/**
* Add a job posting to the database.
* @param string job title
* @param string description
* @param Array categories id
* @param int 1 if public; 0 otherwise.
* @param string Closing date for this job post, mysql TIMESTAMP format
* @precondition ATutor Mailer class imported.
*/
function addJob($title, $description, $categories, $is_public, $closing_date)
{
require AT_INCLUDE_PATH . 'classes/phpmailer/atutormailer.class.php';
global $addslashes, $db, $msg, $_config, $_base_href;
if ($_SESSION['jb_employer_id'] < 1) {
$msg->addError();
//authentication error
exit;
} else {
include AT_JB_INCLUDE . 'Employer.class.php';
$employer = new Employer($_SESSION['jb_employer_id']);
$employer_id = $employer->getId();
}
$title = $addslashes($title);
$description = $addslashes($description);
$is_public = isset($is_public) ? 1 : 0;
$closing_date = $addslashes($closing_date);
$approval_state = $_config['jb_posting_approval'] == 1 ? AT_JB_POSTING_STATUS_UNCONFIRMED : AT_JB_POSTING_STATUS_CONFIRMED;
$sql = 'INSERT INTO ' . TABLE_PREFIX . "jb_postings (employer_id, title, description, is_public, closing_date, created_date, revised_date, approval_state) VALUES ({$employer_id}, '{$title}', '{$description}', {$is_public}, '{$closing_date}', NOW(), NOW(), {$approval_state})";
$result = mysql_query($sql, $db);
$posting_id = mysql_insert_id();
//add to posting category table
if (!empty($categories)) {
foreach ($categories as $id => $category) {
$category = intval($category);
$sql = 'INSERT INTO ' . TABLE_PREFIX . "jb_posting_categories (posting_id, category_id) VALUES ({$posting_id}, {$category})";
mysql_query($sql, $db);
//send out notification if the person is subscribed to the category.
$sql = 'SELECT m.member_id, m.email FROM ' . TABLE_PREFIX . 'jb_category_subscribes cs LEFT JOIN ' . TABLE_PREFIX . "members m ON cs.member_id=m.member_id WHERE category_id={$category}";
$result = mysql_query($sql, $db);
$post_link = $_base_href . AT_JB_BASENAME . 'view_post.php?jid=' . $posting_id;
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
$mail = new ATutorMailer();
$mail->AddAddress($row['email'], get_display_name($row['member_id']));
$body = _AT('jb_subscription_msg', $title, $this->getCategoryNameById($category), $post_link);
$body .= "\n\n";
$body .= _AT('jb_posted_by') . ": " . htmlentities_utf8($employer->getCompany()) . "\n";
$mail->FromName = $_config['site_name'];
$mail->From = $_config['contact_email'];
$mail->Subject = _AT('jb_subscription_mail_subject');
$mail->Body = $body;
if (!$mail->Send()) {
$msg->addError('SENDING_ERROR');
}
unset($mail);
}
}
}
}
if (!$result) {
//TODO: db error message
$msg->addError();
}
}
function job_board_news()
{
global $db;
$news = array();
$job = new Job();
$result = $job->getAllJobs('created_date', 'desc');
if (is_array($result)) {
foreach ($result as $row) {
$title = htmlentities_utf8($row['title']);
$news[] = array('time' => $row['revised_date'], 'object' => $row, 'thumb' => AT_JB_BASENAME . 'images/jb_icon_tiny.png', 'link' => '<span title="' . strip_tags($title) . '"><a href="' . AT_JB_BASENAME . 'view_post.php?jid=' . $row['id'] . '">' . $title . "</a></span>");
}
}
return $news;
}
/**
* Export
*/
function export()
{
global $savant;
//localize
$wl = $this->wl;
//assign all the neccessarily values to the template.
$savant->assign('title', htmlentities_utf8($wl->getTitle(), ENT_QUOTES, 'UTF-8'));
$url = $wl->getUrl();
$savant->assign('url_href', urlencode($url['href']));
$savant->assign('url_target', $url['target']);
//TODO: not supported yet
//$savant->assign('url_window_features', $url['window_features']);
//generates xml
$xml = $savant->fetch(TR_INCLUDE_PATH . 'classes/Weblinks/Weblinks.tmpl.php');
return $xml;
}
function printSocialNameForConnection($id, $trigger)
{
global $_config, $display_name_formats, $db;
$display_name_format = $_config['display_name_format'];
//if trigger = true, it's for the drop down ajax
if ($trigger == true) {
if ($display_name_format > 1) {
$display_name_format = 1;
}
} else {
if ($display_name_format == 1) {
$display_name_format = 2;
}
}
$sql = 'SELECT login, first_name, second_name, last_name FROM %smembers WHERE member_id=%d';
$row = queryDB($sql, array(TABLE_PREFIX, $id), TRUE);
return htmlentities_utf8(_AT($display_name_formats[$display_name_format], $row['login'], $row['first_name'], $row['second_name'], $row['last_name']));
}
function printSocialNameForConnection($id, $trigger)
{
global $_config, $display_name_formats, $db;
$display_name_format = $_config['display_name_format'];
//if trigger = true, it's for the drop down ajax
if ($trigger == true) {
if ($display_name_format > 1) {
$display_name_format = 1;
}
} else {
if ($display_name_format == 1) {
$display_name_format = 2;
}
}
$sql = 'SELECT login, first_name, second_name, last_name FROM ' . TABLE_PREFIX . 'members WHERE member_id=' . $id;
$result = mysql_query($sql, $db);
$row = mysql_fetch_assoc($result);
return htmlentities_utf8(_AT($display_name_formats[$display_name_format], $row['login'], $row['first_name'], $row['second_name'], $row['last_name']));
}
function bigbluebutton_news() {
global $db, $enrolled_courses, $system_courses;
$news = array();
if ($enrolled_courses == ''){
return $news;
}
$sql = 'SELECT * FROM '.TABLE_PREFIX.'bigbluebutton WHERE course_id IN '.$enrolled_courses;
$result = mysql_query($sql, $db);
if($result){
while($row = mysql_fetch_assoc($result)){
$news[] = array('time'=>htmlentities_utf8($row['course_timing']),
'object'=>$row,
'alt'=>_AT('bigbluebutton'),
'course'=>$system_courses[$row['course_id']]['title'],
'thumb'=>'mods/bigbluebutton/bigbluebutton_sm.png',
'link'=>htmlentities_utf8($row['message']));
}
}
return $news;
}
require AT_INCLUDE_PATH . 'header.inc.php';
?>
<div id="my_courses_container">
<ul class="my-courses-list-ul" >
<?php
foreach ($this->courses as $row) {
static $counter;
$counter++;
?>
<li class="my-courses-list">
<?php
echo '<a href="' . url_rewrite('bounce.php?course=' . $row['course_id']) . '"> ' . htmlentities_utf8($row['title']) . '</a>';
?>
<?php
if ($row['last_cid']) {
?>
<a class="my-courses-resume" href="bounce.php?course=<?php
echo $row['course_id'] . SEP . 'p=' . urlencode('content.php?cid=' . $row['last_cid']);
?>
"><img src="<?php
echo $_base_href;
?>
themes/default/images/resume.png" border="" alt="<?php
echo _AT('resume');
?>
" title="<?php
echo _AT('resume');
$query = "\tSELECT user_camp.id\n\t\t\t\t\t\tFROM user_camp\n\t\t\t\t\t\tWHERE user_id = {$user_id} AND camp_id = " . $_camp->id;
$result = mysql_query($query);
$user_camp_id = mysql_result($result, 0, 'id');
$mat_list_id = "NULL";
$query = "\tSELECT user.scoutname \n\t\t\t\t\t\tFROM user, user_camp\n\t\t\t\t\t\tWHERE user.id = user_camp.user_id\n\t\t\t\t\t\tAND user_camp.id = {$user_camp_id}";
$result = mysql_query($query);
$resp_str = mysql_result($result, 0, 'scoutname');
}
if (substr($resp, 0, 8) == "mat_list") {
$user_camp_id = "NULL";
$mat_list_id = substr($resp, 9);
$query = "\tSELECT mat_list.name \n\t\t\t\t\t\tFROM mat_list\n\t\t\t\t\t\tWHERE mat_list.id = {$mat_list_id}";
$result = mysql_query($query);
$resp_str = mysql_result($result, 0, 'name');
}
$resp_str_js = htmlentities_utf8($resp_str);
$query = "\tSELECT\n\t\t\t\t\t\tid\n\t\t\t\t\tFROM\n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT\t\n\t\t\t\t\t\t\tid as id,\n\t\t\t\t\t\t\tname as name\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tmat_article\n\t\t\t\t\t\t\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tmat_article.id as id,\n\t\t\t\t\t\t\tconcat( mat_article_alias.name, ' (', mat_article.name, ')' ) as name\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tmat_article,\n\t\t\t\t\t\t\tmat_article_alias\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tmat_article_alias.mat_article_id = mat_article.id\n\t\t\t\t\t\t\n\t\t\t\t\t\tORDER BY name\n\t\t\t\t\t) as mat\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tmat.name = '{$article}'";
$result = mysql_query($query);
if (mysql_num_rows($result)) {
$id = mysql_result($result, 'id');
} else {
$id = "NULL";
}
$query = "\tUPDATE mat_event\n\t\t\t\t\tSET \n\t\t\t\t\t\t`user_camp_id` = {$user_camp_id},\n\t\t\t\t\t\t`mat_list_id` = {$mat_list_id},\n\t\t\t\t\t\t`mat_article_id` = {$id},\n\t\t\t\t\t\t`article_name` = '{$article}',\n\t\t\t\t\t\t`quantity` = '{$quantity}'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = {$entry_id}";
$result = mysql_query($query);
if (!mysql_error()) {
$ans = array("values" => array("1" => $quantity_js, "2" => $article_js, "3" => $resp_str_js));
echo json_encode($ans);
die;
} else {
$ans = array("error" => true, "error_msg" => "Fehler aufgetreten");
* This file is part of eCamp.
*
* eCamp is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* eCamp is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with eCamp. If not, see <http://www.gnu.org/licenses/>.
*/
$job_name = htmlentities_utf8(trim($_REQUEST['job_name']));
$job_name_save = mysql_real_escape_string($_REQUEST['job_name']);
$cmd = mysql_real_escape_string($_REQUEST['cmd']);
// Authentifizierung überprüfen
// write --> Ab Lagerleiter (level: 50)
if ($_user_camp->auth_level < 50 || $job_name == "") {
// Keine Berechtigung
if ($_user_camp->auth_level < 50) {
//$xml_replace[error] = 1;
//$xml_replace['error-msg'] = "Keine Berechtigung";
$ans = array("error" => true, "msg" => "Keine berechtigung!");
echo json_encode($ans);
die;
} else {
//$xml_replace[error] = 2;
//$xml_replace['error-msg'] = "Bitte gib zuerst einen Job-Namen ein!";
if($response['messageKey'] == 'checksumError'){
$msg->addError("CHECKSUM_ERROR_BBB");
}
else{
$msg = $response['message'];
}
}
else{//"The meeting was created, and the user will now be joined "
$bbb_joinURL = BigBlueButton::joinURL($meetingID,$username,"ap", $salt, $url);
}
$sql = "SELECT * from ".TABLE_PREFIX."bigbluebutton WHERE course_id = '$meetingID'";
$result = mysql_query($sql, $db);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
/****
* SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY are defined in include/lib/constance.lib.inc
* SUBLINK_TEXT_LEN determins the maxium length of the string to be displayed on "detail view" box.
*****/
$list[] = '<a href="'.$bbb_joinURL.'"'.
(strlen(htmlentities_utf8($row['message'])) > SUBLINK_TEXT_LEN ? ' title="'.htmlentities_utf8($row['course_timing']).'"' : '') .' title="'.htmlentities_utf8($row['course_timing']).'">'.
validate_length(htmlentities_utf8($row['message']), SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY) .'</a>';
}
return $list;
} else {
return 0;
}
?>
echo $current_file['folder_id'];
?>
" />
</form>
<?php
} else {
?>
<?php
$current_file = current($files);
}
?>
<div class="input-form">
<div class="row">
<h3><?php
echo htmlentities_utf8($current_file['file_name']);
?>
<small> - <?php
echo _AT('revision');
?>
<?php
echo $current_file['num_revisions'];
?>
</small></h3>
<span style="font-size: small"><?php
echo get_display_name($current_file['member_id']);
?>
- <?php
echo AT_date(_AT('filemanager_date_format'), $current_file['date'], AT_DATE_MYSQL_DATETIME);
?>
</span>
$id = intval($_REQUEST['id']);
$sql = "SELECT * FROM ".TABLE_PREFIX."groups_types WHERE type_id=$id AND course_id=$_SESSION[course_id]";
$result = mysql_query($sql,$db);
if (!($type_row = mysql_fetch_assoc($result))) {
require (AT_INCLUDE_PATH.'header.inc.php');
$msg->printErrors('GROUP_TYPE_NOT_FOUND');
require (AT_INCLUDE_PATH.'footer.inc.php');
exit;
}
$tmp_groups = array();
$sql = "SELECT group_id, title FROM ".TABLE_PREFIX."groups WHERE type_id=$id ORDER BY title";
$result = mysql_query($sql, $db);
while ($row = mysql_fetch_assoc($result)) {
$tmp_groups[$row['group_id']] = htmlentities_utf8($row['title']);
}
$groups_keys = array_keys($tmp_groups);
$groups_keys = implode($groups_keys, ',');
if (isset($_POST['cancel'])) {
$msg->addFeedback('CANCELLED');
header('Location: index.php');
exit;
} else if (isset($_POST['submit'])) {
$sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id IN ($groups_keys)";
mysql_query($sql, $db);
$sql = '';
foreach ($_POST['groups'] as $mid => $gid) {
$mid = abs($mid);
/* http://atutor.ca */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
if (!defined('AT_INCLUDE_PATH')) { exit; }
// print the AccessForAll alternatives tool bar
// see /content.php for details of the alt_infos() array
// images for the toolbar can be customized by adding images of the same name to a theme's images directory
?>
<div id="alternatives_shortcuts">
<?php
foreach ($this->alt_infos as $alt_info){
echo '<a href="'.$_SERVER['PHP_SELF'].'?cid='.$this->cid.(($_GET['alternative'] == $alt_info['0']) ? '' : htmlentities_utf8(SEP).'alternative='.$alt_info[0]).'">
<img src="'.AT_BASE_HREF.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[3] : $alt_info[4]).'" alt="'.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[2] : $alt_info[1]).'" title="'.(($_GET['alternative'] == $alt_info[0]) ? $alt_info[2] : $alt_info[1]).'" border="0" class="img1616"/></a>';
}
?>
</div>
<?php if ($this->shortcuts): ?>
<fieldset id="shortcuts"><legend><?php echo _AT('shortcuts'); ?></legend>
<ul>
<?php foreach ($this->shortcuts as $link): ?>
<li><a href="<?php echo $link['url']; ?>"><?php echo $link['title']; ?></a></li>
<?php endforeach; ?>
</ul>
</fieldset>
<?php endif; ?>
/**
* Generate the title string for application.
*
* @param int application id
* @return the title string that has a hyperlink to the application itself.
*/
function generateApplicationTitle($app_id)
{
$app_id = intval($app_id);
//This here, it is actually better to use $url instead of app_id.
//$url is the primary key. $id is also a key, but it is not guranteed that it will be unique
$sql = "SELECT title FROM %ssocial_applications WHERE id=%d";
$row = queryDB($sql, array(TABLE_PREFIX, $app_id), TRUE);
$msg = _AT("has_added_app", url_rewrite(AT_SOCIAL_BASENAME . 'applications.php?app_id=' . $app_id, AT_PRETTY_URL_IS_HEADER), htmlentities_utf8($row['title']));
return $msg;
}
for ($i = 0; $i < count($words); $i++) {
$words[$i] = $strtolower($words[$i]);
}
$words = array_unique($words);
if (count($words) > 0) {
$count = 0;
$glossary_key_lower = array_change_key_case($glossary);
foreach ($words as $k => $v) {
$original_v = $v;
$v = $strtolower($v);
//array_change_key_case change everything to lowercase, including encoding.
if (isset($glossary_key_lower[$v]) && $glossary_key_lower[$v] != '') {
$v_formatted = urldecode(array_search($glossary_key_lower[$v], $glossary));
$def = AT_print($glossary_key_lower[$v], 'glossary.definition');
$count++;
echo '<a class="tooltip" href="' . $_base_path . 'mods/_core/glossary/index.php?g_cid=' . $_SESSION['s_cid'] . htmlentities(SEP) . 'w=' . urlencode($original_v) . '#term" title="' . htmlentities_utf8($v_formatted) . ': ' . $def . '">';
if ($strlen($original_v) > 26) {
$v_formatted = $substr($v_formatted, 0, 26 - 4) . '...';
}
echo AT_print($v_formatted, 'glossary.word') . '</a>';
echo '<br />';
}
}
if ($count == 0) {
/* there are defn's, but they're not defined in the glossary */
echo '<strong>' . _AT('no_terms_found') . '</strong>';
}
} else {
/* there are no glossary terms on this page */
echo '<strong>' . _AT('no_terms_found') . '</strong>';
}
<?php
if ($this->sub_level_pages[$i]['url'] == $this->current_sub_level_page) {
?>
<li class="active"><?php
echo htmlentities_utf8($this->sub_level_pages[$i]['title']);
?>
</li>
<?php
} else {
?>
<li><a href="<?php
echo $this->sub_level_pages[$i]['url'];
?>
"><?php
echo htmlentities_utf8($this->sub_level_pages[$i]['title']);
?>
</a></li>
<?php
}
?>
<?php
if ($i < $num_pages - 1) {
echo " ";
?>
<?php
}
?>
<?php
}
?>
function printMenu($parent_id, $depth, $path, $children, $truncate, $ignore_state, $from = '')
{
global $cid, $_my_uri, $_base_path, $rtl, $substr, $strlen;
static $temp_path;
$redirect_to = $from == 'sitemap' ? '1' : '0';
if (!isset($temp_path)) {
if ($cid) {
$temp_path = $this->getContentPath($cid);
} else {
$temp_path = $this->getContentPath($_SESSION['s_cid']);
}
}
$highlighted = array();
if (is_array($temp_path)) {
foreach ($temp_path as $temp_path_item) {
$_SESSION['menu'][$temp_path_item['content_id']] = 1;
$highlighted[$temp_path_item['content_id']] = true;
}
}
if ($this->start) {
reset($temp_path);
$this->start = false;
}
if (isset($this->_menu[$parent_id]) && is_array($this->_menu[$parent_id])) {
$top_level = $this->_menu[$parent_id];
$counter = 1;
$num_items = count($top_level);
echo '<div id="folder' . $parent_id . $from . '">' . "\n";
foreach ($top_level as $garbage => $content) {
$link = '';
//tests do not have content id
$content['content_id'] = isset($content['content_id']) ? $content['content_id'] : '';
$content['parent_content_id'] = $parent_id;
if (!$ignore_state) {
$link .= '<a name="menu' . $content['content_id'] . '"></a>';
}
$on = false;
if (($_SESSION['s_cid'] != $content['content_id'] || $_SESSION['s_cid'] != $cid) && ($content['content_type'] == CONTENT_TYPE_CONTENT || $content['content_type'] == CONTENT_TYPE_WEBLINK)) {
// non-current content nodes with content type "CONTENT_TYPE_CONTENT"
if (isset($highlighted[$content['content_id']])) {
$link .= '<strong>';
$on = true;
}
//content test extension @harris
//if this is a test link.
if (isset($content['test_id'])) {
$title_n_alt = $content['title'];
$in_link = 'mods/_standard/tests/test_intro.php?tid=' . $content['test_id'] . SEP . 'in_cid=' . $content['parent_content_id'];
$img_link = ' <img src="' . $_base_path . 'images/check.gif" title="' . $title_n_alt . '" alt="' . $title_n_alt . '" />';
} else {
$in_link = 'content.php?cid=' . $content['content_id'];
$img_link = '';
}
$full_title = $content['title'];
$link .= $img_link . ' <a href="' . $_base_path . htmlentities_utf8(url_rewrite($in_link)) . '" title="';
$base_title_length = 29;
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$base_title_length = 24;
}
$link .= $content['title'] . '">';
if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) {
$content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...';
}
if (isset($content['test_id'])) {
$link .= $content['title'];
} else {
$link .= '<span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">';
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$link .= $path . $counter;
}
$link .= ' ' . $content['title'] . '</span>';
}
$link .= '</a>';
if ($on) {
$link .= '</strong>';
}
// instructors have privilege to delete content
if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !isset($content['test_id']) && !is_mobile_device()) {
$link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>';
}
} else {
// current content page & nodes with content type "CONTENT_TYPE_FOLDER"
$base_title_length = 33;
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$base_title_length = 26;
}
if (isset($highlighted[$content['content_id']])) {
$link .= '<strong>';
$on = true;
}
if ($content['content_type'] == CONTENT_TYPE_CONTENT || $content['content_type'] == CONTENT_TYPE_WEBLINK) {
// current content page
$full_title = $content['title'];
$link .= '<a href="' . $_my_uri . '"><img src="' . $_base_path . 'images/clr.gif" alt="' . _AT('you_are_here') . ': ';
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$link .= $path . $counter;
}
$link .= $content['title'] . '" height="1" width="1" border="0" /></a><strong class="current-content" title="' . $content['title'] . '">' . "\n";
if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) {
$content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...';
}
$link .= '<a name="menu' . $content['content_id'] . '"></a><span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">';
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$link .= $path . $counter;
}
$link .= $content['title'] . '</span></strong>';
// instructors have privilege to delete content
if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) {
$link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>';
}
} else {
// nodes with content type "CONTENT_TYPE_FOLDER"
$full_title = $content['title'];
if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) {
$link .= '<a href="' . $_base_path . "mods/_core/editor/edit_content_folder.php?cid=" . $content['content_id'] . '" title="' . $full_title . _AT('click_edit') . '">' . "\n";
} else {
$link .= '<span style="cursor:pointer" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); ">' . "\n";
}
if ($truncate && $strlen($content['title']) > $base_title_length - $depth * 4) {
$content['title'] = htmlspecialchars(rtrim($substr(htmlspecialchars_decode($content['title']), 0, $base_title_length - $depth * 4 - 4))) . '...';
}
if (isset($content['test_id'])) {
$link .= $content['title'];
} else {
$link .= '<span class="inlineEdits" id="menu-' . $content['content_id'] . '" title="' . $full_title . '">';
}
if ($_SESSION['prefs']['PREF_NUMBERING']) {
$link .= $path . $counter;
}
$link .= ' ' . $content['title'] . '</span>';
if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) {
$link .= '</a>' . "\n";
} else {
$link .= '</span>' . "\n";
}
// instructors have privilege to delete content
if (authenticate(AT_PRIV_CONTENT, AT_PRIV_RETURN) && !is_mobile_device()) {
$link .= '<a href="' . $_base_path . 'mods/_core/editor/delete_content.php?cid=' . $content['content_id'] . '&redirect_to=' . $redirect_to . '"><img src="' . AT_BASE_HREF . 'images/x.gif" alt="' . _AT("delete_content") . '" title="' . _AT("delete_content") . '" class="del-content-icon" /></a>';
}
}
if ($on) {
$link .= '</strong>';
}
}
if ($ignore_state) {
$on = true;
}
echo '<span>' . "\n";
if (isset($this->_menu[$content['content_id']]) && is_array($this->_menu[$content['content_id']])) {
/* has children */
for ($i = 0; $i < $depth; $i++) {
if ($children[$i] == 1) {
echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
} else {
echo '<img src="' . $_base_path . 'images/clr.gif" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
}
}
if ($counter == $num_items && $depth > 0) {
echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
$children[$depth] = 0;
} else {
if ($counter == $num_items) {
echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
$children[$depth] = 0;
} else {
echo '<img src="' . AT_BASE_HREF . $this->tree_split_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
$children[$depth] = 1;
}
}
if ($_SESSION['s_cid'] == $content['content_id']) {
if (is_array($this->_menu[$content['content_id']])) {
$_SESSION['menu'][$content['content_id']] = 1;
}
}
if (isset($_SESSION['menu'][$content['content_id']]) && $_SESSION['menu'][$content['content_id']] == 1) {
if ($on) {
echo '<a href="javascript:void(0)" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); "><img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . '" class="img-size-tree" /></a>' . "\n";
} else {
echo '<a href="' . $_my_uri . 'collapse=' . $content['content_id'] . '">' . "\n";
echo '<img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . ' ' . $content['title'] . '" class="img-size-tree" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); " />' . "\n";
echo '</a>' . "\n";
}
} else {
if ($on) {
echo '<a href="javascript:void(0)" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); "><img src="' . AT_BASE_HREF . $this->tree_collapse_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('collapse') . '" border="0" width="16" height="16" title="' . _AT('collapse') . '" class="img-size-tree" /></a>' . "\n";
} else {
echo '<a href="' . $_my_uri . 'expand=' . $content['content_id'] . '">' . "\n";
echo '<img src="' . AT_BASE_HREF . $this->tree_expand_icon . '" id="tree_icon' . $content['content_id'] . $from . '" alt="' . _AT('expand') . '" border="0" width="16" height="16" title="' . _AT('expand') . ' ' . $content['title'] . '" class="img-size-tree" onclick="javascript: ATutor.course.toggleFolder(\'' . $content['content_id'] . $from . '\', \'' . _AT('expand') . '\', \'' . _AT('collapse') . '\', ' . $this->course_id . '); " />';
echo '</a>' . "\n";
}
}
} else {
/* doesn't have children */
if ($counter == $num_items) {
for ($i = 0; $i < $depth; $i++) {
if ($children[$i] == 1) {
echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
} else {
echo '<img src="' . $_base_path . 'images/clr.gif" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
}
}
echo '<img src="' . AT_BASE_HREF . $this->tree_end_icon . '" alt="" border="0" class="img-size-tree" />' . "\n";
} else {
for ($i = 0; $i < $depth; $i++) {
if ($children[$i] == 1) {
echo '<img src="' . AT_BASE_HREF . $this->tree_vertline_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
} else {
echo '<img src="' . AT_BASE_HREF . $this->tree_space_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
}
}
echo '<img src="' . AT_BASE_HREF . $this->tree_split_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
}
echo '<img src="' . AT_BASE_HREF . $this->tree_horizontal_icon . '" alt="" border="0" width="16" height="16" class="img-size-tree" />' . "\n";
}
echo $link;
echo "\n<br /></span>\n\n";
if ($ignore_state || isset($_SESSION['menu'][$content['content_id']]) && $_SESSION['menu'][$content['content_id']] == 1) {
$depth++;
$this->printMenu($content['content_id'], $depth, $path . $counter . '.', $children, $truncate, $ignore_state, $from);
$depth--;
}
$counter++;
}
// end of foreach
print "</div>\n\n";
}
}
?>
</span>
</div>
<?php
} else {
?>
<div>
<a href="profile.php?id=<?php
echo $comment_array['member_id'];
?>
"><strong><?php
echo AT_print(get_display_name($comment_array['member_id']), 'members.full_name');
?>
</a></strong>
<?php
echo htmlentities_utf8($comment_array['comment'], true);
?>
</div>
<?php
}
?>
<div class="comment_actions">
<!-- TODO: if author, add in-line "edit" -->
<?php
echo AT_date(_AT('forum_date_format'), $comment_array['created_date'], AT_DATE_MYSQL_DATETIME);
?>
<?php
if ($this->action_permission || $comment_array['member_id'] == $_SESSION['member_id']) {
?>
<a href="<?php
echo AT_PA_BASENAME . 'delete_comment.php?aid=' . $this->album_info['id'] . SEP . 'comment_id=' . $comment_array['id'];
<br />
<?php
$sql = "SELECT * FROM %sglossary WHERE course_id=%d AND word_id<>%d ORDER BY word";
$rows_g = queryDB($sql, array(TABLE_PREFIX, $_SESSION[course_id], $gid));
if (count($rows_g) != 0) {
echo '<select name="related_term">';
echo '<option value="0"></option>';
foreach ($rows_g as $row_g) {
if ($row_g['word_id'] == $row['word_id']) {
continue;
}
echo '<option value="' . $row_g['word_id'] . '"';
if ($row_g['word_id'] == $row['related_word_id']) {
echo ' selected="selected" ';
}
echo '>' . htmlentities_utf8($row_g['word']) . '</option>';
}
echo '</select>';
} else {
echo _AT('no_glossary_items');
}
?>
</div>
<div class="row buttons">
<input type="submit" name="submit" value="<?php
echo _AT('save');
?>
" accesskey="s" />
<input type="submit" name="cancel" value="<?php
echo _AT('cancel');
?>
echo _AT('site_name');
?>
</th>
<th><?php
echo _AT('url');
?>
</th>
</tr></thead>
<tbody>
<?php
foreach ($this->websites as $sites) {
$is_http = preg_match("/^http/", $sites['url']);
if ($is_http == 0) {
$sites['url'] = 'http://' . $sites['url'];
}
echo '<tr><td>' . htmlentities_utf8($sites['site_name']) . '</td>';
echo '<td><a href="' . $sites['url'] . '" target="user_profile_site">' . $sites['url'] . '</a></td></tr>';
}
?>
</tbody>
</table>
</div><br/>
<?php
}
?>
</div>
<?php
}
?>
<?php
function format_text($field)
{
$this->current_row[$field] = htmlentities_utf8($this->current_row[$field]);
}
define('TR_INCLUDE_PATH', '../../../include/');
require AT_INCLUDE_PATH . 'vitals.inc.php';
require_once AT_INCLUDE_PATH . 'classes/AContent_lcl/Utils.php';
require_once 'classes/ResultParser.class.php';
//$default_results_per_page = 25;
$default_results_per_page = 20;
$browse = intval($browse);
if (!isset($_REQUEST["results_per_page"])) {
$_REQUEST["results_per_page"] = $default_results_per_page;
}
if ($_REQUEST['submit'] || isset($_REQUEST['p'])) {
// ***
// ACC
// Add some filter to the input
// Convert all applicable characters to HTML entities
$_REQUEST['keywords'] = htmlentities_utf8($_REQUEST['keywords']);
// Remove all % chars to prevent unnecessary execution of the SQL query
$_REQUEST['keywords'] = str_replace('%', '', $_REQUEST['keywords']);
// Escapes special characters in a string for use in an SQL statement
$_REQUEST['keywords'] = $addslashes($_REQUEST['keywords']);
$keywords = trim($_REQUEST['keywords']);
//$title = trim($_REQUEST['title']);
//$description = trim($_REQUEST['description']);
//$author = trim($_REQUEST['author']);
$results_per_page = intval(trim($_REQUEST['results_per_page']));
if ($keywords != "") {
$page = intval($_REQUEST['p']);
if (!$page) {
$page = 1;
}
if ($results_per_page > $default_results_per_page || $results_per_page == 0) {
?>
<div title="<?php
echo htmlentities_utf8($row['description']);
?>
"><?php
echo substr(htmlentities_utf8($row['description'], true), 0, 150);
if (strlen($row['description']) > 150) {
echo "...";
}
?>
</div>
<?php
} else {
?>
<div title="<?php
echo htmlentities_utf8($row['description']);
?>
"> </div>
<?php
}
?>
</td>
<td class="hidecol700">
<?php
if (is_array($this->cats) && $row['cat_id'] != 0) {
?>
<a href="<?php
echo $_SERVER['PHP_SELF'] . '?' . $page_string . SEP;
?>
category=<?php
echo $row['cat_id'];
<div class="category_box">
<input type="checkbox" id="jb_category_<?php
echo $category['id'];
?>
" name="jb_categories[]" value="<?php
echo $category['id'];
?>
" <?php
echo $this->job_post['categories'] && in_array($category['id'], $this->job_post['categories']) ? 'checked="checked"' : '';
?>
/>
<label for="jb_category_<?php
echo $category['id'];
?>
"><?php
echo htmlentities_utf8($category['name']);
?>
</label>
</div>
<?php
}
}
?>
<div style="clear:both;"></div>
</div>
<div class="row">
<label for="jb_is_public"><?php
echo _AT('jb_is_public');
?>
</label>
<input type="checkbox" id="jb_is_public" name="jb_is_public" <?php
mysql_query($query);
$id = mysql_insert_id();
if ($id != 0) {
$ans = array("error" => false, "id" => $id, "values" => array($quantity_js, $article_js));
} else {
$ans = array("error" => true, "error_msg" => "Alle Felder ausfüllen.");
}
echo json_encode($ans);
die;
}
if ($todo == "edit") {
$inputs = $_REQUEST['inputs'];
$quantity = mysql_real_escape_string($inputs[1]);
$article = mysql_real_escape_string($inputs[2]);
$article_js = htmlentities_utf8($inputs[2]);
$quantity_js = htmlentities_utf8($inputs[1]);
$event_id = mysql_real_escape_string($_REQUEST['event_id']);
$entry_id = mysql_real_escape_string($_REQUEST['id']);
$_camp->event($event_id) || die("error");
$_camp->mat_event($entry_id) || die("error");
$query = "\tUPDATE mat_event\n\t\t\t\t\tSET \n\t\t\t\t\t\t`article_name` = '{$article}',\n\t\t\t\t\t\t`quantity` = '{$quantity}'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tid = {$entry_id}";
$result = mysql_query($query);
if (!mysql_error()) {
$ans = array("error" => false, "values" => array("1" => $quantity_js, "2" => $article_js));
echo json_encode($ans);
die;
} else {
$ans = array("error" => true, "error_msg" => "Fehler aufgetreten");
echo json_encode($ans);
die;
}
echo _AT('jb_website');
?>
</label><br/>
<input type="text" name="jb_employer_website" id="jb_employer_website" value="<?php
echo htmlentities_utf8($this->website);
?>
"/>
</div>
<div class="row">
<label for="jb_employer_description"><?php
echo _AT('jb_company_description');
?>
</label><br/>
<textarea id="jb_employer_description" name="jb_employer_description" ><?php
echo htmlentities_utf8($this->description);
?>
</textarea>
</div>
<div class="row">
<input type="hidden" name="jb_employer_password_hidden" value="" />
<input class="hidden" name="jb_employer_password_error" />
<input class="button" type="submit" name="submit" value="<?php
echo _AT('submit');
?>
" onclick="return encrypt_password();"/>
</div>
</form>
</div>
</ul>
</div>
-->
<!-- the sub navigation and guide -->
<div id="sub-menu">
<div class="search_top">
<form target="_top" action="<?php
echo TR_BASE_HREF;
?>
home/search.php" method="get">
<input type="text" name="search_text" id="search_text_at_header" value="<?php
if (isset($_GET['search_text'])) {
echo htmlentities_utf8($_GET['search_text'], ENT_QUOTES, 'UTF-8');
}
?>
" size="25" />
<?php
if (is_array($this->categories)) {
// print category dropdown list box
?>
<select name="catid">
<option value="" <?php
if (!isset($_GET['catid']) || $_GET['catid'] == '') {
echo 'selected="selected"';
}
?>
><?php
$msg->addFeedback('CANCELLED');
header('Location: index.php');
exit;
}
require(AT_INCLUDE_PATH.'header.inc.php');
$_GET['gid'] = intval($_GET['gid']);
if ($_GET['gid'] == 0) {
$msg->printErrors('ITEM_NOT_FOUND');
require(AT_INCLUDE_PATH.'footer.inc.php');
exit;
}
$hidden_vars['word'] = $_GET['t'];
$hidden_vars['gid'] = $_GET['gid'];
$sql = "SELECT * from ".TABLE_PREFIX."glossary WHERE word_id = '$hidden_vars[gid]'";
$result = mysql_query($sql, $db);
while ($row = mysql_fetch_assoc($result)){
$title = $row['word'];
}
$msg->addConfirm(array('DELETE', htmlentities_utf8($title)), $hidden_vars);
$msg->addConfirm('GLOSSARY_REMAINS', $hidden_vars);
$msg->printConfirm();
require(AT_INCLUDE_PATH.'footer.inc.php');
?>
<li><a href="<?php
echo $this->sub_level_pages_i[$i]['url'];
?>
"><?php
echo stripslashes(htmlentities_utf8($this->sub_level_pages_i[$i]['title']));
?>
</a></li>
<?php
} else {
?>
<li><a href="<?php
echo $this->sub_level_pages_i[$i]['url'] . $fcid;
?>
"><?php
echo stripslashes(htmlentities_utf8($this->sub_level_pages_i[$i]['title']));
?>
</a></li>
<?php
}
}
?>
<?php
if ($i < $num_pages - 1) {
echo " ";
?>
<?php
}
?>
<?php
}
<?php
global $addslashes;
//escape all strings
$company = htmlentities_utf8($this->company);
$title = htmlentities_utf8($this->profile_title);
$description = htmlentities_utf8($this->description, false);
$from = htmlentities_utf8($this->from);
$to = htmlentities_utf8($this->to);
?>
<script type="text/javascript" src="jscripts/lib/calendar.js"></script>
<script type="text/javascript">
<!--
//overwrite calendar dates range settings.
scwBaseYear = scwDateNow.getFullYear()-50;
scwDropDownYears = 70;
-->
</script>
<div class="headingbox"><h3><?php
if ($_GET['id']) {
echo _AT('edit_position');
} else {
echo _AT('add_new_position');
}
?>
</h3></div>
<div class="contentbox">
<form method="post" action="<?php
echo url_rewrite(AT_SOCIAL_BASENAME . 'edit_profile.php');
?>
">
