$documentPath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . "/document"; $origin = isset($origin) ? $origin : null; $path = isset($_GET['path']) ? Security::remove_XSS($_GET['path']) : null; /* Constants and variables */ $is_allowedToEdit = api_is_allowed_to_edit(null, true) || api_is_drh() || api_is_student_boss(); $is_tutor = api_is_allowed_to_edit(true); $TBL_QUESTIONS = Database::get_course_table(TABLE_QUIZ_QUESTION); $TBL_TRACK_EXERCISES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES); $TBL_TRACK_ATTEMPT = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT); $TBL_TRACK_ATTEMPT_RECORDING = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT_RECORDING); $TBL_LP_ITEM_VIEW = Database::get_course_table(TABLE_LP_ITEM_VIEW); $allowCoachFeedbackExercises = api_get_setting('exercise.allow_coach_feedback_exercises') === 'true'; $course_id = api_get_course_int_id(); $exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null; $filter_user = isset($_REQUEST['filter_by_user']) ? intval($_REQUEST['filter_by_user']) : null; $locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE); if (empty($exercise_id)) { api_not_allowed(true); } if (!$is_allowedToEdit && !$allowCoachFeedbackExercises) { api_not_allowed(true); } if (!empty($exercise_id)) { $parameters['exerciseId'] = $exercise_id; } if (!empty($_GET['path'])) { $parameters['path'] = Security::remove_XSS($_GET['path']); } if (!empty($_REQUEST['export_report']) && $_REQUEST['export_report'] == '1') { if (api_is_platform_admin() || api_is_course_admin() || api_is_course_tutor() || api_is_course_coach()) { $loadExtraData = false;
/** * check if an attendance is locked * @param int $attendance_id * @param bool */ public static function is_locked_attendance($attendance_id) { //use gradebook lock $result = api_resource_is_locked_by_gradebook($attendance_id, LINK_ATTENDANCE); return $result; }
$last_post = api_convert_and_format_date($last_post_row['post_date']).' '.get_lang('By').' '.Display::tag('span', $name, array("title"=>api_htmlentities($last_post_info_username, ENT_QUOTES))); }*/ echo '<td>' . $last_post . '</td>'; echo '<td class="td_actions">'; // Get attachment id. if (isset($row['post_id'])) { $attachment_list = get_attachment($row['post_id']); } $id_attach = !empty($attachment_list) ? $attachment_list['id'] : ''; $sql_post_id = "SELECT post_id FROM {$table_posts} WHERE c_id = {$course_id} AND post_title='" . Database::escape_string($row['thread_title']) . "'"; $result_post_id = Database::query($sql_post_id); $row_post_id = Database::fetch_array($result_post_id); if ($origin != 'learnpath') { if (api_is_allowed_to_edit(false, true) && !(api_is_course_coach() && $current_forum['session_id'] != $_SESSION['id_session'])) { echo '<a href="' . $forumUrl . 'editpost.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&thread=' . Security::remove_XSS($row['thread_id']) . '&post=' . $row_post_id['post_id'] . '&id_attach=' . $id_attach . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>'; if (api_resource_is_locked_by_gradebook($row['thread_id'], LINK_FORUM_THREAD)) { echo Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL); } else { echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=delete&content=thread&id=' . $row['thread_id'] . $origin_string . "\" onclick=\"javascript:if(!confirm('" . addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES)) . "')) return false;\">" . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>'; } display_visible_invisible_icon('thread', $row['thread_id'], $row['visibility'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => $groupId)); display_lock_unlock_icon('thread', $row['thread_id'], $row['locked'], array('forum' => $my_forum, 'origin' => $origin, 'gidReq' => api_get_group_id())); echo '<a href="viewforum.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($my_forum) . '&action=move&thread=' . $row['thread_id'] . $origin_string . '">' . Display::return_icon('move.png', get_lang('MoveThread'), array(), ICON_SIZE_SMALL) . '</a>'; } } $iconnotify = 'send_mail.gif'; if (is_array(isset($_SESSION['forum_notification']['thread']) ? $_SESSION['forum_notification']['thread'] : null)) { if (in_array($row['thread_id'], $_SESSION['forum_notification']['thread'])) { $iconnotify = 'send_mail_checked.gif'; } }
/** * Gets the exam'data results * @todo this function should be moved in a library + no global calls * @param int $from * @param int $number_of_items * @param int $column * @param string $direction * @param int $exercise_id * @param null $extra_where_conditions * @param bool $get_count * @return array */ public static function get_exam_results_data($from, $number_of_items, $column, $direction, $exercise_id, $extra_where_conditions = null, $get_count = false) { //@todo replace all this globals global $documentPath, $filter; $course_id = api_get_course_int_id(); $sessionId = api_get_session_id(); $is_allowedToEdit = api_is_allowed_to_edit(null, true) || api_is_allowed_to_edit(true) || api_is_drh() || api_is_student_boss(); $TBL_USER = Database::get_main_table(TABLE_MAIN_USER); $TBL_EXERCICES = Database::get_course_table(TABLE_QUIZ_TEST); $TBL_GROUP_REL_USER = Database::get_course_table(TABLE_GROUP_USER); $TBL_GROUP = Database::get_course_table(TABLE_GROUP); $TBL_TRACK_EXERCICES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES); $TBL_TRACK_HOTPOTATOES = Database::get_main_table(TABLE_STATISTIC_TRACK_E_HOTPOTATOES); $TBL_TRACK_ATTEMPT_RECORDING = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT_RECORDING); $session_id_and = ' AND te.session_id = ' . $sessionId . ' '; $exercise_id = intval($exercise_id); $exercise_where = ''; if (!empty($exercise_id)) { $exercise_where .= ' AND te.exe_exo_id = ' . $exercise_id . ' '; } $hotpotatoe_where = ''; if (!empty($_GET['path'])) { $hotpotatoe_path = Database::escape_string($_GET['path']); $hotpotatoe_where .= ' AND exe_name = "' . $hotpotatoe_path . '" '; } // sql for chamilo-type tests for teacher / tutor view $sql_inner_join_tbl_track_exercices = "\n (\n SELECT DISTINCT ttte.*, if(tr.exe_id,1, 0) as revised\n FROM {$TBL_TRACK_EXERCICES} ttte LEFT JOIN {$TBL_TRACK_ATTEMPT_RECORDING} tr\n ON (ttte.exe_id = tr.exe_id)\n WHERE\n c_id = {$course_id} AND\n exe_exo_id = {$exercise_id} AND\n ttte.session_id = " . $sessionId . "\n )"; if ($is_allowedToEdit) { //@todo fix to work with COURSE_RELATION_TYPE_RRHH in both queries // Hack in order to filter groups $sql_inner_join_tbl_user = ''; if (strpos($extra_where_conditions, 'group_id')) { $sql_inner_join_tbl_user = "******" . $course_id . ")\n INNER JOIN {$TBL_GROUP} g\n ON (gru.group_id = g.id AND g.c_id=" . $course_id . ")\n )"; } if (strpos($extra_where_conditions, 'group_all')) { $extra_where_conditions = str_replace("AND ( group_id = 'group_all' )", '', $extra_where_conditions); $extra_where_conditions = str_replace("AND group_id = 'group_all'", '', $extra_where_conditions); $extra_where_conditions = str_replace("group_id = 'group_all' AND", '', $extra_where_conditions); $sql_inner_join_tbl_user = "******"; $sql_inner_join_tbl_user = null; } if (strpos($extra_where_conditions, 'group_none')) { $extra_where_conditions = str_replace("AND ( group_id = 'group_none' )", "AND ( group_id is null )", $extra_where_conditions); $extra_where_conditions = str_replace("AND group_id = 'group_none'", "AND ( group_id is null )", $extra_where_conditions); $sql_inner_join_tbl_user = "******" . $course_id . " )\n LEFT OUTER JOIN {$TBL_GROUP} g\n ON (gru.group_id = g.id AND g.c_id = " . $course_id . ")\n )"; } // All $is_empty_sql_inner_join_tbl_user = false; if (empty($sql_inner_join_tbl_user)) { $is_empty_sql_inner_join_tbl_user = true; $sql_inner_join_tbl_user = "******" . api_get_users_status_ignored_in_reports('string') . ")\n )"; } $sqlFromOption = " , {$TBL_GROUP_REL_USER} AS gru "; $sqlWhereOption = " AND gru.c_id = " . $course_id . " AND gru.user_id = user.user_id "; $first_and_last_name = api_is_western_name_order() ? "firstname, lastname" : "lastname, firstname"; if ($get_count) { $sql_select = "SELECT count(te.exe_id) "; } else { $sql_select = "SELECT DISTINCT\n user_id,\n {$first_and_last_name},\n official_code,\n ce.title,\n username,\n te.exe_result,\n te.exe_weighting,\n te.exe_date,\n te.exe_id,\n email as exemail,\n te.start_date,\n steps_counter,\n exe_user_id,\n te.exe_duration,\n propagate_neg,\n revised,\n group_name,\n group_id,\n orig_lp_id,\n te.user_ip"; } $sql = " {$sql_select}\n FROM {$TBL_EXERCICES} AS ce\n INNER JOIN {$sql_inner_join_tbl_track_exercices} AS te\n ON (te.exe_exo_id = ce.id)\n INNER JOIN {$sql_inner_join_tbl_user} AS user\n ON (user.user_id = exe_user_id)\n WHERE\n te.status != 'incomplete' AND\n te.c_id = " . $course_id . " {$session_id_and} AND\n ce.active <>-1 AND ce.c_id = " . $course_id . "\n {$exercise_where}\n {$extra_where_conditions}\n "; // sql for hotpotatoes tests for teacher / tutor view if ($get_count) { $hpsql_select = "SELECT count(username)"; } else { $hpsql_select = "SELECT\n {$first_and_last_name} ,\n username,\n official_code,\n tth.exe_name,\n tth.exe_result ,\n tth.exe_weighting,\n tth.exe_date"; } $hpsql = " {$hpsql_select}\n FROM\n {$TBL_TRACK_HOTPOTATOES} tth,\n {$TBL_USER} user\n {$sqlFromOption}\n WHERE\n user.user_id=tth.exe_user_id\n AND tth.c_id = " . $course_id . "\n {$hotpotatoe_where}\n {$sqlWhereOption}\n AND user.status NOT IN(" . api_get_users_status_ignored_in_reports('string') . ")\n ORDER BY\n tth.c_id ASC,\n tth.exe_date DESC"; } if ($get_count) { $resx = Database::query($sql); $rowx = Database::fetch_row($resx, 'ASSOC'); return $rowx[0]; } $teacher_list = CourseManager::getTeacherListFromCourse(api_get_course_int_id()); $teacher_id_list = array(); if (!empty($teacher_list)) { foreach ($teacher_list as $teacher) { $teacher_id_list[] = $teacher['user_id']; } } $list_info = array(); // Simple exercises if (empty($hotpotatoe_where)) { $column = !empty($column) ? Database::escape_string($column) : null; $from = intval($from); $number_of_items = intval($number_of_items); if (!empty($column)) { $sql .= " ORDER BY {$column} {$direction} "; } $sql .= " LIMIT {$from}, {$number_of_items}"; $results = array(); $resx = Database::query($sql); while ($rowx = Database::fetch_array($resx, 'ASSOC')) { $results[] = $rowx; } $group_list = GroupManager::get_group_list(); $clean_group_list = array(); if (!empty($group_list)) { foreach ($group_list as $group) { $clean_group_list[$group['id']] = $group['name']; } } $lp_list_obj = new LearnpathList(api_get_user_id()); $lp_list = $lp_list_obj->get_flat_list(); if (is_array($results)) { $users_array_id = array(); $from_gradebook = false; if (isset($_GET['gradebook']) && $_GET['gradebook'] == 'view') { $from_gradebook = true; } $sizeof = count($results); $user_list_id = array(); $locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE); // Looping results for ($i = 0; $i < $sizeof; $i++) { $revised = $results[$i]['revised']; if ($from_gradebook && $is_allowedToEdit) { if (in_array($results[$i]['username'] . $results[$i]['firstname'] . $results[$i]['lastname'], $users_array_id)) { continue; } $users_array_id[] = $results[$i]['username'] . $results[$i]['firstname'] . $results[$i]['lastname']; } $lp_obj = isset($results[$i]['orig_lp_id']) && isset($lp_list[$results[$i]['orig_lp_id']]) ? $lp_list[$results[$i]['orig_lp_id']] : null; $lp_name = null; if ($lp_obj) { $url = api_get_path(WEB_CODE_PATH) . 'newscorm/lp_controller.php?' . api_get_cidreq() . '&action=view&lp_id=' . $results[$i]['orig_lp_id']; $lp_name = Display::url($lp_obj['lp_name'], $url, array('target' => '_blank')); } //Add all groups by user $group_name_list = null; if ($is_empty_sql_inner_join_tbl_user) { $group_list = GroupManager::get_group_ids(api_get_course_int_id(), $results[$i]['user_id']); foreach ($group_list as $id) { $group_name_list .= $clean_group_list[$id] . '<br/>'; } $results[$i]['group_name'] = $group_name_list; } $results[$i]['exe_duration'] = !empty($results[$i]['exe_duration']) ? round($results[$i]['exe_duration'] / 60) : 0; $user_list_id[] = $results[$i]['exe_user_id']; $id = $results[$i]['exe_id']; $dt = api_convert_and_format_date($results[$i]['exe_weighting']); // we filter the results if we have the permission to if (isset($results[$i]['results_disabled'])) { $result_disabled = intval($results[$i]['results_disabled']); } else { $result_disabled = 0; } if ($result_disabled == 0) { $my_res = $results[$i]['exe_result']; $my_total = $results[$i]['exe_weighting']; $results[$i]['start_date'] = api_get_local_time($results[$i]['start_date']); $results[$i]['exe_date'] = api_get_local_time($results[$i]['exe_date']); if (!$results[$i]['propagate_neg'] && $my_res < 0) { $my_res = 0; } $score = self::show_score($my_res, $my_total); $actions = ''; if ($is_allowedToEdit) { if (isset($teacher_id_list)) { if (in_array($results[$i]['exe_user_id'], $teacher_id_list)) { $actions .= Display::return_icon('teachers.gif', get_lang('Teacher')); } } if ($revised) { $actions .= "<a href='exercise_show.php?" . api_get_cidreq() . "&action=edit&id={$id}'>" . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL); $actions .= ' '; } else { $actions .= "<a href='exercise_show.php?" . api_get_cidreq() . "&action=qualify&id={$id}'>" . Display::return_icon('quiz.gif', get_lang('Qualify')); $actions .= ' '; } $actions .= "</a>"; if ($filter == 2) { $actions .= ' <a href="exercise_history.php?' . api_get_cidreq() . '&exe_id=' . $id . '">' . Display::return_icon('history.gif', get_lang('ViewHistoryChange')) . '</a>'; } //Admin can always delete the attempt if (($locked == false || api_is_platform_admin()) && !api_is_student_boss()) { $ip = TrackingUserLog::get_ip_from_user_event($results[$i]['exe_user_id'], date('Y-m-d h:i:s'), false); $actions .= '<a href="http://www.whatsmyip.org/ip-geo-location/?ip=' . $ip . '" target="_blank">'; $actions .= Display::return_icon('info.png', $ip, ['title' => $ip]); $actions .= '</a>'; $delete_link = '<a href="exercise_report.php?' . api_get_cidreq() . '&filter_by_user='******'filter_by_user']) . '&filter=' . $filter . '&exerciseId=' . $exercise_id . '&delete=delete&did=' . $id . '" onclick="javascript:if(!confirm(\'' . sprintf(get_lang('DeleteAttempt'), $results[$i]['username'], $dt) . '\')) return false;">' . Display::return_icon('delete.png', get_lang('Delete')) . '</a>'; $delete_link = utf8_encode($delete_link); if (api_is_drh() && !api_is_platform_admin()) { $delete_link = null; } $actions .= $delete_link . ' '; } } else { $attempt_url = api_get_path(WEB_CODE_PATH) . 'exercice/result.php?' . api_get_cidreq() . '&id=' . $results[$i]['exe_id'] . '&id_session=' . $sessionId; $attempt_link = Display::url(get_lang('Show'), $attempt_url, ['class' => 'ajax btn btn-default', 'data-title' => get_lang('Show')]); $actions .= $attempt_link; } if ($revised) { $revised = Display::label(get_lang('Validated'), 'success'); } else { $revised = Display::label(get_lang('NotValidated'), 'info'); } if ($is_allowedToEdit) { $results[$i]['status'] = $revised; $results[$i]['score'] = $score; $results[$i]['lp'] = $lp_name; $results[$i]['actions'] = $actions; $list_info[] = $results[$i]; } else { $results[$i]['status'] = $revised; $results[$i]['score'] = $score; $results[$i]['actions'] = $actions; $list_info[] = $results[$i]; } } } } } else { $hpresults = StatsUtils::getManyResultsXCol($hpsql, 6); // Print HotPotatoes test results. if (is_array($hpresults)) { for ($i = 0; $i < sizeof($hpresults); $i++) { $hp_title = GetQuizName($hpresults[$i][3], $documentPath); if ($hp_title == '') { $hp_title = basename($hpresults[$i][3]); } $hp_date = api_get_local_time($hpresults[$i][6], null, date_default_timezone_get()); $hp_result = round($hpresults[$i][4] / ($hpresults[$i][5] != 0 ? $hpresults[$i][5] : 1) * 100, 2) . '% (' . $hpresults[$i][4] . ' / ' . $hpresults[$i][5] . ')'; if ($is_allowedToEdit) { $list_info[] = array($hpresults[$i][0], $hpresults[$i][1], $hpresults[$i][2], '', $hp_title, '-', $hp_date, $hp_result, '-'); } else { $list_info[] = array($hp_title, '-', $hp_date, $hp_result, '-'); } } } } return $list_info; }
/** * Reads exercise information from the data base * * @author Olivier Brouckaert * @param integer $id - exercise Id * * @return boolean - true if exercise exists, otherwise false */ public function read($id) { $TBL_EXERCISES = Database::get_course_table(TABLE_QUIZ_TEST); $table_lp_item = Database::get_course_table(TABLE_LP_ITEM); $id = intval($id); if (empty($this->course_id)) { return false; } $sql = "SELECT * FROM {$TBL_EXERCISES} WHERE c_id = " . $this->course_id . " AND id = " . $id; $result = Database::query($sql); // if the exercise has been found if ($object = Database::fetch_object($result)) { $this->id = $id; $this->exercise = $object->title; $this->name = $object->title; $this->title = $object->title; $this->description = $object->description; $this->sound = $object->sound; $this->type = $object->type; if (empty($this->type)) { $this->type = ONE_PER_PAGE; } $this->random = $object->random; $this->random_answers = $object->random_answers; $this->active = $object->active; $this->results_disabled = $object->results_disabled; $this->attempts = $object->max_attempt; $this->feedback_type = $object->feedback_type; $this->propagate_neg = $object->propagate_neg; $this->randomByCat = $object->random_by_category; $this->text_when_finished = $object->text_when_finished; $this->display_category_name = $object->display_category_name; $this->pass_percentage = $object->pass_percentage; $this->sessionId = $object->session_id; $this->is_gradebook_locked = api_resource_is_locked_by_gradebook($id, LINK_EXERCISE); $this->review_answers = isset($object->review_answers) && $object->review_answers == 1 ? true : false; $sql = "SELECT lp_id, max_score\n FROM {$table_lp_item}\n WHERE c_id = {$this->course_id} AND\n item_type = '" . TOOL_QUIZ . "' AND\n path = '" . $id . "'"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { $this->exercise_was_added_in_lp = true; $this->lpList = Database::store_result($result, 'ASSOC'); } $this->force_edit_exercise_in_lp = api_get_configuration_value('force_edit_exercise_in_lp'); if ($this->exercise_was_added_in_lp) { $this->edit_exercise_in_lp = $this->force_edit_exercise_in_lp == true; } else { $this->edit_exercise_in_lp = true; } if ($object->end_time != '0000-00-00 00:00:00') { $this->end_time = $object->end_time; } if ($object->start_time != '0000-00-00 00:00:00') { $this->start_time = $object->start_time; } //control time $this->expired_time = $object->expired_time; //Checking if question_order is correctly set $this->questionList = $this->selectQuestionList(true); //overload questions list with recorded questions list //load questions only for exercises of type 'one question per page' //this is needed only is there is no questions /* // @todo not sure were in the code this is used somebody mess with the exercise tool // @todo don't know who add that config and why $_configuration['live_exercise_tracking'] global $_configuration, $questionList; if ($this->type == ONE_PER_PAGE && $_SERVER['REQUEST_METHOD'] != 'POST' && defined('QUESTION_LIST_ALREADY_LOGGED') && isset($_configuration['live_exercise_tracking']) && $_configuration['live_exercise_tracking']) { $this->questionList = $questionList; }*/ return true; } return false; }
/** * Blocks a page if the item was added in a gradebook * * @param int exercise id, work id, thread id, * @param int LINK_EXERCISE, LINK_STUDENTPUBLICATION, LINK_LEARNPATH LINK_FORUM_THREAD, LINK_ATTENDANCE * see gradebook/lib/be/linkfactory * @param string course code * @return boolean */ function api_block_course_item_locked_by_gradebook($item_id, $link_type, $course_code = null) { if (api_is_platform_admin()) { return false; } if (api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code)) { $message = Display::return_message(get_lang('ResourceLockedByGradebook'), 'warning'); api_not_allowed(true, $message); } }
function return_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters = '') { $html = ''; $id = intval($id); //check if the forum is blocked due if ($content == 'thread') { if (api_resource_is_locked_by_gradebook($id, LINK_FORUM_THREAD)) { $html .= Display::return_icon('lock_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL); return $html; } } if ($current_lock_status == '1') { $html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&'; if (is_array($additional_url_parameters)) { foreach ($additional_url_parameters as $key => $value) { $html .= $key . '=' . $value . '&'; } } $html .= 'action=unlock&content=' . $content . '&id=' . $id . '">' . Display::return_icon('lock.png', get_lang('Unlock'), array(), ICON_SIZE_SMALL) . '</a>'; } if ($current_lock_status == '0') { $html .= '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&'; if (is_array($additional_url_parameters)) { foreach ($additional_url_parameters as $key => $value) { $html .= $key . '=' . $value . '&'; } } $html .= 'action=lock&content=' . $content . '&id=' . $id . '">' . Display::return_icon('unlock.png', get_lang('Lock'), array(), ICON_SIZE_SMALL) . '</a>'; } return $html; }
// Are we in a lp ? $origin = ''; if (isset($_GET['origin'])) { $origin = Security::remove_XSS($_GET['origin']); } //delete attachment file if (isset($_GET['action']) && $_GET['action'] == 'delete_attach' && isset($_GET['id_attach'])) { delete_attachment(0, $_GET['id_attach']); } $rows = get_posts($_GET['thread']); $rows = calculate_children($rows); $count = 0; $clean_forum_id = intval($_GET['forum']); $clean_thread_id = intval($_GET['thread']); $group_id = api_get_group_id(); $locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD); foreach ($rows as $post) { // The style depends on the status of the message: approved or not. if ($post['visible'] == '0') { $titleclass = 'forum_message_post_title_2_be_approved'; $messageclass = 'forum_message_post_text_2_be_approved'; $leftclass = 'forum_message_left_2_be_approved'; } else { $titleclass = 'forum_message_post_title'; $messageclass = 'forum_message_post_text'; $leftclass = 'forum_message_left'; } $indent = $post['indent_cnt'] * '20'; echo "<div style=\"margin-left: " . $indent . "px;\">"; echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">"; echo "<tr>";
$link_info = is_resource_in_course_gradebook(api_get_course_id(), 3, $delete_dir_id, api_get_session_id()); $link_id = $link_info['id']; if ($link_info !== false) { remove_resource_from_course_gradebook($link_id); } Display::display_confirmation_message(get_lang('DirDeleted') . ': ' . $work_to_delete['title']); } else { Display::display_warning_message(get_lang('ResourceLockedByGradebook')); } } /* DELETE WORK COMMAND */ if ($action == 'delete' && $item_id) { $file_deleted = false; $is_author = user_is_author($item_id); $work_data = get_work_data_by_id($item_id); $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION); if ($is_allowed_to_edit && $locked == false || ($locked == false and $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) { //we found the current user is the author $queryString1 = "SELECT url, contains_file FROM " . $work_table . " WHERE c_id = {$course_id} AND id = {$item_id}"; $result1 = Database::query($queryString1); $row = Database::fetch_array($result1); if (Database::num_rows($result1) > 0) { $queryString2 = "UPDATE " . $work_table . " SET active = 2 WHERE c_id = {$course_id} AND id = {$item_id}"; $queryString3 = "DELETE FROM " . $TSTDPUBASG . " WHERE c_id = {$course_id} AND publication_id = {$item_id}"; Database::query($queryString2); Database::query($queryString3); api_item_property_update($_course, 'work', $item_id, 'DocumentDeleted', $user_id); $work = $row['url']; if ($row['contains_file'] == 1) { if (!empty($work)) { if (api_get_setting('permanently_remove_deleted_files') == 'true') {
$script = 'work_list_all.php'; } if (!empty($error_message)) { Session::write('error_message', $error_message); } header('Location: ' . api_get_path(WEB_CODE_PATH) . 'work/' . $script . '?' . api_get_cidreq() . '&id=' . $work_id); exit; } else { // Bad token or can't add works $error_message = Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error'); } } $htmlHeadXtra[] = to_javascript_work(); Display::display_header(null); if (!empty($work_id)) { echo $validationStatus['message']; if ($is_allowed_to_edit) { if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) { echo Display::display_warning_message(get_lang('ResourceLockedByGradebook')); } else { $form->display(); } } elseif ($student_can_edit_in_session && $validationStatus['has_ended'] == false) { $form->display(); } else { Display::display_error_message(get_lang('ActionNotAllowed')); } } else { Display::display_error_message(get_lang('ActionNotAllowed')); } Display::display_footer();
/** * @param int $item_id * @param array course info * @return bool */ function deleteWorkItem($item_id, $courseInfo) { $work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION); $TSTDPUBASG = Database :: get_course_table(TABLE_STUDENT_PUBLICATION_ASSIGNMENT); $currentCourseRepositorySys = api_get_path(SYS_COURSE_PATH).$courseInfo['path'].'/'; $is_allowed_to_edit = api_is_allowed_to_edit(); $file_deleted = false; $item_id = intval($item_id); $is_author = user_is_author($item_id); $work_data = get_work_data_by_id($item_id); $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION); $course_id = $courseInfo['real_id']; if (($is_allowed_to_edit && $locked == false) || ( $locked == false && $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0 ) ) { // We found the current user is the author $sql = "SELECT url, contains_file FROM $work_table WHERE c_id = $course_id AND id = $item_id"; $result = Database::query($sql); $row = Database::fetch_array($result); if (Database::num_rows($result) > 0) { $sql = "UPDATE $work_table SET active = 2 WHERE c_id = $course_id AND id = $item_id"; Database::query($sql); $sql = "DELETE FROM $TSTDPUBASG WHERE c_id = $course_id AND publication_id = $item_id"; Database::query($sql); api_item_property_update( $courseInfo, 'work', $item_id, 'DocumentDeleted', api_get_user_id() ); $work = $row['url']; if ($row['contains_file'] == 1) { if (!empty($work)) { if (api_get_setting('permanently_remove_deleted_files') == 'true') { my_delete($currentCourseRepositorySys.'/'.$work); $file_deleted = true; } else { $extension = pathinfo($work, PATHINFO_EXTENSION); $new_dir = $work.'_DELETED_'.$item_id.'.'.$extension; if (file_exists($currentCourseRepositorySys.'/'.$work)) { rename($currentCourseRepositorySys.'/'.$work, $currentCourseRepositorySys.'/'.$new_dir); $file_deleted = true; } } } } else { $file_deleted = true; } } } return $file_deleted; }
require_once 'work.lib.php'; // Section (for the tabs) $this_section = SECTION_COURSES; if (!api_is_allowed_to_edit()) { api_not_allowed(true); } $courseInfo = api_get_course_info(); $sessionId = api_get_session_id(); $groupId = api_get_group_id(); $workId = isset($_GET['id']) ? intval($_GET['id']) : null; $workData = get_work_data_by_id($workId); $homework = get_work_assignment_by_id($workId); $locked = api_resource_is_locked_by_gradebook($workId, LINK_STUDENTPUBLICATION); if (api_is_platform_admin() == false && $locked == true) { api_not_allowed(true); } $htmlHeadXtra[] = to_javascript_work(); $interbreadcrumb[] = array( 'url' => api_get_path(WEB_CODE_PATH) . 'work/work.php?' . api_get_cidreq(), 'name' => get_lang('StudentPublications') ); $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Edit')); $form = new FormValidator( 'edit_dir', 'post',
/** * @param int $start * @param int $limit * @param int $column * @param string $direction * @param int $work_id * @param array $where_condition * @param int $studentId * @return array */ function get_work_user_list($start, $limit, $column, $direction, $work_id, $where_condition, $studentId = null) { $work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION); $iprop_table = Database::get_course_table(TABLE_ITEM_PROPERTY); $user_table = Database::get_main_table(TABLE_MAIN_USER); $session_id = api_get_session_id(); $course_id = api_get_course_int_id(); $group_id = api_get_group_id(); $course_info = api_get_course_info(api_get_course_id()); $work_id = intval($work_id); $column = empty($column) ?: Database::escape_string($column); $start = intval($start); $limit = intval($limit); if (!in_array($direction, array('asc', 'desc'))) { $direction = 'desc'; } $work_data = get_work_data_by_id($work_id); $is_allowed_to_edit = api_is_allowed_to_edit(null, true); $condition_session = api_get_session_condition($session_id); $locked = api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION); if (!empty($work_data)) { if (!empty($group_id)) { $extra_conditions = " work.post_group_id = '" . intval($group_id) . "' "; // set to select only messages posted by the user's group } else { $extra_conditions = " work.post_group_id = '0' "; } if ($is_allowed_to_edit) { $extra_conditions .= ' AND work.active IN (0, 1) '; } else { if (isset($course_info['show_score']) && $course_info['show_score'] == 1) { $extra_conditions .= " AND (u.user_id = " . api_get_user_id() . " AND work.active IN (0, 1) OR work.active = 1) "; } else { $extra_conditions .= ' AND work.active = 1 '; } } $extra_conditions .= " AND parent_id = " . $work_id . " "; $select = 'DISTINCT u.user_id, work.id as id, title as title, description, url, sent_date, contains_file, has_properties, view_properties, qualification, weight, allow_text_assignment, u.firstname, u.lastname, u.username, parent_id, accepted, qualificator_id'; $user_condition = "INNER JOIN {$user_table} u ON (work.user_id = u.user_id) "; $work_condition = "{$iprop_table} prop INNER JOIN {$work_table} work ON (prop.ref = work.id AND prop.c_id = {$course_id} AND work.c_id = {$course_id} ) "; $work_assignment = get_work_assignment_by_id($work_id); if (!empty($studentId)) { $where_condition .= " AND u.user_id = " . intval($studentId); } $sql = "SELECT {$select}\n FROM {$work_condition} {$user_condition}\n WHERE {$extra_conditions} {$where_condition} {$condition_session} "; $sql .= " ORDER BY {$column} {$direction} "; $sql .= " LIMIT {$start}, {$limit}"; $result = Database::query($sql); $works = array(); while ($work = Database::fetch_array($result, 'ASSOC')) { $item_id = $work['id']; // Get the author ID for that document from the item_property table $is_author = false; $can_read = false; $owner_id = $work['user_id']; /* Because a bug found when saving items using the api_item_property_update() the field $item_property_data['insert_user_id'] is not reliable. */ // $item_property_data = api_get_item_property_info(api_get_course_int_id(), 'work', $item_id, api_get_session_id()); //if (!$is_allowed_to_edit && $item_property_data['insert_user_id'] == api_get_user_id()) { if (!$is_allowed_to_edit && $owner_id == api_get_user_id()) { $is_author = true; } if ($course_info['show_score'] == 0) { $can_read = true; } if ($work['accepted'] == '0') { $class = 'invisible'; } else { $class = ''; } $qualification_exists = false; if (!empty($work_data['qualification']) && intval($work_data['qualification']) > 0) { $qualification_exists = true; } $qualification_string = ''; if ($qualification_exists) { if ($work['qualification'] == '') { $qualification_string = Display::label('-'); } else { $qualification_string = Display::label($work['qualification'], 'info'); } } $add_string = ''; $time_expires = api_strtotime($work_assignment['expires_on'], 'UTC'); if (!empty($work_assignment['expires_on']) && $work_assignment['expires_on'] != '0000-00-00 00:00:00' && $time_expires && $time_expires < api_strtotime($work['sent_date'], 'UTC')) { $add_string = Display::label(get_lang('Expired'), 'important'); } if ($can_read && $work['accepted'] == '1' || $is_author && in_array($work['accepted'], array('1', '0')) || $is_allowed_to_edit) { // Firstname, lastname, username $work['firstname'] = Display::div($work['firstname'], array('class' => $class)); $work['lastname'] = Display::div($work['lastname'], array('class' => $class)); if (strlen($work['title']) > 30) { $short_title = substr($work['title'], 0, 27) . '...'; $work['title'] = Display::span($short_title, array('class' => $class, 'title' => $work['title'])); } else { $work['title'] = Display::div($work['title'], array('class' => $class)); } // Type. $work['type'] = build_document_icon_tag('file', $work['file']); // File name. $link_to_download = null; if ($work['contains_file']) { $link_to_download = '<a href="download.php?id=' . $item_id . '">' . Display::return_icon('save.png', get_lang('Save'), array(), ICON_SIZE_SMALL) . '</a> '; } else { //$link_to_download = '<a href="view.php?id='.$item_id.'">'.Display::return_icon('save_na.png', get_lang('Save'),array(), ICON_SIZE_SMALL).'</a> '; } $send_to = Portfolio::share('work', $work['id'], array('style' => 'white-space:nowrap;')); $work['qualification'] = $qualification_string; // Date. $work_date = api_convert_and_format_date($work['sent_date']); $work['sent_date'] = date_to_str_ago(api_get_local_time($work['sent_date'])) . ' ' . $add_string . '<br />' . $work_date; // Actions. $url = api_get_path(WEB_CODE_PATH) . 'work/'; $action = ''; if ($is_allowed_to_edit) { $action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a> '; if ($locked) { if ($qualification_exists) { $action .= Display::return_icon('rate_work_na.png', get_lang('CorrectAndRate'), array(), ICON_SIZE_SMALL); } else { $action .= Display::return_icon('edit_na.png', get_lang('Comment'), array(), ICON_SIZE_SMALL); } } else { if ($qualification_exists) { $action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '" title="' . get_lang('Modify') . '" >' . Display::return_icon('rate_work.png', get_lang('CorrectAndRate'), array(), ICON_SIZE_SMALL) . '</a>'; } else { $action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '&gradebook=' . Security::remove_XSS($_GET['gradebook']) . '" title="' . get_lang('Modify') . '">' . Display::return_icon('edit.png', get_lang('Comment'), array(), ICON_SIZE_SMALL) . '</a>'; } } if ($work['contains_file']) { if ($locked) { $action .= Display::return_icon('move_na.png', get_lang('Move'), array(), ICON_SIZE_SMALL); } else { $action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=move&item_id=' . $item_id . '" title="' . get_lang('Move') . '">' . Display::return_icon('move.png', get_lang('Move'), array(), ICON_SIZE_SMALL) . '</a>'; } } if ($work['accepted'] == '1') { $action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=make_invisible&item_id=' . $item_id . '&' . $sort_params . '" title="' . get_lang('Invisible') . '" >' . Display::return_icon('visible.png', get_lang('Invisible'), array(), ICON_SIZE_SMALL) . '</a>'; } else { $action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=make_visible&item_id=' . $item_id . '&' . $sort_params . '" title="' . get_lang('Visible') . '" >' . Display::return_icon('invisible.png', get_lang('Visible'), array(), ICON_SIZE_SMALL) . '</a> '; } if ($locked) { $action .= Display::return_icon('delete_na.png', get_lang('Delete'), '', ICON_SIZE_SMALL); } else { $action .= '<a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=delete&item_id=' . $item_id . '" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . "'" . ')) return false;" title="' . get_lang('Delete') . '" >' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>'; } } elseif ($is_author && (empty($work['qualificator_id']) || $work['qualificator_id'] == 0)) { $action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a>'; if (api_get_course_setting('student_delete_own_publication') == 1) { if (api_is_allowed_to_session_edit(false, true)) { $action .= '<a href="' . $url . 'edit.php?' . api_get_cidreq() . '&item_id=' . $item_id . '&id=' . $work['parent_id'] . '&gradebook=' . Security::remove_XSS($_GET['gradebook']) . '" title="' . get_lang('Modify') . '">' . Display::return_icon('edit.png', get_lang('Comment'), array(), ICON_SIZE_SMALL) . '</a>'; } $action .= ' <a href="' . $url . 'work.php?' . api_get_cidreq() . '&action=delete&item_id=' . $item_id . '" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . "'" . ')) return false;" title="' . get_lang('Delete') . '" >' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>'; } else { $action .= Display::return_icon('edit_na.png', get_lang('Modify'), array(), ICON_SIZE_SMALL); } } else { $action .= '<a href="' . $url . 'view.php?' . api_get_cidreq() . '&id=' . $item_id . '" title="' . get_lang('View') . '">' . Display::return_icon('default.png', get_lang('View'), array(), ICON_SIZE_SMALL) . '</a>'; $action .= Display::return_icon('edit_na.png', get_lang('Modify'), array(), ICON_SIZE_SMALL); } // Status. if (empty($work['qualificator_id'])) { $qualificator_id = Display::label(get_lang('NotRevised'), 'warning'); } else { $qualificator_id = Display::label(get_lang('Revised'), 'success'); } $work['qualificator_id'] = $qualificator_id; $work['actions'] = $send_to . $link_to_download . $action; $works[] = $work; } } return $works; } }
if (isset($_GET['post']) && $_GET['post'] == $post['post_id'] || ($counter == 1 and !isset($_GET['post']))) { $thread_structure .= '<strong>' . prepare4display($post['post_title']) . '</strong></div>'; $prev_next_array[] = $post['post_id']; } else { if ($post['visible'] == '0') { $class = ' class="invisible"'; } else { $class = ''; } $count_loop = $count == 0 ? '&id=1' : ''; $thread_structure .= "<a href=\"viewthread.php?" . api_get_cidreq() . "&forum=" . $forumId . "&thread=" . $threadId . "&post=" . $post['post_id'] . "&origin={$origin}{$count_loop}\"" . "{$class}>" . prepare4display($post['post_title']) . "</a></div>"; $prev_next_array[] = $post['post_id']; } $count++; } $locked = api_resource_is_locked_by_gradebook($threadId, LINK_FORUM_THREAD); /* NAVIGATION CONTROLS */ $current_id = array_search($display_post_id, $prev_next_array); $max = count($prev_next_array); $next_id = $current_id + 1; $prev_id = $current_id - 1; // Text $first_message = get_lang('FirstMessage'); $last_message = get_lang('LastMessage'); $next_message = get_lang('NextMessage'); $prev_message = get_lang('PrevMessage'); // Images $first_img = Display::return_icon('action_first.png', get_lang('FirstMessage'), array('style' => 'vertical-align: middle;')); $last_img = Display::return_icon('action_last.png', get_lang('LastMessage'), array('style' => 'vertical-align: middle;')); $prev_img = Display::return_icon('action_prev.png', get_lang('PrevMessage'), array('style' => 'vertical-align: middle;')); $next_img = Display::return_icon('action_next.png', get_lang('NextMessage'), array('style' => 'vertical-align: middle;'));