TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade 1-11.38

Browse Source
This commit is contained in:
xesmyd
2026-03-30 14:10:30 +02:00
parent f2a7e6d1fc
commit ac648ef29d
24665 changed files with 69682 additions and 2205004 deletions
Download Patch File Download Diff File Expand all files Collapse all files
main/inc/ajax/course.ajax.php
+4 -37
View File
@@ -145,43 +145,10 @@ switch ($action) {
break;
case 'search_course':
if (api_is_teacher() || api_is_platform_admin()) {
if (isset($_GET['session_id']) && !empty($_GET['session_id'])) {
//if session is defined, lets find only courses of this session
$courseList = SessionManager::get_course_list_by_session_id(
$_GET['session_id'],
$_GET['q']
);
} else {
//if session is not defined lets search all courses STARTING with $_GET['q']
//TODO change this function to search not only courses STARTING with $_GET['q']
if (api_is_platform_admin()) {
$courseList = CourseManager::get_courses_list(
0,
0,
'title',
'ASC',
-1,
$_GET['q'],
null,
true
);
} elseif (api_is_teacher()) {
$courseList = CourseManager::get_course_list_of_user_as_course_admin(api_get_user_id(), $_GET['q']);
$category = api_get_configuration_value('course_category_code_to_use_as_model');
if (!empty($category)) {
$alreadyAdded = [];
if (!empty($courseList)) {
$alreadyAdded = array_column($courseList, 'id');
}
$coursesInCategory = CourseCategory::getCoursesInCategory($category, $_GET['q']);
foreach ($coursesInCategory as $course) {
if (!in_array($course['id'], $alreadyAdded)) {
$courseList[] = $course;
}
}
}
}
}
$courseList = CourseManager::searchCourse(
$_REQUEST['q'],
isset($_GET['session_id']) ? (int) $_GET['session_id'] : 0
);
$results = [];
if (empty($courseList)) {
main/inc/ajax/course_home.ajax.php
+12 -9
View File
@@ -1,6 +1,7 @@
<?php
/* For licensing terms, see /license.txt */
use Chamilo\CourseBundle\Entity\CCourseDescription;
use Chamilo\CourseBundle\Entity\CTool;
use ChamiloSession as Session;
@@ -290,15 +291,17 @@ switch ($action) {
echo get_lang('PrivateAccess');
break;
}
$table = Database::get_course_table(TABLE_COURSE_DESCRIPTION);
$sql = "SELECT * FROM $table
WHERE c_id = ".$course_info['real_id']." AND session_id = 0
ORDER BY id";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
while ($description = Database::fetch_object($result)) {
$descriptions[$description->id] = $description;
}
/** @var array<int, CCourseDescription> $courseDescriptions */
$courseDescriptions = Database::getManager()
->getRepository(CCourseDescription::class)
->findBy(['cId' => $course_info['real_id'], 'sessionId' => 0])
;
$descriptions = [];
foreach ($courseDescriptions as $courseDescription) {
$descriptions[$courseDescription->getIid()] = $courseDescription;
// Function that displays the details of the course description in html.
$content = CourseManager::get_details_course_description_html(
$descriptions,
main/inc/ajax/document.ajax.php
+32 -1
View File
@@ -6,6 +6,7 @@
*/
use Chamilo\CoreBundle\Component\Editor\Driver\Driver;
use Chamilo\CoreBundle\Component\Editor\Driver\PersonalDriver;
require_once __DIR__.'/../global.inc.php';
@@ -217,6 +218,20 @@ switch ($action) {
$data = [];
$fileUpload = $_FILES['upload'];
try {
new Image($fileUpload['tmp_name']);
} catch (Exception $e) {
echo json_encode([
'uploaded' => 0,
'error' => [
'message' => get_lang('MissingImagesDetected'),
],
]);
exit;
}
$mimeType = mime_content_type($fileUpload['tmp_name']);
$isMimeAccepted = (new Driver())->mimeAccepted($mimeType, ['image']);
@@ -225,6 +240,22 @@ switch ($action) {
exit;
}
try {
$fileUpload['size'] = DocumentManager::autoResizeImageIfNeeded(
$fileUpload['size'],
$fileUpload['tmp_name']
);
} catch (Exception $e) {
echo json_encode([
'uploaded' => 0,
'error' => [
'message' => $e->getMessage(),
],
]);
exit;
}
$isAllowedToEdit = api_is_allowed_to_edit(null, true);
if ($isAllowedToEdit) {
$globalFile = ['files' => $fileUpload];
@@ -257,7 +288,7 @@ switch ($action) {
mkdir($syspath, api_get_permissions_for_new_directories(), true);
}
$webpath = UserManager::getUserPathById($userId, 'web').'my_files';
$fileUploadName = $fileUpload['name'];
$fileUploadName = disable_dangerous_file(api_replace_dangerous_char($fileUpload['name']));
if (file_exists($syspath.$fileUploadName)) {
$extension = pathinfo($fileUploadName, PATHINFO_EXTENSION);
$fileName = pathinfo($fileUploadName, PATHINFO_FILENAME);
main/inc/ajax/gradebook.ajax.php
+12 -1
View File
@@ -56,6 +56,10 @@ switch ($action) {
}
break;*/
case 'export_all_certificates':
if (!api_is_allowed_to_edit() && !api_is_student_boss()) {
exit;
}
$categoryId = (int) $_GET['cat_id'];
$filterOfficialCodeGet = isset($_GET['filter']) ? Security::remove_XSS($_GET['filter']) : null;
@@ -76,7 +80,14 @@ switch ($action) {
$userList = implode(',', $userList);
shell_exec("php $commandScript $courseCode $sessionId $categoryId $userList > /dev/null &");
shell_exec(sprintf(
"php %s %s %s %s %s > /dev/null &",
escapeshellarg($commandScript),
escapeshellarg($courseCode),
escapeshellarg((string) $sessionId),
escapeshellarg((string) $categoryId),
escapeshellarg($userList)
));
break;
case 'verify_export_all_certificates':
$categoryId = (int) $_GET['cat_id'];
main/inc/ajax/model.ajax.php
+14 -8
View File
@@ -251,10 +251,6 @@ if (($search || $forceSearch) && ($search !== 'false')) {
}
$whereCondition .= $extraQuestionCondition;
if (isset($filters->custom_dates)) {
$whereCondition .= $filters->custom_dates;
}
}
} elseif (!empty($filters->rules)) {
$whereCondition .= ' AND ( ';
@@ -643,17 +639,19 @@ switch ($action) {
true
);
break;
case 'get_exercise_pending_results':
if ((false === api_is_teacher()) && (false === api_is_session_admin())) {
exit;
}
$search_start_date = isset($_REQUEST['start_date']) && !empty($_REQUEST['start_date']) ? $_REQUEST['start_date'] : null;
$search_end_date = isset($_REQUEST['end_date']) && !empty($_REQUEST['end_date']) ? $_REQUEST['end_date'] : null;
$courseId = $_REQUEST['course_id'] ?? 0;
$exerciseId = $_REQUEST['exercise_id'] ?? 0;
$status = $_REQUEST['status'] ?? 0;
$questionType = $_REQUEST['questionType'] ?? 0;
$showAttemptsInSessions = (bool) $_REQUEST['showAttemptsInSessions'];
if (!empty($_GET['filter_by_user'])) {
$showAttemptsInSessions = $_REQUEST['showAttemptsInSessions'] ? true : false;
if (isset($_GET['filter_by_user']) && !empty($_GET['filter_by_user'])) {
$filter_user = (int) $_GET['filter_by_user'];
if (empty($whereCondition)) {
$whereCondition .= " te.exe_user_id = '$filter_user'";
@@ -662,7 +660,7 @@ switch ($action) {
}
}
if (!empty($_GET['group_id_in_toolbar'])) {
if (isset($_GET['group_id_in_toolbar']) && !empty($_GET['group_id_in_toolbar'])) {
$groupIdFromToolbar = (int) $_GET['group_id_in_toolbar'];
if (!empty($groupIdFromToolbar)) {
if (empty($whereCondition)) {
@@ -681,6 +679,14 @@ switch ($action) {
$whereCondition .= " AND te.c_id = $courseId";
}
// Filtrage sur la date de fin d'exercice (exe_date)
if (!empty($search_start_date)) {
$whereCondition .= " AND te.exe_date >= '".Database::escape_string($search_start_date)." 00:00:00'";
}
if (!empty($search_end_date)) {
$whereCondition .= " AND te.exe_date <= '".Database::escape_string($search_end_date)." 23:59:59'";
}
$count = ExerciseLib::get_count_exam_results(
$exerciseId,
$whereCondition,
main/inc/ajax/statistics.ajax.php
+17 -4
View File
@@ -251,12 +251,25 @@ switch ($action) {
$statsName = 'NumberOfUsers';
$filter = $_REQUEST['filter'];
$startDate = $_REQUEST['date_start'];
$endDate = $_REQUEST['date_end'];
$rawStartDate = isset($_REQUEST['date_start']) ? $_REQUEST['date_start'] : '';
$rawEndDate = isset($_REQUEST['date_end']) ? $_REQUEST['date_end'] : '';
$extraConditions = '';
if (!empty($startDate) && !empty($endDate)) {
$extraConditions .= " AND registration_date BETWEEN '$startDate' AND '$endDate' ";
if (!empty($rawStartDate) && !empty($rawEndDate)) {
// Validate both values against YYYY-MM-DD before embedding in SQL.
// Any other format (including SQL metacharacters) is silently ignored.
$parsedStart = DateTime::createFromFormat('Y-m-d', $rawStartDate);
$parsedEnd = DateTime::createFromFormat('Y-m-d', $rawEndDate);
if (false !== $parsedStart
&& false !== $parsedEnd
&& $parsedStart->format('Y-m-d') === $rawStartDate
&& $parsedEnd->format('Y-m-d') === $rawEndDate
) {
$startDate = Database::escape_string($rawStartDate);
$endDate = Database::escape_string($rawEndDate);
$extraConditions .= " AND registration_date BETWEEN '$startDate' AND '$endDate' ";
}
}
switch ($filter) {