if ($isSpecialCourse) { if (isset($_GET['autoreg'])) { $autoRegistration = Security::remove_XSS($_GET['autoreg']); if ($autoRegistration == 1) { if (CourseManager::subscribe_user($user_id, $course_code, STUDENT)) { Session::write('is_allowed_in_course', true); } } } } if (isset($_GET['action']) && $_GET['action'] == 'subscribe') { if (Security::check_token('get')) { Security::clear_token(); $auth = new Auth(); $msg = $auth->subscribe_user($course_code); if (CourseManager::is_user_subscribed_in_course($user_id, $course_code)) { Session::write('is_allowed_in_course', true); } if (!empty($msg)) { $show_message .= Display::return_message(get_lang($msg['message']), 'info', false); } } } /* Is the user allowed here? */ api_protect_course_script(true); /* STATISTICS */ if (!isset($coursesAlreadyVisited[$course_code])) { Event::accessCourse(); $coursesAlreadyVisited[$course_code] = 1; Session::write('coursesAlreadyVisited', $coursesAlreadyVisited); }
$user_data['expiration_date']['Y'] = date('Y'); } else { $user_data['radio_expiration_date'] = 1; $user_data['expiration_date'] = array(); $user_data['expiration_date']['d'] = substr($expiration_date, 8, 2); $user_data['expiration_date']['F'] = substr($expiration_date, 5, 2); $user_data['expiration_date']['Y'] = substr($expiration_date, 0, 4); $user_data['expiration_date']['H'] = substr($expiration_date, 11, 2); $user_data['expiration_date']['i'] = substr($expiration_date, 14, 2); } $form->setDefaults($user_data); $error_drh = false; // Validate form if ($form->validate()) { $user = $form->getSubmitValues(1); $is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']); if ($user['status'] == DRH && $is_user_subscribed_in_course) { $error_drh = true; } else { $userInfo = api_get_user_info($user_id); $picture_element = $form->getElement('picture'); $picture = $picture_element->getValue(); $picture_uri = $user_data['picture_uri']; if (isset($user['delete_picture']) && $user['delete_picture']) { $picture_uri = UserManager::delete_user_picture($user_id); } elseif (!empty($picture['name'])) { $picture_uri = UserManager::update_user_picture($user_id, $_FILES['picture']['name'], $_FILES['picture']['tmp_name']); } $lastname = $user['lastname']; $firstname = $user['firstname']; $password = $user['password'];
// inactive students $last_connection_date = Tracking::get_last_connection_date($student_id, true, true); if ($last_connection_date !== false) { if (time() - 3600 * 24 * 7 > $last_connection_date) { $nb_inactive_students++; } } else { $nb_inactive_students++; } $total_time_spent += Tracking::get_time_spent_on_the_platform($student_id); $total_courses += Tracking::count_course_per_student($student_id); $avg_student_progress = 0; $avg_student_score = 0; $nb_courses_student = 0; foreach ($courses as $courseId) { if (CourseManager::is_user_subscribed_in_course($student_id, $courseId, true)) { $nb_courses_student++; $nb_posts += Tracking::count_student_messages($student_id, $courseId); $nb_assignments += Tracking::count_student_assignments($student_id, $courseId); $avg_student_progress += Tracking::get_avg_student_progress($student_id, $courseId); $myavg_temp = Tracking::get_avg_student_score($student_id, $courseId); if (is_numeric($myavg_temp)) { $avg_student_score += $myavg_temp; } if ($nb_posts !== null && $nb_assignments !== null && $avg_student_progress !== null && $avg_student_score !== null) { //if one of these scores is null, it means that we had a problem connecting to the right database, so don't count it in $nb_courses_student++; } } } // average progress of the student
/** * Direct course link see #5299 * * You can send to your students an URL like this * http://chamilodev.beeznest.com/main/auth/inscription.php?c=ABC&e=3 * Where "c" is the course code and "e" is the exercise Id, after a successful * registration the user will be sent to the course or exercise * */ public static function redirectToCourse($form_data) { $course_code_redirect = Session::read('course_redirect'); $_user = api_get_user_info(); $user_id = api_get_user_id(); if (!empty($course_code_redirect)) { $course_info = api_get_course_info($course_code_redirect); if (!empty($course_info)) { if (in_array($course_info['visibility'], array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD))) { if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) { $form_data['action'] = $course_info['course_public_url']; $form_data['message'] = sprintf(get_lang('YouHaveBeenRegisteredToCourseX'), $course_info['title']); $form_data['button'] = Display::button('next', get_lang('GoToCourse', null, $_user['language']), array('class' => 'btn btn-primary btn-large')); $exercise_redirect = intval(Session::read('exercise_redirect')); // Specify the course id as the current context does not // hold a global $_course array $objExercise = new Exercise($course_info['real_id']); $result = $objExercise->read($exercise_redirect); if (!empty($exercise_redirect) && !empty($result)) { $form_data['action'] = api_get_path(WEB_CODE_PATH) . 'exercice/overview.php?exerciseId=' . $exercise_redirect . '&cidReq=' . $course_info['code']; $form_data['message'] .= '<br />' . get_lang('YouCanAccessTheExercise'); $form_data['button'] = Display::button('next', get_lang('Go', null, $_user['language']), array('class' => 'btn btn-primary btn-large')); } if (!empty($form_data['action'])) { header('Location: ' . $form_data['action']); exit; } } } } } return $form_data; }
CourseManager::save_user_legal($user_id, $course_code, $session_id); if (api_check_user_access_to_legal($course_info['visibility'])) { Session::write($variable, true); } if ($pluginLegal) { header('Location:' . $url); exit; } } } $user_pass_open_course = false; if (api_check_user_access_to_legal($course_info['visibility']) && Session::read($variable)) { $user_pass_open_course = true; } if (empty($session_id)) { if (CourseManager::is_user_subscribed_in_course($user_id, $course_code) || api_check_user_access_to_legal($course_info['visibility'])) { $user_accepted_legal = CourseManager::is_user_accepted_legal($user_id, $course_code); if ($user_accepted_legal || $user_pass_open_course) { //Redirect to course home header('Location: ' . $url); exit; } } else { api_not_allowed(); } } else { if (api_is_platform_admin()) { header('Location: ' . $url); } $userStatus = SessionManager::get_user_status_in_session($user_id, $course_code, $session_id); if (isset($userStatus) || api_check_user_access_to_legal($course_info['visibility'])) {
/** * Helper functions definition */ public static function get_logged_user_course_html($my_course, $count) { global $nosession, $nbDigestEntries, $orderKey, $digest, $thisCourseSysCode; if (!$nosession) { global $now, $date_start, $date_end; } //initialise $result = ''; // Table definitions $main_user_table = Database :: get_main_table(TABLE_MAIN_USER); $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION); $course_code = $my_course['code']; $course_visual_code = $my_course['course_info']['official_code']; $course_title = $my_course['course_info']['title']; $course_info = Database :: get_course_info($course_code); $course_id = $course_info['real_id']; $course_access_settings = CourseManager :: get_access_settings($course_code); $course_visibility = $course_access_settings['visibility']; $user_in_course_status = CourseManager :: get_user_in_course_status(api_get_user_id(), $course_code); //function logic - act on the data $is_virtual_course = CourseManager :: is_virtual_course_from_system_code($course_code); if ($is_virtual_course) { // If the current user is also subscribed in the real course to which this // virtual course is linked, we don't need to display the virtual course entry in // the course list - it is combined with the real course entry. $target_course_code = CourseManager :: get_target_of_linked_course($course_code); $is_subscribed_in_target_course = CourseManager :: is_user_subscribed_in_course(api_get_user_id(), $target_course_code); if ($is_subscribed_in_target_course) { return; //do not display this course entry } } $s_htlm_status_icon = Display::return_icon('course.gif', get_lang('Course')); //display course entry $result .= '<div id="div_'.$count.'">'; //$result .= '<h3><img src="../img/nolines_plus.gif" id="btn_'.$count.'" onclick="toogle_course(this,\''.$course_id.'\' )">'; $result .= $s_htlm_status_icon; //show a hyperlink to the course, unless the course is closed and user is not course admin if ($course_visibility != COURSE_VISIBILITY_HIDDEN && ($course_visibility != COURSE_VISIBILITY_CLOSED || $user_in_course_status == COURSEMANAGER)) { //$result .= '<a href="javascript:void(0)" id="ln_'.$count.'" onclick=toogle_course(this,\''.$course_id.'\');> '.$course_title.'</a>'; $result .= $course_title; } else { $result .= $course_title." "." ".get_lang('CourseClosed').""; } $result .= '</h3>'; //$current_course_settings = CourseManager :: get_access_settings($my_course['k']); // display the what's new icons /*if ($nbDigestEntries > 0) { reset($digest); $result .= '<ul>'; while (list ($key2) = each($digest[$thisCourseSysCode])) { $result .= '<li>'; if ($orderKey[1] == 'keyTools') { $result .= "<a href=\"$toolsList[$key2] [\"path\"] $thisCourseSysCode \">"; $result .= "$toolsList[$key2][\"name\"]</a>"; } else { $result .= api_convert_and_format_date($key2, DATE_FORMAT_LONG, date_default_timezone_get()); } $result .= '</li>'; $result .= '<ul>'; reset($digest[$thisCourseSysCode][$key2]); while (list ($key3, $dataFromCourse) = each($digest[$thisCourseSysCode][$key2])) { $result .= '<li>'; if ($orderKey[2] == 'keyTools') { $result .= "<a href=\"$toolsList[$key3] [\"path\"] $thisCourseSysCode \">"; $result .= "$toolsList[$key3][\"name\"]</a>"; } else { $result .= api_convert_and_format_date($key3, DATE_FORMAT_LONG, date_default_timezone_get()); } $result .= '<ul compact="compact">'; reset($digest[$thisCourseSysCode][$key2][$key3]); while (list ($key4, $dataFromCourse) = each($digest[$thisCourseSysCode][$key2][$key3])) { $result .= '<li>'; $result .= htmlspecialchars(substr(strip_tags($dataFromCourse), 0, CONFVAL_NB_CHAR_FROM_CONTENT)); $result .= '</li>'; } $result .= '</ul>'; $result .= '</li>'; } $result .= '</ul>'; $result .= '</li>'; } $result .= '</ul>'; }*/ $result .= '</li>'; $result .= '</div>'; if (!$nosession) { $session = ''; $active = false; if (!empty($my_course['session_name'])) { // Request for the name of the general coach $sql = 'SELECT lastname, firstname FROM '.$tbl_session.' ts LEFT JOIN '.$main_user_table.' tu ON ts.id_coach = tu.user_id WHERE ts.id='.(int) $my_course['id_session'].' LIMIT 1'; $rs = Database::query($sql); $sessioncoach = Database::store_result($rs); $sessioncoach = $sessioncoach[0]; $session = array(); $session['title'] = $my_course['session_name']; if ($my_course['date_start'] == '0000-00-00') { $session['dates'] = get_lang('WithoutTimeLimits'); if (api_get_setting('show_session_coach') === 'true') { $session['coach'] = get_lang('GeneralCoach').': '.api_get_person_name($sessioncoach['firstname'], $sessioncoach['lastname']); } $active = true; } else { $session ['dates'] = ' - '.get_lang('From').' '.$my_course['date_start'].' '.get_lang('To').' '.$my_course['date_end']; if (api_get_setting('show_session_coach') === 'true') { $session['coach'] = get_lang('GeneralCoach').': '.api_get_person_name($sessioncoach['firstname'], $sessioncoach['lastname']); } $active = ($date_start <= $now && $date_end >= $now) ? true : false; } } $my_course['id_session'] = isset($my_course['id_session']) ? $my_course['id_session'] : 0; $output = array($my_course['user_course_cat'], $result, $my_course['id_session'], $session, 'active' => $active); } else { $output = array($my_course['user_course_cat'], $result); } //$my_course['creation_date']; return $output; }
/* * Direct course link see #5299 * * You can send to your students an URL like this * http://chamilodev.beeznest.com/main/auth/inscription.php?c=ABC&e=3 * Where "c" is the course code and "e" is the exercise Id, after a successful * registration the user will be sent to the course or exercise * */ $course_code_redirect = Session::read('course_redirect'); if (!empty($course_code_redirect)) { $course_info = api_get_course_info($course_code_redirect); if (!empty($course_info)) { if (in_array($course_info['visibility'], array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD))) { $user_id = api_get_user_id(); if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) { $form_data['action'] = $course_info['course_public_url']; $form_data['message'] = sprintf(get_lang('YouHaveBeenRegisteredToCourseX'), $course_info['title']); $form_data['button'] = Display::button('next', get_lang('GoToCourse', null, $_user['language']), array('class' => 'btn btn-primary btn-large')); $exercise_redirect = intval(Session::read('exercise_redirect')); // Specifiy course ID as the current context does not // hold a global $_course array $objExercise = new Exercise($course_info['real_id']); $result = $objExercise->read($exercise_redirect); if (!empty($exercise_redirect) && !empty($result)) { $form_data['action'] = api_get_path(WEB_CODE_PATH) . 'exercice/overview.php?exerciseId=' . $exercise_redirect . '&cidReq=' . $course_info['code']; $form_data['message'] .= '<br />' . get_lang('YouCanAccessTheExercise'); $form_data['button'] = Display::button('next', get_lang('Go', null, $_user['language']), array('class' => 'btn btn-primary btn-large')); } if (!empty($form_data['action'])) { header('Location: ' . $form_data['action']);
$user_ids[] = $user['user_id']; } CourseManager::unsubscribe_user($user_ids, $course_code, $session_id); } } foreach ($clean_users as $userId) { $userInfo = api_get_user_info($userId); CourseManager::subscribe_user($userId, $course_code, STUDENT, $session_id); if (empty($session_id)) { //just to make sure if (CourseManager::is_user_subscribed_in_course($userId, $course_code)) { $user_to_show[] = $userInfo['complete_name']; } } else { //just to make sure if (CourseManager::is_user_subscribed_in_course($userId, $course_code, true, $session_id)) { $user_to_show[] = $userInfo['complete_name']; } } } } else { $message = get_lang('CheckUsersWithId'); $type = 'warning'; foreach ($invalid_users as $invalid_user) { $user_to_show[] = $invalid_user; } } } } } Display::display_header();
// IMPORTANT to avoid caching of documents header('Expires: Wed, 01 Jan 1990 00:00:00 GMT'); header('Cache-Control: public'); header('Pragma: no-cache'); $course_id = intval($_REQUEST['course_id']); $user_id = api_get_user_id(); $course_info = api_get_course_info_by_id($course_id); $doc_url = $_REQUEST['file']; $session_id = api_get_session_id(); if (empty($course_id)) { $course_id = api_get_course_int_id(); } if (empty($course_id) || empty($doc_url)) { api_not_allowed(); } $is_user_is_subscribed = CourseManager::is_user_subscribed_in_course($user_id, $course_id, true, $session_id); if (!api_is_allowed_to_edit() && !$is_user_is_subscribed) { api_not_allowed(); } //change the '&' that got rewritten to '///' by mod_rewrite back to '&' $doc_url = str_replace('///', '&', $doc_url); //still a space present? it must be a '+' (that got replaced by mod_rewrite) $doc_url = str_replace(' ', '+', $doc_url); $doc_url = str_replace('/..', '', $doc_url); //echo $doc_url; $full_file_name = api_get_path(SYS_COURSE_PATH) . $course_info['path'] . '/upload/calendar/' . $doc_url; //if the rewrite rule asks for a directory, we redirect to the document explorer if (is_dir($full_file_name)) { //remove last slash if present //$doc_url = ($doc_url{strlen($doc_url)-1}=='/')?substr($doc_url,0,strlen($doc_url)-1):$doc_url; //mod_rewrite can change /some/path/ to /some/path// in some cases, so clean them all off (René)
/** * @return boolean indicating if user with user_id=$user_id is a course member * @todo check if this function is still necessary. There might be a library function for this. */ function isCourseMember($user_id) { $_course = api_get_course_info(); $course_code = $_course['code']; $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true); return $is_course_member; }
$is_courseTutor = false; $is_courseCoach = false; $is_sessionAdmin = false; } // Checking the course access $is_allowed_in_course = false; if (isset($_course) && isset($_course['visibility'])) { switch ($_course['visibility']) { case COURSE_VISIBILITY_OPEN_WORLD: //3 $is_allowed_in_course = true; break; case COURSE_VISIBILITY_OPEN_PLATFORM: //2 $courseCode = $_course['code']; $isUserSubscribedInCourse = CourseManager::is_user_subscribed_in_course($user_id, $courseCode, $session_id); if (isset($user_id) && $isUserSubscribedInCourse === true && !api_is_anonymous($user_id)) { $is_allowed_in_course = true; } break; case COURSE_VISIBILITY_REGISTERED: //1 if ($is_platformAdmin || $is_courseMember) { $is_allowed_in_course = true; } break; case COURSE_VISIBILITY_CLOSED: //0 if ($is_platformAdmin || $is_courseAdmin) { $is_allowed_in_course = true; }
/** * @return boolean indicating if user with user_id=$user_id is a course member * @todo check if this function is still necessary. There might be a library function for this. */ function isCourseMember($user_id) { $courseId = api_get_course_int_id(); return CourseManager::is_user_subscribed_in_course($user_id, $courseId, true); }
// including some libraries that are also used in the documents tool require_once api_get_path(SYS_CODE_PATH) . 'document/document.inc.php'; // we use a function build_document_icon_tag require_once api_get_path(LIBRARY_PATH) . 'document.lib.php'; /* Virtual course support */ $user_id = api_get_user_id(); $course_code = api_get_course_id(); $course_info = api_get_course_info($course_code); $session_id = api_get_session_id(); $action = isset($_GET['action']) ? $_GET['action'] : null; $view = isset($_GET['view']) ? Security::remove_XSS($_GET['view']) : null; $postAction = isset($_POST['action']) ? $_POST['action'] : null; if (empty($session_id)) { $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'], false); } else { $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'], true, $session_id); } /* Object Initialisation */ // we need this here because the javascript to re-upload the file needs an array // off all the documents that have already been sent. // @todo consider moving the javascripts in a function that displays the javascripts // only when it is needed. if ($action == 'add') { $dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); } /* Create javascript and htmlHeaders */ $javascript = "<script type=\"text/javascript\">\n\tfunction confirmsend ()\n\t{\n\t\tif (confirm(\"" . get_lang('MailingConfirmSend', '') . "\")){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction confirmation (name)\n\t{\n\t\tif (confirm(\"" . get_lang('ConfirmDelete', '') . " : \"+ name )){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction checkForm (frm)\n\t{\n\t\tif (frm.elements['recipients[]'].selectedIndex < 0){\n\t\t\talert(\"" . get_lang('NoUserSelected', '') . "\");\n\t\t\treturn false;\n\t\t} else if (frm.file.value == '') {\n\t\t\talert(\"" . get_lang('NoFileSpecified', '') . "\");\n\t\t\treturn false;\n\t\t} else {\n\t\t\treturn true;\n\t\t}\n\t}\n\t"; if (dropbox_cnf('allowOverwrite')) { //sentArray keeps list of all files still available in the sent files list //of the user. //This is used to show or hide the overwrite file-radio button of the upload form
function get_users($from, $limit, $column, $direction) { $active = isset($_GET['active']) ? $_GET['active'] : 1; $keyword = isset($_GET['keyword']) ? Security::remove_XSS($_GET['keyword']) : null; $sleepingDays = isset($_GET['sleeping_days']) ? intval($_GET['sleeping_days']) : null; $lastConnectionDate = null; if (!empty($sleepingDays)) { $lastConnectionDate = api_get_utc_datetime(strtotime($sleepingDays . ' days ago')); } $is_western_name_order = api_is_western_name_order(); $coach_id = api_get_user_id(); $drhLoaded = false; if (api_is_drh()) { $column = 'u.user_id'; if (api_drh_can_access_all_session_content()) { $students = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus('drh_all', api_get_user_id(), false, $from, $limit, $column, $direction, $keyword, $active, $lastConnectionDate, null, null, api_is_student_boss() ? null : STUDENT); $drhLoaded = true; } } if ($drhLoaded == false) { $students = UserManager::getUsersFollowedByUser(api_get_user_id(), api_is_student_boss() ? null : STUDENT, false, false, false, $from, $limit, $column, $direction, $active, $lastConnectionDate, api_is_student_boss() ? STUDENT_BOSS : COURSEMANAGER, $keyword); } $all_datas = array(); foreach ($students as $student_data) { $student_id = $student_data['user_id']; if (isset($_GET['id_session'])) { $courses = Tracking::get_course_list_in_session_from_student($student_id, $_GET['id_session']); } $avg_time_spent = $avg_student_score = $avg_student_progress = $total_assignments = $total_messages = 0; $nb_courses_student = 0; if (!empty($courses)) { foreach ($courses as $course_code) { $courseInfo = api_get_course_info($course_code); $courseId = $courseInfo['real_id']; if (CourseManager::is_user_subscribed_in_course($student_id, $course_code, true)) { $avg_time_spent += Tracking::get_time_spent_on_the_course($student_id, $courseId, $_GET['id_session']); $my_average = Tracking::get_avg_student_score($student_id, $course_code); if (is_numeric($my_average)) { $avg_student_score += $my_average; } $avg_student_progress += Tracking::get_avg_student_progress($student_id, $course_code); $total_assignments += Tracking::count_student_assignments($student_id, $course_code); $total_messages += Tracking::count_student_messages($student_id, $course_code); $nb_courses_student++; } } } if ($nb_courses_student > 0) { $avg_time_spent = $avg_time_spent / $nb_courses_student; $avg_student_score = $avg_student_score / $nb_courses_student; $avg_student_progress = $avg_student_progress / $nb_courses_student; } else { $avg_time_spent = null; $avg_student_score = null; $avg_student_progress = null; } $row = array(); if ($is_western_name_order) { $row[] = $student_data['firstname']; $row[] = $student_data['lastname']; } else { $row[] = $student_data['lastname']; $row[] = $student_data['firstname']; } $string_date = Tracking::get_last_connection_date($student_id, true); $first_date = Tracking::get_first_connection_date($student_id); $row[] = $first_date; $row[] = $string_date; if (isset($_GET['id_coach']) && intval($_GET['id_coach']) != 0) { $detailsLink = '<a href="myStudents.php?student=' . $student_id . '&id_coach=' . $coach_id . '&id_session=' . $_GET['id_session'] . '"> <img src="' . api_get_path(WEB_IMG_PATH) . '2rightarrow.gif" border="0" /></a>'; } else { $detailsLink = '<a href="myStudents.php?student=' . $student_id . '"> <img src="' . api_get_path(WEB_IMG_PATH) . '2rightarrow.gif" border="0" /></a>'; } $row[] = $detailsLink; $all_datas[] = $row; } return $all_datas; }
/** * @param int $user_id * @param int $courseId * @param int $session_id * @return array */ function api_detect_user_roles($user_id, $courseId, $session_id = 0) { $user_roles = array(); /*$user_info = api_get_user_info($user_id); $user_roles[] = $user_info['status'];*/ $courseInfo = api_get_course_info_by_id($courseId); $course_code = $courseInfo['code']; $url_id = api_get_current_access_url_id(); if (api_is_platform_admin_by_id($user_id, $url_id)) { $user_roles[] = PLATFORM_ADMIN; } /*if (api_is_drh()) { $user_roles[] = DRH; }*/ if (!empty($session_id)) { if (SessionManager::user_is_general_coach($user_id, $session_id)) { $user_roles[] = SESSION_GENERAL_COACH; } } if (!empty($course_code)) { if (empty($session_id)) { if (CourseManager::is_course_teacher($user_id, $course_code)) { $user_roles[] = COURSEMANAGER; } if (CourseManager::get_tutor_in_course_status($user_id, $course_code)) { $user_roles[] = COURSE_TUTOR; } if (CourseManager::is_user_subscribed_in_course($user_id, $course_code)) { $user_roles[] = COURSE_STUDENT; } } else { $user_status_in_session = SessionManager::get_user_status_in_course_session($user_id, $courseId, $session_id); if (!empty($user_status_in_session)) { if ($user_status_in_session == 0) { $user_roles[] = SESSION_STUDENT; } if ($user_status_in_session == 2) { $user_roles[] = SESSION_COURSE_COACH; } } /*if (api_is_course_session_coach($user_id, $course_code, $session_id)) { $user_roles[] = SESSION_COURSE_COACH; }*/ } } return $user_roles; }
} if (!empty($content)) { echo $content; } if (!empty($search_term)) { echo "<p><strong>" . get_lang('SearchResultsFor') . " " . Security::remove_XSS($_POST['search_term']) . "</strong><br />"; } $ajax_url = api_get_path(WEB_AJAX_PATH) . 'course.ajax.php?a=add_course_vote'; $user_id = api_get_user_id(); if (!empty($browse_courses_in_category)) { foreach ($browse_courses_in_category as $course) { $course_hidden = $course['visibility'] == COURSE_VISIBILITY_HIDDEN; if ($course_hidden) { continue; } $user_registerd_in_course = CourseManager::is_user_subscribed_in_course($user_id, $course['code']); $user_registerd_in_course_as_teacher = CourseManager::is_course_teacher($user_id, $course['code']); $user_registerd_in_course_as_student = $user_registerd_in_course && !$user_registerd_in_course_as_teacher; $course_public = $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD; $course_open = $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM; $course_private = $course['visibility'] == COURSE_VISIBILITY_REGISTERED; $course_closed = $course['visibility'] == COURSE_VISIBILITY_CLOSED; $course_subscribe_allowed = $course['subscribe'] == 1; $course_unsubscribe_allowed = $course['unsubscribe'] == 1; $count_connections = $course['count_connections']; $creation_date = substr($course['creation_date'], 0, 10); $icon_title = null; $html = null; // display the course bloc $html .= '<div class="col-md-3"><div class="items-course">'; // display thumbnail
static function get_document_preview($course_info, $lp_id = false, $target = '', $session_id = 0, $add_move_button = false, $filter_by_folder = null, $overwrite_url = null) { if (empty($course_info['real_id']) || empty($course_info['code']) || !is_array($course_info)) { return ''; } $user_id = api_get_user_id(); $user_in_course = false; if (api_is_platform_admin()) { $user_in_course = true; } if (!$user_in_course) { if (CourseManager::is_course_teacher($user_id, $course_info['real_id'])) { $user_in_course = true; } } //condition for the session $session_id = intval($session_id); if (!$user_in_course) { if (empty($session_id)) { if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['real_id'])) { $user_in_course = true; } //Check if course is open then we can consider that the student is regitered to the course if (isset($course_info) && in_array($course_info['visibility'], array(2, 3))) { $user_in_course = true; } } else { $user_status = SessionManager::get_user_status_in_course_session($user_id, $course_info['real_id'], $session_id); //is true if is an student, course session teacher or coach if (in_array($user_status, array('0', '2', '6'))) { $user_in_course = true; } } } $tbl_doc = Database::get_course_table(TABLE_DOCUMENT); $tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY); $path = '/'; $path = Database::escape_string(str_replace('_', '\\_', $path)); $added_slash = $path == '/' ? '' : '/'; //$condition_session = " AND (id_session = '$session_id' OR (id_session = '0' AND insert_date <= (SELECT creation_date FROM $tbl_course WHERE code = '".$course_info['code']."' )))"; $condition_session = " AND (id_session = '{$session_id}' OR id_session = '0' )"; $add_folder_filter = null; if (!empty($filter_by_folder)) { $add_folder_filter = " AND docs.path LIKE '" . Database::escape_string($filter_by_folder) . "%'"; } $sql_doc = "SELECT last.visibility, docs.*\n\t\t\t\t\tFROM {$tbl_item_prop} AS last, {$tbl_doc} AS docs\n \t WHERE docs.id = last.ref AND\n docs.path LIKE '" . $path . $added_slash . "%' AND\n docs.path NOT LIKE '%_DELETED_%' AND\n last.tool = '" . TOOL_DOCUMENT . "' {$condition_session} AND\n last.visibility = '1' AND\n docs.c_id = {$course_info['real_id']} AND\n last.c_id = {$course_info['real_id']}\n {$add_folder_filter}\n ORDER BY docs.title ASC"; $res_doc = Database::query($sql_doc); $resources = Database::store_result($res_doc, 'ASSOC'); $resources_sorted = array(); $return = ''; if ($lp_id) { $return .= '<div class="lp_resource_element">'; $return .= Display::return_icon('new_doc.gif', '', array(), ICON_SIZE_SMALL); $return .= Display::url(get_lang('NewDocument'), api_get_self() . '?' . api_get_cidreq() . '&action=add_item&type=' . TOOL_DOCUMENT . '&lp_id=' . $_SESSION['oLP']->lp_id); $return .= '</div>'; } else { $return .= Display::div(Display::url(Display::return_icon('close.png', get_lang('Close'), array(), ICON_SIZE_SMALL), ' javascript:void(0);', array('id' => 'close_div_' . $course_info['real_id'] . '_' . $session_id, 'class' => 'close_div')), array('style' => 'position:absolute;right:10px')); } // If you want to debug it, I advise you to do "echo" on the eval statements. if (!empty($resources) && $user_in_course) { foreach ($resources as $resource) { $is_visible = self::is_visible_by_id($resource['id'], $course_info, $session_id, api_get_user_id()); if (!$is_visible) { continue; } $resource_paths = explode('/', $resource['path']); array_shift($resource_paths); $path_to_eval = $last_path = ''; $is_file = false; if ($resource['filetype'] == 'file') { foreach ($resource_paths as $key => $resource_path) { if ($key != count($resource_paths) - 1) { // It's a folder. $path_to_eval .= "['{$resource_path}']['files']"; } $is_file = true; } } else { foreach ($resource_paths as $key => $resource_path) { if ($key != count($resource_paths) - 1) { // It's a folder. $path_to_eval .= "['{$resource_path}']['files']"; } } } $last_path = $resource_path; //$data = json_encode(array('title'=>$resource['title'], 'path'=>$last_path)); //@todo not sure if it's a good thing using base64_encode. I tried with json_encode but i received the same error //Some testing is needed in order to prove the performance //Also change the explode to value from "/" to "|@j@|" it fixes #3780 $data = base64_encode($resource['title'] . '|@j@|' . $last_path); if ($is_file) { //for backward compatibility if (empty($resource['title'])) { $resource['title'] = basename($resource['path']); } eval('$resources_sorted' . $path_to_eval . '[' . $resource['id'] . '] = "' . $data . '" ; '); } else { eval('$resources_sorted' . $path_to_eval . '["' . $last_path . '"]["id"]=' . $resource['id'] . ';'); eval('$resources_sorted' . $path_to_eval . '["' . $last_path . '"]["title"]= "' . api_htmlentities($resource['title']) . '";'); } } } $label = get_lang('Documents'); $new_array[$label] = array('id' => 0, 'files' => $resources_sorted); $write_result = self::write_resources_tree($course_info, $session_id, $new_array, 0, $lp_id, $target, $add_move_button, $overwrite_url); $return .= $write_result; $img_path = api_get_path(WEB_IMG_PATH); if ($lp_id == false) { $return .= "<script>\n \t\t \t\$('.doc_folder').mouseover(function() {\n \t\t\t\t\tvar my_id = this.id.split('_')[2];\n \t\t\t\t\t\$('#res_'+my_id).show();\n \t\t\t\t});\n\n \t\t\t\t\$('.close_div').click(function() {\n \t\t\t\t\tvar course_id = this.id.split('_')[2];\n \t\t\t\t\tvar session_id = this.id.split('_')[3];\n \t\t\t\t\t\$('#document_result_'+course_id+'_'+session_id).hide();\n \t\t\t\t\t\$('.lp_resource').remove();\n \t\t\t\t});\n \t\t\t\t</script>"; } else { //For LPs $return .= "<script>\n\n \t\tfunction testResources(id, img) {\n\t \t\tif (document.getElementById(id).style.display=='block'){\n\t \t\t\tdocument.getElementById(id).style.display='none';\n var id = id.split('_')[1];\n\t \t\t\tdocument.getElementById('img_'+id).src='" . $img_path . "nolines_plus.gif';\n\t \t\t} else {\n\t \t\t\tdocument.getElementById(id).style.display='block';\n var id = id.split('_')[1];\n \t\t\t\tdocument.getElementById('img_'+id).src='" . $img_path . "nolines_minus.gif';\n \t\t\t}\n \t\t}\n \t\t</script>"; } if (!$user_in_course) { $return = ''; } return $return; }
/** * @param array $course_info * @param bool $lp_id * @param string $target * @param int $session_id * @param bool $add_move_button * @param string $filter_by_folder * @param string $overwrite_url * @param bool $showInvisibleFiles * @param bool $showOnlyFolders * @param int $folderId * @return string */ public static function get_document_preview($course_info, $lp_id = false, $target = '', $session_id = 0, $add_move_button = false, $filter_by_folder = null, $overwrite_url = null, $showInvisibleFiles = false, $showOnlyFolders = false, $folderId = false) { if (empty($course_info['real_id']) || empty($course_info['code']) || !is_array($course_info)) { return ''; } $overwrite_url = Security::remove_XSS($overwrite_url); $user_id = api_get_user_id(); $user_in_course = false; if (api_is_platform_admin()) { $user_in_course = true; } if (!$user_in_course) { if (CourseManager::is_course_teacher($user_id, $course_info['code'])) { $user_in_course = true; } } // Condition for the session $session_id = intval($session_id); if (!$user_in_course) { if (empty($session_id)) { if (CourseManager::is_user_subscribed_in_course($user_id, $course_info['code'])) { $user_in_course = true; } // Check if course is open then we can consider that the student is registered to the course if (isset($course_info) && in_array($course_info['visibility'], array(2, 3))) { $user_in_course = true; } } else { $user_status = SessionManager::get_user_status_in_course_session($user_id, $course_info['real_id'], $session_id); //is true if is an student, course session teacher or coach if (in_array($user_status, array('0', '2', '6'))) { $user_in_course = true; } } } $tbl_doc = Database::get_course_table(TABLE_DOCUMENT); $tbl_item_prop = Database::get_course_table(TABLE_ITEM_PROPERTY); $condition_session = " AND (last.session_id = '{$session_id}' OR last.session_id = '0' OR last.session_id IS NULL)"; $add_folder_filter = null; if (!empty($filter_by_folder)) { $add_folder_filter = " AND docs.path LIKE '" . Database::escape_string($filter_by_folder) . "%'"; } // If we are in LP display hidden folder https://support.chamilo.org/issues/6679 $lp_visibility_condition = null; if ($lp_id) { // $lp_visibility_condition = " OR filetype='folder'"; if ($showInvisibleFiles) { $lp_visibility_condition .= ' OR last.visibility = 0'; } } $showOnlyFoldersCondition = null; if ($showOnlyFolders) { //$showOnlyFoldersCondition = " AND docs.filetype = 'folder' "; } $folderCondition = " AND docs.path LIKE '/%' "; if (!api_is_allowed_to_edit()) { $protectedFolders = self::getProtectedFolderFromStudent(); foreach ($protectedFolders as $folder) { $folderCondition .= " AND docs.path NOT LIKE '{$folder}' "; } } $parentData = []; if ($folderId !== false) { $parentData = self::get_document_data_by_id($folderId, $course_info['code']); if (!empty($parentData)) { $cleanedPath = $parentData['path']; $num = substr_count($cleanedPath, '/'); $notLikeCondition = null; for ($i = 1; $i <= $num; $i++) { $repeat = str_repeat('/%', $i + 1); $notLikeCondition .= " AND docs.path NOT LIKE '" . Database::escape_string($cleanedPath . $repeat) . "' "; } $folderCondition = " AND\n docs.id <> {$folderId} AND\n docs.path LIKE '" . $cleanedPath . "/%'\n {$notLikeCondition}\n "; } else { $folderCondition = " AND\n docs.filetype = 'file' "; } } $levelCondition = null; if ($folderId === false) { $levelCondition = " AND docs.path NOT LIKE'/%/%'"; } $sql = "SELECT last.visibility, docs.*\n FROM {$tbl_item_prop} AS last INNER JOIN {$tbl_doc} AS docs\n ON (docs.id = last.ref AND docs.c_id = last.c_id)\n WHERE\n docs.path NOT LIKE '%_DELETED_%' AND\n last.tool = '" . TOOL_DOCUMENT . "' {$condition_session} AND\n (last.visibility = '1' {$lp_visibility_condition}) AND\n last.visibility <> 2 AND\n docs.c_id = {$course_info['real_id']} AND\n last.c_id = {$course_info['real_id']}\n {$showOnlyFoldersCondition}\n {$folderCondition}\n {$levelCondition}\n {$add_folder_filter}\n ORDER BY docs.filetype DESC, docs.title ASC"; $res_doc = Database::query($sql); $resources = Database::store_result($res_doc, 'ASSOC'); $return = ''; if ($lp_id) { $learnPath = learnpath::getCurrentLpFromSession(); if ($folderId === false) { $return .= '<div class="lp_resource_element">'; $return .= Display::return_icon('new_doc.gif', '', array(), ICON_SIZE_SMALL); $return .= Display::url(get_lang('NewDocument'), api_get_self() . '?' . api_get_cidreq() . '&action=add_item&type=' . TOOL_DOCUMENT . '&lp_id=' . $learnPath->lp_id); $return .= '</div>'; } } else { $return .= Display::div(Display::url(Display::return_icon('close.png', get_lang('Close'), array(), ICON_SIZE_SMALL), ' javascript:void(0);', array('id' => 'close_div_' . $course_info['real_id'] . '_' . $session_id, 'class' => 'close_div')), array('style' => 'position:absolute;right:10px')); } // If you want to debug it, I advise you to do "echo" on the eval statements. $newResources = array(); if (!empty($resources) && $user_in_course) { foreach ($resources as $resource) { $is_visible = self::is_visible_by_id($resource['id'], $course_info, $session_id, api_get_user_id()); if (!$is_visible) { continue; } $newResources[] = $resource; } } $label = get_lang('Documents'); $documents = []; if ($folderId === false) { $documents[$label] = array('id' => 0, 'files' => $newResources); } else { if (!empty($parentData)) { $documents[$parentData['title']] = array('id' => intval($folderId), 'files' => $newResources); } } $write_result = self::write_resources_tree($course_info, $session_id, $documents, $lp_id, $target, $add_move_button, $overwrite_url, $folderId); $return .= $write_result; $img_path = api_get_path(WEB_IMG_PATH); if ($lp_id == false) { $url = api_get_path(WEB_AJAX_PATH) . 'lp.ajax.php?a=get_documents&url=' . $overwrite_url . '&lp_id=' . $lp_id . '&cidReq=' . $course_info['code']; $return .= "<script>\n \$('.doc_folder').click(function() {\n var realId = this.id;\n var my_id = this.id.split('_')[2];\n var tempId = 'temp_'+my_id;\n \$('#res_'+my_id).show();\n\n var tempDiv = \$('#'+realId).find('#'+tempId);\n if (tempDiv.length == 0) {\n \$.ajax({\n async: false,\n type: 'GET',\n url: '" . $url . "',\n data: 'folder_id='+my_id,\n success: function(data) {\n \$('#'+realId).append('<div id='+tempId+'>'+data+'</div>');\n }\n });\n }\n });\n\n \$('.close_div').click(function() {\n var course_id = this.id.split('_')[2];\n var session_id = this.id.split('_')[3];\n \$('#document_result_'+course_id+'_'+session_id).hide();\n \$('.lp_resource').remove();\n \$('.document_preview_container').html('');\n });\n\n </script>"; } else { //For LPs $url = api_get_path(WEB_AJAX_PATH) . 'lp.ajax.php?a=get_documents&lp_id=' . $lp_id . '&' . api_get_cidreq(); $return .= "<script>\n\n function testResources(id, img) {\n var numericId = id.split('_')[1];\n var parentId = 'doc_id_'+numericId;\n var tempId = 'temp_'+numericId;\n var image = \$('#'+img);\n\n if (image.hasClass('open')) {\n image.removeClass('open');\n image.attr('src', '" . $img_path . "nolines_plus.gif');\n \$('#'+id).show();\n \$('#'+tempId).hide();\n } else {\n image.addClass('open');\n image.attr('src', '" . $img_path . "nolines_minus.gif');\n \$('#'+id).hide();\n \$('#'+tempId).show();\n\n var tempDiv = \$('#'+parentId).find('#'+tempId);\n if (tempDiv.length == 0) {\n \$.ajax({\n type: 'GET',\n async: false,\n url: '" . $url . "',\n data: 'folder_id='+numericId,\n success: function(data) {\n tempDiv = \$('#doc_id_'+numericId).append('<div id='+tempId+'>'+data+'</div>');\n }\n });\n }\n }\n }\n </script>"; } if (!$user_in_course) { $return = ''; } return $return; }
// we use a function build_document_icon_tag require_once api_get_path(LIBRARY_PATH) . 'fileDisplay.lib.php'; // the function choose_image is used require_once api_get_path(LIBRARY_PATH) . 'document.lib.php'; /* Virtual course support */ $user_id = api_get_user_id(); $course_code = api_get_course_id(); $course_info = api_get_course_info($course_code); $session_id = api_get_session_id(); $action = isset($_GET['action']) ? $_GET['action'] : null; $view = isset($_GET['view']) ? Security::remove_XSS($_GET['view']) : null; $postAction = isset($_POST['action']) ? $_POST['action'] : null; if (empty($session_id)) { $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, false); } else { $is_course_member = CourseManager::is_user_subscribed_in_course($user_id, $course_code, true, $session_id); } /* Object Initialisation */ // we need this here because the javascript to re-upload the file needs an array // off all the documents that have already been sent. // @todo consider moving the javascripts in a function that displays the javascripts // only when it is needed. if ($action == 'add') { $dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); } /* Create javascript and htmlHeaders */ $javascript = "<script type=\"text/javascript\">\n\tfunction confirmsend ()\n\t{\n\t\tif (confirm(\"" . get_lang('MailingConfirmSend', '') . "\")){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction confirmation (name)\n\t{\n\t\tif (confirm(\"" . get_lang('ConfirmDelete', '') . " : \"+ name )){\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\tfunction checkForm (frm)\n\t{\n\t\tif (frm.elements['recipients[]'].selectedIndex < 0){\n\t\t\talert(\"" . get_lang('NoUserSelected', '') . "\");\n\t\t\treturn false;\n\t\t} else if (frm.file.value == '') {\n\t\t\talert(\"" . get_lang('NoFileSpecified', '') . "\");\n\t\t\treturn false;\n\t\t} else {\n\t\t\treturn true;\n\t\t}\n\t}\n\t"; if (dropbox_cnf('allowOverwrite')) { //sentArray keeps list of all files still available in the sent files list //of the user. //This is used to show or hide the overwrite file-radio button of the upload form
/** * Web service to tell if a given user is subscribed to the course * @param array $params Array of parameters (course and user_id) * @return bool|null|soap_fault A simple boolean (true if user is subscribed, false otherwise) */ function WSUserSubscribedInCourse($params) { global $debug; if ($debug) { error_log('WSUserSubscribedInCourse'); } if ($debug) { error_log('Params ' . print_r($params, 1)); } if (!WSHelperVerifyKey($params)) { return return_error(WS_ERROR_SECRET_KEY); } $courseCode = $params['course']; //Course code $userId = $params['user_id']; //chamilo user id return CourseManager::is_user_subscribed_in_course($userId, $courseCode); }
define('TOOL_INTERACTION', 'toolinteraction'); define('TOOL_COURSE_PLUGIN', 'toolcourseplugin'); //all plugins that can be enabled in courses define('TOOL_ADMIN', 'tooladmin'); define('TOOL_ADMIN_PLATFORM', 'tooladminplatform'); define('TOOL_DRH', 'tool_drh'); define('TOOL_STUDENT_VIEW', 'toolstudentview'); define('TOOL_ADMIN_VISIBLE', 'tooladminvisible'); $user_id = api_get_user_id(); $course_code = api_get_course_id(); $courseId = api_get_course_int_id(); $sessionId = api_get_session_id(); $show_message = ''; if (api_is_invitee()) { $isInASession = $sessionId > 0; $isSubscribed = CourseManager::is_user_subscribed_in_course($user_id, $course_code, $isInASession, $sessionId); if (!$isSubscribed) { api_not_allowed(true); } } //Deleting group session Session::erase('toolgroup'); Session::erase('_gid'); $isSpecialCourse = CourseManager::isSpecialCourse($courseId); if ($isSpecialCourse) { if (isset($_GET['autoreg'])) { $autoRegistration = Security::remove_XSS($_GET['autoreg']); if ($autoRegistration == 1) { if (CourseManager::subscribe_user($user_id, $course_code, STUDENT)) { Session::write('is_allowed_in_course', true); }