* @author Julio Montoya - Cleaning code * */ /** * Class * @package chamilo.blogs */ class Blog { /** * Get the title of a blog * @author Toon Keppens * * @param Integer $blog_id * * @return String Blog Title */ public static function get_blog_title($blog_id) { $course_id = api_get_course_int_id(); if (is_numeric($blog_id)) { // init $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $sql = "SELECT blog_name FROM ".$tbl_blogs." WHERE c_id = $course_id AND blog_id = ".intval($blog_id); $result = Database::query($sql); $blog = Database::fetch_array($result); return stripslashes($blog['blog_name']); } } /** * Get the description of a blog * @author Toon Keppens * * @param Integer $blog_id * * @return String Blog description */ public static function get_blog_subtitle($blog_id) { // init $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $course_id = api_get_course_int_id(); $sql = "SELECT blog_subtitle FROM $tbl_blogs WHERE c_id = $course_id AND blog_id ='".intval($blog_id)."'"; $result = Database::query($sql); $blog = Database::fetch_array($result); return stripslashes($blog['blog_subtitle']); } /** * Get the users of a blog * @author Toon Keppens * * @param Integer $blog_id * * @return Array Returns an array with [userid]=>[username] */ public static function get_blog_users($blog_id) { // Database table definitions $tbl_users = Database::get_main_table(TABLE_MAIN_USER); $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER); $course_id = api_get_course_int_id(); // Get blog members $sql = "SELECT user.user_id, user.firstname, user.lastname FROM ".$tbl_blogs_rel_user." blogs_rel_user INNER JOIN ".$tbl_users." user ON blogs_rel_user.user_id = user.user_id WHERE blogs_rel_user.c_id = $course_id AND blogs_rel_user.blog_id = '".(int)$blog_id."'"; $result = Database::query($sql); $blog_members = array(); while ($user = Database::fetch_array($result)) { $blog_members[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']); } return $blog_members; } /** * Creates a new blog in the given course * @author Toon Keppens * @param Integer $course_id Id * @param String $title * @param Text $description */ public static function create_blog($title, $subtitle) { global $_user; $course_id = api_get_course_int_id(); $current_date = date('Y-m-d H:i:s', time()); $session_id = api_get_session_id(); // Tabel definitions $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); //verified if exist blog $sql = 'SELECT COUNT(*) as count FROM '.$tbl_blogs.' WHERE c_id = '.$course_id.' AND blog_name="'.Database::escape_string( $title ).'" AND blog_subtitle="'.Database::escape_string($subtitle).'";'; $res = Database::query($sql); $info_count = Database::result($res, 0, 0); if ($info_count == 0) { // Create the blog $sql = "INSERT INTO $tbl_blogs (c_id, blog_name, blog_subtitle, date_creation, visibility, session_id ) VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string( $subtitle )."', '".$current_date."', '1', '$session_id');"; Database::query($sql); $this_blog_id = Database::insert_id(); if ($this_blog_id > 0) { //insert into item_property api_item_property_update( api_get_course_info(), TOOL_BLOGS, $this_blog_id, 'BlogAdded', api_get_user_id() ); } // Make first post. :) $sql = "INSERT INTO $tbl_blogs_posts (c_id, title, full_text, date_creation, blog_id, author_id ) VALUES ($course_id, '".get_lang("Welcome")."', '".get_lang( 'FirstPostText' )."','".$current_date."', '".Database::escape_string((int)$this_blog_id)."', '".Database::escape_string( (int)$_user['user_id'] )."');"; Database::query($sql); // Put it on course homepage $sql = "INSERT INTO $tbl_tool (c_id, name, link, image, visibility, admin, address, added_tool, session_id) VALUES ($course_id, '".Database::escape_string( $title )."','blog/blog.php?blog_id=".(int)$this_blog_id."','blog.gif','1','0','pastillegris.gif',0,'$session_id')"; Database::query($sql); // Subscribe the teacher to this blog Blog::set_user_subscribed((int)$this_blog_id, (int)$_user['user_id']); } } /** * Update title and subtitle of a blog in the given course * @author Toon Keppens * @param Integer $course_id Id * @param String $title * @param Text $description */ public static function edit_blog($blog_id, $title, $subtitle) { global $_user; // Table definitions $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $course_id = api_get_course_int_id(); // Update the blog $sql = "UPDATE $tbl_blogs SET blog_name = '".Database::escape_string( $title )."', blog_subtitle = '".Database::escape_string($subtitle)."' WHERE c_id = $course_id AND blog_id ='".Database::escape_string((int)$blog_id)."' LIMIT 1"; Database::query($sql); $this_blog_id = Database::insert_id(); //update item_property (update) api_item_property_update( api_get_course_info(), TOOL_BLOGS, Database::escape_string($blog_id), 'BlogUpdated', api_get_user_id() ); // Update course homepage link $sql = "UPDATE $tbl_tool SET name = '".Database::escape_string( $title )."' WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".Database::escape_string( (int)$blog_id )."' LIMIT 1"; Database::query($sql); } /** * Deletes a blog and it's posts from the course database * @author Toon Keppens * @param Integer $blog_id */ public static function delete_blog($blog_id) { // Init $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $tbl_blogs_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $tbl_blogs_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); $course_id = api_get_course_int_id(); // Delete posts from DB and the attachments delete_all_blog_attachment($blog_id); //Delete comments $sql = "DELETE FROM $tbl_blogs_comment WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."'"; Database::query($sql); // Delete posts $sql = "DELETE FROM $tbl_blogs_posts WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."'"; Database::query($sql); // Delete tasks $sql = "DELETE FROM $tbl_blogs_tasks WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."'"; Database::query($sql); // Delete ratings $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."'"; Database::query($sql); // Delete blog $sql = "DELETE FROM $tbl_blogs WHERE c_id = $course_id AND blog_id ='".(int)$blog_id."'"; Database::query($sql); // Delete from course homepage $sql = "DELETE FROM $tbl_tool WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".(int)$blog_id."'"; Database::query($sql); //update item_property (delete) api_item_property_update( api_get_course_info(), TOOL_BLOGS, Database::escape_string($blog_id), 'delete', api_get_user_id() ); } /** * Creates a new post in a given blog * @author Toon Keppens * @param String $title * @param String $full_text * @param Integer $blog_id */ public static function create_post($title, $full_text, $file_comment, $blog_id) { global $_user; $_course = api_get_course_info(); $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); $upload_ok = true; $has_attachment = false; $current_date = date('Y-m-d H:i:s', time()); $course_id = api_get_course_int_id(); if (!empty($_FILES['user_upload']['name'])) { $upload_ok = FileManager::process_uploaded_file($_FILES['user_upload']); $has_attachment = true; } if ($upload_ok) { // Table Definitions $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); // Create the post $sql = "INSERT INTO $tbl_blogs_posts (c_id, title, full_text, date_creation, blog_id, author_id ) VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string( $full_text )."','".$current_date."', '".(int)$blog_id."', '".(int)$_user['user_id']."');"; Database::query($sql); $last_post_id = Database::insert_id(); if ($has_attachment) { $courseDir = $_course['path'].'/upload/blog'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = FileManager::add_ext_on_mime( stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type'] ); // user's file name $file_name = $_FILES['user_upload']['name']; if (!FileManager::filter_extension($new_file_name)) { Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path = $updir.'/'.$new_file_name; $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); $comment = Database::escape_string($file_comment); // Storing the attachments if any if ($result) { $sql = 'INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size, blog_id,comment_id) '. "VALUES ($course_id, '".Database::escape_string($file_name)."', '".Database::escape_string( $comment )."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".intval( $_FILES['user_upload']['size'] )."', '".$blog_id."', '0' )"; $result = Database::query($sql); $message .= ' / '.get_lang('AttachmentUpload'); } } } } else { Display::display_error_message(get_lang('UplNoFileUploaded')); } } /** * Edits a post in a given blog * @author Toon Keppens * @param Integer $blog_id * @param String $title * @param String $full_text * @param Integer $blog_id */ public static function edit_post($post_id, $title, $full_text, $blog_id) { // Init $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $course_id = api_get_course_int_id(); // Create the post $sql = "UPDATE $tbl_blogs_posts SET title = '".Database::escape_string( $title )."', full_text = '".Database::escape_string($full_text)."' WHERE c_id = $course_id AND post_id ='".(int)$post_id."' AND blog_id ='".(int)$blog_id."' LIMIT 1 ;"; Database::query($sql); } /** * Deletes an article and it's comments * @author Toon Keppens * @param Integer $blog_id * @param Integer $post_id */ public static function delete_post($blog_id, $post_id) { // Init $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS); $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $course_id = api_get_course_int_id(); // Delete ratings on this comment $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND item_id = '".(int)$post_id."' AND rating_type = 'post'"; Database::query($sql); // Delete the post $sql = "DELETE FROM $tbl_blogs_posts WHERE c_id = $course_id AND post_id = '".(int)$post_id."'"; Database::query($sql); // Delete the comments $sql = "DELETE FROM $tbl_blogs_comments WHERE c_id = $course_id AND post_id = '".(int)$post_id."' AND blog_id = '".(int)$blog_id."'"; Database::query($sql); // Delete posts and attachments delete_all_blog_attachment($blog_id, $post_id); } /** * Creates a comment on a post in a given blog * @author Toon Keppens * @param String $title * @param String $full_text * @param Integer $blog_id * @param Integer $post_id * @param Integer $parent_id */ public static function create_comment( $title, $full_text, $file_comment, $blog_id, $post_id, $parent_id, $task_id = 'NULL' ) { global $_user; $_course = api_get_course_info(); global $blog_table_attachment; $upload_ok = true; $has_attachment = false; $current_date = date('Y-m-d H:i:s', time()); $course_id = api_get_course_int_id(); if (!empty($_FILES['user_upload']['name'])) { $upload_ok = FileManager::process_uploaded_file($_FILES['user_upload']); $has_attachment = true; } if ($upload_ok) { // Table Definition $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); // Create the comment $sql = "INSERT INTO $tbl_blogs_comments (c_id, title, comment, author_id, date_creation, blog_id, post_id, parent_comment_id, task_id ) VALUES ($course_id, '".Database::escape_string($title)."', '".Database::escape_string( $full_text )."', '".(int)$_user['user_id']."','".$current_date."', '".(int)$blog_id."', '".(int)$post_id."', '".(int)$parent_id."', '".(int)$task_id."')"; Database::query($sql); // Empty post values, or they are shown on the page again $_POST['comment_title'] = ""; $_POST['comment_text'] = ""; $last_id = Database::insert_id(); if ($has_attachment) { $courseDir = $_course['path'].'/upload/blog'; $sys_course_path = api_get_path(SYS_COURSE_PATH); $updir = $sys_course_path.$courseDir; // Try to add an extension to the file if it hasn't one $new_file_name = FileManager::add_ext_on_mime( stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type'] ); // user's file name $file_name = $_FILES['user_upload']['name']; if (!FileManager::filter_extension($new_file_name)) { Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); $new_path = $updir.'/'.$new_file_name; $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path); $comment = Database::escape_string($file_comment); // Storing the attachments if any if ($result) { $sql = 'INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size,blog_id,comment_id) '. "VALUES ($course_id, '".Database::escape_string($file_name)."', '".Database::escape_string( $comment )."', '".Database::escape_string( $new_file_name )."' , '".$post_id."', '".$_FILES['user_upload']['size']."', '".$blog_id."', '".$last_id."' )"; $result = Database::query($sql); $message .= ' / '.get_lang('AttachmentUpload'); } } } } } /** * Deletes a comment from a blogpost * @author Toon Keppens * @param Integer $blog_id * @param Integer $comment_id */ public static function delete_comment($blog_id, $post_id, $comment_id) { // Init $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); $blog_id = Database::escape_string($blog_id); $post_id = Database::escape_string($post_id); $comment_id = Database::escape_string($comment_id); $course_id = api_get_course_int_id(); delete_all_blog_attachment($blog_id, $post_id, $comment_id); // Delete ratings on this comment $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND item_id = '".(int)$comment_id."' AND rating_type = 'comment'"; Database::query($sql); // select comments that have the selected comment as their parent $sql = "SELECT comment_id FROM $tbl_blogs_comments WHERE c_id = $course_id AND parent_comment_id = '".(int)$comment_id."'"; $result = Database::query($sql); // Delete them recursively while ($comment = Database::fetch_array($result)) { Blog::delete_comment($blog_id, $post_id, $comment['comment_id']); } // Finally, delete the selected comment to $sql = "DELETE FROM $tbl_blogs_comments WHERE c_id = $course_id AND comment_id = '".(int)$comment_id."'"; Database::query($sql); } /** * Creates a new task in a blog * @author Toon Keppens * @param Integer $blog_id * @param String $title * @param String $description * @param String $color */ public static function create_task( $blog_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color ) { // Init $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); // Create the task $sql = "INSERT INTO $tbl_blogs_tasks (c_id, blog_id, title, description, color, system_task ) VALUES ($course_id , '".(int)$blog_id."', '".Database::escape_string( $title )."', '".Database::escape_string($description)."', '".Database::escape_string($color)."', '0');"; Database::query($sql); $task_id = Database::insert_id(); $tool = 'BLOG_'.$blog_id; if ($articleDelete == 'on') { $sql = " INSERT INTO ".$tbl_tasks_permissions." ( c_id, task_id, tool, action) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_delete' )"; Database::query($sql); } if ($articleEdit == 'on') { $sql = " INSERT INTO ".$tbl_tasks_permissions." (c_id, task_id, tool, action ) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_edit' )"; Database::query($sql); } if ($commentsDelete == 'on') { $sql = " INSERT INTO ".$tbl_tasks_permissions." (c_id, task_id, tool, action ) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_comments_delete' )"; Database::query($sql); } } /** * Edit a task in a blog * @author Toon Keppens * @param Integer $task_id * @param String $title * @param String $description * @param String $color */ public static function edit_task( $blog_id, $task_id, $title, $description, $articleDelete, $articleEdit, $commentsDelete, $color ) { // Init $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS); $course_id = api_get_course_int_id(); // Create the task $sql = "UPDATE $tbl_blogs_tasks SET title = '".Database::escape_string($title)."', description = '".Database::escape_string($description)."', color = '".Database::escape_string($color)."' WHERE c_id = $course_id AND task_id ='".(int)$task_id."' LIMIT 1"; Database::query($sql); $tool = 'BLOG_'.$blog_id; $sql = "DELETE FROM ".$tbl_tasks_permissions." WHERE c_id = $course_id AND task_id = '".(int)$task_id."'"; Database::query($sql); if ($articleDelete == 'on') { $sql = "INSERT INTO ".$tbl_tasks_permissions." ( c_id, task_id, tool, action) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_delete' )"; Database::query($sql); } if ($articleEdit == 'on') { $sql = "INSERT INTO ".$tbl_tasks_permissions." (c_id, task_id, tool, action) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_edit' )"; Database::query($sql); } if ($commentsDelete == 'on') { $sql = " INSERT INTO ".$tbl_tasks_permissions." (c_id, task_id, tool, action) VALUES ( '".(int)$course_id."', '".(int)$task_id."', '".Database::escape_string($tool)."', 'article_comments_delete' )"; Database::query($sql); } } /** * Deletes a task from a blog * @param Integer $blog_id * @param Integer $task_id */ public static function delete_task($blog_id, $task_id) { $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $course_id = api_get_course_int_id(); // Delete posts $sql = "DELETE FROM $tbl_blogs_tasks WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND task_id = '".(int)$task_id."'"; Database::query($sql); } /** * Deletes an assigned task from a blog * @param Integer $blog_id * @param Integer $assignment_id */ public static function delete_assigned_task($blog_id, $task_id, $user_id) { $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER); $course_id = api_get_course_int_id(); // Delete posts $sql = "DELETE FROM $tbl_blogs_tasks_rel_user WHERE c_id = $course_id AND blog_id = '".(int)$blog_id."' AND task_id = '".(int)$task_id."' AND user_id = '".(int)$user_id."'"; Database::query($sql); } /** * Get personal task list * @author Toon Keppens * @return Returns an unsorted list () with the users' tasks */ public static function get_personal_task_list() { global $_user; // Init $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER); $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS); $course_id = api_get_course_int_id(); if ($_user['user_id']) { $sql = "SELECT task_rel_user.*, task.title, blog.blog_name FROM $tbl_blogs_tasks_rel_user task_rel_user INNER JOIN $tbl_blogs_tasks task ON task_rel_user.task_id = task.task_id INNER JOIN $tbl_blogs blog ON task_rel_user.blog_id = blog.blog_id AND blog.blog_id = ".intval($_GET['blog_id'])." WHERE task.c_id = $course_id AND blog.c_id = $course_id AND task_rel_user.c_id = $course_id AND task_rel_user.user_id = ".(int)$_user['user_id']." ORDER BY target_date ASC"; $result = Database::query($sql); if (Database::num_rows($result) > 0) { echo '