* @author Julio Montoya - Cleaning code */ class Blog { /** * Get the title of a blog * @author Toon Keppens * * @param int $blog_id * * @return String Blog Title */ public static function get_blog_title ($blog_id) { $course_id = api_get_course_int_id(); if (is_numeric($blog_id)) { $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $sql = "SELECT blog_name FROM " . $tbl_blogs . " WHERE c_id = $course_id AND blog_id = " . intval($blog_id); $result = Database::query($sql); $blog = Database::fetch_array($result); return stripslashes($blog['blog_name']); } } /** * Get the description of a blog * @author Toon Keppens * * @param Integer $blog_id * * @return String Blog description */ public static function get_blog_subtitle($blog_id) { $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $course_id = api_get_course_int_id(); $sql = "SELECT blog_subtitle FROM $tbl_blogs WHERE c_id = $course_id AND blog_id ='".intval($blog_id)."'"; $result = Database::query($sql); $blog = Database::fetch_array($result); return stripslashes($blog['blog_subtitle']); } /** * Get the users of a blog * @author Toon Keppens * * @param Integer $blog_id * * @return Array Returns an array with [userid]=>[username] */ public static function get_blog_users($blog_id) { // Database table definitions $tbl_users = Database::get_main_table(TABLE_MAIN_USER); $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER); $course_id = api_get_course_int_id(); // Get blog members $sql = "SELECT user.user_id, user.firstname, user.lastname FROM " . $tbl_blogs_rel_user . " blogs_rel_user INNER JOIN " . $tbl_users . " user ON blogs_rel_user.user_id = user.user_id WHERE blogs_rel_user.c_id = $course_id AND blogs_rel_user.blog_id = '" . (int)$blog_id."'"; $result = Database::query($sql); $blog_members = array (); while($user = Database::fetch_array($result)) { $blog_members[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']); } return $blog_members; } /** * Creates a new blog in the given course * @author Toon Keppens * @param int $course_id Id * @param string $title * @param Text $description */ public static function create_blog($title, $subtitle) { $_user = api_get_user_info(); $course_id = api_get_course_int_id(); $current_date=date('Y-m-d H:i:s',time()); $session_id = api_get_session_id(); // Tabel definitions $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); //verified if exist blog $sql = 'SELECT COUNT(*) as count FROM '.$tbl_blogs.' WHERE c_id = '.$course_id.' AND blog_name="'.Database::escape_string($title).'" AND blog_subtitle="'.Database::escape_string($subtitle).'"'; $res = Database::query($sql); $info_count = Database::result($res, 0, 0); if ($info_count == 0) { // Create the blog $params = [ 'blog_id' => 0, 'c_id' => $course_id, 'blog_name' => $title, 'blog_subtitle' => $subtitle, 'date_creation' => $current_date, 'visibility' => 1 , 'session_id' => $session_id, ]; $this_blog_id = Database::insert($tbl_blogs, $params); if ($this_blog_id > 0) { $sql = "UPDATE $tbl_blogs SET blog_id = iid WHERE iid = $this_blog_id"; Database::query($sql); // insert into item_property api_item_property_update( api_get_course_info(), TOOL_BLOGS, $this_blog_id, 'BlogAdded', api_get_user_id() ); } // Make first post. :) $params = [ 'post_id' => 0, 'c_id' => $course_id, 'title' => get_lang("Welcome"), 'full_text' => get_lang('FirstPostText'), 'date_creation' => $current_date, 'blog_id' => $this_blog_id, 'author_id' => $_user['user_id'], ]; $postId = Database::insert($tbl_blogs_posts, $params); if ($postId) { $sql = "UPDATE $tbl_blogs_posts SET post_id = iid WHERE iid = $postId"; Database::query($sql); } // Put it on course homepage $sql = "INSERT INTO $tbl_tool (c_id, name, link, image, visibility, admin, address, added_tool, session_id, target) VALUES ($course_id, '".Database::escape_string($title)."','blog/blog.php?blog_id=".(int)$this_blog_id."','blog.gif','1','0','pastillegris.gif',0,'$session_id', '')"; Database::query($sql); $toolId = Database::insert_id(); if ($toolId) { $sql = "UPDATE $tbl_tool SET id = iid WHERE iid = $toolId"; Database::query($sql); } // Subscribe the teacher to this blog Blog::set_user_subscribed($this_blog_id, $_user['user_id']); } } /** * Update title and subtitle of a blog in the given course * @author Toon Keppens * @param int $course_id Id * @param string $title * @param string $description */ public static function edit_blog($blog_id, $title, $subtitle) { // Table definitions $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $course_id = api_get_course_int_id(); // Update the blog $sql = "UPDATE $tbl_blogs SET blog_name = '".Database::escape_string($title)."', blog_subtitle = '".Database::escape_string($subtitle)."' WHERE c_id = $course_id AND blog_id ='".Database::escape_string((int)$blog_id)."' LIMIT 1"; Database::query($sql); //update item_property (update) api_item_property_update( api_get_course_info(), TOOL_BLOGS, intval($blog_id), 'BlogUpdated', api_get_user_id() ); // Update course homepage link $sql = "UPDATE $tbl_tool SET name = '".Database::escape_string($title)."' WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".(int)$blog_id."' LIMIT 1"; Database::query($sql); } /** * Deletes a blog and it's posts from the course database * @author Toon Keppens * @param Integer $blog_id */ public static function delete_blog($blog_id) { // Init $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $tbl_blogs_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $course_id = api_get_course_int_id(); $blog_id = intval($blog_id); // Delete posts from DB and the attachments delete_all_blog_attachment($blog_id); //Delete comments $sql = "DELETE FROM $tbl_blogs_comment WHERE c_id = $course_id AND blog_id ='".$blog_id."'"; Database::query($sql); // Delete posts $sql = "DELETE FROM $tbl_blogs_posts WHERE c_id = $course_id AND blog_id ='".$blog_id."'"; Database::query($sql); // Delete tasks $sql = "DELETE FROM $tbl_blogs_tasks WHERE c_id = $course_id AND blog_id ='".$blog_id."'"; Database::query($sql); // Delete ratings $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id ='".$blog_id."'"; Database::query($sql); // Delete blog $sql ="DELETE FROM $tbl_blogs WHERE c_id = $course_id AND blog_id ='".$blog_id."'"; Database::query($sql); // Delete from course homepage $sql = "DELETE FROM $tbl_tool WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".$blog_id."'"; Database::query($sql); //update item_property (delete) api_item_property_update( api_get_course_info(), TOOL_BLOGS, $blog_id, 'delete', api_get_user_id() ); } /** * Creates a new post in a given blog * @author Toon Keppens * @param String $title * @param String $full_text * @param Integer $blog_id */ public static function create_post($title, $full_text, $file_comment, $blog_id) { $_user = api_get_user_info(); $_course = api_get_course_info(); $course_id = $_course['real_id']; $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); $upload_ok=true; $has_attachment=false; $current_date = api_get_utc_datetime(); if (!empty($_FILES['user_upload']['name'])) { $upload_ok = process_uploaded_file($_FILES['user_upload']); $has_attachment=true; } if ($upload_ok) { // Table Definitions $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); // Create the post $sql = "INSERT INTO $tbl_blogs_posts (c_id, title, full_text, date_creation, blog_id, author_id ) VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string($full_text)."','".$current_date."', '".(int)$blog_id."', '".(int)$_user['user_id']."');"; Database::query($sql); $last_post_id = Database::insert_id(); if ($last_post_id) { $sql = "UPDATE $tbl_blogs_posts SET post_id = iid WHERE iid = $last_post_id"; Database::query($sql); } if ($has_attachment) { $courseDir = $_course['path'].'/upload/blog'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']); // user's file name $file_name = $_FILES['user_upload']['name']; if (!filter_extension($new_file_name)) { Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path = $updir.'/'.$new_file_name; $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); $comment = Database::escape_string($file_comment); // Storing the attachments if any if ($result) { $sql = 'INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size, blog_id,comment_id) '. "VALUES ($course_id, '".Database::escape_string($file_name)."', '".$comment."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".intval($_FILES['user_upload']['size'])."', '".$blog_id."', '0' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $blog_table_attachment SET id = iid WHERE iid = $id"; Database::query($sql); } } } } } else { Display::display_error_message(get_lang('UplNoFileUploaded')); } } /** * Edits a post in a given blog * @author Toon Keppens * @param Integer $blog_id * @param String $title * @param String $full_text * @param Integer $blog_id */ public static function edit_post($post_id, $title, $full_text, $blog_id) { $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $course_id = api_get_course_int_id(); // Create the post $sql = "UPDATE $tbl_blogs_posts SET title = '" . Database::escape_string($title)."', full_text = '" . Database::escape_string($full_text)."' WHERE c_id = $course_id AND post_id ='".(int)$post_id."' AND blog_id ='".(int)$blog_id."' LIMIT 1 "; Database::query($sql); } /** * Deletes an article and it's comments * @author Toon Keppens * @param int $blog_id * @param int $post_id */ public static function delete_post($blog_id, $post_id) { $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $course_id = api_get_course_int_id(); // Delete ratings on this comment $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND item_id = '".(int)$post_id."' AND rating_type = 'post'"; Database::query($sql); // Delete the post $sql = "DELETE FROM $tbl_blogs_posts WHERE c_id = $course_id AND post_id = '".(int)$post_id."'"; Database::query($sql); // Delete the comments $sql = "DELETE FROM $tbl_blogs_comments WHERE c_id = $course_id AND post_id = '".(int)$post_id."' AND blog_id = '".(int)$blog_id."'"; Database::query($sql); // Delete posts and attachments delete_all_blog_attachment($blog_id,$post_id); } /** * Creates a comment on a post in a given blog * @author Toon Keppens * @param String $title * @param String $full_text * @param Integer $blog_id * @param Integer $post_id * @param Integer $parent_id */ public static function create_comment($title, $full_text, $file_comment, $blog_id, $post_id, $parent_id, $task_id = 'NULL') { $_user = api_get_user_info(); $_course = api_get_course_info(); $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); $upload_ok = true; $has_attachment = false; $current_date = api_get_utc_datetime(); $course_id = api_get_course_int_id(); if (!empty($_FILES['user_upload']['name'])) { $upload_ok = process_uploaded_file($_FILES['user_upload']); $has_attachment=true; } if ($upload_ok) { // Table Definition $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); // Create the comment $sql = "INSERT INTO $tbl_blogs_comments (c_id, title, comment, author_id, date_creation, blog_id, post_id, parent_comment_id, task_id ) VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string($full_text)."', '".(int)$_user['user_id']."','".$current_date."', '".(int)$blog_id."', '".(int)$post_id."', '".(int)$parent_id."', '".(int)$task_id."')"; Database::query($sql); // Empty post values, or they are shown on the page again $last_id = Database::insert_id(); if ($last_id) { $sql = "UPDATE $tbl_blogs_comments SET comment_id = iid WHERE iid = $last_id"; Database::query($sql); } if ($has_attachment) { $courseDir = $_course['path'].'/upload/blog'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = add_ext_on_mime( stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type'] ); // user's file name $file_name =$_FILES['user_upload']['name']; if (!filter_extension($new_file_name)) { Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path=$updir.'/'.$new_file_name; $result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); $comment = Database::escape_string($file_comment); // Storing the attachments if any if ($result) { $sql='INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size,blog_id,comment_id) '. "VALUES ($course_id, '".Database::escape_string($file_name)."', '".$comment."', '".Database::escape_string($new_file_name)."' , '".$post_id."', '".$_FILES['user_upload']['size']."', '".$blog_id."', '".$last_id."' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $blog_table_attachment SET id = iid WHERE iid = $id"; Database::query($sql); } } } } } } /** * Deletes a comment from a blogpost * @author Toon Keppens * @param int $blog_id * @param int $comment_id */ public static function delete_comment($blog_id, $post_id, $comment_id) { $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $blog_id = intval($blog_id); $post_id = intval($post_id); $comment_id = intval($comment_id); $course_id = api_get_course_int_id(); delete_all_blog_attachment($blog_id, $post_id, $comment_id); // Delete ratings on this comment $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id = '".$blog_id."' AND item_id = '".$comment_id."' AND rating_type = 'comment'"; Database::query($sql); // select comments that have the selected comment as their parent $sql = "SELECT comment_id FROM $tbl_blogs_comments WHERE c_id = $course_id AND parent_comment_id = '".$comment_id."'"; $result = Database::query($sql); // Delete them recursively while ($comment = Database::fetch_array($result)) { Blog::delete_comment($blog_id,$post_id,$comment['comment_id']); } // Finally, delete the selected comment to $sql = "DELETE FROM $tbl_blogs_comments WHERE c_id = $course_id AND comment_id = '".$comment_id."'"; Database::query($sql); } /** * Creates a new task in a blog * @author Toon Keppens * @param Integer $blog_id * @param String $title * @param String $description * @param String $color */ public static function create_task($blog_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color) { $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); // Create the task $sql = "INSERT INTO $tbl_blogs_tasks (c_id, blog_id, title, description, color, system_task) VALUES ($course_id , '".(int)$blog_id."', '" . Database::escape_string($title)."', '" . Database::escape_string($description)."', '" . Database::escape_string($color)."', '0');"; Database::query($sql); $task_id = Database::insert_id(); if ($task_id) { $sql = "UPDATE $tbl_blogs_tasks SET task_id = iid WHERE iid = $task_id"; Database::query($sql); } $tool = 'BLOG_' . $blog_id; if ($articleDelete == 'on') { $sql = " INSERT INTO " . $tbl_tasks_permissions . " ( c_id, task_id, tool, action) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_delete' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } if ($articleEdit == 'on') { $sql = " INSERT INTO " . $tbl_tasks_permissions . " (c_id, task_id, tool, action ) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_edit' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } if ($commentsDelete == 'on') { $sql = " INSERT INTO " . $tbl_tasks_permissions . " (c_id, task_id, tool, action ) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_comments_delete' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } } /** * Edit a task in a blog * @author Toon Keppens * @param Integer $task_id * @param String $title * @param String $description * @param String $color */ public static function edit_task($blog_id, $task_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color) { $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); // Create the task $sql = "UPDATE $tbl_blogs_tasks SET title = '".Database::escape_string($title)."', description = '".Database::escape_string($description)."', color = '".Database::escape_string($color)."' WHERE c_id = $course_id AND task_id ='".(int)$task_id."' LIMIT 1"; Database::query($sql); $tool = 'BLOG_' . $blog_id; $sql = "DELETE FROM " . $tbl_tasks_permissions . " WHERE c_id = $course_id AND task_id = '" . (int)$task_id."'"; Database::query($sql); if ($articleDelete == 'on') { $sql = "INSERT INTO " . $tbl_tasks_permissions . " ( c_id, task_id, tool, action) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_delete' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } if ($articleEdit == 'on') { $sql = "INSERT INTO " . $tbl_tasks_permissions . " (c_id, task_id, tool, action) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_edit' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } if ($commentsDelete == 'on') { $sql = " INSERT INTO " . $tbl_tasks_permissions . " (c_id, task_id, tool, action) VALUES ( '" . (int)$course_id . "', '" . (int)$task_id . "', '" . Database::escape_string($tool) . "', 'article_comments_delete' )"; Database::query($sql); $id = Database::insert_id(); if ($id) { $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id"; Database::query($sql); } } } /** * Deletes a task from a blog * @param Integer $blog_id * @param Integer $task_id */ public static function delete_task($blog_id, $task_id) { $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $course_id = api_get_course_int_id(); // Delete posts $sql = "DELETE FROM $tbl_blogs_tasks WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND task_id = '".(int)$task_id."'"; Database::query($sql); } /** * Deletes an assigned task from a blog * @param Integer $blog_id * @param Integer $assignment_id */ public static function delete_assigned_task($blog_id, $task_id, $user_id) { $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER); $course_id = api_get_course_int_id(); // Delete posts $sql = "DELETE FROM $tbl_blogs_tasks_rel_user WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND task_id = '".(int)$task_id."' AND user_id = '".(int)$user_id."'"; Database::query($sql); } /** * Get personal task list * @author Toon Keppens * @return Returns an unsorted list () with the users' tasks */ public static function get_personal_task_list() { $_user = api_get_user_info(); $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER); $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $course_id = api_get_course_int_id(); if ($_user['user_id']) { $sql = "SELECT task_rel_user.*, task.title, blog.blog_name FROM $tbl_blogs_tasks_rel_user task_rel_user INNER JOIN $tbl_blogs_tasks task ON task_rel_user.task_id = task.task_id INNER JOIN $tbl_blogs blog ON task_rel_user.blog_id = blog.blog_id AND blog.blog_id = ".intval($_GET['blog_id'])." WHERE task.c_id = $course_id AND blog.c_id = $course_id AND task_rel_user.c_id = $course_id AND task_rel_user.user_id = ".(int)$_user['user_id']." ORDER BY target_date ASC"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { echo '