/**
* This function saves all the invitations of course users and additional users in the database
* and sends the invitations by email
*
* @param array Users array can be both a list of course uids AND a list of additional emailaddresses
* @param string Title of the invitation, used as the title of the mail
* @param string Text of the invitation, used as the text of the mail.
* The text has to contain a **link** string or this will automatically be added to the end
*
* @author Patrick Cool <*****@*****.**>, Ghent University
* @author Julio Montoya - Adding auto-generated link support
* @version January 2007
*
*/
public static function saveInvitations($users_array, $invitation_title, $invitation_text, $reminder = 0, $sendmail = 0, $remindUnAnswered = 0)
{
if (!is_array($users_array)) {
// Should not happen
return 0;
}
// Getting the survey information
$survey_data = SurveyManager::get_survey($_GET['survey_id']);
$survey_invitations = SurveyUtil::get_invitations($survey_data['survey_code']);
$already_invited = SurveyUtil::get_invited_users($survey_data['code']);
// Remind unanswered is a special version of remind all reminder
$exclude_users = array();
if ($remindUnAnswered == 1) {
// Remind only unanswered users
$reminder = 1;
$exclude_users = SurveyManager::get_people_who_filled_survey($_GET['survey_id']);
}
$counter = 0;
// Nr of invitations "sent" (if sendmail option)
$course_id = api_get_course_int_id();
$session_id = api_get_session_id();
$result = CourseManager::separateUsersGroups($users_array);
$groupList = $result['groups'];
$users_array = $result['users'];
foreach ($groupList as $groupId) {
$userGroupList = GroupManager::getStudents($groupId);
$userGroupIdList = array_column($userGroupList, 'user_id');
$users_array = array_merge($users_array, $userGroupIdList);
$params = array('c_id' => $course_id, 'session_id' => $session_id, 'group_id' => $groupId, 'survey_code' => $survey_data['code']);
$invitationExists = self::invitationExists($course_id, $session_id, $groupId, $survey_data['code']);
if (empty($invitationExists)) {
self::save_invitation($params);
}
}
$users_array = array_unique($users_array);
foreach ($users_array as $key => $value) {
if (!isset($value) || $value == '') {
continue;
}
// Skip user if reminding only unanswered people
if (in_array($value, $exclude_users)) {
continue;
}
// Get the unique invitation code if we already have it
if ($reminder == 1 && array_key_exists($value, $survey_invitations)) {
$invitation_code = $survey_invitations[$value]['invitation_code'];
} else {
$invitation_code = md5($value . microtime());
}
$new_user = false;
// User not already invited
// Store the invitation if user_id not in $already_invited['course_users'] OR email is not in $already_invited['additional_users']
$addit_users_array = isset($already_invited['additional_users']) && !empty($already_invited['additional_users']) ? explode(';', $already_invited['additional_users']) : array();
$my_alredy_invited = $already_invited['course_users'] == null ? array() : $already_invited['course_users'];
if (is_numeric($value) && !in_array($value, $my_alredy_invited) || !is_numeric($value) && !in_array($value, $addit_users_array)) {
$new_user = true;
if (!array_key_exists($value, $survey_invitations)) {
$params = array('c_id' => $course_id, 'session_id' => $session_id, 'user' => $value, 'survey_code' => $survey_data['code'], 'invitation_code' => $invitation_code, 'invitation_date' => api_get_utc_datetime());
self::save_invitation($params);
}
}
// Send the email if checkboxed
if (($new_user || $reminder == 1) && $sendmail != 0) {
// Make a change for absolute url
if (isset($invitation_text)) {
$invitation_text = api_html_entity_decode($invitation_text, ENT_QUOTES);
$invitation_text = str_replace('src="../../', 'src="' . api_get_path(WEB_PATH), $invitation_text);
$invitation_text = trim(stripslashes($invitation_text));
}
SurveyUtil::send_invitation_mail($value, $invitation_code, $invitation_title, $invitation_text);
$counter++;
}
}
return $counter;
// Number of invitations sent
}
// Database table definitions
$table_survey = Database::get_course_table(TABLE_SURVEY);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_gradebook_link = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
/** @todo this has to be moved to a more appropriate place (after the display_header of the code) */
// If user is not teacher or if he's a coach trying to access an element out of his session
if (!api_is_allowed_to_edit()) {
if (!api_is_course_coach() || !empty($_GET['survey_id']) && !api_is_element_in_the_session(TOOL_SURVEY, $_GET['survey_id'])) {
api_not_allowed(true);
exit;
}
}
// Getting the survey information
$survey_id = isset($_GET['survey_id']) ? intval($_GET['survey_id']) : null;
$survey_data = SurveyManager::get_survey($survey_id);
// Additional information
$course_id = api_get_course_id();
$session_id = api_get_session_id();
$gradebook_link_type = 8;
$urlname = isset($survey_data['title']) ? strip_tags($survey_data['title']) : null;
// Breadcrumbs
if ($_GET['action'] == 'add') {
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey_list.php?' . api_get_cidreq(), 'name' => get_lang('SurveyList'));
$tool_name = get_lang('CreateNewSurvey');
}
if ($_GET['action'] == 'edit' && is_numeric($survey_id)) {
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey_list.php?' . api_get_cidreq(), 'name' => get_lang('SurveyList'));
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey.php?survey_id=' . $survey_id . '&' . api_get_cidreq(), 'name' => Security::remove_XSS($urlname));
$tool_name = get_lang('EditSurvey');
}
Display::display_header();
Display::display_error_message(get_lang('NotAllowed'), false);
Display::display_footer();
exit;
}
// Is valid request
$is_valid_request = isset($_REQUEST['is_executable']) ? $_REQUEST['is_executable'] : null;
// Database table definitions
$table_survey = Database::get_course_table(TABLE_SURVEY);
$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$course_id = api_get_course_int_id();
// Getting the survey information
$surveyData = SurveyManager::get_survey($_GET['survey_id']);
if (empty($surveyData)) {
Display::display_header(get_lang('ToolSurvey'));
Display::display_error_message(get_lang('InvallidSurvey'), false);
Display::display_footer();
exit;
}
$urlname = api_substr(api_html_entity_decode($surveyData['title'], ENT_QUOTES), 0, 40);
if (api_strlen(strip_tags($surveyData['title'])) > 40) {
$urlname .= '...';
}
if ($surveyData['survey_type'] == 1) {
$sql = 'SELECT id FROM ' . Database::get_course_table(TABLE_SURVEY_QUESTION_GROUP) . '
WHERE
c_id = ' . $course_id . ' AND
survey_id = ' . (int) $_GET['survey_id'] . ' LIMIT 1';
$survey_id = intval($_GET['survey_id']);
$survey_data = SurveyManager::get_survey($survey_id);
if (empty($survey_data)) {
Display::display_header(get_lang('SurveyPreview'));
Display::display_error_message(get_lang('InvallidSurvey'), false);
Display::display_footer();
exit;
}
$urlname = strip_tags($survey_data['title']);
if (api_is_allowed_to_edit()) {
// Breadcrumbs
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey_list.php', 'name' => get_lang('SurveyList'));
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'survey/survey.php?survey_id=' . $survey_id, 'name' => $urlname);
}
$courseCode = isset($_GET['cidReq']) ? $_GET['cidReq'] : null;
$surveyAnonymous = SurveyManager::get_survey($survey_id, 0, $courseCode);
$surveyAnonymous = $surveyAnonymous['anonymous'];
if ($surveyAnonymous == 0 && api_is_anonymous()) {
api_not_allowed(true);
} elseif ($surveyAnonymous == 0 && $userInvited == 0) {
if (!api_is_allowed_to_edit()) {
api_not_allowed(true);
}
}
// Header
Display::display_header(get_lang('SurveyPreview'));
// We exit here is the first or last question is a pagebreak (which causes errors)
SurveyUtil::check_first_last_question($survey_id, false);
// Only a course admin is allowed to preview a survey: you are NOT a course admin => error message
/*
if (!api_is_allowed_to_edit(false, true)) {
/**
* Returns the "what's new" icon notifications
*
* The general logic of this function is to track the last time the user
* entered the course and compare to what has changed inside this course
* since then, based on the item_property table inside this course. Note that,
* if the user never entered the course before, he will not see notification
* icons. This function takes session ID into account (if any) and only shows
* the corresponding notifications.
* @param array Course information array, containing at least elements 'db' and 'k'
* @return string The HTML link to be shown next to the course
*/
public static function show_notification($course_info)
{
if (empty($course_info)) {
return '';
}
$t_track_e_access = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LASTACCESS);
$course_tool_table = Database::get_course_table(TABLE_TOOL_LIST);
$tool_edit_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_code = Database::escape_string($course_info['code']);
$user_id = api_get_user_id();
$course_id = intval($course_info['real_id']);
$sessionId = intval($course_info['id_session']);
// Get the user's last access dates to all tools of this course
$sql = "SELECT *\n FROM {$t_track_e_access}\n WHERE\n c_id = {$course_id} AND\n access_user_id = '{$user_id}' AND\n access_session_id ='" . $sessionId . "'";
$resLastTrackInCourse = Database::query($sql);
$oldestTrackDate = $oldestTrackDateOrig = '3000-01-01 00:00:00';
while ($lastTrackInCourse = Database::fetch_array($resLastTrackInCourse)) {
$lastTrackInCourseDate[$lastTrackInCourse['access_tool']] = $lastTrackInCourse['access_date'];
if ($oldestTrackDate > $lastTrackInCourse['access_date']) {
$oldestTrackDate = $lastTrackInCourse['access_date'];
}
}
if ($oldestTrackDate == $oldestTrackDateOrig) {
//if there was no connexion to the course ever, then take the
// course creation date as a reference
$oldestTrackDate = $course_info['creation_date'];
}
$sessionCondition = api_get_session_condition($sessionId, true, false, 'tet.session_id');
// Get the last edits of all tools of this course.
$sql = "SELECT\n tet.*,\n tet.lastedit_date last_date,\n tet.tool tool,\n tet.ref ref,\n tet.lastedit_type type,\n tet.to_group_id group_id,\n ctt.image image,\n ctt.link link\n FROM {$tool_edit_table} tet\n INNER JOIN {$course_tool_table} ctt\n ON tet.c_id = ctt.c_id\n WHERE\n tet.c_id = {$course_id} AND\n tet.lastedit_date > '{$oldestTrackDate}' " . " AND (ctt.name = tet.tool OR (ctt.name = 'student_publication' AND tet.tool = 'work'))\n AND ctt.visibility = '1'\n AND tet.lastedit_user_id != {$user_id} {$sessionCondition}\n ORDER BY tet.lastedit_date";
$res = Database::query($sql);
// Get the group_id's with user membership.
$group_ids = GroupManager::get_group_ids($course_info['real_id'], $user_id);
$group_ids[] = 0;
//add group 'everyone'
$notifications = array();
// Filter all last edits of all tools of the course
while ($res && ($item_property = Database::fetch_array($res, 'ASSOC'))) {
// First thing to check is if the user never entered the tool
// or if his last visit was earlier than the last modification.
if ((!isset($lastTrackInCourseDate[$item_property['tool']]) || $lastTrackInCourseDate[$item_property['tool']] < $item_property['lastedit_date']) && (in_array($item_property['to_group_id'], $group_ids) && ($item_property['tool'] != TOOL_NOTEBOOK && $item_property['tool'] != TOOL_CHAT)) && ($item_property['visibility'] == '1' || $course_info['status'] == '1' && $item_property['visibility'] == '0' || !isset($item_property['visibility']))) {
// Also drop announcements and events that are not for the user or his group.
if (($item_property['tool'] == TOOL_ANNOUNCEMENT || $item_property['tool'] == TOOL_CALENDAR_EVENT) && ($item_property['to_user_id'] != $user_id && (!isset($item_property['to_group_id']) || !in_array($item_property['to_group_id'], $group_ids)))) {
continue;
}
// If it's a survey, make sure the user's invited. Otherwise drop it.
if ($item_property['tool'] == TOOL_SURVEY) {
$survey_info = SurveyManager::get_survey($item_property['ref'], 0, $course_code);
if (!empty($survey_info)) {
$invited_users = SurveyUtil::get_invited_users($survey_info['code'], $course_code);
if (!in_array($user_id, $invited_users['course_users'])) {
continue;
}
}
}
// If it's a learning path, ensure it is currently visible to the user
if ($item_property['tool'] == TOOL_LEARNPATH) {
if (!learnpath::is_lp_visible_for_student($item_property['ref'], $user_id, $course_code)) {
continue;
}
}
if ($item_property['tool'] == TOOL_DROPBOX) {
$item_property['link'] = 'dropbox/dropbox_download.php?id=' . $item_property['ref'];
}
if ($item_property['tool'] == 'work' && $item_property['type'] == 'DirectoryCreated') {
$item_property['lastedit_type'] = 'WorkAdded';
}
$notifications[$item_property['tool']] = $item_property;
}
}
// Show all tool icons where there is something new.
$return = ' ';
foreach ($notifications as $notification) {
$lastDate = date('d/m/Y H:i', convert_sql_date($notification['lastedit_date']));
$type = $notification['lastedit_type'];
$label = get_lang('TitleNotification') . ": " . get_lang($type) . " ({$lastDate})";
if (strpos($notification['link'], '?') === false) {
$notification['link'] = $notification['link'] . '?notification=1';
} else {
$notification['link'] = $notification['link'] . '¬ification=1';
}
$return .= Display::url(Display::return_icon($notification['image'], $label), api_get_path(WEB_CODE_PATH) . $notification['link'] . '&cidReq=' . $course_code . '&ref=' . $notification['ref'] . '&gidReq=' . $notification['to_group_id'] . '&id_session=' . $sessionId) . ' ';
}
return $return;
}
exit;
}
}
$return = SurveyManager::empty_survey(intval($_GET['survey_id']));
if ($return) {
Display::display_confirmation_message(get_lang('SurveyEmptied'), false);
} else {
Display::display_error_message(get_lang('ErrorOccurred'), false);
}
}
// Action handling: performing the same action on multiple surveys
if (isset($_POST['action']) && $_POST['action']) {
if (is_array($_POST['id'])) {
foreach ($_POST['id'] as $key => &$value) {
// getting the information of the survey (used for when the survey is shared)
$survey_data = SurveyManager::get_survey($value);
// if the survey is shared => also delete the shared content
if (is_numeric($survey_data['survey_share'])) {
SurveyManager::delete_survey($survey_data['survey_share'], true);
}
// delete the actual survey
SurveyManager::delete_survey($value);
}
Display::display_confirmation_message(get_lang('SurveysDeleted'), false);
} else {
Display::display_error_message(get_lang('NoSurveysSelected'), false);
}
}
echo '<div class="actions">';
if (!api_is_course_coach() || $extend_rights_for_coachs == 'true') {
// Action links
<?php
/* For licensing terms, see /license.txt */
//require_once '../inc/global.inc.php';
$survey_id = isset($_REQUEST['i']) ? intval($_REQUEST['i']) : null;
if (empty($survey_id)) {
api_not_allowed(true);
}
if (!SurveyManager::survey_generation_hash_available()) {
api_not_allowed(true);
}
$course_info = api_get_course_info_by_id($_REQUEST['c']);
$hash_is_valid = SurveyManager::validate_survey_hash($survey_id, $_REQUEST['c'], $_REQUEST['s'], $_REQUEST['g'], $_REQUEST['h']);
if ($hash_is_valid && $course_info) {
$survey_data = SurveyManager::get_survey($survey_id, null, $course_info['code']);
$invitation_code = api_get_unique_id();
$params = array('c_id' => $_REQUEST['c'], 'session_id' => $_REQUEST['s'], 'user' => $invitation_code, 'survey_code' => $survey_data['code'], 'invitation_code' => $invitation_code, 'invitation_date' => api_get_utc_datetime());
$invitation_id = SurveyUtil::save_invitation($params);
if ($invitation_id) {
$link = api_get_path(WEB_CODE_PATH) . 'survey/fillsurvey.php
?invitationcode=' . $invitation_code . '&course=' . $course_info['code'] . 'cidReq=' . $course_info['code'];
header('Location: ' . $link);
exit;
}
} else {
api_not_allowed(true);
}
echo '<select name="language">';
while ($row = Database::fetch_array($result, 'ASSOC')) {
echo '<option value="' . $row['survey_id'] . '">' . $row['lang'] . '</option>';
}
echo '</select>';
echo '<button type="submit" name="Submit" class="next">' . get_lang('Ok') . '</button>';
echo '</form>';
Display::display_footer();
exit;
}
} else {
$row = Database::fetch_array($result, 'ASSOC');
$survey_invitation['survey_id'] = $row['survey_id'];
}
// Getting the survey information
$survey_data = SurveyManager::get_survey($survey_invitation['survey_id']);
$survey_data['survey_id'] = $survey_invitation['survey_id'];
// Storing the answers
if (count($_POST) > 0) {
if ($survey_data['survey_type'] === '0') {
// Getting all the types of the question
// (because of the special treatment of the score question type
$sql = "SELECT * FROM {$table_survey_question}\n WHERE\n c_id = {$course_id} AND\n survey_id = '" . intval($survey_invitation['survey_id']) . "'";
$result = Database::query($sql);
while ($row = Database::fetch_array($result, 'ASSOC')) {
$types[$row['question_id']] = $row['type'];
}
// Looping through all the post values
foreach ($_POST as $key => &$value) {
// If the post value key contains the string 'question' then it is an answer on a question
if (strpos($key, 'question') !== false) {
