_session':
                $sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname, official_code
                        FROM ' . $tbl_user . ' user
                        LEFT OUTER JOIN ' . $tbl_session_rel_user . ' s ON (s.id_user = user.user_id)
                        WHERE   s.id_user IS null AND user.status<>' . DRH . ' AND
                                user.status<>6 ' . $cond_user_id . $order_clause;
                break;
        }
        if (api_is_multiple_url_enabled()) {
            $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
            $access_url_id = api_get_current_access_url_id();
            if ($access_url_id != -1) {
                switch ($type) {
                    case 'single':
                        $sql = 'SELECT user.user_id, username, lastname, firstname, official_code
                        FROM ' . $tbl_user . ' user
                        INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
                        WHERE access_url_id = ' . $access_url_id . '  AND (username LIKE "' . $needle . '%"
                        OR firstname LIKE "' . $needle . '%"
                        OR lastname LIKE "' . $needle . '%") AND user.status<>6 AND user.status<>' . DRH . ' ' . $order_clause . ' LIMIT 11';
                        break;
                    case 'multiple':
                        $sql = 'SELECT user.user_id, username, lastname, firstname , official_code
                        FROM ' . $tbl_user . ' user
                        INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
                        WHERE access_url_id = ' . $access_url_id . ' AND
                            ' . (api_sort_by_first_name() ? 'firstname' : 'lastname') . ' LIKE "' . $needle . '%" AND
                                user.status<>' . DRH . ' AND
                                user.status<>6 ' . $cond_user_id . $order_clause;
                        break;
                    case 'any_session':
                        $sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname, official_code
                            FROM ' . $tbl_user . ' user
                            LEFT OUTER JOIN ' . $tbl_session_rel_user . ' s ON (s.id_user = user.user_id)
                            INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
                            WHERE
                                access_url_id = ' . $access_url_id . ' AND
                                s.id_user IS null AND
                                user.status<>' . DRH . ' AND
                                user.status<>6 ' . $cond_user_id . $order_clause;
                        break;
                }
            }
        }
        $rs = Database::query($sql);
        $i = 0;
        if ($type == 'single') {
            while ($user = Database::fetch_array($rs)) {
                $i++;
                if ($i <= 10) {
                    $person_name = api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ') ' . $user['official_code'];
                    $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_session(\'' . $user['user_id'] . '\',\'' . $person_name . ' ' . '\')">' . $person_name . ' </a><br />';
                } else {
                    $return .= '...<br />';
                }
            }
            $xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
        } else {
            global $nosessionUsersList;
            $return .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
            while ($user = Database::fetch_array($rs)) {
                $person_name = api_get_person_name($user['firstname'], $user['lastname']) . ' (' . $user['username'] . ') ' . $user['official_code'];
                $return .= '<option value="' . $user['user_id'] . '">' . $person_name . ' </option>';
            }
            $return .= '</select>';
            $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
        }
    }
    return $xajax_response;
}
function search_users($needle, $type)
{
    global $tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
        $assigned_users_id = array_keys($assigned_users_to_hrm);
        $without_assigned_users = '';
        $westernOrder = api_is_western_name_order();
        if ($westernOrder) {
            $order_clause = " ORDER BY firstname, lastname";
        } else {
            $order_clause = " ORDER BY lastname, firstname";
        }
        if (count($assigned_users_id) > 0) {
            $without_assigned_users = " AND user.user_id NOT IN(" . implode(',', $assigned_users_id) . ")";
        }
        if (api_is_multiple_url_enabled()) {
            $sql = "SELECT user.user_id, username, lastname, firstname\n                    FROM {$tbl_user} user\n                    LEFT JOIN {$tbl_access_url_rel_user} au ON (au.user_id = user.user_id)\n                    WHERE\n                        " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND\n                        status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND\n                        user.user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id})\n                        {$without_assigned_users} AND\n                        access_url_id = " . api_get_current_access_url_id() . "\n                    {$order_clause}\n                    ";
        } else {
            $sql = "SELECT user_id, username, lastname, firstname\n                    FROM {$tbl_user} user\n                    WHERE\n                        " . (api_sort_by_first_name() ? 'firstname' : 'lastname') . " LIKE '{$needle}%' AND\n                        status NOT IN(" . DRH . ", " . SESSIONADMIN . ") AND\n                        user_id NOT IN ({$user_anonymous}, {$current_user_id}, {$user_id})\n                    {$without_assigned_users}\n                    {$order_clause}\n            ";
        }
        $rs = Database::query($sql);
        $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
        if ($type == 'single') {
            $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
            $access_url_id = api_get_current_access_url_id();
            $sql = 'SELECT user.user_id, username, lastname, firstname
                    FROM ' . $tbl_user . ' user
                    INNER JOIN ' . $tbl_user_rel_access_url . ' url_user ON (url_user.user_id=user.user_id)
                    WHERE
                        access_url_id = ' . $access_url_id . '  AND
                        (
                            username LIKE "' . $needle . '%" OR
                            firstname LIKE "' . $needle . '%" OR
                            lastname LIKE "' . $needle . '%"
                        ) AND
                        user.status<>6 AND user.status<>' . DRH . ' ' . $order_clause . ' LIMIT 11';
            $rs = Database::query($sql);
            $i = 0;
            while ($user = Database::fetch_array($rs)) {
                $i++;
                if ($i <= 10) {
                    $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                    $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_user(\'' . $user['user_id'] . '\',\'' . $person_name . ' (' . $user['username'] . ')' . '\')">' . $person_name . ' (' . $user['username'] . ')</a><br />';
                } else {
                    $return .= '...<br />';
                }
            }
            $xajax_response->addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return));
        } else {
            $return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
            while ($user = Database::fetch_array($rs)) {
                $person_name = api_get_person_name($user['firstname'], $user['lastname']);
                $return .= '<option value="' . $user['user_id'] . '" title="' . htmlspecialchars($person_name, ENT_QUOTES) . '">' . $person_name . ' (' . $user['username'] . ')</option>';
            }
            $return .= '</select>';
            $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
        }
    }
    return $xajax_response;
}