category-less link is always visible. * * @author Patrick Cool, complete remake (December 2003 - January 2004) * @author René Haentjens, CSV file import (October 2004) * @package chamilo.link */ class Link extends Model { public $table; public $is_course_model = true; public $columns = array( 'id', 'c_id', 'url', 'title', 'description', 'category_id', 'display_order', 'on_homepage', 'target', 'session_id' ); public $required = array('url', 'title'); /** * */ public function __construct() { $this->table = Database::get_course_table(TABLE_LINK); } /** * Organize the saving of a link, using the parent's save method and * updating the item_property table * @param array $params * @param boolean $show_query Whether to show the query in logs when * calling parent's save method * * @return bool True if link could be saved, false otherwise */ public function save($params, $show_query = null) { $course_info = api_get_course_info(); $params['session_id'] = api_get_session_id(); $params['category_id'] = isset($params['category_id']) ? $params['category_id'] : 0; $id = parent::save($params, $show_query); if (!empty($id)) { api_item_property_update( $course_info, TOOL_LINK, $id, 'LinkAdded', api_get_user_id() ); } return $id; } /** * Update a link in the database * @param int $linkId The ID of the link to update * @param string $linkUrl The new URL to be saved * @param int Course ID * @param int Session ID * @return bool */ public function updateLink($linkId, $linkUrl, $courseId = null, $sessionId = null) { $tblLink = Database :: get_course_table(TABLE_LINK); $linkUrl = Database::escape_string($linkUrl); $linkId = intval($linkId); if (is_null($courseId)) { $courseId = api_get_course_int_id(); } $courseId = intval($courseId); if (is_null($sessionId)) { $sessionId = api_get_session_id(); } $sessionId = intval($sessionId); if ($linkUrl != '') { $sql = "UPDATE $tblLink SET url = '$linkUrl' WHERE id = $linkId AND c_id = $courseId AND session_id = $sessionId"; $resLink = Database::query($sql); return $resLink; } return false; } /** * * Get link info * @param int link id * @return array link info * **/ public static function get_link_info($id) { $tbl_link = Database:: get_course_table(TABLE_LINK); $course_id = api_get_course_int_id(); $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($id) . "' "; $result = Database::query($sql); $data = array(); if (Database::num_rows($result)) { $data = Database::fetch_array($result); } return $data; } } /** * Used to add a link or a category * @param string $type, "link" or "category" * @todo replace strings by constants * @author Patrick Cool , Ghent University * @return bool True on success, false on failure */ function addlinkcategory($type) { global $catlinkstatus; global $msgErr; $ok = true; $course_id = api_get_course_int_id(); if ($type == 'link') { $tbl_link = Database :: get_course_table(TABLE_LINK); $title = Security :: remove_XSS(stripslashes($_POST['title'])); $urllink = Security :: remove_XSS($_POST['urllink']); $description = Security :: remove_XSS($_POST['description']); $selectcategory = Security :: remove_XSS($_POST['selectcategory']); if ($_POST['onhomepage'] == '') { $onhomepage = 0; } else { $onhomepage = Security :: remove_XSS($_POST['onhomepage']); } if (empty($_POST['target_link'])) { $target = '_self'; // Default target. } else { $target = Security :: remove_XSS($_POST['target_link']); } $urllink = trim($urllink); $title = trim($title); $description = trim($description); // We ensure URL to be absolute. if (strpos($urllink, '://') === false) { $urllink = 'http://' . $urllink; } // If the title is empty, we use the URL as title. if ($title == '') { $title = $urllink; } // If the URL is invalid, an error occurs. if (!api_valid_url($urllink, true)) { // A check against an absolute URL $msgErr = get_lang('GiveURL'); Display :: display_error_message(get_lang('GiveURL')); $ok = false; } else { // Looking for the largest order number for this category. $result = Database :: query( "SELECT MAX(display_order) FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id = '" . intval($_POST['selectcategory']) . "'" ); list ($orderMax) = Database :: fetch_row($result); $order = $orderMax + 1; $session_id = api_get_session_id(); $sql = "INSERT INTO " . $tbl_link . " (c_id, url, title, description, category_id, display_order, on_homepage, target, session_id) VALUES (" . $course_id . ", '" . Database :: escape_string($urllink) . "', '" . Database :: escape_string($title) . "', '" . Database :: escape_string($description) . "', '" . Database :: escape_string($selectcategory) . "', '" . Database :: escape_string($order) . "', '" . Database :: escape_string($onhomepage) . "', '" . Database :: escape_string($target) . "', '" . Database :: escape_string($session_id) . "')"; $catlinkstatus = get_lang('LinkAdded'); Database :: query($sql); $link_id = Database :: insert_id(); if ($link_id) { api_set_default_visibility($link_id, TOOL_LINK); } if ((api_get_setting('search_enabled') == 'true') && $link_id && extension_loaded('xapian') ) { require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php'; require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php'; require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php'; $course_int_id = api_get_course_int_id(); $courseid = api_get_course_id(); $specific_fields = get_specific_field_list(); $ic_slide = new IndexableChunk(); // Add all terms to db. $all_specific_terms = ''; foreach ($specific_fields as $specific_field) { if (isset ($_REQUEST[$specific_field['code']])) { $sterms = trim($_REQUEST[$specific_field['code']]); if (!empty ($sterms)) { $all_specific_terms .= ' ' . $sterms; $sterms = explode(',', $sterms); foreach ($sterms as $sterm) { $ic_slide->addTerm( trim($sterm), $specific_field['code'] ); add_specific_field_value( $specific_field['id'], $courseid, TOOL_LINK, $link_id, $sterm ); } } } } // Build the chunk to index. $ic_slide->addValue('title', $title); $ic_slide->addCourseId($courseid); $ic_slide->addToolId(TOOL_LINK); $xapian_data = array( SE_COURSE_ID => $courseid, SE_TOOL_ID => TOOL_LINK, SE_DATA => array( 'link_id' => (int)$link_id ), SE_USER => (int)api_get_user_id(), ); $ic_slide->xapian_data = serialize($xapian_data); $description = $all_specific_terms . ' ' . $description; $ic_slide->addValue('content', $description); // Add category name if set. if (isset ($_POST['selectcategory']) && $selectcategory > 0) { $table_link_category = Database :: get_course_table( TABLE_LINK_CATEGORY ); $sql_cat = 'SELECT * FROM %s WHERE id=%d AND c_id = %d LIMIT 1'; $sql_cat = sprintf( $sql_cat, $table_link_category, (int)$selectcategory, $course_int_id ); $result = Database :: query($sql_cat); if (Database :: num_rows($result) == 1) { $row = Database :: fetch_array($result); $ic_slide->addValue('category', $row['category_title']); } } $di = new ChamiloIndexer(); isset ($_POST['language']) ? $lang = Database :: escape_string( $_POST['language'] ) : $lang = 'english'; $di->connectDb(null, null, $lang); $di->addChunk($ic_slide); // Index and return search engine document id. $did = $di->index(); if ($did) { // Save it to db. $tbl_se_ref = Database :: get_main_table( TABLE_MAIN_SEARCH_ENGINE_REF ); $sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did) VALUES (NULL , \'%s\', \'%s\', %s, %s)'; $sql = sprintf( $sql, $tbl_se_ref, $course_int_id, $courseid, TOOL_LINK, $link_id, $did ); Database :: query($sql); } } unset ($urllink, $title, $description, $selectcategory); Display :: display_confirmation_message(get_lang('LinkAdded')); } } elseif ($type == 'category') { $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY); $category_title = trim($_POST['category_title']); $description = trim($_POST['description']); if (empty($category_title)) { $msgErr = get_lang('GiveCategoryName'); Display :: display_error_message(get_lang('GiveCategoryName')); $ok = false; } else { // Looking for the largest order number for this category. $result = Database :: query( "SELECT MAX(display_order) FROM " . $tbl_categories . " WHERE c_id = $course_id " ); list ($orderMax) = Database :: fetch_row($result); $order = $orderMax + 1; $order = intval($order); $session_id = api_get_session_id(); $sql = "INSERT INTO " . $tbl_categories . " (c_id, category_title, description, display_order, session_id) VALUES (" . $course_id . ", '" . Database::escape_string($category_title) . "', '" . Database::escape_string($description) . "', '$order', '$session_id' )"; Database :: query($sql); $linkId = Database :: insert_id(); if ($linkId) { // add link_category visibility // course ID is taken from context in api_set_default_visibility api_set_default_visibility($linkId, TOOL_LINK_CATEGORY); } $catlinkstatus = get_lang('CategoryAdded'); unset ($category_title, $description); Display :: display_confirmation_message(get_lang('CategoryAdded')); } } // "WHAT'S NEW" notification : update last tool Edit. if ($type == 'link') { global $_user; global $_course; global $nameTools; api_item_property_update( $_course, TOOL_LINK, $link_id, 'LinkAdded', $_user['user_id'] ); } return $ok; } /** * Used to delete a link or a category * @author Patrick Cool , Ghent University * @param int $id * @param string $type The type of item to delete * @return bool */ function deletelinkcategory($id, $type) { $courseInfo = api_get_course_info(); $tbl_link = Database :: get_course_table(TABLE_LINK); $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY); $course_id = api_get_course_int_id(); $id = intval($id); if (empty($id)) { return false; } $result = false; switch ($type) { case 'link': // -> Items are no longer physically deleted, // but the visibility is set to 2 (in item_property). // This will make a restore function possible for the platform administrator. $sql = "UPDATE $tbl_link SET on_homepage='0' WHERE c_id = $course_id AND id='" . $id . "'"; Database :: query($sql); api_item_property_update( $courseInfo, TOOL_LINK, $id, 'delete', api_get_user_id() ); delete_link_from_search_engine(api_get_course_id(), $id); Display :: display_confirmation_message(get_lang('LinkDeleted')); $result = true; break; case 'category': // First we delete the category itself and afterwards all the links of this category. $sql = "DELETE FROM " . $tbl_categories . " WHERE c_id = $course_id AND id='" . $id. "'"; Database :: query($sql); $sql = "DELETE FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id='" . $id . "'"; Database :: query($sql); api_item_property_update( $courseInfo, TOOL_LINK_CATEGORY, $id, 'delete', api_get_user_id() ); Display :: display_confirmation_message( get_lang('CategoryDeleted') ); $result = true; break; } return $result; } /** * Removes a link from search engine database * @param string $course_id Course code * @param int $link_id Document id to delete * @return void */ function delete_link_from_search_engine($course_id, $link_id) { // Remove from search engine if enabled. if (api_get_setting('search_enabled') == 'true') { $tbl_se_ref = Database :: get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF); $sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1'; $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id); $res = Database :: query($sql); if (Database :: num_rows($res) > 0) { $row = Database :: fetch_array($res); require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php'; $di = new ChamiloIndexer(); $di->remove_document((int)$row['search_did']); } $sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1'; $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id); Database :: query($sql); // Remove terms from db. require_once(api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php'); delete_all_values_for_item($course_id, TOOL_DOCUMENT, $link_id); } } /** * * Get link info * @param int link id * @return array link info * **/ function get_link_info($id) { $tbl_link = Database :: get_course_table(TABLE_LINK); $course_id = api_get_course_int_id(); $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($id) . "' "; $result = Database::query($sql); $data = array(); if (Database::num_rows($result)) { $data = Database::fetch_array($result); } return $data; } /** * Used to edit a link or a category * @todo Rewrite the whole links tool because it is becoming completely cluttered, * code does not follow the coding conventions, does not use html_quickform, ... * Some features were patched in. * @author Patrick Cool , Ghent University * @todo replace the globals with the appropriate $_POST or $_GET values */ function editlinkcategory($type) { global $catlinkstatus; global $id; global $submit_link; global $submit_category; global $_user; global $_course; global $nameTools; global $urllink; global $title; global $description; global $category; global $selectcategory; global $description; global $category_title; global $onhomepage; global $target_link; $tbl_link = Database :: get_course_table(TABLE_LINK); $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY); $course_id = api_get_course_int_id(); if ($type == 'link') { // This is used to populate the link-form with the info found in the database. if (!empty ($_GET['id'])) { $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'"; $result = Database :: query($sql); if ($myrow = Database :: fetch_array($result)) { $urllink = $myrow['url']; $title = $myrow['title']; $description = $myrow['description']; $category = $myrow['category_id']; if ($myrow['on_homepage'] != 0) { $onhomepage = 'checked'; } $target_link = $myrow['target']; } } // This is used to put the modified info of the link-form into the database. if ($_POST['submitLink']) { // Ivan, 13-OCT-2010: It is a litle bit messy code below, just in case I added some extra-security checks here. $_POST['urllink'] = trim($_POST['urllink']); $_POST['title'] = trim(Security :: remove_XSS($_POST['title'])); $_POST['description'] = trim( Security :: remove_XSS($_POST['description']) ); $_POST['selectcategory'] = intval($_POST['selectcategory']); $_POST['id'] = intval($_POST['id']); // We ensure URL to be absolute. if (strpos($_POST['urllink'], '://') === false) { $_POST['urllink'] = 'http://' . $_POST['urllink']; } // If the title is empty, we use the URL as title. if ($_POST['title'] == '') { $_POST['title'] = $_POST['urllink']; } // If the URL is invalid, an error occurs. if (!api_valid_url($urllink, true)) { // A check against an absolute URL. $msgErr = get_lang('GiveURL'); Display :: display_error_message(get_lang('GiveURL')); return false; } $onhomepage = Security :: remove_XSS($_POST['onhomepage']); $target = Database::escape_string($_POST['target_link']); if (empty ($mytarget)) { $mytarget = '_self'; } $mytarget = ", target='" . $target . "'"; // Finding the old category_id. $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($_POST['id']) . "'"; $result = Database :: query($sql); $row = Database :: fetch_array($result); $category_id = $row['category_id']; if ($category_id != $_POST['selectcategory']) { $sql = "SELECT MAX(display_order) FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id='" . intval($_POST['selectcategory']) . "'"; $result = Database :: query($sql); list ($max_display_order) = Database :: fetch_row($result); $max_display_order++; } else { $max_display_order = $row['display_order']; } $sql = "UPDATE " . $tbl_link . " SET " . "url='" . Database :: escape_string($_POST['urllink']) . "', " . "title='" . Database :: escape_string($_POST['title']) . "', " . "description='" . Database :: escape_string($_POST['description']) . "', " . "category_id='" . Database :: escape_string($_POST['selectcategory']) . "', " . "display_order='" . $max_display_order . "', " . "on_homepage= '" . Database :: escape_string($onhomepage) ."' $mytarget " . " WHERE c_id = $course_id AND id='" . intval($_POST['id']) . "'"; Database :: query($sql); // Update search enchine and its values table if enabled. if (api_get_setting('search_enabled') == 'true') { $link_id = intval($_POST['id']); $course_int_id = api_get_course_int_id(); $course_id = api_get_course_id(); $link_url = Database :: escape_string($_POST['urllink']); $link_title = Database :: escape_string($_POST['title']); $link_description = Database :: escape_string( $_POST['description'] ); // Actually, it consists on delete terms from db, insert new ones, create a new search engine document, and remove the old one. // Get search_did. $tbl_se_ref = Database :: get_main_table( TABLE_MAIN_SEARCH_ENGINE_REF ); $sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1'; $sql = sprintf( $sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id ); $res = Database :: query($sql); if (Database :: num_rows($res) > 0) { require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php'; require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php'; require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php'; $se_ref = Database :: fetch_array($res); $specific_fields = get_specific_field_list(); $ic_slide = new IndexableChunk(); $all_specific_terms = ''; foreach ($specific_fields as $specific_field) { delete_all_specific_field_value( $course_id, $specific_field['id'], TOOL_LINK, $link_id ); if (isset ($_REQUEST[$specific_field['code']])) { $sterms = trim($_REQUEST[$specific_field['code']]); if (!empty ($sterms)) { $all_specific_terms .= ' ' . $sterms; $sterms = explode(',', $sterms); foreach ($sterms as $sterm) { $ic_slide->addTerm( trim($sterm), $specific_field['code'] ); add_specific_field_value( $specific_field['id'], $course_id, TOOL_LINK, $link_id, $sterm ); } } } } // Build the chunk to index. $ic_slide->addValue("title", $link_title); $ic_slide->addCourseId($course_id); $ic_slide->addToolId(TOOL_LINK); $xapian_data = array( SE_COURSE_ID => $course_id, SE_TOOL_ID => TOOL_LINK, SE_DATA => array( 'link_id' => (int)$link_id ), SE_USER => (int)api_get_user_id(), ); $ic_slide->xapian_data = serialize($xapian_data); $link_description = $all_specific_terms . ' ' . $link_description; $ic_slide->addValue('content', $link_description); // Add category name if set. if (isset ($_POST['selectcategory']) && $selectcategory > 0) { $table_link_category = Database :: get_course_table( TABLE_LINK_CATEGORY ); $sql_cat = 'SELECT * FROM %s WHERE id=%d and c_id = %d LIMIT 1'; $sql_cat = sprintf( $sql_cat, $table_link_category, (int)$selectcategory, $course_int_id ); $result = Database :: query($sql_cat); if (Database :: num_rows($result) == 1) { $row = Database :: fetch_array($result); $ic_slide->addValue( 'category', $row['category_title'] ); } } $di = new ChamiloIndexer(); isset ($_POST['language']) ? $lang = Database :: escape_string( $_POST['language'] ) : $lang = 'english'; $di->connectDb(null, null, $lang); $di->remove_document((int)$se_ref['search_did']); $di->addChunk($ic_slide); // Index and return search engine document id. $did = $di->index(); if ($did) { // Save it to db. $sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=\'%s\''; $sql = sprintf( $sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id ); Database :: query($sql); $sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did) VALUES (NULL , \'%s\', \'%s\', %s, %s)'; $sql = sprintf( $sql, $tbl_se_ref, $course_int_id, $course_id, TOOL_LINK, $link_id, $did ); Database :: query($sql); } } } // "WHAT'S NEW" notification: update table last_toolEdit. api_item_property_update( $_course, TOOL_LINK, $_POST['id'], 'LinkUpdated', $_user['user_id'] ); Display :: display_confirmation_message(get_lang('LinkModded')); } } if ($type == 'category') { // This is used to populate the category-form with the info found in the database. if (!$submit_category) { $sql = "SELECT * FROM " . $tbl_categories . " WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'"; $result = Database :: query($sql); if ($myrow = Database :: fetch_array($result)) { $category_title = $myrow['category_title']; $description = $myrow['description']; } } // This is used to put the modified info of the category-form into the database. if ($submit_category) { $sql = "UPDATE " . $tbl_categories . " SET category_title='" . Database :: escape_string($_POST['category_title']) . "', description='" . Database :: escape_string($_POST['description']) . "' WHERE c_id = $course_id AND id='" . Database :: escape_string($_POST['id']) . "'"; Database :: query($sql); Display :: display_confirmation_message(get_lang('CategoryModded')); } } return true; // On errors before this statement, exit from this function by returning false value. } /** * Creates a correct $view for in the URL * @author Patrick Cool , Ghent University */ function makedefaultviewcode($locatie) { global $aantalcategories, $view; for ($j = 0; $j <= $aantalcategories - 1; $j++) { $view[$j] = 0; } $view[intval($locatie)] = '1'; } /** * Changes the visibility of a link * @todo add the changing of the visibility of a course * @author Patrick Cool , Ghent University */ function change_visibility_link($id, $scope) { $_course = api_get_course_info(); $_user = api_get_user_info(); if ($scope == TOOL_LINK) { api_item_property_update( $_course, TOOL_LINK, $id, $_GET['action'], $_user['user_id'] ); Display :: display_confirmation_message(get_lang('VisibilityChanged')); } elseif ($scope == TOOL_LINK_CATEGORY) { api_item_property_update( $_course, TOOL_LINK_CATEGORY, $id, $_GET['action'], $_user['user_id'] ); Display :: display_confirmation_message(get_lang('VisibilityChanged')); } } /** * Generate SQL to select all the links categories in the current course and * session * @param int $courseId * @param int $sessionId * @return resource */ function getLinkCategories($courseId, $sessionId) { $tblLinkCategory = Database :: get_course_table(TABLE_LINK_CATEGORY); $tblItemProperty = Database :: get_course_table(TABLE_ITEM_PROPERTY); $courseId = intval($courseId); // Condition for the session. $sessionCondition = api_get_session_condition($sessionId, true, true); // Getting links $sql = "SELECT *, linkcat.id FROM $tblLinkCategory linkcat WHERE linkcat.c_id = " . $courseId." $sessionCondition ORDER BY linkcat.display_order DESC"; $result = Database::query($sql); $categories = Database::store_result($result); $sql = "SELECT *, linkcat.id FROM $tblLinkCategory linkcat INNER JOIN $tblItemProperty itemproperties ON (linkcat.id = itemproperties.ref AND linkcat.c_id = itemproperties.c_id) WHERE itemproperties.tool = '" . TOOL_LINK_CATEGORY . "' AND (itemproperties.visibility = '0' OR itemproperties.visibility = '1') $sessionCondition AND linkcat.c_id = " . $courseId . " ORDER BY linkcat.display_order DESC"; $result = Database::query($sql); $categoryInItemProperty = array(); if (Database::num_rows($result)) { while ($row = Database::fetch_array($result, 'ASSOC')) { $categoryInItemProperty[$row['id']] = $row; } } foreach ($categories as & $category) { if (!isset($categoryInItemProperty[$category['id']])) { api_set_default_visibility($category['id'], TOOL_LINK_CATEGORY); } } $sql = "SELECT DISTINCT linkcat.*, visibility FROM $tblLinkCategory linkcat INNER JOIN $tblItemProperty itemproperties ON (linkcat.id = itemproperties.ref AND linkcat.c_id = itemproperties.c_id) WHERE itemproperties.tool = '" . TOOL_LINK_CATEGORY . "' AND (itemproperties.visibility = '0' OR itemproperties.visibility = '1') $sessionCondition AND linkcat.c_id = " . $courseId . " GROUP BY c_id, id ORDER BY linkcat.display_order DESC "; $result = Database::query($sql); return Database::store_result($result, 'ASSOC'); } /** * Displays all the links of a given category. * @author Patrick Cool , Ghent University */ function showlinksofcategory($catid) { global $urlview, $up, $down, $_user, $token; $tbl_link = Database :: get_course_table(TABLE_LINK); $TABLE_ITEM_PROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY); // Condition for the session. $session_id = api_get_session_id(); $catid = intval($catid); $course_id = api_get_course_int_id(); $courseInfo = api_get_course_info(); if (empty($session_id)) { $visibleCondition = " ( (id_session = 0 OR id_session IS NULL) AND (itemproperties.visibility = '0' OR itemproperties.visibility = '1') ) "; } else { $visibleCondition = " (( (id_session = 0 OR id_session is NULL) AND itemproperties.visibility = '1') OR "; $visibleCondition .= " ( id_session = $session_id AND (itemproperties.visibility = '0' OR itemproperties.visibility = '1') )) "; } $sql = "SELECT DISTINCT link.id, url, title, target, description, id_session as session_id FROM $tbl_link link INNER JOIN $TABLE_ITEM_PROPERTY itemproperties ON (link.id = itemproperties.ref AND link.c_id = itemproperties.c_id) WHERE itemproperties.tool = '" . TOOL_LINK . "' AND link.category_id = '" . $catid . "' AND link.c_id = $course_id AND itemproperties.c_id = $course_id AND $visibleCondition ORDER BY link.display_order"; $result = Database :: query($sql); $numberoflinks = Database :: num_rows($result); if ($numberoflinks > 0) { echo ''; $i = 1; while ($myrow = Database :: fetch_array($result)) { // Validation when belongs to a session. $session_img = null; $css_class = $i % 2 == 0 ? $css_class = 'row_odd' : $css_class = 'row_even'; $visibility = api_get_item_visibility( $courseInfo, TOOL_LINK, $myrow['id'], 0 ); if ($visibility == -1) { if (!empty($session_id)) { $visibility = api_get_item_visibility( $courseInfo, TOOL_LINK, $myrow['id'], $session_id ); if ($visibility != -1) { $session_img = api_get_session_image( $session_id, $_user['status'] ); } } } else { if (!empty($session_id)) { if ($visibility == 0) { continue; } $visibility = api_get_item_visibility( $courseInfo, TOOL_LINK, $myrow['id'], $session_id ); } } $link_validator = ''; if (api_is_allowed_to_edit(null, true)) { $link_validator = '' . Display::url( Display::return_icon( 'preview_view.png', get_lang('CheckURL'), array(), 16 ), '#', array( 'onclick' => "check_url('" . $myrow['id'] . "', '" . addslashes( $myrow['url'] ) . "');" ) ); $link_validator .= Display::span( '', array('id' => 'url_id_' . $myrow['id']) ); } if ($visibility == '1') { echo ''; echo ''; echo ''; } echo ''; $i++; } echo '

'; echo '	'; echo Security :: remove_XSS($myrow['title']); echo ''; echo $link_validator; echo $session_img; echo ' ' . $myrow['description']; } else { if (api_is_allowed_to_edit(null, true)) { echo '
'; echo Display :: return_icon( 'link_na.gif', get_lang('Link') ), ''; echo '	'; echo Security :: remove_XSS($myrow['url']); echo ""; echo $link_validator; echo $session_img, ' ', $myrow['title']; } } if (api_is_allowed_to_edit(null, true)) { echo '	'; if ($session_id == $myrow['session_id']) { echo '' . Display :: return_icon( 'edit.png', get_lang('Modify'), array(), ICON_SIZE_SMALL ) . ''; // DISPLAY MOVE UP COMMAND only if it is not the top link. /* commented at least since 2014-10-11 if ($i != 1) { echo '' . Display :: return_icon('up.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . '', "\n"; } else { echo Display :: return_icon('up_na.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . ''; } // DISPLAY MOVE DOWN COMMAND only if it is not the bottom link. if ($i < $numberoflinks) { echo '' . Display :: return_icon('down.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '', "\n"; } else { echo Display :: return_icon('down_na.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '', "\n"; }*/ if ($visibility == '1') { echo '' . Display :: return_icon( 'visible.png', get_lang('Hide'), array(), ICON_SIZE_SMALL ) . ''; } if ($visibility == '0') { echo ' ' . Display :: return_icon( 'invisible.png', get_lang('Show'), array(), ICON_SIZE_SMALL ) . ''; } echo ' ' . Display :: return_icon( 'delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL ) . ''; } else { echo Display :: return_icon( 'edit_na.png', get_lang('EditionNotAvailableFromSession'), array(), ICON_SIZE_SMALL ); if ($visibility == '1') { echo ''. Display:: return_icon( 'visible.png', get_lang('Hide'), array(), ICON_SIZE_SMALL ).''; } if ($visibility== '0') { echo ' '. Display:: return_icon( 'invisible.png', get_lang('Show'), array(), ICON_SIZE_SMALL ).''; } } echo '

'; } } /** * Displays the edit, delete and move icons * @param int Category ID * @return void * @author Patrick Cool , Ghent University */ function showcategoryadmintools($categoryid) { global $urlview, $aantalcategories, $catcounter, $token; echo '' . Display :: return_icon( 'edit.png', get_lang('Modify'), array(), ICON_SIZE_SMALL ) . ''; // DISPLAY MOVE UP COMMAND only if it is not the top link. if ($catcounter != 1) { echo '' . Display :: return_icon( 'up.png', get_lang('Up'), array(), ICON_SIZE_SMALL ) . ''; } else { echo Display :: return_icon( 'up_na.png', get_lang('Up'), array(), ICON_SIZE_SMALL ) . ''; } // DISPLAY MOVE DOWN COMMAND only if it is not the bottom link. if ($catcounter < $aantalcategories) { echo ' ' . Display :: return_icon( 'down.png', get_lang('Down'), array(), ICON_SIZE_SMALL ) . ''; } else { echo Display :: return_icon('down_na.png', get_lang('Down'), array(), ICON_SIZE_SMALL) . ''; } echo '", Display :: return_icon( 'delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL ) . ''; $catcounter++; } /** * move a link or a linkcategory up or down * @param int Category ID * @param int Course ID * @param int Session ID * @author Patrick Cool , Ghent University * @todo support sessions */ function movecatlink($catlinkid, $courseId = null, $sessionId = null) { global $catmove; global $up; global $down; $tbl_link = Database :: get_course_table(TABLE_LINK); $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY); if (is_null($courseId)) { $courseId = api_get_course_int_id(); } $courseId = intval($courseId); if (is_null($sessionId)) { $sessionId = api_get_session_id(); } $sessionId = intval($sessionId); if (!empty ($down)) { $thiscatlinkId = intval($down); $sortDirection = 'DESC'; } if (!empty ($up)) { $thiscatlinkId = intval($up); $sortDirection = 'ASC'; } // We check if it is a category we are moving or a link. // If it is a category, a querystring catmove = true is present in the url. if ($catmove == 'true') { $movetable = $tbl_categories; $catid = $catlinkid; } else { $movetable = $tbl_link; // Getting the category of the link. if (!empty ($thiscatlinkId)) { $sql = "SELECT category_id FROM " . $movetable . " WHERE c_id = $courseId AND id='$thiscatlinkId'"; $result = Database :: query($sql); $catid = Database :: fetch_array($result); } } // This code is copied and modified from announcements.php. if (!empty($sortDirection)) { if (!in_array(trim(strtoupper($sortDirection)), array('ASC', 'DESC'))) { $sortDirection = 'ASC'; } if ($catmove == 'true') { $sqlcatlinks = "SELECT id, display_order FROM " . $movetable . " WHERE c_id = $courseId ORDER BY display_order $sortDirection"; } else { $sqlcatlinks = "SELECT id, display_order FROM " . $movetable . " WHERE c_id = $courseId AND category_id='" . $catid[0] . "' ORDER BY display_order $sortDirection"; } $linkresult = Database :: query($sqlcatlinks); $thislinkOrder = 1; while ($sortrow = Database :: fetch_array($linkresult)) { // STEP 2 : FOUND THE NEXT LINK ID AND ORDER, COMMIT SWAP // This part seems unlogic, but it isn't . We first look for the current link with the querystring ID // and we know the next iteration of the while loop is the next one. These should be swapped. if (isset ($thislinkFound) && $thislinkFound) { $nextlinkId = $sortrow['id']; $nextlinkOrder = $sortrow['display_order']; Database :: query( "UPDATE " . $movetable . " SET display_order = '$nextlinkOrder' WHERE c_id = $courseId AND id = '$thiscatlinkId'" ); Database :: query( "UPDATE " . $movetable . " SET display_order = '$thislinkOrder' WHERE c_id = $courseId AND id = '$nextlinkId'" ); break; } if ($sortrow['id'] == $thiscatlinkId) { $thislinkOrder = $sortrow['display_order']; $thislinkFound = true; } } } Display :: display_confirmation_message(get_lang('LinkMoved')); } /** * CSV file import functions * @author René Haentjens , Ghent University */ function get_cat($catname) { // Get category id (existing or make new). $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY); $course_id = api_get_course_int_id(); $result = Database :: query( "SELECT id FROM " . $tbl_categories . " WHERE c_id = $course_id AND category_title='" . Database::escape_string( $catname ) . "'" ); if (Database :: num_rows($result) >= 1 && ($row = Database :: fetch_array($result))) { return $row['id']; // Several categories with same name: take the first. } $result = Database :: query( "SELECT MAX(display_order) FROM " . $tbl_categories . " WHERE c_id = $course_id " ); list ($max_order) = Database :: fetch_row($result); Database :: query( "INSERT INTO " . $tbl_categories . " (c_id, category_title, description, display_order) VALUES (" . $course_id . ", '" . Database::escape_string($catname) . "','','" . ($max_order + 1) . "')" ); return Database :: insert_id(); } /** * CSV file import functions * @author René Haentjens , Ghent University */ function put_link($url, $cat, $title, $description, $on_homepage, $hidden) { $tbl_link = Database :: get_course_table(TABLE_LINK); $course_id = api_get_course_int_id(); $urleq = "url='" . Database :: escape_string($url) . "'"; $cateq = "category_id=" . intval($cat); $result = Database :: query( "SELECT id FROM $tbl_link WHERE c_id = $course_id AND " . $urleq . ' AND ' . $cateq ); if (Database :: num_rows($result) >= 1 && ($row = Database :: fetch_array($result))) { Database :: query( "UPDATE $tbl_link set title='" . Database :: escape_string( $title ) . "', description='" . Database :: escape_string($description) . "' WHERE c_id = $course_id AND id='" . Database :: escape_string( $row['id'] ) . "'" ); $ipu = 'LinkUpdated'; $rv = 1; // 1 = upd } else { // Add new link $result = Database :: query( "SELECT MAX(display_order) FROM $tbl_link WHERE c_id = $course_id AND category_id='" . intval( $cat ) . "'" ); list ($max_order) = Database :: fetch_row($result); Database :: query( "INSERT INTO $tbl_link (c_id, url, title, description, category_id, display_order, on_homepage) VALUES (" . api_get_course_int_id() . ", '" . Database :: escape_string($url) . "', '" . Database :: escape_string($title) . "', '" . Database :: escape_string($description) . "', '" . intval($cat) . "','" . (intval($max_order) + 1) . "', '" . intval($on_homepage) . "')" ); $id = Database :: insert_id(); $ipu = 'LinkAdded'; $rv = 2; // 2 = new } global $_course, $nameTools, $_user; api_item_property_update($_course, TOOL_LINK, $id, $ipu, $_user['user_id']); if ($hidden && $ipu == 'LinkAdded') { api_item_property_update( $_course, TOOL_LINK, $id, 'invisible', $_user['user_id'] ); } return $rv; } /** * CSV file import functions * @author René Haentjens , Ghent University */ function import_link($linkdata) { // url, category_id, title, description, ... // Field names used in the uploaded file $known_fields = array( 'url', 'category', 'title', 'description', 'on_homepage', 'hidden' ); $hide_fields = array( 'kw', 'kwd', 'kwds', 'keyword', 'keywords' ); // All other fields are added to description, as "name:value". // Only one hide_field is assumed to be present, <> is removed from value. if (!($url = trim($linkdata['url'])) || !($title = trim($linkdata['title'])) ) { return 0; // 0 = fail } $cat = ($catname = trim($linkdata['category'])) ? get_cat($catname) : 0; $regs = array(); // Will be passed to ereg() $d = ''; foreach ($linkdata as $key => $value) { if (!in_array($key, $known_fields)) { if (in_array($key, $hide_fields) && ereg('^]*)>?$', $value, $regs)) { // possibly in <...> if (($kwlist = trim($regs[1])) != '') { $kw = ''; } else { $kw = ''; } // i.e. assume only one of the $hide_fields will be present // and if found, hide the value as expando property of an tag }elseif (trim($value)) { $d .= ', ' . $key . ':' . $value; } } } if (!empty($d)) { $d = substr($d, 2) . ' - '; } return put_link( $url, $cat, $title, $kw . ereg_replace( '\[((/?(b|big|i|small|sub|sup|u))|br/)\]', '<\\1>', htmlspecialchars($d . $linkdata['description']) ) . ($kw ? '' : ''), $linkdata['on_homepage'] ? '1' : '0', $linkdata['hidden'] ? '1' : '0' ); // i.e. allow some BBcode tags, e.g. [b]...[/b] } /** * CSV file import functions * @author René Haentjens , Ghent University */ function import_csvfile() { global $catlinkstatus; // Feedback message to user. if (is_uploaded_file($filespec = $_FILES['import_file']['tmp_name']) && filesize($filespec) && ($myFile = @ fopen($filespec, 'r')) ) { // read first line of file (column names) and find ',' or ';' $listsep = strpos( $colnames = trim(fgets($myFile)), ',' ) !== false ? ',' : (strpos($colnames, ';') !== false ? ';' : ''); if ($listsep) { $columns = array_map('strtolower', explode($listsep, $colnames)); if (in_array('url', $columns) && in_array('title', $columns)) { $stats = array( 0, 0, 0 ); // fails, updates, inserts while (($data = api_fgetcsv($myFile, null, $listsep))) { // foreach ($data as $i => & $text) { $linkdata[$columns[$i]] = $text; } $stats[import_link($linkdata)]++; unset ($linkdata); } $catlinkstatus = ''; if ($stats[0]) { $catlinkstatus .= $stats[0] . ' ' . get_lang('CsvLinesFailed'); } if ($stats[1]) { $catlinkstatus .= $stats[1] . ' ' . get_lang('CsvLinesOld'); } if ($stats[2]) { $catlinkstatus .= $stats[2] . ' ' . get_lang('CsvLinesNew'); } } else { $catlinkstatus = get_lang('CsvFileNoURL') . ($colnames ? get_lang('CsvFileLine1') . htmlspecialchars(substr($colnames, 0, 200)) . '...' : ''); } } else { $catlinkstatus = get_lang('CsvFileNoSeps') . ($colnames ? get_lang('CsvFileLine1') . htmlspecialchars(substr($colnames, 0, 200)) . '...' : ''); } fclose($myFile); } else { $catlinkstatus = get_lang('CsvFileNotFound'); } } /** * This function checks if the url is a vimeo link * @author Julio Montoya * @version 1.0 */ function isVimeoLink($url) { $isLink = strrpos($url, "vimeo.com"); return $isLink; } /** * Get vimeo id from URL * @param string $url * @return bool|mixed */ function getVimeoLinkId($url) { $possibleUrls = array( 'http://www.vimeo.com/', 'http://vimeo.com/', 'https://www.vimeo.com/', 'https://vimeo.com/' ); $url = str_replace($possibleUrls, '', $url); if (is_numeric($url)) { return $url; } return false; } /** * This function checks if the url is a youtube link * @author Jorge Frisancho * @author Julio Montoya - Fixing code * @version 1.0 */ function is_youtube_link($url) { $is_youtube_link = strrpos($url, "youtube") || strrpos($url, "youtu.be"); return $is_youtube_link; } /** * Get youtube id from an URL * @param string $url * @return string */ function get_youtube_video_id($url) { // This is the length of YouTube's video IDs $len = 11; // The ID string starts after "v=", which is usually right after // "youtube.com/watch?" in the URL $pos = strpos($url, "v="); $id = ''; //If false try other options if ($pos === false) { $url_parsed = parse_url($url); //Youtube shortener //http://youtu.be/ID $pos = strpos($url, "youtu.be"); if ($pos == false) { $id = ''; } else { return substr($url_parsed['path'], 1); } //if empty try the youtube.com/embed/ID if (empty($id)) { $pos = strpos($url, "embed"); if ($pos === false) { return ''; } else { return substr($url_parsed['path'], 7); } } } else { // Offset the start location to match the beginning of the ID string $pos += 2; // Get the ID string and return it $id = substr($url, $pos, $len); return $id; } }