TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

upgrade

Browse Source
This commit is contained in:
Xes
2025-08-14 22:37:50 +02:00
parent fb6d5d5926
commit 3641e93527
9156 changed files with 1813532 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
main/inc/ajax/.htaccess Normal file
View File

@@ -0,0 +1 @@
Options -Indexes

BIN
main/inc/ajax/Wami.swf Normal file
View File

Binary file not shown.

272
main/inc/ajax/admin.ajax.php Normal file
View File

@@ -0,0 +1,272 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Entity\BranchSync;
use Chamilo\CoreBundle\Entity\Repository\BranchSyncRepository;
use GuzzleHttp\Client;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_admin_script();
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
switch ($action) {
case 'update_changeable_setting':
$url_id = api_get_current_access_url_id();
if (api_is_global_platform_admin() && $url_id == 1) {
if (isset($_GET['id']) && !empty($_GET['id'])) {
$params = ['variable = ? ' => [$_GET['id']]];
$data = api_get_settings_params($params);
if (!empty($data)) {
foreach ($data as $item) {
$params = ['id' => $item['id'], 'access_url_changeable' => $_GET['changeable']];
api_set_setting_simple($params);
}
}
echo '1';
}
}
break;
case 'version':
// Fix session block when loading admin/index.php and changing page
session_write_close();
echo version_check();
break;
case 'get_extra_content':
$blockName = isset($_POST['block']) ? Security::remove_XSS($_POST['block']) : null;
if (empty($blockName)) {
exit;
}
if (api_is_multiple_url_enabled()) {
$accessUrlId = api_get_current_access_url_id();
if ($accessUrlId == -1) {
exit;
}
$urlInfo = api_get_access_url($accessUrlId);
$url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $urlInfo['url']));
$cleanUrl = str_replace('/', '-', $url);
$newUrlDir = api_get_path(SYS_APP_PATH)."home/$cleanUrl/admin/";
} else {
$newUrlDir = api_get_path(SYS_APP_PATH)."home/admin/";
}
if (!file_exists($newUrlDir)) {
exit;
}
if (!Security::check_abs_path("{$newUrlDir}{$blockName}_extra.html", $newUrlDir)) {
exit;
}
if (!file_exists("{$newUrlDir}{$blockName}_extra.html")) {
exit;
}
echo file_get_contents("{$newUrlDir}{$blockName}_extra.html");
break;
case 'get_latest_news':
if (api_get_configuration_value('admin_chamilo_announcements_disable') === true) {
break;
}
try {
$latestNews = getLatestNews();
$latestNews = json_decode($latestNews, true);
echo Security::remove_XSS($latestNews['text'], COURSEMANAGER);
break;
} catch (Exception $e) {
break;
}
}
/**
* Displays either the text for the registration or the message that the installation is (not) up to date.
*
* @return string html code
*
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*
* @version august 2006
*
* @todo have a 6 monthly re-registration
*/
function version_check()
{
$tbl_settings = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
$sql = 'SELECT selected_value FROM '.$tbl_settings.' WHERE variable = "registered" ';
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
// The site has not been registered yet.
$return = '';
if ($row['selected_value'] == 'false') {
$return .= get_lang('VersionCheckExplanation');
$return .= '<form class="version-checking" action="'.api_get_path(WEB_CODE_PATH).'admin/index.php" id="VersionCheck" name="VersionCheck" method="post">';
$return .= '<label class="checkbox"><input type="checkbox" name="donotlistcampus" value="1" id="checkbox" />'.get_lang('HideCampusFromPublicPlatformsList');
$return .= '</label><button type="submit" class="btn btn-primary btn-block" name="Register" value="'.get_lang('EnableVersionCheck').'" id="register" >'.get_lang('EnableVersionCheck').'</button>';
$return .= '</form>';
check_system_version();
} else {
// site not registered. Call anyway
$return .= check_system_version();
}
return $return;
}
/**
* Check if the current installation is up to date
* The code is borrowed from phpBB and slighlty modified.
*
* @throws \Exception
* @throws \InvalidArgumentException
*
* @return string language string with some layout (color)
*/
function check_system_version()
{
// Check if curl is available.
if (!in_array('curl', get_loaded_extensions())) {
return '<span style="color:red">'.get_lang('ImpossibleToContactVersionServerPleaseTryAgain').'</span>';
}
$url = 'https://version.chamilo.org';
$options = [
'verify' => false,
];
$urlValidated = false;
try {
$client = new GuzzleHttp\Client();
$res = $client->request('GET', $url, $options);
if ($res->getStatusCode() == '200' || $res->getStatusCode() == '301') {
$urlValidated = true;
}
} catch (Exception $e) {
}
// the chamilo version of your installation
$system_version = trim(api_get_configuration_value('system_version'));
if ($urlValidated) {
// The number of courses
$number_of_courses = Statistics::countCourses();
// The number of users
$number_of_users = Statistics::countUsers();
$number_of_active_users = Statistics::countUsers(
null,
null,
null,
true
);
// The number of sessions
$number_of_sessions = SessionManager::count_sessions(api_get_current_access_url_id());
$packager = api_get_configuration_value('packager');
if (empty($packager)) {
$packager = 'chamilo';
}
$uniqueId = '';
$entityManager = Database::getManager();
/** @var BranchSyncRepository $branch */
$repository = $entityManager->getRepository('ChamiloCoreBundle:BranchSync');
/** @var BranchSync $branch */
$branch = $repository->getTopBranch();
if (is_a($branch, '\Chamilo\CoreBundle\Entity\BranchSync')) {
$uniqueId = $branch->getUniqueId();
}
$data = [
'url' => api_get_path(WEB_PATH),
'campus' => api_get_setting('siteName'),
'contact' => api_get_setting('emailAdministrator'), // the admin's e-mail, with the only purpose of being able to contact admins to inform about critical security issues
'version' => $system_version,
'numberofcourses' => $number_of_courses, // to sum up into non-personal statistics - see https://version.chamilo.org/stats/
'numberofusers' => $number_of_users, // to sum up into non-personal statistics
'numberofactiveusers' => $number_of_active_users, // to sum up into non-personal statistics
'numberofsessions' => $number_of_sessions,
//The donotlistcampus setting recovery should be improved to make
// it true by default - this does not affect numbers counting
'donotlistcampus' => api_get_setting('donotlistcampus'),
'organisation' => api_get_setting('Institution'),
'language' => api_get_setting('platformLanguage'), //helps us know the spread of language usage for campuses, by main language
'adminname' => api_get_setting('administratorName').' '.api_get_setting('administratorSurname'), //not sure this is necessary...
'ip' => $_SERVER['REMOTE_ADDR'], //the admin's IP address, with the only purpose of trying to geolocate portals around the globe to draw a map
// Reference to the packager system or provider through which
// Chamilo is installed/downloaded. Packagers can change this in
// the default config file (main/install/configuration.dist.php)
// or in the installed config file. The default value is 'chamilo'
'packager' => $packager,
'unique_id' => $uniqueId,
];
$version = null;
$client = new GuzzleHttp\Client();
$url .= '?';
foreach ($data as $k => $v) {
$url .= urlencode($k).'='.urlencode($v).'&';
}
$res = $client->request('GET', $url, $options);
if ($res->getStatusCode() == '200') {
$versionData = $res->getHeader('X-Chamilo-Version');
if (isset($versionData[0])) {
$version = trim($versionData[0]);
}
}
if (version_compare($system_version, $version, '<')) {
$output = '<span style="color:red">'.get_lang('YourVersionNotUpToDate').'<br />
'.get_lang('LatestVersionIs').' <b>Chamilo '.$version.'</b>. <br />
'.get_lang('YourVersionIs').' <b>Chamilo '.$system_version.'</b>. <br />'.str_replace('http://www.chamilo.org', '<a href="http://www.chamilo.org">http://www.chamilo.org</a>', get_lang('PleaseVisitOurWebsite')).'</span>';
} else {
$output = '<span style="color:green">'.get_lang('VersionUpToDate').': Chamilo '.$version.'</span>';
}
return $output;
}
return '<span style="color:red">'.get_lang('ImpossibleToContactVersionServerPleaseTryAgain').'</span>';
}
/**
* Display the latest news from the Chamilo Association for admins.
*
* @throws \GuzzleHttp\Exception\GuzzleException
* @throws Exception
*
* @return string|void
*/
function getLatestNews()
{
$url = 'https://version.chamilo.org/news/latest.php';
$client = new Client();
$response = $client->request(
'GET',
$url,
[
'query' => [
'language' => api_get_interface_language(),
],
]
);
if ($response->getStatusCode() !== 200) {
throw new Exception(get_lang('DenyEntry'));
}
return $response->getBody()->getContents();
}

262
main/inc/ajax/agenda.ajax.php Normal file
View File

@@ -0,0 +1,262 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
$type = isset($_REQUEST['type']) && in_array($_REQUEST['type'], ['personal', 'course', 'admin']) ? $_REQUEST['type'] : 'personal';
if ($type === 'personal') {
$cidReset = true; // fixes #5162
}
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'] ?? null;
$group_id = api_get_group_id();
if ($type === 'course') {
api_protect_course_script(true);
}
$logInfo = [
'tool' => TOOL_CALENDAR_EVENT,
'action' => $action,
];
Event::registerLog($logInfo);
$agenda = new Agenda($type);
// get filtered type
$type = $agenda->getType();
$em = Database::getManager();
switch ($action) {
case 'add_event':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$add_as_announcement = $_REQUEST['add_as_annonuncement'] ?? null;
$title = $_REQUEST['title'] ?? null;
$content = $_REQUEST['content'] ?? null;
$comment = $_REQUEST['comment'] ?? null;
$userToSend = $_REQUEST['users_to_send'] ?? [];
$inviteesList = $_REQUEST['invitees'] ?? [];
$isCollective = isset($_REQUEST['collective']);
$notificationCount = $_REQUEST['notification_count'] ?? [];
$notificationPeriod = $_REQUEST['notification_period'] ?? [];
$careerId = $_REQUEST['career_id'] ?? 0;
$promotionId = $_REQUEST['promotion_id'] ?? 0;
$subscriptionVisibility = (int) ($_REQUEST['subscription_visibility'] ?? 0);
$subscriptionItemId = isset($_REQUEST['subscription_item']) ? (int) $_REQUEST['subscription_item'] : null;
$maxSubscriptions = (int) ($_REQUEST['max_subscriptions'] ?? 0);
$reminders = $notificationCount ? array_map(null, $notificationCount, $notificationPeriod) : [];
$eventId = $agenda->addEvent(
$_REQUEST['start'],
$_REQUEST['end'],
$_REQUEST['all_day'],
$title,
$content,
$userToSend,
$add_as_announcement,
null,
[],
null,
$comment,
'',
$inviteesList,
$isCollective,
$reminders,
(int) $careerId,
(int) $promotionId,
$subscriptionVisibility,
$subscriptionItemId,
$maxSubscriptions
);
echo $eventId;
break;
case 'edit_event':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$id_list = explode('_', $_REQUEST['id']);
$id = $id_list[1];
$agenda->editEvent(
$id,
$_REQUEST['start'],
$_REQUEST['end'],
$_REQUEST['all_day'],
$title,
$content
);
break;
case 'delete_event':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$id_list = explode('_', $_REQUEST['id']);
$id = $id_list[1];
$deleteAllEventsFromSerie = isset($_REQUEST['delete_all_events']);
$agenda->deleteEvent($id, $deleteAllEventsFromSerie);
break;
case 'resize_event':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$minute_delta = $_REQUEST['minute_delta'];
$id = explode('_', $_REQUEST['id']);
$id = $id[1];
$agenda->resizeEvent($id, $minute_delta);
break;
case 'move_event':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$minute_delta = $_REQUEST['minute_delta'];
$allDay = $_REQUEST['all_day'];
$id = explode('_', $_REQUEST['id']);
$id = $id[1];
$agenda->move_event($id, $minute_delta, $allDay);
break;
case 'get_events':
$filter = $_REQUEST['user_id'] ?? null;
$sessionId = $_REQUEST['session_id'] ?? null;
$result = $agenda->parseAgendaFilter($filter);
$groupId = current($result['groups']);
$userId = current($result['users']);
$start = isset($_REQUEST['start']) ? api_strtotime($_REQUEST['start']) : null;
$end = isset($_REQUEST['end']) ? api_strtotime($_REQUEST['end']) : null;
if ($type === 'personal' && !empty($sessionId)) {
$agenda->setSessionId($sessionId);
}
$events = $agenda->getEvents(
$start,
$end,
api_get_course_int_id(),
$groupId,
$userId
);
header('Content-Type: application/json');
echo $events;
break;
case 'get_user_agenda':
// Used in the admin user list.
api_protect_admin_script();
if (api_is_allowed_to_edit(null, true)) {
//@todo move this in the agenda class
$DaysShort = api_get_week_days_short();
$MonthsLong = api_get_months_long();
$user_id = (int) $_REQUEST['user_id'];
$my_course_list = CourseManager::get_courses_list_by_user_id($user_id, true);
if (!is_array($my_course_list)) {
// this is for the special case if the user has no courses (otherwise you get an error)
$my_course_list = [];
}
$today = getdate();
$year = (!empty($_GET['year']) ? (int) $_GET['year'] : null);
if ($year == null) {
$year = $today['year'];
}
$month = (!empty($_GET['month']) ? (int) $_GET['month'] : null);
if ($month == null) {
$month = $today['mon'];
}
$day = (!empty($_GET['day']) ? (int) $_GET['day'] : null);
if ($day == null) {
$day = $today['mday'];
}
$monthName = $MonthsLong[$month - 1];
$week = null;
$agendaitems = Agenda::get_myagendaitems(
$user_id,
$my_course_list,
$month,
$year
);
$agendaitems = Agenda::get_global_agenda_items(
$agendaitems,
$day,
$month,
$year,
$week,
"month_view"
);
if (api_get_setting('allow_personal_agenda') == 'true') {
$agendaitems = Agenda::get_personal_agenda_items(
$user_id,
$agendaitems,
$day,
$month,
$year,
$week,
"month_view"
);
}
Agenda::display_mymonthcalendar(
$user_id,
$agendaitems,
$month,
$year,
[],
$monthName,
false
);
}
break;
case 'event_subscribe':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$id = (int) explode('_', $_REQUEST['id'])[1];
$agenda->subscribeCurrentUserToEvent($id);
break;
case 'event_unsubscribe':
if (!$agenda->getIsAllowedToEdit()) {
break;
}
if (false === Security::check_token('get')) {
exit;
}
$id = (int) explode('_', $_REQUEST['id'])[1];
$agenda->unsubscribeCurrentUserToEvent($id);
break;
default:
echo '';
}
exit;

233
main/inc/ajax/announcement.ajax.php Normal file
View File

@@ -0,0 +1,233 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'] ?? null;
$isAllowedToEdit = api_is_allowed_to_edit();
$courseInfo = api_get_course_info();
$courseCode = api_get_course_id();
$courseId = api_get_course_int_id();
$groupId = api_get_group_id();
$sessionId = api_get_session_id();
$currentUserId = api_get_user_id();
$isTutor = false;
if (!empty($groupId)) {
$groupInfo = GroupManager::get_group_properties($groupId);
$isTutor = GroupManager::is_tutor_of_group(api_get_user_id(), $groupInfo);
if ($isTutor) {
$isAllowedToEdit = true;
}
}
switch ($action) {
case 'preview':
$userInCourse = false;
if ($courseId != 0 && CourseManager::is_user_subscribed_in_course($currentUserId, CourseManager::get_course_code_from_course_id($courseId), $sessionId)) {
$userInCourse = true;
}
$allowToEdit = (
api_is_allowed_to_edit(false, true) ||
(api_get_course_setting('allow_user_edit_announcement') && !api_is_anonymous() && $userInCourse) ||
($sessionId && api_is_coach() && api_get_configuration_value('allow_coach_to_edit_announcements'))
);
$drhHasAccessToSessionContent = api_drh_can_access_all_session_content();
if (!empty($sessionId) && $drhHasAccessToSessionContent) {
$allowToEdit = $allowToEdit || api_is_drh();
}
if ($allowToEdit === false && !empty($groupId)) {
$groupProperties = GroupManager::get_group_properties($groupId);
// Check if user is tutor group
$isTutor = GroupManager::is_tutor_of_group(api_get_user_id(), $groupProperties, $courseId);
if ($isTutor) {
$allowToEdit = true;
}
// Last chance ... students can send announcements.
if ($groupProperties['announcements_state'] == GroupManager::TOOL_PRIVATE_BETWEEN_USERS) {
// check if user is a group member to give access
$groupInfo = GroupManager::get_group_properties($groupId);
if (array_key_exists($currentUserId, GroupManager::get_subscribed_users($groupInfo))) {
$allowToEdit = true;
}
}
}
if ($allowToEdit === false) {
exit;
}
$users = isset($_REQUEST['users']) ? json_decode($_REQUEST['users']) : '';
$formParams = [];
if (isset($_REQUEST['form'])) {
parse_str($_REQUEST['form'], $formParams);
}
$previewGroups = [];
$previewUsers = [];
$previewTotal = [];
if (empty($groupId)) {
if (empty($users) ||
(!empty($users) && isset($users[0]) && $users[0] == 'everyone')
) {
// All users in course session
if (empty($sessionId)) {
$students = CourseManager::get_user_list_from_course_code($courseInfo['code']);
} else {
$students = CourseManager::get_user_list_from_course_code($courseInfo['code'], $sessionId);
}
foreach ($students as $student) {
$previewUsers[] = $student['user_id'];
}
$groupList = GroupManager::get_group_list(null, $courseInfo, null, $sessionId);
foreach ($groupList as $group) {
$previewGroups[] = $group['iid'];
}
} else {
$send_to = CourseManager::separateUsersGroups($users);
// Storing the selected groups
if (is_array($send_to['groups']) &&
!empty($send_to['groups'])
) {
$counter = 1;
foreach ($send_to['groups'] as $group) {
$previewGroups[] = $group;
}
}
// Storing the selected users
if (is_array($send_to['users'])) {
$counter = 1;
foreach ($send_to['users'] as $user) {
$previewUsers[] = $user;
}
}
}
} else {
$send_to_users = CourseManager::separateUsersGroups($users);
$sentToAllGroup = false;
if (empty($send_to_users['groups']) && empty($send_to_users['users'])) {
$previewGroups[] = $groupId;
$sentToAllGroup = true;
}
if ($sentToAllGroup === false) {
if (!empty($send_to_users['groups'])) {
foreach ($send_to_users['groups'] as $group) {
$previewGroups[] = $group;
}
}
if (!empty($send_to_users['users'])) {
foreach ($send_to_users['users'] as $user) {
$previewUsers[] = $user;
}
}
}
}
if (isset($formParams['send_to_users_in_session']) && $formParams['send_to_users_in_session'] == 1) {
$sessionList = SessionManager::get_session_by_course(api_get_course_int_id());
if (!empty($sessionList)) {
foreach ($sessionList as $sessionInfo) {
$sessionId = $sessionInfo['id'];
$userList = CourseManager::get_user_list_from_course_code(
$courseCode,
$sessionId
);
if (!empty($userList)) {
foreach ($userList as $user) {
$previewUsers[] = $user;
}
}
}
}
}
if (isset($formParams['send_to_hrm_users']) && $formParams['send_to_hrm_users'] == 1) {
foreach ($previewUsers as $userId) {
$userInfo = api_get_user_info($userId);
$drhList = UserManager::getDrhListFromUser($userId);
if (!empty($drhList)) {
foreach ($drhList as $drhInfo) {
$previewUsers[] = $drhInfo['id'];
}
}
}
}
if (isset($formParams['send_me_a_copy_by_email']) && $formParams['send_me_a_copy_by_email'] == 1) {
$previewUsers[] = api_get_user_id();
}
$previewUserNames = [];
$previewGroupNames = [];
if (!empty($previewGroups)) {
$previewGroups = array_unique($previewGroups);
foreach ($previewGroups as $groupId) {
$groupInfo = GroupManager::get_group_properties($groupId);
$previewGroupNames[] = Display::label($groupInfo['name'], 'info');
}
$previewTotal = $previewGroupNames;
}
if (!empty($previewUsers)) {
$previewUsers = array_unique($previewUsers);
foreach ($previewUsers as $userId) {
$userInfo = api_get_user_info($userId);
$previewUserNames[] = Display::label($userInfo['complete_name']);
}
$previewTotal = array_merge($previewTotal, $previewUserNames);
}
$previewTotal = array_map(function ($value) { return ''.$value; }, $previewTotal);
echo json_encode($previewTotal);
break;
case 'delete_item':
if ($isAllowedToEdit) {
if (empty($_REQUEST['id'])) {
return false;
}
if (!empty($sessionId) && api_is_allowed_to_session_edit(false, true) == false && empty($groupId)) {
return false;
}
$list = explode(',', $_REQUEST['id']);
foreach ($list as $itemId) {
if (!api_is_session_general_coach() || api_is_element_in_the_session(TOOL_ANNOUNCEMENT, $itemId)) {
$result = AnnouncementManager::get_by_id(
api_get_course_int_id(),
$itemId
);
if (!empty($result)) {
$delete = true;
if (!empty($groupId) && $isTutor) {
if ($groupId != $result['to_group_id']) {
$delete = false;
}
}
if ($delete) {
AnnouncementManager::delete_announcement($courseInfo, $itemId);
}
}
}
}
}
break;
default:
echo '';
break;
}
exit;

22
main/inc/ajax/career.ajax.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_admin_script();
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
switch ($action) {
case 'get_promotions':
$careerId = isset($_REQUEST['career_id']) ? (int) $_REQUEST['career_id'] : 0;
$career = new Promotion();
$promotions = $career->get_all_promotions_by_career_id($careerId);
echo json_encode($promotions);
break;
}

145
main/inc/ajax/chat.ajax.php Normal file
View File

@@ -0,0 +1,145 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
$_dont_save_user_course_access = true;
require_once __DIR__.'/../global.inc.php';
api_block_anonymous_users();
if (api_get_setting('allow_global_chat') == 'false') {
exit;
}
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
// Course Chat
if ($action === 'preview') {
echo CourseChatUtils::prepareMessage($_REQUEST['message']);
exit;
}
$toUserId = isset($_REQUEST['to']) ? $_REQUEST['to'] : null;
$message = isset($_REQUEST['message']) ? $_REQUEST['message'] : null;
$currentUserId = api_get_user_id();
$chat = new Chat();
if (Chat::disableChat()) {
exit;
}
if ($chat->isChatBlockedByExercises()) {
// Disconnecting the user
$chat->setUserStatus(0);
exit;
}
switch ($action) {
case 'get_message_status':
$messageId = isset($_REQUEST['message_id']) ? $_REQUEST['message_id'] : 0;
$messageInfo = $chat->get($messageId);
if ($messageInfo && $messageInfo['from_user'] == $currentUserId) {
echo json_encode($messageInfo);
}
break;
case 'chatheartbeat':
$chat->heartbeat();
break;
case 'close_window':
// Closes friend window
$chatId = isset($_POST['chatbox']) ? $_POST['chatbox'] : '';
$chat->closeWindow($chatId);
echo '1';
exit;
break;
case 'close':
// Disconnects user from all chat
$chat->close();
echo '1';
exit;
break;
case 'create_room':
if (api_get_configuration_value('hide_chat_video')) {
api_not_allowed();
}
/*$room = VideoChat::getChatRoomByUsers(api_get_user_id(), $toUserId);
if ($room === false) {
$createdRoom = VideoChat::createRoom(api_get_user_id(), $toUserId);
if ($createdRoom === false) {
echo Display::return_message(
get_lang('ChatRoomNotCreated'),
'error'
);
break;
}
$room = VideoChat::getChatRoomByUsers(api_get_user_id(), $toUserId);
}
$videoChatUrl = api_get_path(WEB_LIBRARY_JS_PATH)."chat/video.php?room={$room['id']}";
$videoChatLink = Display::url(
Display::returnFontAwesomeIcon('video-camera').get_lang('StartVideoChat'),
$videoChatUrl
);
$chat->send(
api_get_user_id(),
$toUserId,
$videoChatLink,
false,
false
);
echo Display::tag('p', $videoChatLink, ['class' => 'lead']);*/
break;
case 'get_contacts':
echo $chat->getContacts();
break;
case 'get_previous_messages':
$userId = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : 0;
$visibleMessages = isset($_REQUEST['visible_messages']) ? $_REQUEST['visible_messages'] : 0;
if (empty($userId)) {
return '';
}
$items = $chat->getPreviousMessages(
$userId,
$currentUserId,
$visibleMessages
);
if (!empty($items)) {
sort($items);
echo json_encode($items);
exit;
}
echo json_encode([]);
exit;
break;
case 'notify_not_support':
$chat->send(
$currentUserId,
$toUserId,
get_lang('TheXUserBrowserDoesNotSupportWebRTC')
);
break;
case 'sendchat':
$chat->send($currentUserId, $toUserId, $message);
break;
case 'startchatsession':
$chat->startSession();
break;
case 'set_status':
$status = isset($_REQUEST['status']) ? (int) $_REQUEST['status'] : 0;
$chat->setUserStatus($status);
break;
default:
echo '';
}
exit;

421
main/inc/ajax/course.ajax.php Normal file
View File

@@ -0,0 +1,421 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Component\Utils\ChamiloApi;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'];
$user_id = api_get_user_id();
switch ($action) {
case 'add_course_vote':
$course_id = (int) $_REQUEST['course_id'];
$star = (int) $_REQUEST['star'];
if (!api_is_anonymous()) {
CourseManager::add_course_vote($user_id, $star, $course_id, 0);
}
$point_info = CourseManager::get_course_ranking($course_id, 0);
$ajax_url = api_get_path(WEB_AJAX_PATH).'course.ajax.php?a=add_course_vote';
$rating = Display::return_rating_system(
'star_'.$course_id,
$ajax_url.'&amp;course_id='.$course_id,
$point_info,
false
);
echo $rating;
break;
case 'get_course_image':
$courseId = ChamiloApi::getCourseIdByDirectory($_REQUEST['code']);
$courseInfo = api_get_course_info_by_id($courseId);
$image = isset($_REQUEST['image']) && in_array($_REQUEST['image'], ['course_image_large_source', 'course_image_source', 'course_email_image_large_source', 'course_email_image_source']) ? $_REQUEST['image'] : '';
if ($courseInfo && $image) {
// Arbitrarily set a cache of 10' for the course image to
// avoid hammering the server with otherwise unfrequently
// changed images that can have some weight
$now = time() + 600; //time must be in GMT anyway
$headers = [
'Expires' => gmdate('D, d M Y H:i:s ', $now).'GMT',
'Cache-Control' => 'max-age=600',
];
DocumentManager::file_send_for_download($courseInfo[$image], null, null, null, $headers);
}
break;
case 'get_user_courses':
// Only search my courses
if (api_is_platform_admin() || api_is_session_admin()) {
$userId = (int) $_REQUEST['user_id'];
$list = CourseManager::get_courses_list_by_user_id(
$userId,
false
);
if (!empty($list)) {
foreach ($list as $course) {
$courseInfo = api_get_course_info_by_id($course['real_id']);
echo $courseInfo['title'].'<br />';
}
} else {
echo get_lang('UserHasNoCourse');
}
}
break;
case 'get_my_courses_and_sessions':
// Search my courses and sessions allowed for admin, session admin, teachers
$currentCourseId = api_get_course_int_id();
$currentSessionId = api_get_session_id();
if (api_is_platform_admin() || api_is_session_admin() || api_is_allowed_to_edit()) {
$list = CourseManager::get_courses_list_by_user_id(
api_get_user_id(),
true,
false,
false,
[],
true,
true
);
if (empty($list)) {
echo json_encode([]);
break;
}
$courseList = [];
if (!empty($list)) {
foreach ($list as $course) {
$courseInfo = api_get_course_info_by_id($course['real_id']);
$sessionId = 0;
if (isset($course['session_id']) && !empty($course['session_id'])) {
$sessionId = $course['session_id'];
}
$sessionName = '';
if (isset($course['session_name']) && !empty($course['session_name'])) {
$sessionName = ' ('.$course['session_name'].')';
}
// Skip current course/course session
if ($currentCourseId == $courseInfo['real_id'] && $sessionId == $currentSessionId) {
continue;
}
$courseList['items'][] = [
'id' => $courseInfo['real_id'].'_'.$sessionId,
'text' => $courseInfo['title'].$sessionName,
];
}
echo json_encode($courseList);
}
}
break;
case 'search_category':
if (api_is_platform_admin() || api_is_allowed_to_create_course()) {
$categories = CourseCategory::searchCategoryByKeyword($_REQUEST['q']);
if (empty($categories)) {
echo json_encode([]);
break;
}
$categoryToAvoid = '';
if (!api_is_platform_admin()) {
$categoryToAvoid = api_get_configuration_value('course_category_code_to_use_as_model');
}
$list = [];
foreach ($categories as $item) {
$categoryCode = $item['code'];
if (!empty($categoryToAvoid) && $categoryToAvoid == $categoryCode) {
continue;
}
$list['items'][] = [
'id' => $categoryCode,
'text' => '('.$categoryCode.') '.strip_tags($item['name']),
];
}
echo json_encode($list);
}
break;
case 'search_course':
if (api_is_teacher() || api_is_platform_admin()) {
if (isset($_GET['session_id']) && !empty($_GET['session_id'])) {
//if session is defined, lets find only courses of this session
$courseList = SessionManager::get_course_list_by_session_id(
$_GET['session_id'],
$_GET['q']
);
} else {
//if session is not defined lets search all courses STARTING with $_GET['q']
//TODO change this function to search not only courses STARTING with $_GET['q']
if (api_is_platform_admin()) {
$courseList = CourseManager::get_courses_list(
0,
0,
'title',
'ASC',
-1,
$_GET['q'],
null,
true
);
} elseif (api_is_teacher()) {
$courseList = CourseManager::get_course_list_of_user_as_course_admin(api_get_user_id(), $_GET['q']);
$category = api_get_configuration_value('course_category_code_to_use_as_model');
if (!empty($category)) {
$alreadyAdded = [];
if (!empty($courseList)) {
$alreadyAdded = array_column($courseList, 'id');
}
$coursesInCategory = CourseCategory::getCoursesInCategory($category, $_GET['q']);
foreach ($coursesInCategory as $course) {
if (!in_array($course['id'], $alreadyAdded)) {
$courseList[] = $course;
}
}
}
}
}
$results = [];
if (empty($courseList)) {
echo json_encode([]);
break;
}
foreach ($courseList as $course) {
$title = $course['title'];
if (!empty($course['category_code'])) {
$parents = CourseCategory::getParentsToString($course['category_code']);
$title = $parents.$course['title'];
}
$results['items'][] = [
'id' => $course['id'],
'text' => $title,
];
}
echo json_encode($results);
}
break;
case 'search_course_by_session':
if (api_is_platform_admin()) {
$results = SessionManager::get_course_list_by_session_id($_GET['session_id'], $_GET['q']);
$results2 = [];
if (is_array($results) && !empty($results)) {
foreach ($results as $item) {
$item2 = [];
foreach ($item as $id => $internal) {
if ($id == 'id') {
$item2[$id] = $internal;
}
if ($id == 'title') {
$item2['text'] = $internal;
}
}
$results2[] = $item2;
}
echo json_encode($results2);
} else {
echo json_encode([]);
}
}
break;
case 'search_course_by_session_all':
if (api_is_platform_admin()) {
if ($_GET['session_id'] == 'TODOS' || $_GET['session_id'] == 'T') {
$_GET['session_id'] = '%';
}
$results = SessionManager::get_course_list_by_session_id_like(
$_GET['session_id'],
$_GET['q']
);
$results2 = ['items' => []];
if (!empty($results)) {
foreach ($results as $item) {
$item2 = [];
foreach ($item as $id => $internal) {
if ($id == 'id') {
$item2[$id] = $internal;
}
if ($id == 'title') {
$item2['text'] = $internal;
}
}
$results2['items'][] = $item2;
}
}
echo json_encode($results2);
}
break;
case 'search_user_by_course':
$sessionId = $_GET['session_id'];
$course = api_get_course_info_by_id($_GET['course_id']);
$isPlatformAdmin = api_is_platform_admin();
$userIsSubscribedInCourse = CourseManager::is_user_subscribed_in_course(
api_get_user_id(),
$course['code'],
!empty($sessionId),
$sessionId
);
if ($isPlatformAdmin || $userIsSubscribedInCourse) {
$json = [
'items' => [],
];
$keyword = Database::escape_string($_GET['q']);
$status = 0;
if (empty($sessionId)) {
$status = STUDENT;
}
$userList = CourseManager::get_user_list_from_course_code(
$course['code'],
$sessionId,
null,
null,
$status,
false,
false,
false,
[],
[],
[],
true,
[],
$_GET['q']
);
foreach ($userList as $user) {
$userCompleteName = api_get_person_name($user['firstname'], $user['lastname']);
$json['items'][] = [
'id' => $user['user_id'],
'text' => "{$user['username']} ($userCompleteName)",
'avatarUrl' => UserManager::getUserPicture($user['id']),
'username' => $user['username'],
'completeName' => $userCompleteName,
];
}
echo json_encode($json);
}
break;
case 'search_exercise_by_course':
if (api_is_platform_admin()) {
$course = api_get_course_info_by_id($_GET['course_id']);
$session_id = (!empty($_GET['session_id'])) ? (int) $_GET['session_id'] : 0;
$exercises = ExerciseLib::get_all_exercises(
$course,
$session_id,
false,
$_GET['q'],
true,
3
);
foreach ($exercises as $exercise) {
$data[] = ['id' => $exercise['iid'], 'text' => html_entity_decode($exercise['title'])];
}
if (!empty($data)) {
$data[] = ['id' => 'T', 'text' => 'TODOS'];
echo json_encode($data);
} else {
echo json_encode([['id' => 'T', 'text' => 'TODOS']]);
}
}
break;
case 'search_survey_by_course':
if (api_is_platform_admin()) {
$survey = Database::get_course_table(TABLE_SURVEY);
$sql = "SELECT survey_id as id, title, anonymous
FROM $survey
WHERE
c_id = %d AND
session_id = %d AND
title LIKE '%s'";
$sql_query = sprintf(
$sql,
(int) $_GET['course_id'],
(int) $_GET['session_id'],
'%'.Database::escape_string($_GET['q']).'%'
);
$result = Database::query($sql_query);
while ($survey = Database::fetch_assoc($result)) {
$survey['title'] .= ($survey['anonymous'] == 1) ? ' ('.get_lang('Anonymous').')' : '';
$data[] = [
'id' => $survey['id'],
'text' => strip_tags(html_entity_decode($survey['title'])),
];
}
if (!empty($data)) {
echo json_encode($data);
} else {
echo json_encode([]);
}
}
break;
case 'display_sessions_courses':
$sessionId = (int) $_GET['session'];
$userTable = Database::get_main_table(TABLE_MAIN_USER);
$coursesData = SessionManager::get_course_list_by_session_id($sessionId);
$courses = [];
foreach ($coursesData as $courseId => $course) {
$coachData = SessionManager::getCoachesByCourseSession($sessionId, $courseId);
$coachName = '';
if (!empty($coachData)) {
$userResult = Database::select('lastname,firstname', $userTable, [
'where' => [
'user_id = ?' => $coachData[0],
],
], 'first');
$coachName = api_get_person_name($userResult['firstname'], $userResult['lastname']);
}
$courses[] = [
'id' => $courseId,
'name' => $course['title'],
'coachName' => $coachName,
];
}
echo json_encode($courses);
break;
case 'course_logout':
$logoutInfo = [
'uid' => api_get_user_id(),
'cid' => api_get_course_int_id(),
'sid' => api_get_session_id(),
];
$logInfo = [
'tool' => 'close-window',
'tool_id' => 0,
'tool_id_detail' => 0,
'action' => 'exit',
];
Event::registerLog($logInfo);
$result = (int) Event::courseLogout($logoutInfo);
echo $result;
break;
default:
echo '';
}
exit;

43
main/inc/ajax/course_category.ajax.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_admin_script();
$action = $_REQUEST['a'];
switch ($action) {
case 'show_courses':
$categoryId = (int) $_REQUEST['id'];
$categoryInfo = CourseCategory::getCategoryById($categoryId);
if (!empty($categoryInfo)) {
$courses = CourseCategory::getCoursesInCategory($categoryInfo['code'], '', false, false);
$table = new HTML_Table(['class' => 'table table-hover table-striped data_table']);
$headers = [
get_lang('Name'),
];
$row = 0;
$column = 0;
foreach ($headers as $header) {
$table->setHeaderContents($row, $column, $header);
$column++;
}
$result = '';
foreach ($courses as $course) {
$row++;
$courseLink = '<a href="'.api_get_path(WEB_PATH).'courses/'.$course['directory'].'/index.php">'.$course['title'].'</a>';
$table->setCellContents($row, 0, $courseLink);
}
echo $table->toHtml();
exit;
}
break;
}
exit;

98
main/inc/ajax/course_chat.ajax.php Normal file
View File

@@ -0,0 +1,98 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls for course chat.
*/
use Symfony\Component\HttpFoundation\JsonResponse as HttpResponse;
use Symfony\Component\HttpFoundation\Request as HttpRequest;
require_once __DIR__.'/../global.inc.php';
if (!api_protect_course_script(false)) {
exit;
}
$courseId = api_get_course_int_id();
$userId = api_get_user_id();
$sessionId = api_get_session_id();
$groupId = api_get_group_id();
$json = ['status' => false];
$httpRequest = HttpRequest::createFromGlobals();
$httpResponse = HttpResponse::create();
$courseChatUtils = new CourseChatUtils($courseId, $userId, $sessionId, $groupId);
$token = Security::getTokenFromSession('course_chat');
if ($httpRequest->headers->get('x-token') !== $token) {
$_REQUEST['action'] = 'error';
}
switch ($_REQUEST['action']) {
case 'chat_logout':
$logInfo = [
'tool' => TOOL_CHAT,
'action' => 'exit',
'action_details' => 'exit-chat',
];
Event::registerLog($logInfo);
break;
case 'track':
$courseChatUtils->keepUserAsConnected();
$courseChatUtils->disconnectInactiveUsers();
$friend = isset($_REQUEST['friend']) ? (int) $_REQUEST['friend'] : 0;
$filePath = $courseChatUtils->getFileName(true, $friend);
$newFileSize = file_exists($filePath) ? filesize($filePath) : 0;
$oldFileSize = isset($_GET['size']) ? (int) $_GET['size'] : -1;
$newUsersOnline = $courseChatUtils->countUsersOnline();
$oldUsersOnline = isset($_GET['users_online']) ? (int) $_GET['users_online'] : 0;
$json = [
'status' => true,
'data' => [
'oldFileSize' => file_exists($filePath) ? filesize($filePath) : 0,
'history' => $newFileSize !== $oldFileSize ? $courseChatUtils->readMessages(false, $friend) : null,
'usersOnline' => $newUsersOnline,
'userList' => $newUsersOnline != $oldUsersOnline ? $courseChatUtils->listUsersOnline() : null,
'currentFriend' => $friend,
],
];
break;
case 'preview':
$json = [
'status' => true,
'data' => [
'message' => CourseChatUtils::prepareMessage($_REQUEST['message']),
],
];
break;
case 'reset':
$friend = isset($_REQUEST['friend']) ? (int) $_REQUEST['friend'] : 0;
$json = [
'status' => true,
'data' => $courseChatUtils->readMessages(true, $friend),
];
break;
case 'write':
$friend = isset($_REQUEST['friend']) ? (int) $_REQUEST['friend'] : 0;
$writed = $courseChatUtils->saveMessage($_POST['message'], $friend);
$json = [
'status' => $writed,
'data' => [
'writed' => $writed,
],
];
break;
}
$token = Security::get_token('course_chat');
$httpResponse->headers->set('x-token', $token);
$httpResponse->setData($json);
$httpResponse->send();

754
main/inc/ajax/course_home.ajax.php Normal file
View File

@@ -0,0 +1,754 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CourseBundle\Entity\CTool;
use ChamiloSession as Session;
// @todo refactor this script, create a class that manage the jqgrid requests
/**
* Responses to AJAX calls.
*/
$action = $_GET['a'];
switch ($action) {
case 'set_visibility':
require_once __DIR__.'/../global.inc.php';
$course_id = api_get_course_int_id();
$sessionId = api_get_session_id();
// Allow tool visibility in sessions.
$allowEditionInSession = api_get_configuration_value('allow_edit_tool_visibility_in_session');
$em = Database::getManager();
$repository = $em->getRepository('ChamiloCourseBundle:CTool');
if (api_is_allowed_to_edit(null, true)) {
$criteria = [
'cId' => $course_id,
//'sessionId' => 0,
'iid' => (int) $_GET['id'],
];
/** @var CTool $tool */
$tool = $repository->findOneBy($criteria);
$visibility = 0;
if ($allowEditionInSession && !empty($sessionId)) {
$newLink = str_replace('id_session=0', 'id_session='.$sessionId, $tool->getLink());
$criteria = [
'cId' => $course_id,
'sessionId' => $sessionId,
//'iid' => (int) $_GET['id'],
'link' => $newLink,
];
/** @var CTool $tool */
$toolInSession = $repository->findOneBy($criteria);
if ($toolInSession) {
// Use the session
$tool = $toolInSession;
$visibility = $toolInSession->getVisibility();
} else {
// Creates new row in c_tool
$toolInSession = clone $tool;
$toolInSession->setLink($newLink);
$toolInSession->setIid(0);
$toolInSession->setId(0);
$toolInSession->setVisibility(0);
$toolInSession->setSessionId($sessionId);
$em->persist($toolInSession);
$em->flush();
// Update id with iid
$toolInSession->setId($toolInSession->getIid());
$em->persist($toolInSession);
$em->flush();
// $tool will be updated later
$tool = $toolInSession;
}
} else {
$visibility = $tool->getVisibility();
}
$toolImage = $tool->getImage();
$customIcon = $tool->getCustomIcon();
if (api_get_setting('homepage_view') !== 'activity_big') {
$toolImage = Display::return_icon(
$toolImage,
null,
null,
null,
null,
true
);
$inactiveImage = str_replace('.gif', '_na.gif', $toolImage);
} else {
// Display::return_icon() also checks in the app/Resources/public/css/themes/{theme}/icons folder
$toolImage = (substr($toolImage, 0, strpos($toolImage, '.'))).'.png';
$toolImage = Display::return_icon(
$toolImage,
get_lang(ucfirst($tool->getName())),
null,
ICON_SIZE_BIG,
null,
true
);
$inactiveImage = str_replace('.png', '_na.png', $toolImage);
}
if (isset($customIcon) && !empty($customIcon)) {
$toolImage = CourseHome::getCustomWebIconPath().$customIcon;
$inactiveImage = CourseHome::getCustomWebIconPath().CourseHome::getDisableIcon($customIcon);
}
$requested_image = $visibility == 0 ? $toolImage : $inactiveImage;
$requested_class = $visibility == 0 ? '' : 'text-muted';
$requested_message = $visibility == 0 ? 'is_active' : 'is_inactive';
$requested_view = $visibility == 0 ? 'visible.png' : 'invisible.png';
$requestedVisible = $visibility == 0 ? 1 : 0;
$requested_view = $visibility == 0 ? 'visible.png' : 'invisible.png';
$requestedVisible = $visibility == 0 ? 1 : 0;
$requested_fa_class = $visibility == 0 ? 'fa fa-eye '.$requested_class : 'fa fa-eye-slash '.$requested_class;
// HIDE AND REACTIVATE TOOL
if ($_GET['id'] == strval(intval($_GET['id']))) {
$tool->setVisibility($requestedVisible);
$em->persist($tool);
$em->flush();
// Also hide the tool in all sessions
if ($allowEditionInSession && empty($sessionId)) {
$criteria = [
'cId' => $course_id,
'name' => $tool->getName(),
];
/** @var CTool $toolItem */
$tools = $repository->findBy($criteria);
foreach ($tools as $toolItem) {
$toolSessionId = $toolItem->getSessionId();
if (!empty($toolSessionId)) {
$toolItem->setVisibility($requestedVisible);
$em->persist($toolItem);
}
}
$em->flush();
}
}
$response = [
'image' => $requested_image,
'tclass' => $requested_class,
'message' => $requested_message,
'view' => $requested_view,
'fclass' => $requested_fa_class,
];
echo json_encode($response);
}
break;
case 'set_visibility_for_all':
require_once __DIR__.'/../global.inc.php';
$course_id = api_get_course_int_id();
$sessionId = api_get_session_id();
$allowEditionInSession = api_get_configuration_value('allow_edit_tool_visibility_in_session');
$response = [];
$tools_ids = json_decode($_GET['tools_ids']);
$em = Database::getManager();
$repository = $em->getRepository('ChamiloCourseBundle:CTool');
// Allow tool visibility in sessions.
if (api_is_allowed_to_edit(null, true)) {
if (is_array($tools_ids) && count($tools_ids) != 0) {
$total_tools = count($tools_ids);
for ($i = 0; $i < $total_tools; $i++) {
$tool_id = (int) $tools_ids[$i];
$criteria = [
'cId' => $course_id,
'sessionId' => 0,
'iid' => $tool_id,
];
/** @var CTool $tool */
$tool = $repository->findOneBy($criteria);
$visibility = $tool->getVisibility();
if ($allowEditionInSession && !empty($sessionId)) {
$criteria = [
'cId' => $course_id,
'sessionId' => $sessionId,
'name' => $tool->getName(),
];
/** @var CTool $tool */
$toolInSession = $repository->findOneBy($criteria);
if ($toolInSession) {
// Use the session
$tool = $toolInSession;
$visibility = $toolInSession->getVisibility();
} else {
// Creates new row in c_tool
$toolInSession = clone $tool;
$toolInSession->setIid(0);
$toolInSession->setId(0);
$toolInSession->setVisibility(0);
$toolInSession->setSessionId($session_id);
$em->persist($toolInSession);
$em->flush();
// Update id with iid
$toolInSession->setId($toolInSession->getIid());
$em->persist($toolInSession);
$em->flush();
// $tool will be updated later
$tool = $toolInSession;
}
}
$toolImage = $tool->getImage();
$customIcon = $tool->getCustomIcon();
if (api_get_setting('homepage_view') != 'activity_big') {
$toolImage = Display::return_icon(
$toolImage,
null,
null,
null,
null,
true
);
$inactiveImage = str_replace('.gif', '_na.gif', $toolImage);
} else {
// Display::return_icon() also checks in the app/Resources/public/css/themes/{theme}/icons folder
$toolImage = (substr($toolImage, 0, strpos($toolImage, '.'))).'.png';
$toolImage = Display::return_icon(
$toolImage,
get_lang(ucfirst($tool->getName())),
null,
ICON_SIZE_BIG,
null,
true
);
$inactiveImage = str_replace('.png', '_na.png', $toolImage);
}
if (isset($customIcon) && !empty($customIcon)) {
$toolImage = CourseHome::getCustomWebIconPath().$customIcon;
$inactiveImage = CourseHome::getCustomWebIconPath().CourseHome::getDisableIcon($customIcon);
}
$requested_image = $visibility == 0 ? $toolImage : $inactiveImage;
$requested_class = $visibility == 0 ? '' : 'text-muted';
$requested_message = $visibility == 0 ? 'is_active' : 'is_inactive';
$requested_view = $visibility == 0 ? 'visible.png' : 'invisible.png';
$requestedVisible = $visibility == 0 ? 1 : 0;
$requested_view = $visibility == 0 ? 'visible.png' : 'invisible.png';
$requested_fa_class = $visibility == 0 ? 'fa fa-eye '.$requested_class : 'fa fa-eye-slash '.$requested_class;
$requestedVisible = $visibility == 0 ? 1 : 0;
// HIDE AND REACTIVATE TOOL
if ($tool_id == strval(intval($tool_id))) {
$tool->setVisibility($requestedVisible);
$em->persist($tool);
$em->flush();
// Also hide the tool in all sessions
if ($allowEditionInSession && empty($sessionId)) {
$criteria = [
'cId' => $course_id,
'name' => $tool->getName(),
];
/** @var CTool $toolItem */
$tools = $repository->findBy($criteria);
foreach ($tools as $toolItem) {
$toolSessionId = $toolItem->getSessionId();
if (!empty($toolSessionId)) {
$toolItem->setVisibility($requestedVisible);
$em->persist($toolItem);
}
}
$em->flush();
}
}
$response[] = [
'image' => $requested_image,
'tclass' => $requested_class,
'message' => $requested_message,
'view' => $requested_view,
'fclass' => $requested_fa_class,
'id' => $tool_id,
];
}
}
}
echo json_encode($response);
break;
case 'show_course_information':
require_once __DIR__.'/../global.inc.php';
// Get the name of the database course.
$course_info = api_get_course_info($_GET['code']);
$content = get_lang('NoDescription');
if (!empty($course_info)) {
if (api_get_setting('course_catalog_hide_private') === 'true' &&
$course_info['visibility'] == COURSE_VISIBILITY_REGISTERED
) {
echo get_lang('PrivateAccess');
break;
}
$table = Database::get_course_table(TABLE_COURSE_DESCRIPTION);
$sql = "SELECT * FROM $table
WHERE c_id = ".$course_info['real_id']." AND session_id = 0
ORDER BY id";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
while ($description = Database::fetch_object($result)) {
$descriptions[$description->id] = $description;
}
// Function that displays the details of the course description in html.
$content = CourseManager::get_details_course_description_html(
$descriptions,
api_get_system_encoding(),
false
);
}
}
echo $content;
break;
case 'session_courses_lp_default':
/**
* @todo this functions need to belong to a class or a special
* wrapper to process the AJAX petitions from the jqgrid
*/
require_once __DIR__.'/../global.inc.php';
$now = time();
$page = (int) $_REQUEST['page']; //page
$limit = (int) $_REQUEST['rows']; // quantity of rows
//index to filter
$sidx = isset($_REQUEST['sidx']) && !empty($_REQUEST['sidx']) ? $_REQUEST['sidx'] : 'id';
$sord = $_REQUEST['sord']; //asc or desc
if (!in_array($sord, ['asc', 'desc'])) {
$sord = 'desc';
}
$session_id = (int) $_REQUEST['session_id'];
$course_id = (int) $_REQUEST['course_id'];
//Filter users that does not belong to the session
if (!api_is_platform_admin()) {
$new_session_list = UserManager::get_personal_session_course_list(api_get_user_id());
$my_session_list = [];
foreach ($new_session_list as $item) {
if (!empty($item['session_id'])) {
$my_session_list[] = $item['session_id'];
}
}
if (!in_array($session_id, $my_session_list)) {
break;
}
}
$start = $limit * $page - $limit;
$course_list = SessionManager::get_course_list_by_session_id($session_id);
$count = 0;
$temp = [];
foreach ($course_list as $item) {
$courseInfo = api_get_course_info($item['code']);
$list = new LearnpathList(api_get_user_id(), $courseInfo, $session_id);
$flat_list = $list->get_flat_list();
$lps[$item['code']] = $flat_list;
$course_url = api_get_path(WEB_COURSE_PATH).$item['directory'].'/?id_session='.$session_id;
$item['title'] = Display::url($item['title'], $course_url, ['target' => SESSION_LINK_TARGET]);
foreach ($flat_list as $lp_id => $lp_item) {
$isAllowedToEdit = api_is_allowed_to_edit(null, true);
if (!$isAllowedToEdit && 0 == $lp_item['lp_visibility']) {
continue;
}
$temp[$count]['id'] = $lp_id;
$lp = new learnpath($item['code'], $lp_id, api_get_user_id());
if ($lp->progress_db == 100) {
continue;
}
$lp_url = api_get_path(WEB_CODE_PATH).'lp/lp_controller.php?cidReq='.$item['code'].'&id_session='.$session_id.'&lp_id='.$lp_id.'&action=view';
$last_date = Tracking::get_last_connection_date_on_the_course(
api_get_user_id(),
$item,
$session_id,
false
);
if (empty($lp_item['modified_on'])) {
$lp_date = api_get_local_time($lp_item['created_on']);
$image = 'new.gif';
$label = get_lang('LearnpathAdded');
} else {
$lp_date = api_get_local_time($lp_item['modified_on']);
$image = 'moderator_star.png';
$label = get_lang('LearnpathUpdated');
}
$icons = '';
if (strtotime($last_date) < strtotime($lp_date)) {
$icons = Display::return_icon($image, get_lang('TitleNotification').': '.$label.' - '.$lp_date);
}
if (!empty($lp_item['publicated_on'])) {
$date = substr($lp_item['publicated_on'], 0, 10);
} else {
$date = '-';
}
// Checking LP publicated and expired_on dates
if (!empty($lp_item['publicated_on'])) {
if ($now < api_strtotime($lp_item['publicated_on'], 'UTC')) {
continue;
}
}
if (!empty($lp_item['expired_on'])) {
if ($now > api_strtotime($lp_item['expired_on'], 'UTC')) {
continue;
}
}
$temp[$count]['cell'] = [
$date,
$item['title'],
Display::url($icons.' '.$lp_item['lp_name'], $lp_url, ['target' => SESSION_LINK_TARGET]),
];
$temp[$count]['course'] = strip_tags($item['title']);
$temp[$count]['lp'] = $lp_item['lp_name'];
$temp[$count]['date'] = $lp_item['publicated_on'];
$count++;
}
}
$temp = msort($temp, $sidx, $sord);
$i = 0;
$response = new stdClass();
foreach ($temp as $key => $row) {
$row = $row['cell'];
if (!empty($row)) {
if ($key >= $start && $key < ($start + $limit)) {
$response->rows[$i]['id'] = $key;
$response->rows[$i]['cell'] = [$row[0], $row[1], $row[2]];
$i++;
}
}
}
$total_pages = 0;
if ($count > 0 && $limit > 0) {
$total_pages = ceil($count / $limit);
}
$response->total = $total_pages;
if ($page > $total_pages) {
$response->page = $total_pages;
} else {
$response->page = $page;
}
$response->records = $count;
echo json_encode($response);
break;
case 'session_courses_lp_by_week':
require_once __DIR__.'/../global.inc.php';
$now = time();
$page = (int) $_REQUEST['page']; //page
$limit = (int) $_REQUEST['rows']; // quantity of rows
$sidx = isset($_REQUEST['sidx']) && !empty($_REQUEST['sidx']) ? $_REQUEST['sidx'] : 'course';
$sidx = str_replace(['week desc,', ' '], '', $sidx);
$sord = $_REQUEST['sord']; //asc or desc
if (!in_array($sord, ['asc', 'desc'])) {
$sord = 'desc';
}
$session_id = (int) $_REQUEST['session_id'];
$course_id = (int) $_REQUEST['course_id'];
//Filter users that does not belong to the session
if (!api_is_platform_admin()) {
$new_session_list = UserManager::get_personal_session_course_list(api_get_user_id());
$my_session_list = [];
foreach ($new_session_list as $item) {
if (!empty($item['session_id'])) {
$my_session_list[] = $item['session_id'];
}
}
if (!in_array($session_id, $my_session_list)) {
break;
}
}
$start = $limit * $page - $limit;
$course_list = SessionManager::get_course_list_by_session_id($session_id);
$count = 0;
$temp = [];
foreach ($course_list as $item) {
if (isset($course_id) && !empty($course_id)) {
if ($course_id != $item['id']) {
continue;
}
}
$list = new LearnpathList(
api_get_user_id(),
api_get_course_info($item['code']),
$session_id,
'lp.publicatedOn DESC'
);
$flat_list = $list->get_flat_list();
$lps[$item['code']] = $flat_list;
$item['title'] = Display::url(
$item['title'],
api_get_path(WEB_COURSE_PATH).$item['directory'].'/?id_session='.$session_id,
['target' => SESSION_LINK_TARGET]
);
foreach ($flat_list as $lp_id => $lp_item) {
$temp[$count]['id'] = $lp_id;
$lp_url = api_get_path(WEB_CODE_PATH).'lp/lp_controller.php?cidReq='.$item['code'].'&id_session='.$session_id.'&lp_id='.$lp_id.'&action=view';
$last_date = Tracking::get_last_connection_date_on_the_course(
api_get_user_id(),
$item,
$session_id,
false
);
if (empty($lp_item['modified_on'])) {
$lp_date = api_get_local_time($lp_item['created_on']);
$image = 'new.gif';
$label = get_lang('LearnpathAdded');
} else {
$lp_date = api_get_local_time($lp_item['modified_on']);
$image = 'moderator_star.png';
$label = get_lang('LearnpathUpdated');
}
if (strtotime($last_date) < strtotime($lp_date)) {
$icons = Display::return_icon($image, get_lang('TitleNotification').': '.$label.' - '.$lp_date);
}
if (!empty($lp_item['publicated_on'])) {
$date = substr($lp_item['publicated_on'], 0, 10);
} else {
$date = '-';
}
// Checking LP publicated and expired_on dates
if (!empty($lp_item['publicated_on'])) {
$week_data = date('Y', api_strtotime($lp_item['publicated_on'], 'UTC')).' - '.get_week_from_day($lp_item['publicated_on']);
if ($now < api_strtotime($lp_item['publicated_on'], 'UTC')) {
continue;
}
} else {
$week_data = '';
}
if (!empty($lp_item['expired_on'])) {
if ($now > api_strtotime($lp_item['expired_on'], 'UTC')) {
continue;
}
}
$temp[$count]['cell'] = [
$week_data,
$date,
$item['title'],
Display::url($icons.' '.$lp_item['lp_name'], $lp_url, ['target' => SESSION_LINK_TARGET]),
];
$temp[$count]['course'] = strip_tags($item['title']);
$temp[$count]['lp'] = $lp_item['lp_name'];
$count++;
}
}
if (!empty($sidx)) {
$temp = msort($temp, $sidx, $sord);
}
$response = new stdClass();
$i = 0;
foreach ($temp as $key => $row) {
$row = $row['cell'];
if (!empty($row)) {
if ($key >= $start && $key < ($start + $limit)) {
$response->rows[$i]['id'] = $key;
$response->rows[$i]['cell'] = [$row[0], $row[1], $row[2], $row[3]];
$i++;
}
}
}
$total_pages = 0;
if ($count > 0 && $limit > 0) {
$total_pages = ceil($count / $limit);
}
$response->total = $total_pages;
if ($page > $total_pages) {
$response->page = $total_pages;
} else {
$response->page = $page;
}
$response->records = $count;
echo json_encode($response);
break;
case 'session_courses_lp_by_course':
require_once __DIR__.'/../global.inc.php';
$now = time();
$page = (int) $_REQUEST['page']; //page
$limit = (int) $_REQUEST['rows']; // quantity of rows
$sidx = isset($_REQUEST['sidx']) && !empty($_REQUEST['sidx']) ? $_REQUEST['sidx'] : 'id';
$sidx = str_replace(['course asc,', ' '], '', $sidx);
$sord = $_REQUEST['sord']; //asc or desc
if (!in_array($sord, ['asc', 'desc'])) {
$sord = 'desc';
}
$session_id = (int) $_REQUEST['session_id'];
$course_id = (int) $_REQUEST['course_id'];
//Filter users that does not belong to the session
if (!api_is_platform_admin()) {
$new_session_list = UserManager::get_personal_session_course_list(api_get_user_id());
$my_session_list = [];
foreach ($new_session_list as $item) {
if (!empty($item['session_id'])) {
$my_session_list[] = $item['session_id'];
}
}
if (!in_array($session_id, $my_session_list)) {
break;
}
}
$start = $limit * $page - $limit;
$course_list = SessionManager::get_course_list_by_session_id($session_id);
$count = 0;
$temp = [];
foreach ($course_list as $item) {
if (isset($course_id) && !empty($course_id)) {
if ($course_id != $item['id']) {
continue;
}
}
$list = new LearnpathList(
api_get_user_id(),
api_get_course_info($item['code']),
$session_id
);
$flat_list = $list->get_flat_list();
$lps[$item['code']] = $flat_list;
$item['title'] = Display::url(
$item['title'],
api_get_path(WEB_COURSE_PATH).$item['directory'].'/?id_session='.$session_id,
['target' => SESSION_LINK_TARGET]
);
foreach ($flat_list as $lp_id => $lp_item) {
$isAllowedToEdit = api_is_allowed_to_edit(null, true);
if (!$isAllowedToEdit && 0 == $lp_item['lp_visibility']) {
continue;
}
$temp[$count]['id'] = $lp_id;
$lp_url = api_get_path(WEB_CODE_PATH).'lp/lp_controller.php?cidReq='.$item['code'].'&id_session='.$session_id.'&lp_id='.$lp_id.'&action=view';
$last_date = Tracking::get_last_connection_date_on_the_course(
api_get_user_id(),
$item,
$session_id,
false
);
if (empty($lp_item['modified_on'])) {
$lp_date = api_get_local_time($lp_item['created_on']);
$image = 'new.gif';
$label = get_lang('LearnpathAdded');
} else {
$lp_date = api_get_local_time($lp_item['modified_on']);
$image = 'moderator_star.png';
$label = get_lang('LearnpathUpdated');
}
$icons = '';
if (strtotime($last_date) < strtotime($lp_date)) {
$icons = Display::return_icon($image, get_lang('TitleNotification').': '.$label.' - '.$lp_date);
}
if (!empty($lp_item['publicated_on'])) {
$date = substr($lp_item['publicated_on'], 0, 10);
} else {
$date = '-';
}
// Checking LP publicated and expired_on dates
if (!empty($lp_item['publicated_on'])) {
if ($now < api_strtotime($lp_item['publicated_on'], 'UTC')) {
continue;
}
}
if (!empty($lp_item['expired_on'])) {
if ($now > api_strtotime($lp_item['expired_on'], 'UTC')) {
continue;
}
}
$temp[$count]['cell'] = [
$date,
$item['title'],
Display::url($icons.' '.$lp_item['lp_name'], $lp_url, ['target' => SESSION_LINK_TARGET]),
];
$temp[$count]['course'] = strip_tags($item['title']);
$temp[$count]['lp'] = $lp_item['lp_name'];
$temp[$count]['date'] = $lp_item['publicated_on'];
$count++;
}
}
$temp = msort($temp, $sidx, $sord);
$response = new stdClass();
$i = 0;
foreach ($temp as $key => $row) {
$row = $row['cell'];
if (!empty($row)) {
if ($key >= $start && $key < ($start + $limit)) {
$response->rows[$i]['id'] = $key;
$response->rows[$i]['cell'] = [$row[0], $row[1], $row[2]];
$i++;
}
}
}
$total_pages = 0;
if ($count > 0 && $limit > 0) {
$total_pages = ceil($count / $limit);
}
$response->total = $total_pages;
$response->page = $page;
if ($page > $total_pages) {
$response->page = $total_pages;
}
$response->records = $count;
echo json_encode($response);
break;
case 'get_notification':
$courseId = isset($_REQUEST['course_id']) ? (int) $_REQUEST['course_id'] : 0;
$sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : 0;
$status = isset($_REQUEST['status']) ? (int) $_REQUEST['status'] : 0;
if (empty($courseId)) {
break;
}
require_once __DIR__.'/../global.inc.php';
$courseInfo = api_get_course_info_by_id($courseId);
$courseInfo['id_session'] = $sessionId;
$courseInfo['status'] = $status;
$id = 'notification_'.$courseId.'_'.$sessionId.'_'.$status;
$notificationId = Session::read($id);
if ($notificationId) {
echo Display::show_notification($courseInfo, false);
Session::erase($notificationId);
}
break;
default:
echo '';
}
exit;

27
main/inc/ajax/course_log.ajax.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
/* For licensing terms, see /license.txt */
use Symfony\Component\HttpFoundation\Request as HttpRequest;
use Symfony\Component\HttpFoundation\Response as HttpResponse;
require_once __DIR__.'/../global.inc.php';
$httpRequest = HttpRequest::createFromGlobals();
$action = $httpRequest->query->has('a') ? $httpRequest->query->get('a') : $httpRequest->request->get('a');
TrackingCourseLog::protectIfNotAllowed();
$courseInfo = api_get_course_info();
$sessionId = api_get_session_id();
$httpResponse = HttpResponse::create();
if ($action == 'graph') {
$content = TrackingCourseLog::returnCourseGraphicalReport($courseInfo, $sessionId);
$httpResponse->setContent($content);
}
$httpResponse->send();

302
main/inc/ajax/document.ajax.php Normal file
View File

@@ -0,0 +1,302 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls for the document upload.
*/
use Chamilo\CoreBundle\Component\Editor\Driver\Driver;
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'];
switch ($action) {
case 'get_dir_size':
api_protect_course_script(true);
$path = $_GET['path'] ?? '';
$isAllowedToEdit = api_is_allowed_to_edit();
$size = DocumentManager::getTotalFolderSize($path, $isAllowedToEdit);
echo format_file_size($size);
break;
case 'get_dirs_size':
api_protect_course_script(true);
$requests = $_GET['requests'] ?? '';
$isAllowedToEdit = api_is_allowed_to_edit();
$response = [];
$requests = explode(',', $requests);
foreach ($requests as $request) {
$fileSize = DocumentManager::getTotalFolderSize($request, $isAllowedToEdit);
$data = [
'id' => $request,
'size' => format_file_size($fileSize),
];
$response[] = $data;
}
echo json_encode($response);
break;
case 'get_document_quota':
// Getting the course quota
$courseQuota = DocumentManager::get_course_quota();
// Calculating the total space
$total = DocumentManager::documents_total_space(api_get_course_int_id());
// Displaying the quota
echo DocumentManager::displaySimpleQuota($courseQuota, $total);
break;
case 'upload_file':
api_protect_course_script(true);
if (isset($_REQUEST['chunkAction']) && 'send' === $_REQUEST['chunkAction']) {
// It uploads the files in chunks
if (!empty($_FILES)) {
$tempDirectory = api_get_path(SYS_ARCHIVE_PATH);
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
if (!empty($fileList)) {
foreach ($fileList as $n => $file) {
$tmpFile = disable_dangerous_file(
api_replace_dangerous_char($file['name'])
);
file_put_contents(
$tempDirectory.$tmpFile,
fopen($file['tmp_name'], 'r'),
FILE_APPEND
);
}
}
}
echo json_encode([
'files' => $_FILES,
'errorStatus' => 0,
]);
exit;
} else {
// User access same as upload.php
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$sessionId = api_get_session_id();
if (!$is_allowed_to_edit && $sessionId && $_REQUEST['curdirpath'] == "/basic-course-documents__{$sessionId}__0") {
$session = SessionManager::fetch($sessionId);
if (!empty($session) && $session['session_admin_id'] == api_get_user_id()) {
$is_allowed_to_edit = true;
}
}
// This needs cleaning!
if (api_get_group_id()) {
$groupInfo = GroupManager::get_group_properties(api_get_group_id());
// Only course admin or group members allowed
if ($is_allowed_to_edit || GroupManager::is_user_in_group(api_get_user_id(), $groupInfo)) {
if (!GroupManager::allowUploadEditDocument(
api_get_user_id(),
api_get_course_int_id(),
$groupInfo
)) {
exit;
}
} else {
exit;
}
} elseif ($is_allowed_to_edit ||
DocumentManager::is_my_shared_folder(api_get_user_id(), $_REQUEST['curdirpath'], api_get_session_id())
) {
// ??
} else {
// No course admin and no group member...
exit;
}
$directoryParentId = isset($_POST['directory_parent_id']) ? (int) $_POST['directory_parent_id'] : 0;
$currentDirectory = '';
if (empty($directoryParentId)) {
$currentDirectory = $_REQUEST['curdirpath'] ?? '';
} else {
$documentData = DocumentManager::get_document_data_by_id($directoryParentId, api_get_course_id());
if ($documentData) {
$currentDirectory = $documentData['path'];
}
}
if (empty($currentDirectory)) {
$currentDirectory = DIRECTORY_SEPARATOR;
}
$ifExists = $_POST['if_exists'] ?? '';
$unzip = isset($_POST['unzip']) ? 1 : 0;
if (empty($ifExists)) {
$fileExistsOption = api_get_setting('document_if_file_exists_option');
$defaultFileExistsOption = 'rename';
if (!empty($fileExistsOption)) {
$defaultFileExistsOption = $fileExistsOption;
}
} else {
$defaultFileExistsOption = $ifExists;
}
if (!empty($_FILES)) {
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
$resultList = [];
foreach ($fileList as $fileInfo) {
$file = processChunkedFile($fileInfo);
$globalFile = [];
$globalFile['files'] = $file;
$result = DocumentManager::upload_document(
$globalFile,
$currentDirectory,
'',
'', // comment
$unzip,
$defaultFileExistsOption,
false,
false,
'files'
);
$json = [];
if (!empty($result) && is_array($result)) {
$json['name'] = api_htmlentities($result['title']);
$json['link'] = Display::url(
api_htmlentities($result['title']),
api_htmlentities($result['url']),
['target' => '_blank']
);
$json['url'] = $result['url'];
$json['size'] = format_file_size($file['size']);
$json['type'] = api_htmlentities($file['type']);
$json['result'] = Display::return_icon(
'accept.png',
get_lang('Uploaded')
);
} else {
$json['name'] = $file['name'] ?? get_lang('Unknown');
$json['url'] = '';
$json['error'] = get_lang('Error');
}
$resultList[] = $json;
}
echo json_encode(['files' => $resultList]);
exit;
}
}
break;
case 'ck_uploadimage':
if (true !== api_get_configuration_value('enable_uploadimage_editor')) {
exit;
}
api_protect_course_script(true);
// it comes from uploaimage drag and drop ckeditor
$isCkUploadImage = ($_COOKIE['ckCsrfToken'] == $_POST['ckCsrfToken']);
if (!$isCkUploadImage) {
exit;
}
$data = [];
$fileUpload = $_FILES['upload'];
$mimeType = mime_content_type($fileUpload['tmp_name']);
$isMimeAccepted = (new Driver())->mimeAccepted($mimeType, ['image']);
if (!$isMimeAccepted) {
exit;
}
$isAllowedToEdit = api_is_allowed_to_edit(null, true);
if ($isAllowedToEdit) {
$globalFile = ['files' => $fileUpload];
$result = DocumentManager::upload_document(
$globalFile,
'/',
'',
'',
0,
'rename',
false,
false,
'files'
);
if (!$result) {
exit;
}
$relativeUrl = str_replace(api_get_path(WEB_PATH), '/', $result['direct_url']);
$data = [
'uploaded' => 1,
'fileName' => $fileUpload['name'],
'url' => $relativeUrl,
];
} else {
$userId = api_get_user_id();
$syspath = UserManager::getUserPathById($userId, 'system').'my_files';
if (!is_dir($syspath)) {
mkdir($syspath, api_get_permissions_for_new_directories(), true);
}
$webpath = UserManager::getUserPathById($userId, 'web').'my_files';
$fileUploadName = $fileUpload['name'];
if (file_exists($syspath.$fileUploadName)) {
$extension = pathinfo($fileUploadName, PATHINFO_EXTENSION);
$fileName = pathinfo($fileUploadName, PATHINFO_FILENAME);
$suffix = '_'.uniqid();
$fileUploadName = $fileName.$suffix.'.'.$extension;
}
$personalDriver = new PersonalDriver();
$uploadResult = $personalDriver->mimeAccepted(mime_content_type($fileUpload['tmp_name']), ['image']);
if (!$uploadResult || !move_uploaded_file($fileUpload['tmp_name'], $syspath.$fileUploadName)) {
exit;
}
$url = $webpath.$fileUploadName;
$relativeUrl = str_replace(api_get_path(WEB_PATH), '/', $url);
$data = [
'uploaded' => 1,
'fileName' => $fileUploadName,
'url' => $relativeUrl,
];
}
echo json_encode($data);
exit;
case 'document_preview':
$courseInfo = api_get_course_info_by_id($_REQUEST['course_id']);
if (!empty($courseInfo) && is_array($courseInfo)) {
echo DocumentManager::get_document_preview(
$courseInfo,
false,
'_blank',
$_REQUEST['session_id']
);
}
break;
case 'document_destination':
//obtained the bootstrap-select selected value via ajax
$dirValue = $_POST['dirValue'] ?? null;
echo Security::remove_XSS($dirValue);
break;
}
exit;

120
main/inc/ajax/dropbox.ajax.php Normal file
View File

@@ -0,0 +1,120 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls for the document upload.
*/
require_once __DIR__.'/../global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'dropbox/dropbox_functions.inc.php';
$action = $_REQUEST['a'];
switch ($action) {
case 'upload_file':
api_protect_course_script(true);
if (isset($_REQUEST['chunkAction']) && 'send' === $_REQUEST['chunkAction']) {
// It uploads the files in chunks
if (!empty($_FILES)) {
$tempDirectory = api_get_path(SYS_ARCHIVE_PATH);
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
if (!empty($fileList)) {
foreach ($fileList as $n => $file) {
$tmpFile = disable_dangerous_file(
api_replace_dangerous_char($file['name'])
);
file_put_contents(
$tempDirectory.$tmpFile,
fopen($file['tmp_name'], 'r'),
FILE_APPEND
);
}
}
}
echo json_encode([
'files' => $_FILES,
'errorStatus' => 0,
]);
exit;
} else {
// User access same as upload.php
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$recipients = isset($_POST['recipients']) ? $_POST['recipients'] : '';
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if (empty($recipients) && empty($id)) {
$resultList[] = ['error' => get_lang('YouMustSelectAtLeastOneDestinee')];
echo json_encode(['files' => $resultList]);
exit;
}
$work = null;
if (!empty($id)) {
$work = new Dropbox_SentWork($id);
if (empty($work)) {
$resultList[] = ['error' => get_lang('Error')];
echo json_encode(['files' => $resultList]);
exit;
}
}
if (!empty($_FILES)) {
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
$resultList = [];
foreach ($fileList as $fileInfo) {
$file = processChunkedFile($fileInfo);
$globalFile = [];
$globalFile['files'] = $file;
/** @var Dropbox_SentWork $result */
$result = store_add_dropbox($file, $work);
$json = [];
if (!empty($result)) {
$json['name'] = Display::url(
api_htmlentities($result->title),
api_htmlentities(api_get_path(WEB_CODE_PATH).'dropbox/index.php?'.api_get_cidreq()),
['target' => '_blank']
);
$json['url'] = api_get_path(WEB_CODE_PATH).'dropbox/index.php?'.api_get_cidreq();
$json['size'] = format_file_size($result->filesize);
$json['type'] = api_htmlentities($file['type']);
$json['result'] = Display::return_icon(
'accept.png',
get_lang('Uploaded')
);
} else {
$json['result'] = Display::return_icon(
'exclamation.png',
get_lang('Error')
);
}
$resultList[] = $json;
}
echo json_encode(['files' => $resultList]);
exit;
}
}
break;
}
exit;

25
main/inc/ajax/events.ajax.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
$event_name = isset($_REQUEST['eventName']) ? $_REQUEST['eventName'] : null;
api_protect_admin_script();
switch ($action) {
case 'getEventTypes':
$events = Event::get_all_event_types();
echo json_encode($events);
break;
case 'getUsers':
$users = UserManager::get_user_list();
echo json_encode($users);
break;
case 'get_event_users':
$users = Event::get_event_users($event_name);
echo json_encode($users);
break;
}
exit;

1270
main/inc/ajax/exercise.ajax.php Normal file
View File

File diff suppressed because it is too large Load Diff

185
main/inc/ajax/extra_field.ajax.php Normal file
View File

@@ -0,0 +1,185 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Entity\Tag;
require_once __DIR__.'/../global.inc.php';
$action = isset($_GET['a']) ? $_GET['a'] : '';
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;
$fieldId = isset($_REQUEST['field_id']) ? $_REQUEST['field_id'] : null;
switch ($action) {
case 'delete_file':
api_protect_admin_script();
$itemId = isset($_REQUEST['item_id']) ? $_REQUEST['item_id'] : null;
$extraFieldValue = new ExtraFieldValue($type);
$data = $extraFieldValue->get_values_by_handler_and_field_id($itemId, $fieldId);
if (!empty($data) && isset($data['id']) && !empty($data['value'])) {
$extraFieldValue->deleteValuesByHandlerAndFieldAndValue($itemId, $data['field_id'], $data['value']);
echo 1;
break;
}
echo 0;
break;
case 'get_second_select_options':
$option_value_id = isset($_REQUEST['option_value_id']) ? $_REQUEST['option_value_id'] : null;
if (!empty($type) && !empty($fieldId) && !empty($option_value_id)) {
$field_options = new ExtraFieldOption($type);
echo $field_options->get_second_select_field_options_by_field(
$option_value_id,
true
);
}
break;
case 'search_tags':
header('Content-Type: application/json');
$tag = $_REQUEST['q'] ?? null;
$pageLimit = isset($_REQUEST['page_limit']) ? (int) $_REQUEST['page_limit'] : 10;
$byId = !empty($_REQUEST['byid']);
$result = [];
if (empty($tag)) {
echo json_encode(['items' => $result]);
exit;
}
$tagRepo = Database::getManager()->getRepository(Tag::class);
if ('portfolio' === $type) {
$tags = $tagRepo
->findForPortfolioInCourseQuery(
api_get_course_entity(),
api_get_session_entity()
)
->getQuery()
->getResult();
} else {
$tags = $tagRepo->findByFieldIdAndText($fieldId, $tag, $pageLimit);
}
/** @var Tag $tag */
foreach ($tags as $tag) {
$result[] = [
'id' => $byId ? $tag->getId() : $tag->getTag(),
'text' => $tag->getTag(),
];
}
echo json_encode(['items' => $result]);
break;
case 'search_options_from_tags':
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;
$fieldId = isset($_REQUEST['field_id']) ? $_REQUEST['field_id'] : null;
$tag = isset($_REQUEST['tag']) ? $_REQUEST['tag'] : null;
$extraFieldOption = new ExtraFieldOption($type);
$from = isset($_REQUEST['from']) ? $_REQUEST['from'] : '';
$search = isset($_REQUEST['search']) ? $_REQUEST['search'] : '';
$options = isset($_REQUEST['options']) ? json_decode($_REQUEST['options']) : '';
$extraField = new ExtraField('session');
$result = $extraField->searchOptionsFromTags($from, $search, $options);
$options = [];
$groups = [];
foreach ($result as $data) {
// Try to get the translation
$displayText = $data['display_text'];
$valueToTranslate = str_replace('-', '', $data['value']);
$valueTranslated = str_replace(['[=', '=]'], '', get_lang($valueToTranslate));
if ($valueToTranslate != $valueTranslated) {
$displayText = $valueTranslated;
}
$groups[$displayText][] = [
'id' => $data['id'],
'text' => $data['tag'],
];
}
foreach ($groups as $key => $data) {
$options[] = [
'text' => $key,
'children' => $groups[$key],
];
}
echo json_encode($options);
break;
case 'order':
$variable = isset($_REQUEST['field_variable']) ? $_REQUEST['field_variable'] : '';
$save = isset($_REQUEST['save']) ? $_REQUEST['save'] : '';
$values = isset($_REQUEST['values']) ? json_decode($_REQUEST['values']) : '';
$extraField = new ExtraField('session');
$extraFieldInfo = $extraField->get_handler_field_info_by_field_variable(str_replace('extra_', '', $variable));
$em = Database::getManager();
$search = [
'user' => api_get_user_id(),
'field' => $extraFieldInfo['id'],
];
$extraFieldSavedSearch = $em->getRepository('ChamiloCoreBundle:ExtraFieldSavedSearch')->findOneBy($search);
if ($save) {
$extraField = new \Chamilo\CoreBundle\Entity\ExtraFieldSavedSearch('session');
if ($extraFieldSavedSearch) {
$extraFieldSavedSearch->setValue($values);
$em->merge($extraFieldSavedSearch);
$em->flush();
}
}
if ($extraFieldInfo) {
/** @var \Chamilo\CoreBundle\Entity\ExtraFieldSavedSearch $options */
$extraFieldSavedSearch = $em->getRepository('ChamiloCoreBundle:ExtraFieldSavedSearch')->findOneBy($search);
$values = $extraFieldSavedSearch->getValue();
$url = api_get_self().'?a=order&save=1&field_variable='.$variable;
$html = '
<script>
$(function() {
$( "#sortable" ).sortable();
$( "#sortable" ).disableSelection();
$( "#link_'.$variable.'" ).on("click", function() {
var newList = [];
$("#sortable").find("li").each(function(){
newList.push($(this).text());
});
var save = JSON.stringify(newList);
$.ajax({
url: "'.$url.'",
dataType: "json",
data: "values="+save,
success: function(data) {
}
});
alert("'.get_lang('Saved').'");
location.reload();
return false;
});
});
</script>';
$html .= '<ul id="sortable">';
foreach ($values as $value) {
$html .= '<li class="ui-state-default">';
$html .= $value;
$html .= '</li>';
}
$html .= '</ul>';
$html .= Display::url(get_lang('Save'), '#', ['id' => 'link_'.$variable, 'class' => 'btn btn-primary']);
echo $html;
}
break;
default:
exit;
break;
}
exit;

21
main/inc/ajax/form.ajax.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
switch ($action) {
case 'get_captcha':
header('Content-Type: image/jpeg');
$sessionVar = empty($_REQUEST['var']) ? '_HTML_QuickForm_CAPTCHA' : $_REQUEST['var'];
if (isset($_SESSION[$sessionVar]) && !empty($_SESSION[$sessionVar])) {
$obj = $_SESSION[$sessionVar];
// Force a new CAPTCHA for each one displayed/** @var Text_CAPTCHA $obj */;
$obj->generate(true);
echo $image = $obj->getCAPTCHA();
}
exit;
break;
}

204
main/inc/ajax/forum.ajax.php Normal file
View File

@@ -0,0 +1,204 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CourseBundle\Entity\CForumPost;
/**
* Responses to AJAX calls for forum attachments.
*
* @package chamilo/forum
*
* @author Daniel Barreto Alva <daniel.barreto@beeznest.com>
*/
require_once __DIR__.'/../global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'forum/forumfunction.inc.php';
// First, protect this script
api_protect_course_script(false);
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
// Create a default error response
$json = [
'error' => true,
'errorMessage' => 'ERROR',
];
// Check if exist action
if (!empty($action)) {
switch ($action) {
case 'upload_file':
$current_forum = get_forum_information($_REQUEST['forum']);
$current_forum_category = get_forumcategory_information($current_forum['forum_category']);
$current_thread = get_thread_information($_REQUEST['forum'], $_REQUEST['thread']);
if (!empty($_FILES) && !empty($_REQUEST['forum'])) {
// The user is not allowed here if
// 1. the forum category, forum or thread is invisible (visibility==0)
// 2. the forum category, forum or thread is locked (locked <>0)
// 3. if anonymous posts are not allowed
// The only exception is the course manager
// They are several pieces for clarity.
if (!api_is_allowed_to_edit(null, true) &&
(
($current_forum_category && $current_forum_category['visibility'] == 0) ||
$current_forum['visibility'] == 0
)
) {
$json['errorMessage'] = '1. the forum category, forum or thread is invisible (visibility==0)';
break;
}
if (!api_is_allowed_to_edit(null, true) &&
(
($current_forum_category && $current_forum_category['locked'] != 0) ||
$current_forum['locked'] != 0 || $current_thread['locked'] != 0
)
) {
$json['errorMessage'] = '2. the forum category, forum or thread is locked (locked <>0)';
break;
}
if (api_is_anonymous() && $current_forum['allow_anonymous'] == 0) {
$json['errorMessage'] = '3. if anonymous posts are not allowed';
break;
}
// If pass all previous control, user can edit post
$courseId = isset($_REQUEST['c_id']) ? intval($_REQUEST['c_id']) : api_get_course_int_id();
$json['courseId'] = $courseId;
$forumId = isset($_REQUEST['forum']) ? intval($_REQUEST['forum']) : null;
$json['forum'] = $forumId;
$threadId = isset($_REQUEST['thread']) ? intval($_REQUEST['thread']) : null;
$json['thread'] = $threadId;
$postId = isset($_REQUEST['postId']) ? intval($_REQUEST['postId']) : null;
$json['postId'] = $postId;
if (!empty($courseId) &&
!is_null($forumId) &&
!is_null($threadId) &&
!is_null($postId)
) {
// Save forum attachment
$attachId = add_forum_attachment_file('', $postId);
if ($attachId !== false) {
// Get prepared array of attachment data
$array = getAttachedFiles(
$forumId,
$threadId,
$postId,
$attachId,
$courseId
);
// Check if array data is consistent
if (isset($array['name'])) {
$json['error'] = false;
$json['errorMessage'] = 'Success';
$json = array_merge($json, $array);
}
}
}
}
echo json_encode($json);
break;
case 'delete_file':
$current_forum = get_forum_information($_REQUEST['forum']);
$current_forum_category = get_forumcategory_information($current_forum['forum_category']);
$current_thread = get_thread_information($_REQUEST['forum'], $_REQUEST['thread']);
// Check if set attachment ID and thread ID
if (isset($_REQUEST['attachId']) && isset($_REQUEST['thread'])) {
api_block_course_item_locked_by_gradebook($_REQUEST['thread'], LINK_FORUM_THREAD);
// The user is not allowed here if
// 1. the forum category, forum or thread is invisible (visibility==0)
// 2. the forum category, forum or thread is locked (locked <>0)
// 3. if anonymous posts are not allowed
// 4. if editing of replies is not allowed
// The only exception is the course manager
// They are several pieces for clarity.
if (!api_is_allowed_to_edit(null, true) &&
(
($current_forum_category && $current_forum_category['visibility'] == 0) ||
$current_forum['visibility'] == 0
)
) {
$json['errorMessage'] = '1. the forum category, forum or thread is invisible (visibility==0)';
break;
}
if (!api_is_allowed_to_edit(null, true) &&
(
($current_forum_category && $current_forum_category['locked'] != 0) ||
$current_forum['locked'] != 0 || $current_thread['locked'] != 0
)
) {
$json['errorMessage'] = '2. the forum category, forum or thread is locked (locked <>0)';
break;
}
if (api_is_anonymous() && $current_forum['allow_anonymous'] == 0) {
$json['errorMessage'] = '3. if anonymous posts are not allowed';
break;
}
$group_id = api_get_group_id();
$groupInfo = GroupManager::get_group_properties($group_id);
if (!api_is_allowed_to_edit(null, true) &&
$current_forum['allow_edit'] == 0 &&
($group_id && !GroupManager::is_tutor_of_group(api_get_user_id(), $groupInfo))
) {
$json['errorMessage'] = '4. if editing of replies is not allowed';
break;
}
// If pass all previous control, user can edit post
$attachId = $_REQUEST['attachId'];
$threadId = $_REQUEST['thread'];
// Delete forum attachment from database and file system
$affectedRows = delete_attachment(0, $attachId, false);
if ($affectedRows > 0) {
$json['error'] = false;
$json['errorMessage'] = 'Success';
}
}
echo json_encode($json);
break;
case 'change_post_status':
if (api_is_allowed_to_edit(false, true)) {
$postId = isset($_GET['post_id']) ? $_GET['post_id'] : '';
if (empty($postId)) {
exit;
}
$postId = str_replace('status_post_', '', $postId);
$em = Database::getManager();
/** @var CForumPost $post */
$post = $em->find('ChamiloCourseBundle:CForumPost', $postId);
if ($post) {
$forum = get_forums($post->getForumId(), api_get_course_id());
$status = $post->getStatus();
if (empty($status)) {
$status = CForumPost::STATUS_WAITING_MODERATION;
}
switch ($status) {
case CForumPost::STATUS_VALIDATED:
$changeTo = CForumPost::STATUS_REJECTED;
break;
case CForumPost::STATUS_WAITING_MODERATION:
$changeTo = CForumPost::STATUS_VALIDATED;
break;
case CForumPost::STATUS_REJECTED:
$changeTo = CForumPost::STATUS_WAITING_MODERATION;
break;
}
$post->setStatus($changeTo);
$em->persist($post);
$em->flush();
echo getPostStatus(
$forum,
[
'iid' => $post->getIid(),
'status' => $post->getStatus(),
],
false
);
}
}
break;
}
}
exit;

100
main/inc/ajax/gradebook.ajax.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_course_script(true);
$action = $_REQUEST['a'];
switch ($action) {
case 'add_gradebook_comment':
if (true !== api_get_configuration_value('allow_gradebook_comments')) {
exit;
}
if (api_is_allowed_to_edit(null, true)) {
$userId = $_REQUEST['user_id'] ?? 0;
$gradeBookId = $_REQUEST['gradebook_id'] ?? 0;
$comment = $_REQUEST['comment'] ?? '';
GradebookUtils::saveComment($gradeBookId, $userId, $comment);
echo 1;
exit;
}
echo 0;
break;
case 'get_gradebook_weight':
if (api_is_allowed_to_edit(null, true)) {
$cat_id = $_GET['cat_id'];
$cat = Category::load($cat_id);
if ($cat && isset($cat[0])) {
echo $cat[0]->get_weight();
} else {
echo 0;
}
}
break; /*
case 'generate_custom_report':
if (api_is_allowed_to_edit(null, true)) {
$allow = api_get_configuration_value('gradebook_custom_student_report');
if (!$allow) {
exit;
}
$form = new FormValidator(
'search',
'get',
api_get_path(WEB_CODE_PATH).'gradebook/index.php?'.api_get_cidreq().'&action=generate_custom_report'
);
$form->addText('custom_course_id', get_lang('CourseId'));
$form->addDateRangePicker('range', get_lang('DateRange'));
$form->addHidden('action', 'generate_custom_report');
$form->addButtonSearch();
$form->display();
}
break;*/
case 'export_all_certificates':
$categoryId = (int) $_GET['cat_id'];
$filterOfficialCodeGet = isset($_GET['filter']) ? Security::remove_XSS($_GET['filter']) : null;
if (api_is_student_boss()) {
$userGroup = new UserGroup();
$userList = $userGroup->getGroupUsersByUser(api_get_user_id());
} else {
$userList = [];
if (!empty($filterOfficialCodeGet)) {
$userList = UserManager::getUsersByOfficialCode($filterOfficialCodeGet);
}
}
$courseCode = api_get_course_id();
$sessionId = api_get_session_id();
$commandScript = api_get_path(SYS_CODE_PATH).'gradebook/cli/export_all_certificates.php';
$userList = implode(',', $userList);
shell_exec("php $commandScript $courseCode $sessionId $categoryId $userList > /dev/null &");
break;
case 'verify_export_all_certificates':
$categoryId = (int) $_GET['cat_id'];
$courseCode = isset($_GET['cidReq']) ? Security::remove_XSS($_GET['cidReq']) : api_get_course_id();
$sessionId = isset($_GET['id_session']) ? (int) $_GET['id_session'] : api_get_session_id();
$date = api_get_utc_datetime(null, false, true);
$pdfName = 'certs_'.$courseCode.'_'.$sessionId.'_'.$categoryId.'_'.$date->format('Y-m-d');
$sysFinalFile = api_get_path(SYS_ARCHIVE_PATH)."$pdfName.pdf";
$webFinalFile = api_get_path(WEB_ARCHIVE_PATH)."$pdfName.pdf";
if (file_exists($sysFinalFile)) {
echo $webFinalFile;
}
break;
default:
echo '';
break;
}
exit;

27
main/inc/ajax/group.ajax.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
$isAllowedToEdit = api_is_allowed_to_edit();
switch ($action) {
case 'search':
if ($isAllowedToEdit) {
$groups = GroupManager::getGroupListFilterByName($_REQUEST['q'], null, api_get_course_int_id());
$list = [];
foreach ($groups as $group) {
$list[] = [
'id' => $group['iid'],
'text' => $group['name'],
];
}
echo json_encode(['items' => $list]);
}
break;
default:
break;
}
exit;

6
main/inc/ajax/index.html Normal file
View File

@@ -0,0 +1,6 @@
<html>
<head>
</head>
<body>
</body>
</html>

86
main/inc/ajax/install.ajax.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
/* For licensing terms, see /license.txt */
use GuzzleHttp\Client;
/**
* Responses to AJAX calls for install.
*/
require_once __DIR__.'/../../../vendor/autoload.php';
$action = $_GET['a'];
switch ($action) {
case 'send_contact_information':
if (!empty($_POST)) {
// get params from contact form
$person_name = $_POST['person_name'];
$person_email = $_POST['person_email'];
$person_role = $_POST['person_role'];
$financial_decision = $_POST['financial_decision'];
$contact_language = $_POST['language'];
$company_name = $_POST['company_name'];
$company_activity = $_POST['company_activity'];
$company_country = $_POST['company_country'];
$company_city = $_POST['company_city'];
// validating required fields
$a_required_fields = [$person_name, $person_role, $company_name, $company_activity, $company_country];
$required_field_error = false;
foreach ($a_required_fields as $required_file) {
if (trim($required_file) === '') {
$required_field_error = true;
break;
}
}
// Return error if any of the required fields is empty
if ($required_field_error) {
echo 'required_field_error';
break;
} else {
// save contact information with web service
// create a client
$url = 'https://version.chamilo.org/contactv2.php';
$options = [
'verify' => false,
];
$urlValidated = false;
try {
$client = new GuzzleHttp\Client();
$res = $client->request('GET', $url, $options);
if ($res->getStatusCode() == '200' || $res->getStatusCode() == '301') {
$urlValidated = true;
}
} catch (Exception $e) {
error_log("Could not check $url from ".__FILE__);
break;
}
$data = [
'person_name' => $person_name,
'person_email' => $person_email,
'person_role' => $person_role,
'financial_decision' => $financial_decision,
'contact_language' => $contact_language,
'company_name' => $company_name,
'company_activity' => $company_activity,
'company_country' => $company_country,
'company_city' => $company_city,
];
$client = new GuzzleHttp\Client();
$options['query'] = $data;
$res = $client->request('GET', $url, $options);
if ($res->getStatusCode() == '200') {
echo '1';
}
}
}
break;
default:
echo '';
}
exit;

81
main/inc/ajax/lang.ajax.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_course_script(true);
$action = $_REQUEST['a'];
switch ($action) {
case 'translate_html':
header('Content-type: application/x-javascript');
echo api_get_language_translate_html();
break;
case 'translate_portfolio_category':
if (false === Security::check_token('get')) {
exit;
}
Security::clear_token();
if (isset($_REQUEST['new_language']) && isset($_REQUEST['variable_language']) && isset($_REQUEST['category_id'])) {
$newLanguage = Security::remove_XSS($_REQUEST['new_language']);
$langVariable = ltrim(
Security::remove_XSS($_REQUEST['variable_language']),
'$'
);
$categoryId = (int) $_REQUEST['category_id'];
$languageId = (int) $_REQUEST['id'];
$subLanguageId = (int) $_REQUEST['sub'];
$langFilesToLoad = SubLanguageManager::get_lang_folder_files_list(
api_get_path(SYS_LANG_PATH).'english',
true
);
$fileLanguage = $langFilesToLoad[0].'.inc.php';
$allDataOfLanguage = SubLanguageManager::get_all_information_of_sub_language($languageId, $subLanguageId);
$pathFolder = api_get_path(SYS_LANG_PATH).$allDataOfLanguage['dokeos_folder'].'/'.$fileLanguage;
$allFileOfDirectory = SubLanguageManager::get_all_language_variable_in_file($pathFolder);
$returnValue = SubLanguageManager::add_file_in_language_directory($pathFolder);
//update variable language
$allFileOfDirectory[$langVariable] = $newLanguage;
$resultArray = [];
foreach ($allFileOfDirectory as $key => $value) {
$resultArray[$key] = SubLanguageManager::write_data_in_file($pathFolder, $value, $key);
}
$variablesWithProblems = '';
if (!empty($resultArray)) {
foreach ($resultArray as $key => $result) {
if ($result == false) {
$variablesWithProblems .= $key.' <br />';
}
}
}
if (isset($_REQUEST['redirect'])) {
$message = Display::return_message(get_lang('TheNewWordHasBeenAdded'), 'success');
if (!empty($variablesWithProblems)) {
$message = Display::return_message(
$pathFolder.' '.get_lang('IsNotWritable').'<br /> '.api_ucwords(get_lang('ErrorsFound'))
.': <br />'.$variablesWithProblems,
'error'
);
}
Display::addFlash($message);
header('Location: '.api_get_path(WEB_CODE_PATH).'portfolio/index.php?'.api_get_cidreq().'&action=translate_category&id='.$categoryId.'&sub_language='.$subLanguageId);
exit;
}
}
break;
default:
echo '';
}
exit;

39
main/inc/ajax/link.ajax.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_course_script(true);
$action = $_REQUEST['a'];
switch ($action) {
case 'check_url':
if (api_is_allowed_to_edit(null, true)) {
$url = $_REQUEST['url'];
$result = \Link::checkUrl($url);
if ($result) {
echo Display::return_icon(
'check-circle.png',
get_lang('Ok'),
null,
ICON_SIZE_TINY
);
} else {
echo Display::return_icon(
'closed-circle.png',
get_lang('Wrong'),
null,
ICON_SIZE_TINY
);
}
}
break;
default:
echo '';
}
exit;

331
main/inc/ajax/lp.ajax.php Normal file
View File

@@ -0,0 +1,331 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_course_script(true);
$debug = false;
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : '';
$courseId = api_get_course_int_id();
$sessionId = api_get_session_id();
if ($debug) {
error_log('----------lp.ajax-------------- action '.$action);
}
// We check if a tool provider
if (isset($_REQUEST['lti_launch_id'])) {
$ltiLaunchId = Security::remove_XSS($_REQUEST['lti_launch_id']);
$_SESSION['oLP']->lti_launch_id = $ltiLaunchId;
}
switch ($action) {
case 'get_lp_list_by_course':
$course_id = (isset($_GET['course_id']) && !empty($_GET['course_id'])) ? (int) $_GET['course_id'] : 0;
$session_id = (isset($_GET['session_id']) && !empty($_GET['session_id'])) ? (int) $_GET['session_id'] : 0;
$onlyActiveLp = !(api_is_platform_admin(true) || api_is_course_admin());
$results = learnpath::getLpList($course_id, $session_id, $onlyActiveLp);
$data = [];
if (!empty($results)) {
foreach ($results as $lp) {
$data[] = ['id' => $lp['id'], 'text' => html_entity_decode($lp['name'])];
}
}
echo json_encode($data);
break;
case 'get_documents':
$courseInfo = api_get_course_info();
$folderId = $_GET['folder_id'] ?? false;
if (empty($folderId)) {
exit;
}
$lpId = isset($_GET['lp_id']) ? $_GET['lp_id'] : false;
$url = isset($_GET['url']) ? $_GET['url'] : '';
$addMove = isset($_GET['add_move_button']) && $_GET['add_move_button'] == 1 ? true : false;
$showOnlyFolders = false;
if (isset($_GET['showOnlyFolders'])) {
$showOnlyFolders = (1 == (int) $_GET['showOnlyFolders']);
}
echo DocumentManager::get_document_preview(
$courseInfo,
$lpId,
null,
api_get_session_id(),
$addMove,
null,
$url,
true,
$showOnlyFolders,
$folderId,
false
);
break;
case 'add_lp_item':
if (api_is_allowed_to_edit(null, true)) {
/** @var learnpath $learningPath */
$learningPath = Session::read('oLP');
if ($learningPath) {
// Updating the lp.modified_on
$learningPath->set_modified_on();
$title = $_REQUEST['title'];
if ($_REQUEST['type'] == TOOL_QUIZ) {
$title = Exercise::format_title_variable($title);
}
$parentId = isset($_REQUEST['parent_id']) ? $_REQUEST['parent_id'] : '';
$previousId = isset($_REQUEST['previous_id']) ? $_REQUEST['previous_id'] : '';
$itemId = $learningPath->add_item(
$parentId,
$previousId,
$_REQUEST['type'],
$_REQUEST['id'],
$title,
null
);
/** @var learnpath $learningPath */
$learningPath = Session::read('oLP');
if ($learningPath) {
echo $learningPath->returnLpItemList(null);
}
}
}
break;
case 'update_lp_item_order':
if (api_is_allowed_to_edit(null, true)) {
// $new_order gets a value like "647|0^648|0^649|0^"
$new_order = $_POST['new_order'];
$sections = explode('^', $new_order);
$sections = array_filter($sections);
$orderList = [];
foreach ($sections as $items) {
[$id, $parentId] = explode('|', $items);
$orderList[$id] = $parentId;
}
learnpath::sortItemByOrderList($orderList);
echo Display::return_message(get_lang('Saved'), 'confirm');
}
break;
case 'record_audio':
if (api_is_allowed_to_edit(null, true) == false) {
exit;
}
/** @var Learnpath $lp */
$lp = Session::read('oLP');
$course_info = api_get_course_info();
$lpPathInfo = $lp->generate_lp_folder($course_info);
if (empty($lpPathInfo)) {
exit;
}
foreach (['video', 'audio'] as $type) {
if (isset($_FILES["${type}-blob"])) {
$fileName = $_POST["${type}-filename"];
$file = $_FILES["${type}-blob"];
$title = $_POST['audio-title'];
$fileInfo = pathinfo($fileName);
//$file['name'] = 'rec_'.date('Y-m-d_His').'_'.uniqid().'.'.$fileInfo['extension'];
$file['name'] = $title.'.'.$fileInfo['extension'];
$file['file'] = $file;
$result = DocumentManager::upload_document(
$file,
'/audio',
$file['name'],
null,
0,
'overwrite',
false,
false
);
if (!empty($result) && is_array($result)) {
$newDocId = $result['id'];
$courseId = $result['c_id'];
$lp->set_modified_on();
$lpItem = new learnpathItem($_REQUEST['lp_item_id']);
$lpItem->add_audio_from_documents($newDocId);
$data = DocumentManager::get_document_data_by_id($newDocId, $course_info['code']);
echo $data['document_url'];
exit;
}
}
}
break;
case 'get_forum_thread':
$lpId = isset($_GET['lp']) ? intval($_GET['lp']) : 0;
$lpItemId = isset($_GET['lp_item']) ? intval($_GET['lp_item']) : 0;
$sessionId = api_get_session_id();
if (empty($lpId) || empty($lpItemId)) {
echo json_encode([
'error' => true,
]);
break;
}
$learningPath = learnpath::getLpFromSession(
api_get_course_id(),
$lpId,
api_get_user_id()
);
$lpItem = $learningPath->getItem($lpItemId);
if (empty($lpItem)) {
echo json_encode([
'error' => true,
]);
break;
}
$lpHasForum = $learningPath->lpHasForum();
if (!$lpHasForum) {
echo json_encode([
'error' => true,
]);
break;
}
$forum = $learningPath->getForum($sessionId);
if (empty($forum)) {
require_once '../../forum/forumfunction.inc.php';
$forumCategory = getForumCategoryByTitle(
get_lang('LearningPaths'),
$courseId,
$sessionId
);
if (empty($forumCategory)) {
$forumCategoryId = store_forumcategory(
[
'lp_id' => 0,
'forum_category_title' => get_lang('LearningPaths'),
'forum_category_comment' => null,
],
[],
false
);
} else {
$forumCategoryId = $forumCategory['cat_id'];
}
$forumId = $learningPath->createForum($forumCategoryId);
} else {
$forumId = $forum['forum_id'];
}
$lpItemHasThread = $lpItem->lpItemHasThread($courseId);
if (!$lpItemHasThread) {
echo json_encode([
'error' => true,
]);
break;
}
$forumThread = $lpItem->getForumThread($courseId, $sessionId);
if (empty($forumThread)) {
$lpItem->createForumThread($forumId);
$forumThread = $lpItem->getForumThread($courseId, $sessionId);
}
$forumThreadId = $forumThread['thread_id'];
echo json_encode([
'error' => false,
'forumId' => intval($forum['forum_id']),
'threadId' => intval($forumThreadId),
]);
break;
case 'update_gamification':
$lp = Session::read('oLP');
$jsonGamification = [
'stars' => 0,
'score' => 0,
];
if ($lp) {
$score = $lp->getCalculateScore($sessionId);
$jsonGamification['stars'] = $lp->getCalculateStars($sessionId);
$jsonGamification['score'] = sprintf(get_lang('XPoints'), $score);
}
echo json_encode($jsonGamification);
break;
case 'check_item_position':
$lp = Session::read('oLP');
$lpItemId = isset($_GET['lp_item']) ? intval($_GET['lp_item']) : 0;
if ($lp) {
$position = $lp->isFirstOrLastItem($lpItemId);
echo json_encode($position);
}
break;
case 'get_parent_names':
$newItemId = isset($_GET['new_item']) ? intval($_GET['new_item']) : 0;
if (!$newItemId) {
break;
}
/** @var \learnpath $lp */
$lp = Session::read('oLP');
$parentNames = $lp->getCurrentItemParentNames($newItemId);
$response = '';
foreach ($parentNames as $parentName) {
$response .= '<p class="h5 hidden-xs hidden-md">'.$parentName.'</p>';
}
echo $response;
break;
case 'get_item_prerequisites':
/** @var learnpath $lp */
$lp = Session::read('oLP');
$itemId = isset($_GET['item_id']) ? (int) $_GET['item_id'] : 0;
if (empty($lp) || empty($itemId)) {
exit;
}
if ($lp->debug) {
error_log('--------------------------------------');
error_log('get_item_prerequisites');
}
$result = $lp->prerequisites_match($itemId);
if ($result) {
echo '1';
} else {
if (!empty($lp->error)) {
echo $lp->error;
} else {
echo get_lang('LearnpathPrereqNotCompleted');
}
}
$lp->error = '';
exit;
break;
default:
echo '';
}

29
main/inc/ajax/mail.ajax.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
api_protect_admin_script();
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
switch ($action) {
case 'select_option':
$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
if (!empty($id)) {
$mail = new MailTemplateManager();
$item = $mail->get($id);
echo $item['template'];
} else {
$templateName = isset($_REQUEST['template_name']) ? $_REQUEST['template_name'] : null;
if (!empty($templateName)) {
$templatePath = api_get_path(SYS_CODE_PATH).'template/default/mail/';
if (Security::check_abs_path($templatePath.$templateName, $templatePath)) {
if (file_exists($templatePath.$templateName)) {
echo file_get_contents($templatePath.$templateName);
}
}
}
}
break;
}

170
main/inc/ajax/message.ajax.php Normal file
View File

@@ -0,0 +1,170 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\UserBundle\Entity\User;
$_dont_save_user_course_access = true;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_GET['a'];
switch ($action) {
case 'get_count_notifications':
if (api_get_configuration_value('notification_event')) {
$notificationManager = new NotificationEvent();
$notifications = $notificationManager->getNotificationsByUser(api_get_user_id());
echo count($notifications);
}
break;
case 'get_notifications':
if (api_get_configuration_value('notification_event')) {
$notificationManager = new NotificationEvent();
$notifications = $notificationManager->getNotificationsByUser(api_get_user_id());
echo json_encode($notifications);
}
break;
case 'mark_notification_as_read':
if (api_get_configuration_value('notification_event')) {
$id = $_REQUEST['id'] ?? 0;
$notificationManager = new NotificationEvent();
$notificationManager->markAsRead($id);
echo 1;
}
break;
case 'get_count_message':
api_block_anonymous_users(false);
$userId = api_get_user_id();
$invitations = MessageManager::getMessagesCountForUser($userId);
header('Content-type:application/json');
echo json_encode($invitations);
break;
case 'send_message':
api_block_anonymous_users(false);
$subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;
$messageContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;
$messageContent = attr_on_filter($messageContent);
if (empty($subject) || empty($messageContent)) {
echo Display::return_message(get_lang('ErrorSendingMessage'), 'error');
exit;
}
$courseId = isset($_REQUEST['course_id']) ? (int) $_REQUEST['course_id'] : 0;
$sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : 0;
// Add course info
if (!empty($courseId)) {
$courseInfo = api_get_course_info_by_id($courseId);
if (!empty($courseInfo)) {
if (empty($sessionId)) {
$courseNotification = sprintf(get_lang('ThisEmailWasSentViaCourseX'), $courseInfo['title']);
} else {
$sessionInfo = api_get_session_info($sessionId);
if (!empty($sessionInfo)) {
$courseNotification = sprintf(
get_lang('ThisEmailWasSentViaCourseXInSessionX'),
$courseInfo['title'],
$sessionInfo['name']
);
}
}
$messageContent .= '<br /><br />'.$courseNotification;
}
}
$result = MessageManager::send_message($_REQUEST['user_id'], $subject, $messageContent);
if ($result) {
echo Display::return_message(get_lang('MessageHasBeenSent'), 'confirmation');
} else {
echo Display::return_message(get_lang('ErrorSendingMessage'), 'confirmation');
}
break;
case 'send_invitation':
api_block_anonymous_users(false);
$subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;
$invitationContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;
SocialManager::sendInvitationToUser($_REQUEST['user_id'], $subject, $invitationContent);
break;
case 'find_users':
if (api_is_anonymous()) {
echo '';
break;
}
$repo = UserManager::getRepository();
$users = $repo->findUsersToSendMessage(
api_get_user_id(),
$_REQUEST['q'],
$_REQUEST['page_limit']
);
$showEmail = api_get_setting('show_email_addresses') === 'true';
$return = ['items' => []];
/** @var User $user */
foreach ($users as $user) {
$userName = UserManager::formatUserFullName($user, true);
if ($showEmail) {
$userName .= " ({$user->getEmail()})";
}
$return['items'][] = [
'text' => $userName,
'id' => $user->getId(),
];
}
header('Content-type:application/json');
echo json_encode($return);
break;
case 'add_tags':
$idList = $_POST['id'] ?? [];
$tagList = $_POST['tags'] ?? [];
if (false === api_get_configuration_value('enable_message_tags')
|| api_is_anonymous()
|| api_get_setting('allow_message_tool') !== 'true'
|| empty($idList) || empty($tagList)
) {
break;
}
$em = Database::getManager();
$userId = api_get_user_id();
$extraFieldValues = new ExtraFieldValue('message');
foreach ($idList as $messageId) {
$messageInfo = MessageManager::get_message_by_id($messageId);
if ($messageInfo['msg_status'] == MESSAGE_STATUS_OUTBOX
&& $messageInfo['user_sender_id'] != $userId
) {
continue;
}
if (in_array($messageInfo['msg_status'], [MESSAGE_STATUS_UNREAD, MESSAGE_STATUS_NEW])
&& $messageInfo['user_receiver_id'] != $userId
) {
continue;
}
$extraParams = [
'item_id' => $messageInfo['id'],
'extra_tags' => $tagList,
];
$extraFieldValues->saveFieldValues($extraParams, false, false, ['tags'], [], false, false);
}
break;
default:
echo '';
}
exit;

2816
main/inc/ajax/model.ajax.php Normal file
View File

File diff suppressed because it is too large Load Diff

232
main/inc/ajax/myspace.ajax.php Normal file
View File

@@ -0,0 +1,232 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_GET['a'];
// Access restrictions.
$is_allowedToTrack = api_is_platform_admin(true, true) ||
api_is_allowed_to_create_course() || api_is_course_tutor() || api_is_session_general_coach();
if (!$is_allowedToTrack) {
exit;
}
switch ($action) {
case 'lp_global_report':
$userId = (int) $_REQUEST['user_id'];
if (empty($userId)) {
exit;
}
$cacheAvailable = api_get_configuration_value('apc');
$table = null;
$variable = 'lp_global_report_'.$userId;
if ($cacheAvailable) {
if (apcu_exists($variable)) {
$table = apcu_fetch($variable);
}
}
if (!empty($table)) {
echo $table;
exit;
}
$sessionCategoryList = UserManager::get_sessions_by_category($userId, false);
$total = 0;
$totalAverage = 0;
$table = new HTML_Table(['class' => 'table table-hover table-striped data_table']);
$row = 0;
$col = 0;
foreach ($sessionCategoryList as $category) {
$sessionList = $category['sessions'];
foreach ($sessionList as $session) {
$courses = $session['courses'];
$sessionId = $session['session_id'];
$session['session_name'];
$totalCourse = 0;
$totalSessionAverage = 0;
foreach ($courses as &$course) {
$average = Tracking::get_avg_student_progress($userId, $course['course_code'], [], $sessionId);
$totalSessionAverage += $average;
$totalCourse++;
if (false !== $average) {
$average = $average.' %';
}
$course['average'] = $average;
}
$total++;
$totalSessionAverage = round($totalSessionAverage / count($courses), 2);
$totalAverage += $totalSessionAverage;
$row++;
$table->setCellContents($row, 0, $session['session_name']);
$table->setCellContents($row, 1, $totalSessionAverage.' %');
$table->setCellContents($row, 2, '');
$row++;
foreach ($courses as &$course) {
$table->setCellContents($row, 0, $session['session_name']);
$table->setCellContents($row, 1, $course['title']);
$table->setCellContents($row, 2, $course['average']);
$row++;
}
}
}
$table->setCellContents(0, 0, get_lang('Global'));
$table->setCellContents(0, 1, round($totalAverage / $total, 2).' %');
$result = $table->toHtml();
if ($cacheAvailable) {
apcu_store($variable, $result, 60);
}
echo $result;
break;
case 'access_detail':
// At this date : 23/02/2017, a minor review can't determine where is used this case 'access_detail'.
$user_id = (int) $_REQUEST['student'];
$course_code = Security::remove_XSS($_REQUEST['course']);
$type = Security::remove_XSS($_REQUEST['type']);
$range = Security::remove_XSS($_REQUEST['range']);
$sessionId = isset($_REQUEST['session_id']) ? $_REQUEST['session_id'] : 0;
$courseInfo = api_get_course_info($course_code);
if ($range == 1) {
$start_date = Security::remove_XSS($_REQUEST['sd']);
$end_date = Security::remove_XSS($_REQUEST['ed']);
$sql_result = MySpace::get_connections_to_course_by_date(
$user_id,
$courseInfo,
$sessionId,
$start_date,
$end_date
);
} else {
$sql_result = MySpace::get_connections_to_course(
$user_id,
$courseInfo,
$sessionId
);
}
$foo_print = MySpace::grapher($sql_result, $start_date, $end_date, $type);
echo $foo_print;
break;
case 'access_detail_by_date':
$export = isset($_REQUEST['export']) ? $_REQUEST['export'] : false;
$result = ['is_empty' => true];
$start_date = isset($_REQUEST['startDate']) ? $_REQUEST['startDate'] : '';
$end_date = isset($_REQUEST['endDate']) ? $_REQUEST['endDate'] : '';
$user_id = isset($_REQUEST['student']) ? $_REQUEST['student'] : '';
$course_code = isset($_REQUEST['course']) ? $_REQUEST['course'] : '';
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : '';
$sessionId = isset($_REQUEST['session_id']) ? $_REQUEST['session_id'] : 0;
$courseInfo = api_get_course_info($course_code);
$connections = MySpace::get_connections_to_course_by_date(
$user_id,
$courseInfo,
$sessionId,
$start_date,
$end_date,
true
);
if (is_array($connections) && count($connections) > 0) {
$result['is_empty'] = false;
$tableData = [];
foreach ($connections as $data) {
$item = [
api_get_local_time($data['login']),
api_time_to_hms(api_strtotime($data['logout']) - api_strtotime($data['login'])),
$data['user_ip'],
];
$tableData[] = $item;
}
$table = new SortableTableFromArray(
$tableData,
0,
500,
'stat_table',
null,
'stat_table'
);
$table->set_header(1, get_lang('LoginDate'), false);
$table->set_header(2, get_lang('Duration'), false);
$table->set_header(3, get_lang('IP'), false);
$result['result'] = $table->return_table();
if ($export) {
Export::arrayToXls($table->toArray());
exit;
}
$rst = MySpace::getStats(
$user_id,
$courseInfo,
$sessionId,
$start_date,
$end_date
);
$stats = '<strong>'.get_lang('Total').': </strong>'.$rst['total'].'<br />';
$stats .= '<strong>'.get_lang('Average').': </strong>'.$rst['avg'].'<br />';
$stats .= '<strong>'.get_lang('Quantity').' : </strong>'.$rst['times'].'<br />';
$result['stats'] = $stats;
$result['graph_result'] = MySpace::grapher($connections, $start_date, $end_date, $type);
} else {
$result['result'] = Display::return_message(
get_lang('NoDataAvailable'),
'warning'
);
$result['graph_result'] = Display::return_message(
get_lang('NoDataAvailable'),
'warning'
);
$result['stats'] = Display::return_message(
get_lang('NoDataAvailable'),
'warning'
);
}
header('Cache-Control: no-cache');
echo json_encode($result);
break;
case 'show_conditional_to_export_pdf':
$studentId = isset($_REQUEST['student']) ? (int) $_REQUEST['student'] : 0;
$sId = isset($_REQUEST['session_to_export']) ? (int) $_REQUEST['session_to_export'] : 0;
$form = new FormValidator(
'conditional_to_export_pdf',
'post',
api_get_path(WEB_CODE_PATH).'mySpace/session.php?'
.http_build_query(
[
'student' => $studentId,
'action' => 'export_to_pdf',
'type' => 'achievement',
'session_to_export' => $sId,
]
),
'',
[],
FormValidator::LAYOUT_INLINE
);
$form->addCheckBox('hide_connection_time', null, get_lang('HideConnectionTime'));
$form->addHtml('<br><br>');
$form->addButtonSave(get_lang('Generate'), 'submitLink');
$content = $form->returnForm();
echo $content;
break;
}
exit;

45
main/inc/ajax/online.ajax.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
/* For licensing terms, see /license.txt */
$_dont_save_user_course_access = true;
require_once __DIR__.'/../global.inc.php';
$action = isset($_GET['a']) ? $_GET['a'] : '';
switch ($action) {
case 'get_users_online':
echo returnNotificationMenu();
break;
case 'load_online_user':
$access = accessToWhoIsOnline();
if (!$access) {
exit;
}
$images_to_show = MAX_ONLINE_USERS;
$page = intval($_REQUEST['online_page_nr']);
$max_page = ceil(who_is_online_count() / $images_to_show);
$page_rows = ($page - 1) * MAX_ONLINE_USERS;
if (!empty($max_page) && $page <= $max_page) {
if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {
$user_list = who_is_online_in_this_course(
$page_rows,
$images_to_show,
api_get_user_id(),
api_get_setting('time_limit_whosonline'),
$_GET['cidReq']
);
} else {
$user_list = who_is_online($page_rows, $images_to_show);
}
if (!empty($user_list)) {
echo SocialManager::display_user_list($user_list, false);
exit;
}
}
echo 'end';
break;
default:
break;
}

39
main/inc/ajax/plugin.ajax.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
/* For licensing terms, see /license.txt */
use Michelf\MarkdownExtra;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
api_block_anonymous_users();
$action = $_REQUEST['a'];
switch ($action) {
case 'md_to_html':
$plugin = $_GET['plugin'] ?? '';
$appPlugin = new AppPlugin();
$pluginPaths = $appPlugin->read_plugins_from_path();
if (!in_array($plugin, $pluginPaths)) {
echo Display::return_message(get_lang('NotAllowed'), 'error', false);
exit;
}
$pluginInfo = $appPlugin->getPluginInfo($plugin);
$html = '';
if (!empty($pluginInfo)) {
$file = api_get_path(SYS_PLUGIN_PATH).$plugin.'/README.md';
if (file_exists($file)) {
$content = file_get_contents($file);
$html = MarkdownExtra::defaultTransform($content);
}
}
echo $html;
break;
}

79
main/inc/ajax/portfolio.ajax.php Normal file
View File

@@ -0,0 +1,79 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Entity\Portfolio;
use Chamilo\CoreBundle\Entity\PortfolioComment;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request as HttpRequest;
use Symfony\Component\HttpFoundation\Response;
require_once __DIR__.'/../global.inc.php';
$httpRequest = HttpRequest::createFromGlobals();
$action = $httpRequest->query->has('a') ? $httpRequest->query->get('a') : $httpRequest->request->get('a');
$currentUserId = api_get_user_id();
$currentUser = api_get_user_entity($currentUserId);
$em = Database::getManager();
$item = null;
$comment = null;
if ($httpRequest->query->has('item')) {
/** @var Portfolio $item */
$item = $em->find(
Portfolio::class,
$httpRequest->query->getInt('item')
);
}
if ($httpRequest->query->has('comment')) {
$comment = $em->find(
PortfolioComment::class,
$httpRequest->query->getInt('comment')
);
}
$httpResponse = Response::create();
switch ($action) {
case 'find_template':
if (!$item) {
$httpResponse->setStatusCode(Response::HTTP_NOT_FOUND);
break;
}
if (!$item->isTemplate() || $item->getUser() !== $currentUser) {
$httpResponse->setStatusCode(Response::HTTP_FORBIDDEN);
break;
}
$httpResponse = JsonResponse::create(
[
'title' => $item->getTitle(),
'content' => $item->getContent(),
]
);
break;
case 'find_template_comment':
if (!$comment) {
$httpResponse->setStatusCode(Response::HTTP_NOT_FOUND);
break;
}
if (!$comment->isTemplate() || $comment->getAuthor() !== $currentUser) {
$httpResponse->setStatusCode(Response::HTTP_FORBIDDEN);
break;
}
$httpResponse = JsonResponse::create(
[
'content' => $comment->getContent(),
]
);
break;
}
$httpResponse->send();

110
main/inc/ajax/record_audio_rtc.ajax.php Normal file
View File

@@ -0,0 +1,110 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
require_once __DIR__.'/../global.inc.php';
api_block_anonymous_users();
$courseInfo = api_get_course_info();
/** @var string $tool document or exercise */
$tool = isset($_REQUEST['tool']) ? $_REQUEST['tool'] : '';
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : 'document'; // can be document or message
if ($type === 'document') {
api_protect_course_script();
}
$userId = api_get_user_id();
if (!isset($_FILES['audio_blob'], $_REQUEST['audio_dir'])) {
if ($tool === 'exercise') {
header('Content-Type: application/json');
echo json_encode([
'error' => true,
'message' => Display::return_message(get_lang('UploadError'), 'error'),
]);
Display::cleanFlashMessages();
exit;
}
Display::addFlash(Display::return_message(get_lang('UploadError'), 'error'));
exit;
}
$file = isset($_FILES['audio_blob']) ? $_FILES['audio_blob'] : [];
$file['file'] = $file;
$audioDir = Security::remove_XSS($_REQUEST['audio_dir']);
switch ($type) {
case 'document':
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$courseInfo['path'].'/document';
$saveDir = $dirBaseDocuments.$audioDir;
if (!is_dir($saveDir)) {
mkdir($saveDir, api_get_permissions_for_new_directories(), true);
}
if (empty($audioDir)) {
$audioDir = '/';
}
$uploadedDocument = DocumentManager::upload_document(
$file,
$audioDir,
$file['name'],
null,
0,
'overwrite',
false,
in_array($tool, ['document', 'exercise']),
'file',
true,
api_get_user_id(),
$courseInfo,
api_get_session_id(),
api_get_group_id(),
'exercise' === $tool
);
$error = empty($uploadedDocument) || !is_array($uploadedDocument);
if (!$error) {
$newDocId = $uploadedDocument['id'];
$courseId = $uploadedDocument['c_id'];
/** @var learnpath $lp */
$lp = Session::read('oLP');
$lpItemId = isset($_REQUEST['lp_item_id']) && !empty($_REQUEST['lp_item_id']) ? $_REQUEST['lp_item_id'] : null;
if (!empty($lp) && empty($lpItemId)) {
$lp->set_modified_on();
$lpItem = new learnpathItem($lpItemId);
$lpItem->add_audio_from_documents($newDocId);
}
$data = DocumentManager::get_document_data_by_id($newDocId, $courseInfo['code']);
if ($tool === 'exercise') {
header('Content-Type: application/json');
echo json_encode([
'error' => $error,
'message' => Display::getFlashToString(),
'fileUrl' => $data['document_url'],
]);
Display::cleanFlashMessages();
exit;
}
echo $data['document_url'];
}
break;
case 'message':
Session::write('current_audio_id', $file['name']);
api_upload_file('audio_message', $file, api_get_user_id());
break;
}

155
main/inc/ajax/record_audio_wami.ajax.php Normal file
View File

@@ -0,0 +1,155 @@
<?php
/* For licensing terms, see /license.txt */
use ChamiloSession as Session;
require_once __DIR__.'/../global.inc.php';
// Add security from Chamilo
api_block_anonymous_users();
$_course = api_get_course_info();
// Save the audio to a URL-accessible directory for playback.
parse_str($_SERVER['QUERY_STRING'], $params);
if (isset($params['waminame']) && isset($params['wamidir']) && isset($params['wamiuserid'])) {
$waminame = $params['waminame'];
$wamidir = $params['wamidir'];
$wamiuserid = $params['wamiuserid'];
} else {
api_not_allowed();
exit();
}
if (empty($wamiuserid)) {
api_not_allowed();
exit();
}
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : 'document'; // can be document or message
if ($type === 'document') {
api_protect_course_script();
}
// Clean
$waminame = Security::remove_XSS($waminame);
$waminame = Database::escape_string($waminame);
$waminame = api_replace_dangerous_char($waminame);
$waminame = disable_dangerous_file($waminame);
$wamidir = Security::remove_XSS($wamidir);
$content = file_get_contents('php://input');
if (empty($content)) {
exit;
}
$ext = explode('.', $waminame);
$ext = strtolower($ext[sizeof($ext) - 1]);
if ($ext != 'wav') {
exit();
}
switch ($type) {
case 'document':
// Do not use here check Fileinfo method because return: text/plain
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
$saveDir = $dirBaseDocuments.$wamidir;
if (!is_dir($saveDir)) {
DocumentManager::createDefaultAudioFolder($_course);
}
// Avoid duplicates
$waminame_to_save = $waminame;
$documentPath = $saveDir.'/'.$waminame_to_save;
// Add to disk
$fh = fopen($documentPath, 'w') or exit("can't open file");
fwrite($fh, $content);
fclose($fh);
$fileInfo = pathinfo($documentPath);
$courseInfo = api_get_course_info();
$file = [
'file' => [
'name' => $fileInfo['basename'],
'tmp_name' => $documentPath,
'size' => filesize($documentPath),
'type' => 'audio/wav',
'from_file' => true,
],
];
$output = true;
ob_start();
// Strangely the file path changes with a double extension
copy($documentPath, $documentPath.'.wav');
$documentData = DocumentManager::upload_document(
$file,
$wamidir,
$fileInfo['basename'],
'wav',
0,
'overwrite',
false,
$output
);
$contents = ob_get_contents();
if (!empty($documentData)) {
$newDocId = $documentData['id'];
$documentData['comment'] = 'mp3';
$newMp3DocumentId = DocumentManager::addAndConvertWavToMp3(
$documentData,
$courseInfo,
api_get_session_id(),
api_get_user_id(),
'overwrite',
true
);
if ($newMp3DocumentId) {
$newDocId = $newMp3DocumentId;
}
if (isset($_REQUEST['lp_item_id']) && !empty($_REQUEST['lp_item_id'])) {
$lpItemId = $_REQUEST['lp_item_id'];
/** @var learnpath $lp */
$lp = Session::read('oLP');
if (!empty($lp)) {
$lp->set_modified_on();
$lpItem = new learnpathItem($lpItemId);
$lpItem->add_audio_from_documents($newDocId);
echo Display::return_message(get_lang('Updated'), 'info');
}
}
// Strangely the file path changes with a double extension
// Remove file with one extension
unlink($documentPath);
} else {
echo $contents;
}
break;
case 'message':
$tempFile = api_get_path(SYS_ARCHIVE_PATH).$waminame;
file_put_contents($tempFile, $content);
Session::write('current_audio_id', $waminame);
$file = [
'name' => basename($tempFile),
'tmp_name' => $tempFile,
'size' => filesize($tempFile),
'type' => 'audio/wav',
'move_file' => true,
];
api_upload_file('audio_message', $file, api_get_user_id());
break;
}

474
main/inc/ajax/sequence.ajax.php Normal file
View File

@@ -0,0 +1,474 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Entity\Repository\SequenceRepository;
use Chamilo\CoreBundle\Entity\Repository\SequenceResourceRepository;
use Chamilo\CoreBundle\Entity\Sequence;
use Chamilo\CoreBundle\Entity\SequenceResource;
use ChamiloSession as Session;
use Fhaculty\Graph\Graph;
use Fhaculty\Graph\Vertex;
use Graphp\GraphViz\GraphViz;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'] ?? null;
$id = (int) ($_REQUEST['id'] ?? null);
$type = (int) ($_REQUEST['type'] ?? null);
$sequenceId = $_REQUEST['sequence_id'] ?? 0;
$em = Database::getManager();
/** @var SequenceRepository $sequenceRepository */
$sequenceRepository = $em->getRepository(Sequence::class);
/** @var SequenceResourceRepository $sequenceResourceRepository */
$sequenceResourceRepository = $em->getRepository(SequenceResource::class);
switch ($action) {
case 'graph':
api_block_anonymous_users();
/** @var Sequence $sequence */
$sequence = $sequenceRepository->find($sequenceId);
if (null === $sequence) {
exit;
}
if ($sequence->hasGraph()) {
$graph = $sequence->getUnSerializeGraph();
$graph->setAttribute('graphviz.node.fontname', 'arial');
$graphviz = new GraphViz();
$graphImage = '';
try {
$graphImage = $graphviz->createImageSrc($graph);
echo Display::img(
$graphImage,
get_lang('GraphDependencyTree'),
['class' => 'center-block img-responsive'],
false
);
} catch (UnexpectedValueException $e) {
error_log(
$e->getMessage()
.' - Graph could not be rendered in resources sequence'
.' because GraphViz command "dot" could not be executed '
.'- Make sure graphviz is installed.'
);
echo '<p class="text-center"><small>'.get_lang('MissingChartLibraryPleaseCheckLog')
.'</small></p>';
}
}
break;
case 'get_icon':
api_block_anonymous_users();
api_protect_admin_script();
$showDelete = $_REQUEST['show_delete'] ?? false;
$image = Display::return_icon('item-sequence.png', null, null, ICON_SIZE_LARGE);
if (empty($id)) {
exit;
}
$link = '';
$linkDelete = $linkUndo = '';
$resourceName = '';
switch ($type) {
case SequenceResource::SESSION_TYPE:
$resourceData = api_get_session_info($id);
if ($resourceData) {
$resourceName = $resourceData['name'];
}
break;
case SequenceResource::COURSE_TYPE:
$resourceData = api_get_course_info_by_id($id);
if ($resourceData) {
$resourceName = $resourceData['name'];
}
break;
}
if (empty($resourceData)) {
exit;
}
if ($showDelete) {
$linkDelete = Display::toolbarButton(
get_lang('Delete'),
'#',
'trash',
'default',
[
'class' => 'delete_vertex btn btn-block btn-xs',
'data-id' => $id,
]
);
$linkUndo = Display::toolbarButton(
get_lang('Undo'),
'#',
'undo',
'default',
[
'class' => 'undo_delete btn btn-block btn-xs',
'style' => 'display: none;',
'data-id' => $id,
]
);
}
$link = '<div class="parent" data-id="'.$id.'">';
$link .= '<div class="big-icon">';
$link .= $image;
$link .= '<div class="sequence-course">'.$resourceName.'</div>';
$link .= Display::tag(
'button',
$resourceName,
[
'class' => 'sequence-id',
'title' => get_lang('UseAsReference'),
'type' => 'button',
]
);
$link .= $linkDelete;
$link .= $linkUndo;
$link .= '</div></div>';
echo $link;
break;
case 'delete_vertex':
api_block_anonymous_users();
api_protect_admin_script();
$vertexId = $_REQUEST['vertex_id'] ?? null;
/** @var Sequence $sequence */
$sequence = $sequenceRepository->find($sequenceId);
if (null === $sequence) {
exit;
}
/** @var SequenceResource $sequenceResource */
$sequenceResource = $sequenceResourceRepository->findOneBy(
['resourceId' => $id, 'type' => $type, 'sequence' => $sequence]
);
if (null === $sequenceResource) {
exit;
}
if ($sequenceResource->getSequence()->hasGraph()) {
$graph = $sequenceResource->getSequence()->getUnSerializeGraph();
if ($graph->hasVertex($vertexId)) {
$edgeIterator = $graph->getEdges()->getIterator();
$edgeToDelete = null;
foreach ($edgeIterator as $edge) {
if ($edge->getVertexStart()->getId() == $vertexId && $edge->getVertexEnd()->getId() == $id) {
$edgeToDelete = $edge;
$vertexFromTo = null;
$vertexToFrom = null;
foreach ($edgeIterator as $edges) {
if ((int) $edges->getVertexEnd()->getId() === (int) $id) {
$vertexFromTo = $edges;
}
if ((int) $edges->getVertexStart()->getId() === (int) $vertexId) {
$vertexToFrom = $edges;
}
}
if ($vertexFromTo && !$vertexToFrom) {
Session::write('sr_vertex', true);
$vertex = $graph->getVertex($id);
$vertex->destroy();
$em->remove($sequenceResource);
}
if ($vertexToFrom && $vertexFromTo) {
$vertex = $graph->getVertex($vertexId);
$edgeToDelete->destroy();
}
if ($vertexToFrom && !$vertexFromTo) {
$vertex = $graph->getVertex($vertexId);
$vertex->destroy();
$sequenceResourceToDelete = $sequenceResourceRepository->findOneBy(
[
'resourceId' => $vertexId,
'type' => $type,
'sequence' => $sequence,
]
);
$em->remove($sequenceResourceToDelete);
}
if (!$vertexToFrom && !$vertexFromTo) {
Session::write('sr_vertex', true);
$vertexTo = $graph->getVertex($id);
$vertexFrom = $graph->getVertex($vertexId);
if ($vertexTo->getVerticesEdgeFrom()->count() > 1) {
$vertexFrom->destroy();
$sequenceResourceToDelete = $sequenceResourceRepository->findOneBy(
[
'resourceId' => $vertexId,
'type' => $type,
'sequence' => $sequence,
]
);
$em->remove($sequenceResourceToDelete);
} else {
$vertexTo->destroy();
$vertexFrom->destroy();
$sequenceResourceToDelete = $sequenceResourceRepository->findOneBy(
[
'resourceId' => $vertexId,
'type' => $type,
'sequence' => $sequence,
]
);
$em->remove($sequenceResource);
$em->remove($sequenceResourceToDelete);
}
}
}
}
$sequence->setGraphAndSerialize($graph);
$em->merge($sequence);
$em->flush();
}
}
break;
case 'load_resource':
api_block_anonymous_users();
api_protect_admin_script();
// children or parent
$loadResourceType = $_REQUEST['load_resource_type'] ?? null;
/** @var Sequence $sequence */
$sequence = $sequenceRepository->find($sequenceId);
if (empty($sequence)) {
exit;
}
/** @var SequenceResource $sequenceResource */
$sequenceResource = $sequenceResourceRepository->findOneBy(
['resourceId' => $id, 'type' => $type, 'sequence' => $sequence]
);
if (null === $sequenceResource) {
exit;
}
if ($sequenceResource->hasGraph()) {
$graph = $sequenceResource->getSequence()->getUnSerializeGraph();
/** @var Vertex $mainVertice */
if ($graph->hasVertex($id)) {
$mainVertex = $graph->getVertex($id);
if (!empty($mainVertex)) {
$vertexList = null;
switch ($loadResourceType) {
case 'parent':
$vertexList = $mainVertex->getVerticesEdgeFrom();
break;
case 'children':
$vertexList = $mainVertex->getVerticesEdgeTo();
break;
}
$list = [];
if (!empty($vertexList)) {
foreach ($vertexList as $vertex) {
$list[] = $vertex->getId();
}
}
if (!empty($list)) {
echo implode(',', $list);
}
}
}
}
break;
case 'save_resource':
api_block_anonymous_users();
api_protect_admin_script();
$parents = $_REQUEST['parents'] ?? '';
if (empty($parents) || empty($sequenceId) || empty($type)) {
exit;
}
/** @var Sequence $sequence */
$sequence = $sequenceRepository->find($sequenceId);
if (null === $sequence) {
exit;
}
/*$vertexFromSession = Session::read('sr_vertex');
if ($vertexFromSession) {
Session::erase('sr_vertex');
echo Display::return_message(get_lang('Saved'), 'success');
break;
}*/
$parents = str_replace($id, '', $parents);
$parents = explode(',', $parents);
$parents = array_filter($parents);
if ($sequence->hasGraph()) {
$graph = $sequence->getUnSerializeGraph();
} else {
$graph = new Graph();
}
if ($graph->hasVertex($id)) {
$main = $graph->getVertex($id);
} else {
$main = $graph->createVertex($id);
}
$item = $sequenceRepository->getItem($id, $type);
$main->setAttribute('graphviz.shape', 'record');
$main->setAttribute('graphviz.label', $item->getName());
foreach ($parents as $parentId) {
$item = $sequenceRepository->getItem($parentId, $type);
if ($graph->hasVertex($parentId)) {
$parent = $graph->getVertex($parentId);
if (!$parent->hasEdgeTo($main)) {
$newEdge = $parent->createEdgeTo($main);
}
} else {
$parent = $graph->createVertex($parentId);
$newEdge = $parent->createEdgeTo($main);
}
$parent->setAttribute('graphviz.shape', 'record');
$parent->setAttribute('graphviz.label', $item->getName());
}
foreach ($parents as $parentId) {
$sequenceResourceParent = $sequenceResourceRepository->findOneBy(
['resourceId' => $parentId, 'type' => $type, 'sequence' => $sequence]
);
if (empty($sequenceResourceParent)) {
$sequenceResourceParent = new SequenceResource();
$sequenceResourceParent
->setSequence($sequence)
->setType($type)
->setResourceId($parentId);
$em->persist($sequenceResourceParent);
}
}
/** @var SequenceResource $sequenceResource */
$sequenceResource = $sequenceResourceRepository->findOneBy(
['resourceId' => $id, 'type' => $type, 'sequence' => $sequence]
);
if (null === $sequenceResource) {
// Create
$sequence->setGraphAndSerialize($graph);
$sequenceResource = new SequenceResource();
$sequenceResource
->setSequence($sequence)
->setType($type)
->setResourceId($id);
} else {
// Update
$sequenceResource->getSequence()->setGraphAndSerialize($graph);
}
$em->persist($sequenceResource);
$em->flush();
echo Display::return_message(get_lang('Saved'), 'success');
break;
case 'get_requirements':
case 'get_dependents':
$sessionId = isset($_REQUEST['sid']) ? (int) $_REQUEST['sid'] : 0;
$userId = api_get_user_id();
$resourceName = '';
$template = '';
switch ($type) {
case SequenceResource::SESSION_TYPE:
$resourceData = api_get_session_info($id);
$resourceName = $resourceData['name'];
$template = 'session_requirements.tpl';
break;
case SequenceResource::COURSE_TYPE:
$resourceData = api_get_course_info_by_id($id);
$resourceName = $resourceData['title'];
$template = 'course_requirements.tpl';
break;
}
if (empty($resourceData) || empty($template)) {
exit;
}
if ('get_requirements' === $action) {
$sequences = $sequenceResourceRepository->getRequirements($id, $type);
$sequenceList = $sequenceResourceRepository->checkRequirementsForUser($sequences, $type, $userId, $sessionId);
$allowSubscription = $sequenceResourceRepository->checkSequenceAreCompleted($sequenceList);
} else {
$sequences = $sequenceResourceRepository->getDependents($id, $type);
$sequenceList = $sequenceResourceRepository->checkDependentsForUser($sequences, $type, $userId, $sessionId);
$allowSubscription = $sequenceResourceRepository->checkSequenceAreCompleted(
$sequenceList,
SequenceResourceRepository::VERTICES_TYPE_DEP
);
}
$view = new Template(null, false, false, false, false, false);
$view->assign('sequences', $sequenceList);
$view->assign('sequence_type', $type);
$view->assign('allow_subscription', $allowSubscription);
$view->assign(
'item_type',
'get_requirements' === $action
? SequenceResourceRepository::VERTICES_TYPE_REQ
: SequenceResourceRepository::VERTICES_TYPE_DEP
);
$course = api_get_course_entity();
if ($course) {
$view->assign(
'current_requirement_is_completed',
$sequenceResourceRepository->checkCourseRequirements($userId, $course, $sessionId)
);
}
if ($allowSubscription) {
$view->assign(
'subscribe_button',
CoursesAndSessionsCatalog::getRegisteredInSessionButton(
$id,
$resourceName,
false
)
);
}
$view->display($view->get_template('sequence_resource/'.$template));
break;
}

471
main/inc/ajax/session.ajax.php Normal file
View File

@@ -0,0 +1,471 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\UserBundle\Entity\User;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'];
switch ($action) {
case 'get_user_sessions':
if (api_is_platform_admin() || api_is_session_admin()) {
$user_id = (int) $_POST['user_id'];
$list_sessions = SessionManager::get_sessions_by_user($user_id, true);
if (!empty($list_sessions)) {
foreach ($list_sessions as $session_item) {
echo $session_item['session_name'].'<br />';
}
} else {
echo get_lang('NoSessionsForThisUser');
}
unset($list_sessions);
}
break;
case 'order':
api_protect_admin_script();
$allowOrder = api_get_configuration_value('session_list_order');
if ($allowOrder) {
$order = isset($_GET['order']) ? $_GET['order'] : [];
$order = json_decode($order);
if (!empty($order)) {
$table = Database::get_main_table(TABLE_MAIN_SESSION);
foreach ($order as $data) {
if (isset($data->order) && isset($data->id)) {
$orderId = (int) $data->order;
$sessionId = (int) $data->id;
$sql = "UPDATE $table SET position = $orderId WHERE id = $sessionId ";
Database::query($sql);
}
}
}
}
break;
case 'search_session':
if (api_is_platform_admin()) {
$sessions = SessionManager::get_sessions_list(
[
's.name' => [
'operator' => 'LIKE',
'value' => "%".$_REQUEST['q']."%",
],
]
);
$list = [
'items' => [],
];
if (empty($sessions)) {
echo json_encode([]);
break;
}
foreach ($sessions as $session) {
$list['items'][] = [
'id' => $session['id'],
'text' => $session['name'],
];
}
echo json_encode($list);
}
break;
case 'search_session_all':
if (api_is_platform_admin()) {
$results = SessionManager::get_sessions_list(
[
's.name' => ['operator' => 'like', 'value' => "%".$_REQUEST['q']."%"],
'c.id' => ['operator' => '=', 'value' => $_REQUEST['course_id']],
]
);
$results2 = [];
if (!empty($results)) {
foreach ($results as $item) {
$item2 = [];
foreach ($item as $id => $internal) {
if ($id == 'id') {
$item2[$id] = $internal;
}
if ($id == 'name') {
$item2['text'] = $internal;
}
}
$results2[] = $item2;
}
$results2[] = ['T', 'text' => 'TODOS', 'id' => 'T'];
echo json_encode($results2);
} else {
echo json_encode([['T', 'text' => 'TODOS', 'id' => 'T']]);
}
}
break;
case 'search_session_by_course':
if (api_is_platform_admin()) {
$results = SessionManager::get_sessions_list(
[
's.name' => ['operator' => 'like', 'value' => "%".$_REQUEST['q']."%"],
'c.id' => ['operator' => '=', 'value' => $_REQUEST['course_id']],
]
);
$json = [
'items' => [
['id' => 'T', 'text' => get_lang('All')],
],
];
if (!empty($results)) {
foreach ($results as $item) {
$item2 = [];
foreach ($item as $id => $internal) {
if ($id == 'id') {
$item2[$id] = $internal;
}
if ($id == 'name') {
$item2['text'] = $internal;
}
}
$json['items'][] = $item2;
}
}
echo json_encode($json);
}
break;
case 'session_info':
$sessionId = isset($_GET['session_id']) ? $_GET['session_id'] : '';
$sessionInfo = api_get_session_info($sessionId);
$extraFieldValues = new ExtraFieldValue('session');
$extraField = new ExtraField('session');
$values = $extraFieldValues->getAllValuesByItem($sessionId);
$load = isset($_GET['load_empty_extra_fields']) ? true : false;
if ($load) {
$allExtraFields = $extraField->get_all();
$valueList = array_column($values, 'id');
foreach ($allExtraFields as $extra) {
if (!in_array($extra['id'], $valueList)) {
$values[] = [
'id' => $extra['id'],
'variable' => $extra['variable'],
'value' => '',
'field_type' => $extra['field_type'],
];
}
}
}
$sessionInfo['extra_fields'] = $values;
if (!empty($sessionInfo)) {
echo json_encode($sessionInfo);
}
break;
case 'get_description':
if (isset($_GET['session'])) {
$sessionInfo = api_get_session_info($_GET['session']);
echo '<h2>'.$sessionInfo['name'].'</h2>';
echo '<div class="home-course-intro"><div class="page-course"><div class="page-course-intro">';
echo $sessionInfo['show_description'] == 1 ? $sessionInfo['description'] : get_lang('None');
echo '</div></div></div>';
}
break;
case 'search_general_coach':
SessionManager::protectSession(null, false);
api_protect_limit_for_session_admin();
if (api_is_anonymous()) {
echo '';
break;
}
$list = [
'items' => [],
];
$usersRepo = UserManager::getRepository();
$users = $usersRepo->searchUsersByStatus($_GET['q'], COURSEMANAGER, api_get_current_access_url_id());
/** @var User $user */
foreach ($users as $user) {
$list['items'][] = [
'id' => $user->getId(),
'text' => UserManager::formatUserFullName($user),
];
}
header('Content-Type: application/json');
echo json_encode($list);
break;
case 'get_courses_inside_session':
$userId = api_get_user_id();
$isAdmin = api_is_platform_admin();
if ($isAdmin) {
$sessionList = SessionManager::get_sessions_list();
$sessionIdList = array_column($sessionList, 'id');
} else {
$sessionList = SessionManager::get_sessions_by_user($userId);
$sessionIdList = array_column($sessionList, 'session_id');
}
$sessionId = isset($_GET['session_id']) ? (int) $_GET['session_id'] : 0;
$courseList = [];
if (empty($sessionId)) {
$preCourseList = CourseManager::get_courses_list_by_user_id(
$userId,
false,
true
);
$courseList = array_column($preCourseList, 'real_id');
} else {
if ($isAdmin) {
$courseList = SessionManager::getCoursesInSession($sessionId);
} else {
if (in_array($sessionId, $sessionIdList)) {
$courseList = SessionManager::getCoursesInSession($sessionId);
}
}
}
$courseListToSelect = [];
if (!empty($courseList)) {
// Course List
foreach ($courseList as $courseId) {
$courseInfo = api_get_course_info_by_id($courseId);
$courseListToSelect[] = [
'id' => $courseInfo['real_id'],
'name' => $courseInfo['title'],
];
}
}
echo json_encode($courseListToSelect);
break;
case 'get_basic_course_documents_list':
case 'get_basic_course_documents_form':
$courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
$sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
$currentUserId = api_get_user_id();
$em = Database::getManager();
$course = $em->find('ChamiloCoreBundle:Course', $courseId);
$session = $em->find('ChamiloCoreBundle:Session', $sessionId);
if (!$course || !$session) {
break;
}
if (!api_is_platform_admin(true) || $session->getSessionAdminId() != $currentUserId) {
break;
}
$folderName = '/basic-course-documents__'.$session->getId().'__0';
if ('get_basic_course_documents_list' === $action) {
$courseInfo = api_get_course_info_by_id($course->getId());
$exists = DocumentManager::folderExists('/basic-course-documents', $courseInfo, $session->getId(), 0);
if (!$exists) {
$courseDir = $courseInfo['directory'].'/document';
$baseWorkDir = api_get_path(SYS_COURSE_PATH).$courseDir;
$newFolderData = create_unexisting_directory(
$courseInfo,
$currentUserId,
$session->getId(),
0,
0,
$baseWorkDir,
'/basic-course-documents',
get_lang('BasicCourseDocuments'),
1
);
$id = (int) $newFolderData['iid'];
} else {
$id = DocumentManager::get_document_id($courseInfo, $folderName, $session->getId());
}
$http_www = api_get_path(WEB_COURSE_PATH).$courseInfo['directory'].'/document';
$documentAndFolders = DocumentManager::getAllDocumentData(
$courseInfo,
$folderName,
0,
0,
false,
false,
$session->getId()
);
$documentAndFolders = array_filter(
$documentAndFolders,
function (array $documentData) {
return $documentData['filetype'] != 'folder';
}
);
$documentAndFolders = array_map(
function (array $documentData) use ($course, $session, $folderName) {
$downloadUrl = api_get_path(WEB_CODE_PATH).'document/document.php?'
.api_get_cidreq_params($course->getCode(), $session->getId()).'&'
.http_build_query(['action' => 'download', 'id' => $documentData['id']]);
$deleteUrl = api_get_path(WEB_AJAX_PATH).'session.ajax.php?'
.http_build_query(
[
'a' => 'delete_basic_course_documents',
'deleteid' => $documentData['id'],
'curdirpath' => $folderName,
'course' => $course->getId(),
'session' => $session->getId(),
]
);
$row = [];
$row[] = DocumentManager::build_document_icon_tag($documentData['filetype'], $documentData['path']);
$row[] = Display::url($documentData['title'], $downloadUrl);
$row[] = format_file_size($documentData['size']);
$row[] = date_to_str_ago($documentData['lastedit_date']).PHP_EOL
.'<div class="muted"><small>'
.api_get_local_time($documentData['lastedit_date'])
."</small></div>";
$row[] = Display::url(
Display::return_icon('save.png', get_lang('Download')),
$downloadUrl
)
.PHP_EOL
.Display::url(
Display::return_icon('delete.png', get_lang('Delete')),
$deleteUrl,
[
'class' => 'delete_document',
'data-course' => $course->getId(),
'data-session' => $session->getId(),
]
);
return $row;
},
$documentAndFolders
);
$table = new SortableTableFromArray($documentAndFolders, 1, 20, $folderName);
$table->set_header(0, get_lang('Type'), false, [], ['class' => 'text-center', 'width' => '60px']);
$table->set_header(1, get_lang('Name'), false);
$table->set_header(2, get_lang('Size'), false, [], ['class' => 'text-right', 'style' => 'width: 80px;']);
$table->set_header(3, get_lang('Date'), false, [], ['class' => 'text-center', 'style' => 'width: 200px;']);
$table->set_header(4, get_lang('Actions'), false, [], ['class' => 'text-center']);
$table->display();
}
if ('get_basic_course_documents_form' === $action) {
$form = new FormValidator('get_basic_course_documents_form_'.$session->getId());
$form->addMultipleUpload(
api_get_path(WEB_AJAX_PATH).'document.ajax.php?'
.api_get_cidreq_params($course->getCode(), $session->getId())
.'&a=upload_file&curdirpath='.$folderName,
''
);
$form->display();
}
break;
case 'delete_basic_course_documents':
$curdirpath = isset($_GET['curdirpath']) ? Security::remove_XSS($_GET['curdirpath']) : null;
$docId = isset($_GET['deleteid']) ? (int) $_GET['deleteid'] : 0;
$courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
$sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
if (empty($curdirpath) || empty($docId) || empty($courseId) || empty($sessionId)) {
break;
}
$em = Database::getManager();
$courseInfo = api_get_course_info_by_id($courseId);
$session = $em->find('ChamiloCoreBundle:Session', $sessionId);
$currentUserId = api_get_user_id();
if (empty($courseInfo) || !$session) {
break;
}
if (!api_is_platform_admin(true) || $session->getSessionAdminId() != $currentUserId) {
break;
}
$sysCoursePath = api_get_path(SYS_COURSE_PATH);
$courseDir = $courseInfo['directory'].'/document';
$baseWorkDir = $sysCoursePath.$courseDir;
$documentInfo = DocumentManager::get_document_data_by_id(
$docId,
$courseInfo['code'],
false,
$session->getId()
);
if (empty($documentInfo)) {
break;
}
if ($documentInfo['filetype'] != 'link') {
$deletedDocument = DocumentManager::delete_document(
$courseInfo,
null,
$baseWorkDir,
$session->getId(),
$docId
);
} else {
$deletedDocument = DocumentManager::deleteCloudLink(
$courseInfo,
$docId
);
}
if (!$deletedDocument) {
break;
}
echo true;
break;
case 'search_template_session':
SessionManager::protectSession(null, false);
api_protect_limit_for_session_admin();
if (empty($_GET['q'])) {
break;
}
$q = strtolower(trim($_GET['q']));
$list = array_map(
function ($session) {
return [
'id' => $session['id'],
'text' => strip_tags($session['name']),
];
},
SessionManager::formatSessionsAdminForGrid()
);
$list = array_filter(
$list,
function ($session) use ($q) {
$name = strtolower($session['text']);
return strpos($name, $q) !== false;
}
);
header('Content-Type: application/json');
echo json_encode(['items' => array_values($list)]);
break;
default:
echo '';
}
exit;

74
main/inc/ajax/session_clock.ajax.php Normal file
View File

@@ -0,0 +1,74 @@
<?php
require_once __DIR__.'/../../../vendor/autoload.php';
require_once __DIR__.'/../../../app/AppKernel.php';
$kernel = new AppKernel('', '');
// Check for 'action' parameter in the GET request
if (isset($_GET['action'])) {
$action = $_GET['action'];
if ($action == 'time') {
// Load the Chamilo configuration
$alreadyInstalled = false;
if (file_exists($kernel->getConfigurationFile())) {
require_once $kernel->getConfigurationFile();
$alreadyInstalled = true;
}
// Load the API library BEFORE loading the Chamilo configuration
require_once $_configuration['root_sys'].'main/inc/lib/api.lib.php';
if (api_get_configuration_value('session_lifetime_controller')) {
// Get the session
session_name('ch_sid');
session_start();
$session = new ChamiloSession();
$endTime = 0;
$isExpired = false;
$timeLeft = -1;
$currentTime = time();
// Existing code for time action
if ($alreadyInstalled && api_get_user_id()) {
$endTime = $session->end_time();
$isExpired = $session->is_expired();
} else {
// Chamilo not installed or user not logged in
$endTime = $currentTime + 315360000; // This sets a default end time far in the future
$isExpired = false;
}
$timeLeft = $endTime - $currentTime;
} else {
$endTime = 999999;
$isExpired = false;
$timeLeft = 999999;
}
if ($endTime > 0) {
echo json_encode(['sessionEndDate' => $endTime, 'sessionTimeLeft' => $timeLeft, 'sessionExpired' => $isExpired]);
} else {
http_response_code(500);
echo json_encode(['error' => 'Error retrieving data from the current session']);
}
} elseif ($action == 'logout') {
require_once __DIR__.'/../../../main/inc/global-min.inc.php';
$userId = api_get_user_id();
online_logout($userId, false);
echo json_encode(['message' => 'Logged out successfully']);
} else {
// Handle unexpected action value
http_response_code(400);
echo json_encode(['error' => 'Invalid action parameter']);
}
} else {
// No action provided
http_response_code(400);
echo json_encode(['error' => 'No action parameter provided']);
}

530
main/inc/ajax/skill.ajax.php Normal file
View File

@@ -0,0 +1,530 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
use Chamilo\SkillBundle\Entity\SkillRelCourse;
use Chamilo\SkillBundle\Entity\SkillRelItem;
require_once __DIR__.'/../global.inc.php';
$action = $_REQUEST['a'] ?? null;
api_block_anonymous_users();
Skill::isAllowed(api_get_user_id());
$skill = new Skill();
$gradebook = new Gradebook();
$skillGradeBook = new SkillRelGradebook();
$userId = api_get_user_id();
switch ($action) {
case 'add':
if (api_is_platform_admin() || api_is_drh()) {
if (!empty($_REQUEST['id'])) {
$skillId = $skill->edit($_REQUEST);
} else {
$skillId = $skill->add($_REQUEST);
}
}
echo $skillId;
break;
case 'delete_skill':
if (api_is_platform_admin() || api_is_drh()) {
echo $skill->delete($_REQUEST['skill_id']);
}
break;
case 'find_skills':
$returnSkills = [[
'items' => [],
]];
if (!empty($_REQUEST['q'])) {
$skills = $skill->find('all', ['where' => ['name LIKE %?% ' => $_REQUEST['q']]]);
foreach ($skills as $skill) {
$returnSkills['items'][] = [
'id' => $skill['id'],
'text' => $skill['name'],
];
}
}
header('Content-Type: application/json');
echo json_encode($returnSkills);
break;
case 'get_gradebooks':
$gradebooks = $gradebook_list = $gradebook->get_all();
$gradebook_list = [];
//Only course gradebook with certificate
if (!empty($gradebooks)) {
foreach ($gradebooks as $gradebook) {
if ($gradebook['parent_id'] == 0 &&
!empty($gradebook['certif_min_score']) &&
!empty($gradebook['document_id'])
) {
$gradebook_list[] = $gradebook;
}
}
}
echo json_encode($gradebook_list);
break;
case 'find_gradebooks':
$return = [];
if (!empty($_REQUEST['tag'])) {
$gradebooks = $gradebook->find('all', ['where' => ['name LIKE %?% ' => $_REQUEST['tag']]]);
foreach ($gradebooks as $item) {
$item['key'] = $item['name'];
$item['value'] = $item['id'];
$return[] = $item;
}
}
echo json_encode($return);
break;
case 'get_course_info_popup':
$courseInfo = api_get_course_info($_REQUEST['code']);
$courses = CourseManager::processHotCourseItem(
[
['c_id' => $courseInfo['real_id']],
]
);
Display::display_no_header();
Display::$global_template->assign('hot_courses', $courses);
$template = Display::$global_template->get_template('layout/hot_course_item_popup.tpl');
echo Display::$global_template->fetch($template);
break;
case 'gradebook_exists':
$data = $gradebook->get($_REQUEST['gradebook_id']);
if (!empty($data)) {
echo 1;
} else {
echo 0;
}
break;
case 'get_skills_by_profile':
$skillRelProfile = new SkillRelProfile();
$profile_id = $_REQUEST['profile_id'] ?? null;
$skills = $skillRelProfile->getSkillsByProfile($profile_id);
echo json_encode($skills);
break;
case 'get_saved_profiles':
$skillProfile = new SkillProfile();
$profiles = $skillProfile->get_all();
Display::display_no_header();
Display::$global_template->assign('profiles', $profiles);
$template = Display::$global_template->get_template('skill/profile_item.tpl');
echo Display::$global_template->fetch($template);
break;
case 'get_skills':
$loadUserData = $_REQUEST['load_user_data'] ?? null;
$id = intval($_REQUEST['id']);
$skills = $skill->get_all($loadUserData, false, $id);
echo json_encode($skills);
break;
case 'get_skill_info':
$id = $_REQUEST['id'] ?? null;
$skillInfo = $skill->getSkillInfo($id);
echo json_encode($skillInfo);
break;
case 'get_skill_course_info':
$id = $_REQUEST['id'] ?? null;
$skillInfo = $skill->getSkillInfo($id);
$courses = $skill->getCoursesBySkill($id);
$sessions = $skill->getSessionsBySkill($id);
$html = '';
if (!empty($courses) || !empty($sessions)) {
Display::display_no_header();
Display::$global_template->assign('skill', $skillInfo);
Display::$global_template->assign('courses', $courses);
Display::$global_template->assign('sessions', $sessions);
$template = Display::$global_template->get_template('skill/skill_info.tpl');
$html = Display::$global_template->fetch($template);
}
echo $html;
break;
case 'get_skills_tree_json':
header('Content-Type: application/json');
$userId = isset($_REQUEST['load_user']) && $_REQUEST['load_user'] == 1 ? api_get_user_id() : 0;
$skill_id = isset($_REQUEST['skill_id']) ? intval($_REQUEST['skill_id']) : 0;
$depth = isset($_REQUEST['main_depth']) ? intval($_REQUEST['main_depth']) : 2;
$all = $skill->getSkillsTreeToJson($userId, $skill_id, false, $depth);
echo $all;
break;
case 'get_user_skill':
$skillId = isset($_REQUEST['profile_id']) ? intval($_REQUEST['profile_id']) : 0;
$skill = $skill->userHasSkill($userId, $skillId);
if ($skill) {
echo 1;
} else {
echo 0;
}
break;
case 'get_all_user_skills':
if (strpos($_SERVER['HTTP_REFERER'], "/main/admin/skills_wheel.php") !== false) {
$userId = 0;
}
$skills = $skill->getUserSkills($userId, true);
echo json_encode($skills);
break;
case 'get_user_skills':
$skills = $skill->getUserSkills($userId, true);
Display::display_no_header();
Display::$global_template->assign('skills', $skills);
$template = Display::$global_template->get_template('skill/user_skills.tpl');
echo Display::$global_template->fetch($template);
break;
case 'get_gradebook_info':
$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$info = $gradebook->get($id);
echo json_encode($info);
break;
case 'load_children':
$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$load_user_data = $_REQUEST['load_user_data'] ?? null;
$skills = $skill->getChildren($id, $load_user_data);
$return = [];
foreach ($skills as $skill) {
if (!empty($skill['data'])) {
$return[$skill['data']['id']] = [
'id' => $skill['data']['id'],
'name' => $skill['data']['name'],
'passed' => $skill['data']['passed'],
];
}
}
$success = true;
if (empty($return)) {
$success = false;
}
$result = [
'success' => $success,
'data' => $return,
];
echo json_encode($result);
break;
case 'load_direct_parents':
$id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$skills = $skill->getDirectParents($id);
$return = [];
foreach ($skills as $skill) {
$return[$skill['data']['id']] = [
'id' => $skill['data']['id'],
'parent_id' => $skill['data']['parent_id'],
'name' => $skill['data']['name'],
];
}
echo json_encode($return);
break;
case 'profile_matches':
$skill_rel_user = new SkillRelUser();
$skills = !empty($_REQUEST['skill_id']) ? $_REQUEST['skill_id'] : [];
$total_skills_to_search = $skills;
$users = $skill_rel_user->getUserBySkills($skills);
$user_list = [];
$count_skills = count($skills);
$ordered_user_list = null;
if (!empty($users)) {
foreach ($users as $user) {
$user_info = api_get_user_info($user['user_id']);
$user_list[$user['user_id']]['user'] = $user_info;
$my_user_skills = $skill_rel_user->getUserSkills($user['user_id']);
$user_skill_list = [];
foreach ($my_user_skills as $skill_item) {
$user_skill_list[] = $skill_item['skill_id'];
}
$user_skills = [];
$found_counts = 0;
foreach ($skills as $skill_id) {
$found = false;
if (in_array($skill_id, $user_skill_list)) {
$found = true;
$found_counts++;
$user_skills[$skill_id] = ['skill_id' => $skill_id, 'found' => $found];
}
}
foreach ($my_user_skills as $my_skill) {
if (!isset($user_skills[$my_skill['skill_id']])) {
$user_skills[$my_skill['skill_id']] = [
'skill_id' => $my_skill['skill_id'],
'found' => false,
];
}
$total_skills_to_search[$my_skill['skill_id']] = $my_skill['skill_id'];
}
$user_list[$user['user_id']]['skills'] = $user_skills;
$user_list[$user['user_id']]['total_found_skills'] = $found_counts;
}
foreach ($user_list as $user_id => $user_data) {
$ordered_user_list[$user_data['total_found_skills']][] = $user_data;
}
if (!empty($ordered_user_list)) {
krsort($ordered_user_list);
}
}
Display::display_no_header();
Display::$global_template->assign('order_user_list', $ordered_user_list);
Display::$global_template->assign('total_search_skills', $count_skills);
$skill_list = [];
if (!empty($total_skills_to_search)) {
$total_skills_to_search = $skill->getSkillsInfo($total_skills_to_search);
foreach ($total_skills_to_search as $skill_info) {
$skill_list[$skill_info['id']] = $skill_info;
}
}
Display::$global_template->assign('skill_list', $skill_list);
$template = Display::$global_template->get_template('skill/profile.tpl');
echo Display::$global_template->fetch($template);
break;
case 'delete_gradebook_from_skill':
case 'remove_skill':
if (api_is_platform_admin() || api_is_drh()) {
if (!empty($_REQUEST['skill_id']) && !empty($_REQUEST['gradebook_id'])) {
$skill_item = $skillGradeBook->getSkillInfo(
$_REQUEST['skill_id'],
$_REQUEST['gradebook_id']
);
if (!empty($skill_item)) {
$skillGradeBook->delete($skill_item['id']);
echo 1;
} else {
echo 0;
}
} else {
echo 0;
}
}
break;
case 'get_profile':
$skillRelProfile = new SkillRelProfile();
$profileId = isset($_REQUEST['profile_id']) ? intval($_REQUEST['profile_id']) : null;
$profile = $skillRelProfile->getProfileInfo($profileId);
echo json_encode($profile);
break;
case 'save_profile':
if (api_is_platform_admin() || api_is_drh()) {
$skill_profile = new SkillProfile();
$params = $_REQUEST;
$params['skills'] = $params['skill_id'] ?? null;
$profileId = isset($_REQUEST['profile']) ? intval($_REQUEST['profile']) : null;
if ($profileId > 0) {
$skill_profile->updateProfileInfo(
$profileId,
$params['name'],
$params['description']
);
$skill_data = 1;
} else {
$skill_data = $skill_profile->save($params);
}
if (!empty($skill_data)) {
echo 1;
} else {
echo 0;
}
}
break;
case 'delete_profile':
if (api_is_platform_admin() || api_is_drh()) {
$profileId = $_REQUEST['profile'];
$skillProfile = new SkillProfile();
$isDeleted = $skillProfile->delete($profileId);
echo json_encode([
'status' => $isDeleted,
]);
}
break;
case 'skill_exists':
$skill_data = $skill->get($_REQUEST['skill_id']);
if (!empty($skill_data)) {
echo 1;
} else {
echo 0;
}
break;
case 'search_skills':
$returnSkills = [];
if (!empty($_REQUEST['q'])) {
$skills = $skill->find(
'all',
[
'where' => ['name LIKE %?% ' => $_REQUEST['q']],
]
);
foreach ($skills as $skill) {
$returnSkills[] = [
'id' => $skill['id'],
'text' => $skill['name'],
];
}
}
echo json_encode(['items' => $returnSkills]);
break;
case 'search_skills_in_course':
$courseId = isset($_REQUEST['course_id']) ? (int) $_REQUEST['course_id'] : 0;
$sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : null;
if (empty($courseId)) {
exit;
}
$em = Database::getManager();
$skills = $em->getRepository('ChamiloSkillBundle:SkillRelCourse')->findBy(
['course' => $courseId, 'session' => $sessionId]
);
$returnSkills = [];
/** @var SkillRelCourse $skill */
foreach ($skills as $skill) {
$returnSkills[] = [
'id' => $skill->getSkill()->getId(),
'text' => $skill->getSkill()->getName(),
];
}
echo json_encode([
'items' => $returnSkills,
]);
break;
case 'update_skill_rel_user':
$allowSkillInTools = api_get_configuration_value('allow_skill_rel_items');
if (empty($allowSkillInTools)) {
exit;
}
if (!api_is_allowed_to_edit()) {
exit;
}
$creatorId = api_get_user_id();
$typeId = isset($_REQUEST['type_id']) ? (int) $_REQUEST['type_id'] : 0;
$itemId = isset($_REQUEST['item_id']) ? (int) $_REQUEST['item_id'] : 0;
$skillId = isset($_REQUEST['skill_id']) ? (int) $_REQUEST['skill_id'] : 0;
$userId = isset($_REQUEST['user_id']) ? (int) $_REQUEST['user_id'] : 0;
$courseId = isset($_REQUEST['course_id']) ? (int) $_REQUEST['course_id'] : 0;
$sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : 0;
$resultId = isset($_REQUEST['result_id']) ? (int) $_REQUEST['result_id'] : 0;
if (!empty($typeId) && !empty($itemId) && !empty($skillId) && !empty($userId) && !empty($courseId)) {
$em = Database::getManager();
$user = api_get_user_entity($userId);
$skill = $em->getRepository('ChamiloCoreBundle:Skill')->find($skillId);
if (empty($user) || empty($skill)) {
exit;
}
$course = api_get_course_entity($courseId);
if (empty($course)) {
exit;
}
$session = $em->getRepository('ChamiloCoreBundle:Session')->find($sessionId);
/** @var SkillRelItem $skillRelItem */
$skillRelItem = $em->getRepository('ChamiloSkillBundle:SkillRelItem')->findOneBy(
['itemId' => $itemId, 'itemType' => $typeId, 'skill' => $skillId]
);
if ($skillRelItem) {
$criteria = [
'user' => $userId,
'skillRelItem' => $skillRelItem,
];
$skillRelItemRelUser = $em->getRepository('ChamiloSkillBundle:SkillRelItemRelUser')->findOneBy($criteria);
if ($skillRelItemRelUser) {
$em->remove($skillRelItemRelUser);
$em->flush();
$skillRelItemRelUser = null;
} else {
$skillRelItemRelUser = new Chamilo\SkillBundle\Entity\SkillRelItemRelUser();
$skillRelItemRelUser
->setUser($user)
->setSkillRelItem($skillRelItem)
->setResultId($resultId)
->setCreatedBy($creatorId)
->setUpdatedBy($creatorId);
$em->persist($skillRelItemRelUser);
$em->flush();
}
}
echo Skill::getUserSkillStatusLabel($skillRelItem, $skillRelItemRelUser, false, $userId);
}
break;
case 'assign_user_to_skill':
$allowSkillInTools = api_get_configuration_value('allow_skill_rel_items');
if (empty($allowSkillInTools)) {
exit;
}
if (!api_is_allowed_to_edit()) {
exit;
}
$skillId = isset($_REQUEST['skill_id']) ? (int) $_REQUEST['skill_id'] : 0;
$userId = isset($_REQUEST['user_id']) ? (int) $_REQUEST['user_id'] : 0;
$courseId = isset($_REQUEST['course_id']) ? (int) $_REQUEST['course_id'] : 0;
$sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : null;
if (empty($skillId) || empty($userId)) {
exit;
}
$em = Database::getManager();
$skillRepo = $em->getRepository('ChamiloCoreBundle:Skill');
$skill = $skillRepo->find($skillId);
$user = api_get_user_entity($userId);
if (empty($skill) || empty($user)) {
exit;
}
$skillUserRepo = $em->getRepository('ChamiloCoreBundle:SkillRelUser');
$criteria = [
'user' => $user,
'skill' => $skill,
];
$skillRelUsers = $skillUserRepo->findBy($criteria);
if (empty($skillRelUsers)) {
$skillUser = new \Chamilo\CoreBundle\Entity\SkillRelUser();
$skillUser->setUser($user);
$skillUser->setSkill($skill);
/*if ($showLevels) {
$level = $skillLevelRepo->find(intval($values['acquired_level']));
$skillUser->setAcquiredLevel($level);
}*/
$course = api_get_course_entity($courseId);
$skillUser->setCourse($course);
if (!empty($sessionId)) {
$session = $em->getRepository('ChamiloCoreBundle:Session')->find($sessionId);
$skillUser->setSession($session);
}
$skillUser->setArgumentation('');
$skillUser->setArgumentationAuthorId(api_get_user_id());
$skillUser->setAcquiredSkillAt(new DateTime());
$skillUser->setAssignedBy(0);
$em->persist($skillUser);
$em->flush();
$result = 'success';
} else {
foreach ($skillRelUsers as $skillRelUser) {
$em->remove($skillRelUser);
}
$em->flush();
$result = 'danger';
}
echo $result;
break;
default:
echo '';
}
exit;

465
main/inc/ajax/social.ajax.php Normal file
View File

@@ -0,0 +1,465 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CoreBundle\Entity\Message;
use Chamilo\CoreBundle\Entity\MessageFeedback;
use ChamiloSession as Session;
use Symfony\Component\HttpFoundation\JsonResponse;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$action = isset($_GET['a']) ? $_GET['a'] : null;
$current_user_id = api_get_user_id();
switch ($action) {
case 'add_friend':
if (api_is_anonymous()) {
echo '';
break;
}
if (Security::check_token('get', null, 'invitation')) {
$relation_type = USER_RELATION_TYPE_UNKNOWN; //Unknown contact
if (isset($_GET['is_my_friend'])) {
$relation_type = USER_RELATION_TYPE_FRIEND; //My friend
}
if (isset($_GET['friend_id'])) {
$my_current_friend = (int) $_GET['friend_id'];
if (SocialManager::hasInvitationByUser($current_user_id, $my_current_friend)) {
UserManager::relate_users($current_user_id, $my_current_friend, $relation_type);
UserManager::relate_users($my_current_friend, $current_user_id, $relation_type);
SocialManager::invitation_accepted($my_current_friend, $current_user_id);
Display::addFlash(
Display::return_message(get_lang('AddedContactToList'), 'success')
);
}
}
}
header('Location: '.api_get_path(WEB_CODE_PATH).'social/invitations.php');
exit;
case 'deny_friend':
if (api_is_anonymous()) {
echo '';
break;
}
if (Security::check_token('get', null, 'invitation')) {
$relation_type = USER_RELATION_TYPE_UNKNOWN; //Contact unknown
if (isset($_GET['is_my_friend'])) {
$relation_type = USER_RELATION_TYPE_FRIEND; //my friend
}
if (isset($_GET['denied_friend_id'])) {
SocialManager::invitation_denied($_GET['denied_friend_id'], $current_user_id);
Display::addFlash(
Display::return_message(get_lang('InvitationDenied'), 'success')
);
}
}
header('Location: '.api_get_path(WEB_CODE_PATH).'social/invitations.php');
exit;
case 'delete_friend':
if (api_is_anonymous()) {
echo '';
break;
}
if (!Security::check_token('post', null, 'social')) {
exit;
}
if (isset($_POST['delete_friend_id'])) {
$my_delete_friend = (int) $_POST['delete_friend_id'];
SocialManager::remove_user_rel_user($my_delete_friend);
JsonResponse::create([
'secToken' => Security::get_token('social'),
])->send();
break;
}
break;
case 'show_my_friends':
if (api_is_anonymous()) {
echo '';
break;
}
$user_id = api_get_user_id();
$name_search = Security::remove_XSS($_POST['search_name_q']);
if (isset($name_search) && $name_search != 'undefined') {
$friends = SocialManager::get_friends($user_id, null, $name_search);
} else {
$friends = SocialManager::get_friends($user_id);
}
$friend_html = '';
$number_of_images = 8;
$number_friends = count($friends);
if ($number_friends != 0) {
$number_loop = $number_friends / $number_of_images;
$loop_friends = ceil($number_loop);
$j = 0;
for ($k = 0; $k < $loop_friends; $k++) {
if ($j == $number_of_images) {
$number_of_images = $number_of_images * 2;
}
while ($j < $number_of_images) {
if (isset($friends[$j])) {
$friend = $friends[$j];
$user_name = api_xml_http_response_encode($friend['firstName'].' '.$friend['lastName']);
$userPicture = UserManager::getUserPicture($friend['friend_user_id']);
$friend_html .= '
<div class="col-md-3">
<div class="thumbnail text-center" id="div_'.$friends[$j]['friend_user_id'].'">
<img src="'.$userPicture.'" class="img-responsive" id="imgfriend_'.$friend['friend_user_id'].'" title="$user_name">
<div class="caption">
<h3>
<a href="profile.php?u='.$friend['friend_user_id'].'">'.$user_name.'</a>
</h3>
<p>
<button class="btn btn-danger" onclick="delete_friend(this)" id=img_'.$friend['friend_user_id'].'>
'.get_lang('Delete').'
</button>
</p>
</div>
</div>
</div>
';
}
$j++;
}
}
}
echo $friend_html;
break;
case 'toogle_course':
if (api_is_anonymous()) {
echo '';
break;
}
require_once api_get_path(SYS_CODE_PATH).'forum/forumfunction.inc.php';
$user_id = Session::read('social_user_id');
if ($_POST['action']) {
$action = $_POST['action'];
}
switch ($action) {
case 'load_course':
$course_id = intval($_POST['course_code']); // the int course id
$course_info = api_get_course_info_by_id($course_id);
$course_code = $course_info['code'];
if (api_is_user_of_course($course_id, api_get_user_id())) {
//------Forum messages
$forum_result = get_all_post_from_user($user_id, $course_code);
$all_result_data = 0;
if ($forum_result != '') {
echo '<div id="social-forum-main-title">';
echo api_xml_http_response_encode(get_lang('Forum'));
echo '</div>';
echo '<div style="background:#FAF9F6; padding:0px;" >';
echo api_xml_http_response_encode($forum_result);
echo '</div>';
echo '<br />';
$all_result_data++;
}
//------Blog posts
$result = Blog::getBlogPostFromUser($course_id, $user_id, $course_code);
if (!empty($result)) {
api_display_tool_title(api_xml_http_response_encode(get_lang('Blog')));
echo '<div style="background:#FAF9F6; padding:0px;">';
echo api_xml_http_response_encode($result);
echo '</div>';
echo '<br />';
$all_result_data++;
}
//------Blog comments
$result = Blog::getBlogCommentsFromUser($course_id, $user_id, $course_code);
if (!empty($result)) {
echo '<div style="background:#FAF9F6; padding-left:10px;">';
api_display_tool_title(api_xml_http_response_encode(get_lang('BlogComments')));
echo api_xml_http_response_encode($result);
echo '</div>';
echo '<br />';
$all_result_data++;
}
if ($all_result_data == 0) {
echo api_xml_http_response_encode(get_lang('NoDataAvailable'));
}
} else {
echo '<div class="clear"></div><br />';
api_display_tool_title(api_xml_http_response_encode(get_lang('Details')));
echo '<div style="background:#FAF9F6; padding:0px;">';
echo api_xml_http_response_encode(get_lang('UserNonRegisteredAtTheCourse'));
echo '<div class="clear"></div><br />';
echo '</div>';
echo '<div class="clear"></div><br />';
}
break;
case 'unload_course':
default:
break;
}
break;
case 'send_comment':
if (api_is_anonymous()) {
exit;
}
if (api_get_setting('allow_social_tool') !== 'true') {
exit;
}
if (!Security::check_token('get', null, 'wall')) {
exit;
}
$messageId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if (empty($messageId)) {
exit;
}
$userId = api_get_user_id();
$messageInfo = MessageManager::get_message_by_id($messageId);
if (!empty($messageInfo)) {
$comment = isset($_REQUEST['comment']) ? $_REQUEST['comment'] : '';
if (!empty($comment)) {
$messageId = SocialManager::sendWallMessage(
$userId,
$messageInfo['user_receiver_id'],
$comment,
$messageId,
MESSAGE_STATUS_WALL
);
if ($messageId) {
$messageInfo = MessageManager::get_message_by_id($messageId);
JsonResponse::create([
'secToken' => Security::get_token('wall'),
'postHTML' => SocialManager::processPostComment($messageInfo),
])->send();
}
}
}
break;
case 'delete_message':
if (api_is_anonymous()) {
exit;
}
if (api_get_setting('allow_social_tool') !== 'true') {
exit;
}
$messageId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if (empty($messageId)) {
exit;
}
if (!Security::check_token('get', null, 'social')) {
exit;
}
$userId = api_get_user_id();
$messageInfo = MessageManager::get_message_by_id($messageId);
if (!empty($messageInfo)) {
$canDelete = ($messageInfo['user_receiver_id'] == $userId || $messageInfo['user_sender_id'] == $userId) &&
empty($messageInfo['group_id']);
if ($canDelete || api_is_platform_admin()) {
SocialManager::deleteMessage($messageId);
echo json_encode([
'message' => Display::return_message(get_lang('MessageDeleted')),
'secToken' => Security::get_token('social'),
]);
break;
}
}
break;
case 'list_wall_message':
if (api_is_anonymous()) {
break;
}
$start = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
$userId = isset($_REQUEST['u']) ? (int) $_REQUEST['u'] : api_get_user_id();
$html = '';
if ($userId == api_get_user_id()) {
$threadList = SocialManager::getThreadList($userId);
$threadIdList = [];
if (!empty($threadList)) {
$threadIdList = array_column($threadList, 'id');
}
$html = SocialManager::getMyWallMessages(
$userId,
$start,
SocialManager::DEFAULT_SCROLL_NEW_POST,
$threadIdList
);
$html = $html['posts'];
} else {
$messages = SocialManager::getWallMessages(
$userId,
null,
0,
0,
'',
$start,
SocialManager::DEFAULT_SCROLL_NEW_POST
);
$messages = SocialManager::formatWallMessages($messages);
if (!empty($messages)) {
ksort($messages);
foreach ($messages as $message) {
$post = $message['html'];
$comments = SocialManager::getWallPostComments($userId, $message);
$html .= SocialManager::wrapPost($message, $post.$comments);
}
}
}
if (!empty($html)) {
$html .= Display::div(
Display::url(
get_lang('SeeMore'),
api_get_self().'?u='.$userId.'&a=list_wall_message&start='.
($start + SocialManager::DEFAULT_SCROLL_NEW_POST).'&length='.SocialManager::DEFAULT_SCROLL_NEW_POST,
[
'class' => 'nextPage',
]
),
[
'class' => 'next',
]
);
}
echo $html;
break;
// Read the Url using OpenGraph and returns the hyperlinks content
case 'read_url_with_open_graph':
api_block_anonymous_users(false);
$url = $_POST['social_wall_new_msg_main'] ?? '';
$url = trim($url);
$html = '';
if (SocialManager::verifyUrl($url)) {
$html = Security::remove_XSS(
SocialManager::readContentWithOpenGraph($url)
);
}
echo $html;
break;
case 'like_message':
header('Content-Type: application/json');
if (
api_is_anonymous() ||
!api_get_configuration_value('social_enable_messages_feedback')
) {
echo json_encode(false);
exit;
}
$messageId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
$status = isset($_GET['status']) ? $_GET['status'] : '';
$groupId = isset($_GET['group']) ? (int) $_GET['group'] : 0;
if (empty($messageId) || !in_array($status, ['like', 'dislike'])) {
echo json_encode(false);
exit;
}
$em = Database::getManager();
$messageRepo = $em->getRepository('ChamiloCoreBundle:Message');
$messageLikesRepo = $em->getRepository('ChamiloCoreBundle:MessageFeedback');
/** @var Message $message */
$message = $messageRepo->find($messageId);
if (empty($message)) {
echo json_encode(false);
exit;
}
if ((int) $message->getGroupId() !== $groupId) {
echo json_encode(false);
exit;
}
if (!empty($message->getGroupId())) {
$usergroup = new UserGroup();
$groupInfo = $usergroup->get($groupId);
if (empty($groupInfo)) {
echo json_encode(false);
exit;
}
$isMember = $usergroup->is_group_member($groupId, $current_user_id);
if (GROUP_PERMISSION_CLOSED == $groupInfo['visibility'] && !$isMember) {
echo json_encode(false);
exit;
}
}
$user = api_get_user_entity($current_user_id);
$userLike = $messageLikesRepo->findOneBy(['message' => $message, 'user' => $user]);
if (empty($userLike)) {
$userLike = new MessageFeedback();
$userLike
->setMessage($message)
->setUser($user);
}
if ('like' === $status) {
if ($userLike->isLiked()) {
echo json_encode(false);
exit;
}
$userLike
->setLiked(true)
->setDisliked(false);
} elseif ('dislike' === $status) {
if ($userLike->isDisliked()) {
echo json_encode(false);
exit;
}
$userLike
->setLiked(false)
->setDisliked(true);
}
$userLike
->setUpdatedAt(
api_get_utc_datetime(null, false, true)
);
$em->persist($userLike);
$em->flush();
echo json_encode(true);
break;
default:
echo '';
}
exit;

1424
main/inc/ajax/statistics.ajax.php Normal file
View File

File diff suppressed because it is too large Load Diff

133
main/inc/ajax/student_follow_page.ajax.php Normal file
View File

@@ -0,0 +1,133 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CourseBundle\Entity\CLp;
use Chamilo\CourseBundle\Entity\CLpView;
use Symfony\Component\HttpFoundation\Request as HttpRequest;
require_once __DIR__.'/../global.inc.php';
$httpRequest = HttpRequest::createFromGlobals();
$isAllowedToEdit = api_is_allowed_to_edit();
switch ($httpRequest->get('a')) {
case 'form_adquisition':
displayForm(
$httpRequest->query->getInt('lp_view')
);
break;
case 'views_invisible':
processViewsInvisible(
$httpRequest->request->get('chkb_view') ?: [],
$httpRequest->request->getBoolean('state')
);
break;
}
function displayForm(int $lpViewId)
{
$em = Database::getManager();
$lpView = $em->find(CLpView::class, $lpViewId);
if (null === $lpView) {
return;
}
$lp = $em->find(CLp::class, $lpView->getLpId());
$extraField = new ExtraField('lp_view');
$field = $extraField->get_handler_field_info_by_field_variable(StudentFollowPage::VARIABLE_ACQUISITION);
$extraFieldValue = new ExtraFieldValue('lp_view');
$value = $extraFieldValue->get_values_by_handler_and_field_variable(
$lpViewId,
StudentFollowPage::VARIABLE_ACQUISITION
);
$options = [];
foreach ($field['options'] as $option) {
$options[$option['option_value']] = ExtraFieldOption::translateDisplayName($option['display_text']);
}
$frmId = 'frm_lp_acquisition_'.$lpView->getLpId();
$frmAction = api_get_self().'?'.http_build_query(['lp_view' => $lpViewId, 'a' => 'form_adquisition']);
$form = new FormValidator($frmId, 'post', $frmAction);
$form->addRadio(StudentFollowPage::VARIABLE_ACQUISITION, get_lang('Acquisition'), $options);
$form->addHidden('lp_view', $lpViewId);
$form->addButtonSave(get_lang('Save'));
if ($form->validate()) {
$values = $form->exportValues();
$extraFieldValue = new ExtraFieldValue('lp_view');
$extraFieldValue->save(
[
'variable' => StudentFollowPage::VARIABLE_ACQUISITION,
'item_id' => $lpViewId,
'comment' => json_encode(['user' => api_get_user_id(), 'datetime' => api_get_utc_datetime()]),
'value' => $values[StudentFollowPage::VARIABLE_ACQUISITION],
]
);
echo StudentFollowPage::getLpAcquisition(
[
'iid' => $lp->getIid(),
'lp_name' => $lp->getName(),
],
$lpView->getUserId(),
$lpView->getCId(),
$lpView->getSessionId(),
true
);
exit;
}
if (!empty($value)) {
$form->setDefaults([StudentFollowPage::VARIABLE_ACQUISITION => $value['value']]);
}
echo $form->returnForm()
."<script>$(function () {
$('#$frmId').on('submit', function (e) {
e.preventDefault();
var self = $(this);
self.find(':submit').prop('disabled', true);
$.post(this.action, self.serialize()).done(function (response) {
$('#acquisition-$lpViewId').html(response);
$('#global-modal').modal('hide');
self.find(':submit').prop('disabled', false);
});
})
})</script>";
}
function processViewsInvisible(array $lpViews, bool $state)
{
foreach ($lpViews as $lpViewData) {
$parts = explode('_', $lpViewData);
[$lpId, $userId, $courseId, $sessionId] = array_map('intval', $parts);
$lpView = learnpath::findLastView($lpId, $userId, $courseId, $sessionId, true);
$extraFieldValue = new ExtraFieldValue('lp_view');
$extraFieldValue->save(
[
'variable' => StudentFollowPage::VARIABLE_INVISIBLE,
'item_id' => $lpView['iid'],
'comment' => json_encode(['user' => api_get_user_id(), 'datetime' => api_get_utc_datetime()]),
'value' => $state,
]
);
}
}

59
main/inc/ajax/survey.ajax.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
$current_user_id = api_get_user_id();
$courseId = api_get_course_int_id();
$action = isset($_GET['a']) ? $_GET['a'] : null;
$surveyId = isset($_REQUEST['survey_id']) ? $_REQUEST['survey_id'] : 0;
$questionId = isset($_REQUEST['question_id']) ? $_REQUEST['question_id'] : 0;
switch ($action) {
case 'load_question_options':
if (!api_is_allowed_to_edit(false, true)) {
exit;
}
$question = SurveyManager::get_question($questionId);
if (!empty($question) && !empty($question['answer_data'])) {
$optionList = [];
foreach ($question['answer_data'] as $answer) {
$optionList[$answer['iid']] = strip_tags($answer['data']);
}
echo json_encode($optionList);
}
break;
case 'save_question':
if (api_is_anonymous()) {
echo '';
break;
}
$status = isset($_GET['status']) ? (int) $_GET['status'] : null;
$userId = api_get_user_id();
$surveyData = SurveyManager::get_survey($surveyId);
if (empty($surveyData)) {
exit;
}
SurveyUtil::remove_answer(
$userId,
$surveyId,
$questionId,
$courseId
);
SurveyUtil::store_answer(
$userId,
$surveyId,
$questionId,
1,
$status,
$surveyData
);
break;
}
exit;

161
main/inc/ajax/thematic.ajax.php Normal file
View File

@@ -0,0 +1,161 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls for thematic.
*/
require_once __DIR__.'/../global.inc.php';
api_protect_course_script(true);
$action = $_GET['a'];
$thematic = new Thematic();
switch ($action) {
case 'save_thematic_plan':
/*$title_list = $_REQUEST['title'];
$description_list = $_REQUEST['desc'];
//$description_list = $_REQUEST['description'];
$description_type = $_REQUEST['description_type'];
if (api_is_allowed_to_edit(null, true)) {
for($i=1;$i<count($title_list)+1; $i++) {
$thematic->set_thematic_plan_attributes($_REQUEST['thematic_id'], $title_list[$i], $description_list[$i], $description_type[$i]);
$affected_rows = $thematic->thematic_plan_save();
}
}
$thematic_plan_data = $thematic->get_thematic_plan_data();
$return = $thematic->get_thematic_plan_div($thematic_plan_data);
echo $return[$_REQUEST['thematic_id']];*/
break;
case 'save_thematic_advance':
if (!api_is_allowed_to_edit(null, true)) {
echo '';
exit;
}
/*
if (($_REQUEST['start_date_type'] == 1 && empty($_REQUEST['start_date_by_attendance'])) || (!empty($_REQUEST['duration_in_hours']) && !is_numeric($_REQUEST['duration_in_hours'])) ) {
if ($_REQUEST['start_date_type'] == 1 && empty($_REQUEST['start_date_by_attendance'])) {
$start_date_error = true;
$data['start_date_error'] = $start_date_error;
}
if (!empty($_REQUEST['duration_in_hours']) && !is_numeric($_REQUEST['duration_in_hours'])) {
$duration_error = true;
$data['duration_error'] = $duration_error;
}
$data['action'] = $_REQUEST['action'];
$data['thematic_id'] = $_REQUEST['thematic_id'];
$data['attendance_select'] = $attendance_select;
if (isset($_REQUEST['thematic_advance_id'])) {
$data['thematic_advance_id'] = $_REQUEST['thematic_advance_id'];
$thematic_advance_data = $thematic->get_thematic_advance_list($_REQUEST['thematic_advance_id']);
$data['thematic_advance_data'] = $thematic_advance_data;
}
} else {
if ($_REQUEST['thematic_advance_token'] == $_SESSION['thematic_advance_token'] && api_is_allowed_to_edit(null, true)) {
$thematic_advance_id = $_REQUEST['thematic_advance_id'];
$thematic_id = $_REQUEST['thematic_id'];
$content = $_REQUEST['real_content'];
$duration = $_REQUEST['duration_in_hours'];
if (isset($_REQUEST['start_date_type']) && $_REQUEST['start_date_type'] == 2) {
$start_date = $thematic->build_datetime_from_array($_REQUEST['custom_start_date']);
$attendance_id = 0;
} else {
$start_date = $_REQUEST['start_date_by_attendance'];
$attendance_id = $_REQUEST['attendance_select'];
}
$thematic->set_thematic_advance_attributes($thematic_advance_id, $thematic_id, $attendance_id, $content, $start_date, $duration);
$affected_rows = $thematic->thematic_advance_save();
if ($affected_rows) {
// get last done thematic advance before move thematic list
$last_done_thematic_advance = $thematic->get_last_done_thematic_advance();
// update done advances with de current thematic list
if (!empty($last_done_thematic_advance)) {
$update_done_advances = $thematic->update_done_thematic_advances($last_done_thematic_advance);
}
}
}
}
$thematic_advance_data = $thematic->get_thematic_advance_list(null, null, true);
$return = $thematic->get_thematic_advance_div($thematic_advance_data);
echo $return[$_REQUEST['thematic_id']][$_REQUEST['thematic_advance_id']];*/
break;
case 'get_datetime_by_attendance':
$attendance_id = intval($_REQUEST['attendance_id']);
$thematic_advance_id = intval($_REQUEST['thematic_advance_id']);
$label = '';
$input_select = '';
if (!empty($attendance_id)) {
$attendance = new Attendance();
$thematic = new Thematic();
$thematic_list = $thematic->get_thematic_list();
$my_list = $thematic_list_temp = [];
foreach ($thematic_list as $item) {
$my_list = $thematic->get_thematic_advance_by_thematic_id($item['id']);
$thematic_list_temp = array_merge($my_list, $thematic_list_temp);
}
$new_thematic_list = [];
foreach ($thematic_list_temp as $item) {
if (!empty($item['attendance_id'])) {
$new_thematic_list[$item['id']] = [
'attendance_id' => $item['attendance_id'],
'start_date' => $item['start_date'],
];
}
}
$attendance_calendar = $attendance->get_attendance_calendar($attendance_id);
$label = get_lang('StartDate');
if (!empty($attendance_calendar)) {
$input_select .= '<select id="start_date_select_calendar" name="start_date_by_attendance" size="7" class="form-control">';
foreach ($attendance_calendar as $calendar) {
$selected = null;
$insert = true;
//checking if was already taken
foreach ($new_thematic_list as $key => $thematic_item) {
if ($calendar['db_date_time'] == $thematic_item['start_date']) {
$insert = false;
if ($thematic_advance_id == $key) {
$insert = true;
$selected = 'selected';
}
break;
}
}
if ($insert == true) {
$input_select .= '<option '.$selected.' value="'.$calendar['date_time'].'">'.$calendar['date_time'].'</option>';
}
}
$input_select .= '</select>';
} else {
$input_select .= '<em>'.get_lang('ThereAreNoRegisteredDatetimeYet').'</em>';
}
}
?>
<div class="form-group">
<label class="col-sm-2 control-label"><?php echo $label; ?></label>
<div class="col-sm-8"><?php echo $input_select; ?></div>
</div>
<?php
break;
case 'update_done_thematic_advance':
$thematic_advance_id = intval($_GET['thematic_advance_id']);
$total_average = 0;
if (!empty($thematic_advance_id)) {
$thematic = new Thematic();
$affected_rows = $thematic->update_done_thematic_advances($thematic_advance_id);
$total_average = $thematic->get_total_average_of_thematic_advances(
api_get_course_id(),
api_get_session_id()
);
}
echo $total_average;
break;
default:
echo '';
}
exit;

15
main/inc/ajax/timeline.ajax.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
/* For licensing terms, see /license.txt */
require_once __DIR__.'/../global.inc.php';
$timeline = new Timeline();
$action = $_GET['a'];
switch ($action) {
case 'get_timeline_content':
$items = $timeline->get_timeline_content($_GET['id']);
echo json_encode($items);
break;
}

549
main/inc/ajax/user_manager.ajax.php Normal file
View File

@@ -0,0 +1,549 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\UserBundle\Entity\User;
use Doctrine\Common\Collections\Criteria;
use Doctrine\ORM\Query\Expr\Join;
use Symfony\Component\HttpFoundation\Request as HttpRequest;
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
$request = HttpRequest::createFromGlobals();
$isRequestByAjax = $request->isXmlHttpRequest();
$action = $_REQUEST['a'];
switch ($action) {
case 'comment_attendance':
$selected = $_REQUEST['selected'];
$comment = $_REQUEST['comment'];
$attendanceId = (int) $_REQUEST['attendance_id'];
if (!empty($selected)) {
list($prefix, $userId, $attendanceCalendarId) = explode('-', $selected);
$attendance = new Attendance();
$attendance->saveComment(
(int) $userId,
(int) $attendanceCalendarId,
$comment,
$attendanceId
);
echo 1;
exit;
}
echo 0;
break;
case 'get_attendance_comment':
$selected = $_REQUEST['selected'];
if (!empty($selected)) {
list($prefix, $userId, $attendanceCalendarId) = explode('-', $selected);
$attendance = new Attendance();
$commentInfo = $attendance->getComment(
(int) $userId,
(int) $attendanceCalendarId
);
echo json_encode(
[
'comment' => $commentInfo['comment'],
'author' => !empty($commentInfo['author']) ? get_lang('Author').': '.$commentInfo['author'] : '',
]
);
}
break;
case 'block_attendance_calendar':
$calendarId = (int) $_REQUEST['calendar_id'];
$attendance = new Attendance();
$attendance->updateCalendarBlocked($calendarId);
echo (int) $attendance->isCalendarBlocked($calendarId);
break;
case 'get_attendance_sign':
$selected = $_REQUEST['selected'];
if (!empty($selected)) {
list($prefix, $userId, $attendanceCalendarId) = explode('-', $selected);
$attendance = new Attendance();
$signature = $attendance->getSignature($userId, $attendanceCalendarId);
echo $signature;
}
break;
case 'remove_attendance_sign':
$selected = $_REQUEST['selected'];
$attendanceId = (int) $_REQUEST['attendance_id'];
if (!empty($selected)) {
list($prefix, $userId, $attendanceCalendarId) = explode('-', $selected);
$attendance = new Attendance();
$attendance->deleteSignature($userId, $attendanceCalendarId, $attendanceId);
}
break;
case 'sign_attendance':
$selected = $_REQUEST['selected'];
$file = isset($_REQUEST['file']) ? $_REQUEST['file'] : '';
$file = str_replace(' ', '+', $file);
$attendanceId = $_REQUEST['attendance_id'];
if (!empty($selected)) {
list($prefix, $userId, $attendanceCalendarId, $courseId) = explode('-', $selected);
$attendance = new Attendance();
$attendance->saveSignature($userId, $attendanceCalendarId, $file, $attendanceId, $courseId);
echo 1;
exit;
}
echo 0;
break;
case 'set_expiration_date':
$status = (int) $_REQUEST['status'];
$dates = UserManager::getExpirationDateByRole($status);
echo json_encode($dates);
break;
case 'get_user_like':
if (api_is_platform_admin() || api_is_drh() || api_is_session_admin()) {
$query = $_REQUEST['q'];
$conditions = [
'username' => $query,
'firstname' => $query,
'lastname' => $query,
];
$users = UserManager::getUserListLike($conditions, [], false, 'OR');
$result = [];
if (!empty($users)) {
foreach ($users as $user) {
$result[] = ['id' => $user['id'], 'text' => $user['complete_name'].' ('.$user['username'].')'];
}
$result['items'] = $result;
}
echo json_encode($result);
}
break;
case 'get_user_popup':
if (!$isRequestByAjax) {
break;
}
$courseId = (int) $request->get('course_id');
$sessionId = (int) $request->get('session_id');
$hash = (string) $request->get('hash');
$userId = (int) UserManager::decryptUserHash($hash);
$user_info = api_get_user_info($userId);
if (empty($user_info)) {
break;
}
if ($courseId) {
$courseInfo = api_get_course_info_by_id($courseId);
if (empty($courseInfo)) {
break;
}
}
if ($sessionId) {
$sessionInfo = api_get_session_info($sessionId);
if (empty($sessionInfo)) {
break;
}
}
$isAnonymous = api_is_anonymous();
if ($isAnonymous && empty($courseId)) {
break;
}
if ($isAnonymous && $courseId) {
if ('false' === api_get_setting('course_catalog_published')) {
break;
}
$coursesNotInCatalog = CoursesAndSessionsCatalog::getCoursesToAvoid();
if (in_array($courseId, $coursesNotInCatalog)) {
break;
}
}
echo '<div class="row">';
echo '<div class="col-sm-5">';
echo '<div class="thumbnail">';
echo Display::img($user_info['avatar'], $user_info['complete_name']);
echo '</div>';
echo '</div>';
echo '<div class="col-sm-7">';
if ($isAnonymous || api_get_setting('show_email_addresses') == 'false') {
$user_info['mail'] = '';
}
$userData = '<h3>'.$user_info['complete_name'].'</h3>'
.PHP_EOL
.$user_info['mail']
.PHP_EOL
.$user_info['official_code'];
if ($isAnonymous) {
// Only allow anonymous users to see user popup if the popup user
// is a teacher (which might be necessary to illustrate a course)
if ((int) $user_info['status'] === COURSEMANAGER) {
echo $userData;
}
} else {
echo Display::url(
$userData,
api_get_path(WEB_CODE_PATH).'social/profile.php?u='.$user_info['user_id']
);
}
echo '</div>';
echo '</div>';
$url = api_get_path(WEB_AJAX_PATH).'message.ajax.php?'
.http_build_query(
[
'a' => 'send_message',
'user_id' => $user_info['user_id'],
'course_id' => $courseId,
'session_id' => $sessionId,
]
);
if ($isAnonymous === false &&
api_get_setting('allow_message_tool') == 'true'
) {
echo '<script>';
echo '
$("#send_message_link").on("click", function() {
var url = "'.$url.'";
var params = $("#send_message").serialize();
$.ajax({
url: url+"&"+params,
success:function(data) {
$("#subject_id").val("");
$("#content_id").val("");
$("#send_message").html(data);
$("#send_message_link").hide();
}
});
});';
echo '</script>';
echo MessageManager::generate_message_form();
echo '
<div class="row">
<div class="col-sm-10 col-sm-offset-2">
<a class="btn btn-primary" id="send_message_link">
<em class="fa fa-envelope"></em> '.get_lang('Send').'
</a>
</div>
</div>
';
}
break;
case 'user_id_exists':
if (api_is_anonymous()) {
echo '';
} else {
if (UserManager::is_user_id_valid($_GET['user_id'])) {
echo 1;
} else {
echo 0;
}
}
break;
case 'search_tags':
header('Content-Type: application/json');
$result = ['items' => []];
if (api_is_anonymous()) {
echo json_encode($result);
break;
}
if (!isset($_GET['q'], $_GET['field_id'])) {
echo json_encode($result);
break;
}
$result['items'] = UserManager::get_tags($_GET['q'], $_GET['field_id'], null, '10');
echo json_encode($result);
break;
case 'generate_api_key':
if (api_is_anonymous()) {
echo '';
} else {
$array_list_key = [];
$user_id = api_get_user_id();
$api_service = 'dokeos';
$num = UserManager::update_api_key($user_id, $api_service);
$array_list_key = UserManager::get_api_keys($user_id, $api_service); ?>
<div class="form-group">
<label class="col-sm-2 control-label"><?php echo get_lang('MyApiKey'); ?></label>
<div class="col-sm-8">
<input type="text" name="api_key_generate" id="id_api_key_generate" class="form-control" value="<?php echo $array_list_key[$num]; ?>"/>
</div>
</div>
<?php
}
break;
case 'active_user':
$allow = api_get_configuration_value('allow_disable_user_for_session_admin');
if ((api_is_platform_admin() && api_global_admin_can_edit_admin($_GET['user_id'])) ||
(
$allow &&
api_is_session_admin() &&
api_global_admin_can_edit_admin($_GET['user_id'], null, true)
)
) {
$user_id = intval($_GET['user_id']);
$status = intval($_GET['status']);
if (!empty($user_id)) {
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "UPDATE $user_table
SET active = '".$status."'
WHERE user_id = '".$user_id."'";
$result = Database::query($sql);
// Send and email if account is active
if ($status == 1) {
$user_info = api_get_user_info($user_id);
$recipientName = api_get_person_name(
$user_info['firstname'],
$user_info['lastname'],
null,
PERSON_NAME_EMAIL_ADDRESS
);
$subject = '['.api_get_setting('siteName').'] '.get_lang('YourReg').' '.api_get_setting('siteName');
$emailAdmin = api_get_setting('emailAdministrator');
$sender_name = api_get_person_name(
api_get_setting('administratorName'),
api_get_setting('administratorSurname'),
null,
PERSON_NAME_EMAIL_ADDRESS
);
$body = get_lang('Dear')." ".stripslashes($recipientName).",\n\n";
$body .= sprintf(
get_lang('YourAccountOnXHasJustBeenApprovedByOneOfOurAdministrators'),
api_get_setting('siteName')
)."\n";
$body .= sprintf(
get_lang('YouCanNowLoginAtXUsingTheLoginAndThePasswordYouHaveProvided'),
api_get_path(WEB_PATH)
).",\n\n";
$body .= get_lang('HaveFun')."\n\n";
//$body.=get_lang('Problem'). "\n\n". get_lang('SignatureFormula');
$body .= api_get_person_name(
api_get_setting('administratorName'),
api_get_setting('administratorSurname')
)."\n".
get_lang('Manager')." ".
api_get_setting('siteName')."\nT. ".api_get_setting('administratorTelephone')."\n".
get_lang('Email')." : ".api_get_setting('emailAdministrator');
$additionalParameters = [
'smsType' => SmsPlugin::ACCOUNT_APPROVED_CONNECT,
'userId' => $user_id,
];
MessageManager::send_message_simple(
$user_id,
$subject,
$body,
null,
false,
false,
$additionalParameters
);
Event::addEvent(LOG_USER_ENABLE, LOG_USER_ID, $user_id);
} else {
Event::addEvent(LOG_USER_DISABLE, LOG_USER_ID, $user_id);
}
echo $status;
}
} else {
echo '-1';
}
break;
case 'user_by_role':
if (!api_is_platform_admin()) {
api_not_allowed(false, null, 403);
}
$status = isset($_REQUEST['status']) ? (int) $_REQUEST['status'] : DRH;
$active = isset($_REQUEST['active']) ? (int) $_REQUEST['active'] : null;
$criteria = new Criteria();
$criteria
->where(
Criteria::expr()->orX(
Criteria::expr()->contains('username', $_REQUEST['q']),
Criteria::expr()->contains('firstname', $_REQUEST['q']),
Criteria::expr()->contains('lastname', $_REQUEST['q'])
)
)
->andWhere(
Criteria::expr()->eq('status', $status)
);
if (null !== $active) {
$criteria->andWhere(Criteria::expr()->eq('active', $active));
}
$users = UserManager::getRepository()->matching($criteria);
if (!$users->count()) {
echo json_encode([]);
break;
}
$items = [];
/** @var User $user */
foreach ($users as $user) {
$items[] = [
'id' => $user->getId(),
'text' => UserManager::formatUserFullName($user, true),
];
}
header('Content-Type: application/json');
echo json_encode(['items' => $items]);
break;
case 'teacher_to_basis_course':
api_block_anonymous_users(false);
$sortByFirstName = api_sort_by_first_name();
$urlId = api_get_current_access_url_id();
$qb = UserManager::getRepository()->createQueryBuilder('u');
$qb->where(
$qb->expr()->orX(
$qb->expr()->like('u.username', ':q'),
$qb->expr()->like('u.firstname', ':q'),
$qb->expr()->like('u.lastname', ':q')
)
);
if (api_is_multiple_url_enabled()) {
$qb
->innerJoin('ChamiloCoreBundle:AccessUrlRelUser', 'uru', Join::WITH, 'u.userId = uru.userId')
->andWhere('uru.accessUrlId = '.$urlId);
}
$qb
->andWhere(
$qb->expr()->in('u.status', UserManager::getAllowedRolesAsTeacher())
)
->orderBy(
$sortByFirstName
? 'u.firstname, u.lastname'
: 'u.lastname, u.firstname'
)
->setParameter('q', '%'.$_REQUEST['q'].'%');
$users = $qb->getQuery()->getResult();
if (!$users) {
echo json_encode([]);
break;
}
$items = [];
/** @var User $user */
foreach ($users as $user) {
$items[] = [
'id' => $user->getId(),
'text' => UserManager::formatUserFullName($user, true),
];
}
header('Content-Type: application/json');
echo json_encode(['items' => $items]);
break;
case 'update_users':
$usersData = json_decode($_POST['users'], true);
$updatedCount = 0;
foreach ($usersData as $userData) {
if (empty($userData['user_id'])) {
continue;
}
$userId = (int) $userData['user_id'];
$currentUserData = api_get_user_info($userId);
if (!$currentUserData) {
continue;
}
$updatedData = [
'firstname' => $userData['firstname'] ?? $currentUserData['firstname'],
'lastname' => $userData['lastname'] ?? $currentUserData['lastname'],
'email' => $userData['email'] ?? $currentUserData['email'],
'phone' => $userData['phone'] ?? $currentUserData['phone'],
'official_code' => $userData['official_code'] ?? $currentUserData['official_code'],
'status' => isset($userData['status']) ? (int) $userData['status'] : $currentUserData['status'],
'active' => isset($userData['active']) ? (int) $userData['active'] : $currentUserData['active'],
];
if (!empty($userData['password'])) {
$updatedData['password'] = $userData['password'];
}
$extraFieldHandler = new ExtraField('user');
$extraFieldValue = new ExtraFieldValue('user');
$extraFields = [];
foreach ($userData as $key => &$value) {
if (strpos($key, 'extra_') === 0) {
$fieldName = str_replace('extra_', '', $key);
$fieldInfo = $extraFieldHandler->get_handler_field_info_by_field_variable($fieldName);
if ($fieldInfo) {
if ($fieldInfo['field_type'] == 10 && is_string($value) && strpos($value, ',') !== false) {
$value = explode(',', $value);
}
}
}
}
UserManager::update_user(
$userId,
$updatedData['firstname'],
$updatedData['lastname'],
$currentUserData['username'],
$updatedData['password'] ?? null,
$currentUserData['auth_source'],
$updatedData['email'],
$updatedData['status'],
$updatedData['official_code'],
$updatedData['phone'],
$currentUserData['picture_uri'],
null,
$updatedData['active'],
null,
null,
null,
$currentUserData['language']
);
$userData['item_id'] = $userId;
$extraFieldValue->saveFieldValues(
$userData,
false,
false,
[],
[],
true
);
$updatedCount++;
}
echo json_encode(['message' => get_lang('Saved').' '.$updatedCount]);
break;
default:
echo '';
}
exit;

57
main/inc/ajax/usergroup.ajax.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
use Symfony\Component\HttpFoundation\Request as HttpRequest;
require_once __DIR__.'/../global.inc.php';
$httpRequest = HttpRequest::createFromGlobals();
$action = $httpRequest->query->has('a') ? $httpRequest->query->get('a') : $httpRequest->request->get('a');
$isAllowedToEdit = api_is_allowed_to_edit();
switch ($action) {
case 'get_class_by_keyword':
$keyword = $httpRequest->query->has('q') ? $httpRequest->query->get('q') : $httpRequest->request->get('q');
$allow = api_is_platform_admin() || api_is_session_admin();
if ($allow && !empty($keyword)) {
$userGroup = new UserGroup();
$where = ['where' => ['name like ?' => "%$keyword%"], 'order' => 'name '];
$items = [];
$list = $userGroup->get_all($where);
foreach ($list as $class) {
$items[] = [
'id' => $class['id'],
'text' => $class['name'],
];
}
echo json_encode(['items' => $items]);
}
break;
case 'delete_user_in_usergroup':
if ($isAllowedToEdit) {
$userGroup = new UserGroup();
$userId = $httpRequest->query->has('id')
? $httpRequest->query->getInt('id')
: $httpRequest->request->getInt('id');
$userIdList = explode(',', $userId);
$groupId = $httpRequest->query->has('group_id')
? $httpRequest->query->getInt('group_id')
: $httpRequest->request->getInt('group_id');
foreach ($userIdList as $userId) {
$userGroup->delete_user_rel_group($userId, $groupId);
}
}
break;
default:
echo '';
break;
}
exit;

253
main/inc/ajax/work.ajax.php Normal file
View File

@@ -0,0 +1,253 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Responses to AJAX calls.
*/
require_once __DIR__.'/../global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';
$action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
$isAllowedToEdit = api_is_allowed_to_edit();
$courseInfo = api_get_course_info();
switch ($action) {
case 'show_student_work':
api_protect_course_script(true);
if ($isAllowedToEdit) {
$itemList = isset($_REQUEST['item_list']) ? $_REQUEST['item_list'] : [];
$itemList = explode(',', $itemList);
if (!empty($itemList)) {
foreach ($itemList as $itemId) {
makeVisible($itemId, $courseInfo);
}
echo '1';
exit;
}
}
echo '0';
break;
case 'hide_student_work':
api_protect_course_script(true);
if ($isAllowedToEdit) {
$itemList = isset($_REQUEST['item_list']) ? $_REQUEST['item_list'] : [];
$itemList = explode(',', $itemList);
if (!empty($itemList)) {
foreach ($itemList as $itemId) {
makeInvisible($itemId, $courseInfo);
}
echo '1';
exit;
}
}
echo '0';
break;
case 'delete_student_work':
api_protect_course_script(true);
if ($isAllowedToEdit) {
if (empty($_REQUEST['id'])) {
return false;
}
$itemList = explode(',', $_REQUEST['id']);
foreach ($itemList as $itemId) {
deleteWorkItem($itemId, $courseInfo);
}
echo '1';
exit;
}
echo '0';
break;
case 'upload_file':
api_protect_course_script(true);
if (isset($_REQUEST['chunkAction']) && 'send' === $_REQUEST['chunkAction']) {
// It uploads the files in chunks
if (!empty($_FILES)) {
$tempDirectory = api_get_path(SYS_ARCHIVE_PATH);
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
if (!empty($fileList)) {
foreach ($fileList as $n => $file) {
$tmpFile = disable_dangerous_file(
api_replace_dangerous_char($file['name'])
);
file_put_contents(
$tempDirectory.$tmpFile,
fopen($file['tmp_name'], 'r'),
FILE_APPEND
);
}
}
}
echo json_encode([
'files' => $_FILES,
'errorStatus' => 0,
]);
exit;
} else {
$workId = isset($_REQUEST['id']) ? $_REQUEST['id'] : '';
$workInfo = get_work_data_by_id($workId);
$sessionId = api_get_session_id();
$userId = api_get_user_id();
$groupId = api_get_group_id();
$onlyOnePublication = api_get_configuration_value('allow_only_one_student_publication_per_user');
if ($onlyOnePublication) {
$count = get_work_count_by_student($userId, $workId);
if ($count >= 1) {
exit;
}
}
if (!empty($_FILES)) {
$files = $_FILES['files'];
$fileList = [];
foreach ($files as $name => $array) {
$counter = 0;
foreach ($array as $data) {
$fileList[$counter][$name] = $data;
$counter++;
}
}
$resultList = [];
foreach ($fileList as $fileInfo) {
$file = processChunkedFile($fileInfo);
$globalFile = [];
$globalFile['files'] = $file;
$values = [
'contains_file' => 1,
'title' => $file['name'],
'description' => '',
];
$result = processWorkForm(
$workInfo,
$values,
$courseInfo,
$sessionId,
$groupId,
$userId,
$file,
api_get_configuration_value('assignment_prevent_duplicate_upload'),
false
);
$json = [];
if (!empty($result) && is_array($result) && empty($result['error'])) {
$json['name'] = api_htmlentities($result['title']);
$json['link'] = Display::url(
api_htmlentities($result['title']),
api_htmlentities($result['view_url']),
['target' => '_blank']
);
$json['url'] = $result['view_url'];
$json['size'] = '';
$json['type'] = api_htmlentities($result['filetype']);
$json['result'] = Display::return_icon(
'accept.png',
get_lang('Uploaded')
);
} else {
$json['url'] = '';
$json['error'] = isset($result['error']) ? $result['error'] : get_lang('Error');
}
$resultList[] = $json;
}
echo json_encode(['files' => $resultList]);
exit;
}
}
break;
case 'delete_work':
if ($isAllowedToEdit) {
if (empty($_REQUEST['id'])) {
return false;
}
$workList = explode(',', $_REQUEST['id']);
foreach ($workList as $workId) {
deleteDirWork($workId);
}
}
break;
case 'upload_correction_file':
api_protect_course_script(true);
// User access same as upload.php
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$itemId = isset($_GET['item_id']) ? (int) $_GET['item_id'] : '';
$result = [];
if (!empty($_FILES) && !empty($itemId)) {
$file = $_FILES['file'];
$courseInfo = api_get_course_info();
$workInfo = get_work_data_by_id($itemId);
$workInfoParent = get_work_data_by_id($workInfo['parent_id']);
$resultUpload = uploadWork($workInfoParent, $courseInfo, true, $workInfo);
if (!$resultUpload) {
echo 'false';
break;
}
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
if (isset($resultUpload['url']) && !empty($resultUpload['url'])) {
$title = isset($resultUpload['filename']) && !empty($resultUpload['filename']) ? $resultUpload['filename'] : get_lang('Untitled');
$url = Database::escape_string($resultUpload['url']);
$title = Database::escape_string($title);
$sql = "UPDATE $work_table SET
url_correction = '".$url."',
title_correction = '".$title."'
WHERE iid = $itemId";
Database::query($sql);
$result['title'] = $resultUpload['filename'];
$result['url'] = 'view.php?'.api_get_cidreq().'&id='.$itemId;
$json = [];
$json['name'] = Display::url(
api_htmlentities($result['title']),
api_htmlentities($result['url']),
['target' => '_blank']
);
$json['type'] = api_htmlentities($file['type']);
$json['size'] = format_file_size($file['size']);
}
if (isset($result['url'])) {
$json['result'] = Display::return_icon(
'accept.png',
get_lang('Uploaded'),
[],
ICON_SIZE_TINY
);
} else {
$json['result'] = Display::return_icon(
'exclamation.png',
get_lang('Error'),
[],
ICON_SIZE_TINY
);
}
header('Content-Type: application/json');
echo json_encode($json);
}
break;
default:
echo '';
break;
}
exit;