<?php /* For licensing terms, see /license.txt */ /** * @package chamilo.admin */ $cidReset = true; // including some necessary files require_once __DIR__.'/../inc/global.inc.php'; require_once '../inc/lib/xajax/xajax.inc.php'; $xajax = new xajax(); $xajax->registerFunction('search_users'); // setting the section (for the tabs) $this_section = SECTION_PLATFORM_ADMIN; $id_session = intval($_GET['id_session']); SessionManager::protect_teacher_session_edit($id_session); // setting breadcrumbs if (api_is_platform_admin()) { $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin')); $interbreadcrumb[] = array('url' => 'session_list.php', 'name' => get_lang('SessionList')); $interbreadcrumb[] = array('url' => "resume_session.php?id_session=".$id_session, "name" => get_lang('SessionOverview')); } $allowTutors = api_get_setting('allow_tutors_to_assign_students_to_session'); $extra_field_list = []; if ($allowTutors == 'true') { // Database Table Definitions $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION); $tbl_course = Database::get_main_table(TABLE_MAIN_COURSE); $tbl_user = Database::get_main_table(TABLE_MAIN_USER); $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER); // setting the name of the tool $tool_name = get_lang('SubscribeUsersToSession'); $add_type = 'unique'; if (isset($_REQUEST['add_type']) && $_REQUEST['add_type'] != '') { $add_type = Security::remove_XSS($_REQUEST['add_type']); } $page = isset($_GET['page']) ? Security::remove_XSS($_GET['page']) : null; // Checking for extra field with filter on $extra_field_list = UserManager::get_extra_fields(); $new_field_list = array(); if (is_array($extra_field_list)) { foreach ($extra_field_list as $extra_field) { //if is enabled to filter and is a "<select>" field type if ($extra_field[8] == 1 && $extra_field[2] == 4) { $new_field_list[] = array( 'name' => $extra_field[3], 'variable' => $extra_field[1], 'data' => $extra_field[9], ); } } } function search_users($needle, $type) { global $id_session; $tbl_user = Database::get_main_table(TABLE_MAIN_USER); $tbl_session_rel_user = Database::get_main_table(TABLE_MAIN_SESSION_USER); $xajax_response = new xajaxResponse(); $return = ''; if (!empty($needle) && !empty($type)) { //normal behaviour if ($type == 'any_session' && $needle == 'false') { $type = 'multiple'; $needle = ''; } // xajax send utf8 datas... datas in db can be non-utf8 datas $charset = api_get_system_encoding(); $needle = Database::escape_string($needle); $needle = api_convert_encoding($needle, $charset, 'utf-8'); $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username'; $cond_user_id = ''; //Only for single & multiple if (in_array($type, array('single', 'multiple'))) { if (!empty($id_session)) { $id_session = intval($id_session); // check id_user from session_rel_user table $sql = 'SELECT user_id FROM '.$tbl_session_rel_user.' WHERE session_id ="'.$id_session.'" AND relation_type<>'.SESSION_RELATION_TYPE_RRHH.' '; $res = Database::query($sql); $user_ids = array(); if (Database::num_rows($res) > 0) { while ($row = Database::fetch_row($res)) { $user_ids[] = (int) $row[0]; } } if (count($user_ids) > 0) { $cond_user_id = ' AND user.user_id NOT IN('.implode(",", $user_ids).')'; } } } switch ($type) { case 'single': // search users where username or firstname or lastname begins likes $needle $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user WHERE (username LIKE "'.$needle.'%" OR firstname LIKE "'.$needle.'%" OR lastname LIKE "'.$needle.'%") AND user.status<>6 AND user.status<>'.DRH.''. $order_clause. ' LIMIT 11'; break; case 'multiple': $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user WHERE '.(api_sort_by_first_name() ? 'firstname' : 'lastname').' LIKE "'.$needle.'%" AND user.status<>'.DRH.' AND user.status<>6 '.$cond_user_id. $order_clause; break; case 'any_session': $sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user LEFT OUTER JOIN '.$tbl_session_rel_user.' s ON (s.user_id = user.user_id) WHERE s.user_id IS NULL AND user.status <>'.DRH.' AND user.status <> 6 '.$cond_user_id. $order_clause; break; } if (api_is_multiple_url_enabled()) { $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { switch ($type) { case 'single': $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id) WHERE access_url_id = '.$access_url_id.' AND (username LIKE "'.$needle.'%" OR firstname LIKE "'.$needle.'%" OR lastname LIKE "'.$needle.'%") AND user.status<>6 AND user.status<>'.DRH.' '. $order_clause. ' LIMIT 11'; break; case 'multiple': $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id) WHERE access_url_id = '.$access_url_id.' AND '.(api_sort_by_first_name() ? 'firstname' : 'lastname').' LIKE "'.$needle.'%" AND user.status<>'.DRH.' AND user.status<>6 '.$cond_user_id. $order_clause; break; case 'any_session' : $sql = 'SELECT DISTINCT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user LEFT OUTER JOIN '.$tbl_session_rel_user.' s ON (s.user_id = user.user_id) INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id) WHERE access_url_id = '.$access_url_id.' AND s.user_id IS null AND user.status<>'.DRH.' AND user.status<>6 '.$cond_user_id. $order_clause; break; } } } $rs = Database::query($sql); $i = 0; if ($type == 'single') { while ($user = Database::fetch_array($rs)) { $i++; if ($i <= 10) { $person_name = api_get_person_name($user['firstname'], $user['lastname']); $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_session(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />'; } else { $return .= '...<br />'; } } $xajax_response -> addAssign('ajax_list_users_single', 'innerHTML', api_utf8_encode($return)); } else { $return .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">'; while ($user = Database :: fetch_array($rs)) { $person_name = api_get_person_name($user['firstname'], $user['lastname']); $return .= '<option value="'.$user['user_id'].'">'.$person_name.' ('.$user['username'].')</option>'; } $return .= '</select>'; $xajax_response -> addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return)); } } return $xajax_response; } $xajax -> processRequests(); $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/'); $htmlHeadXtra[] = '<script> function add_user_to_session (code, content) { document.getElementById("user_to_add").value = ""; document.getElementById("ajax_list_users_single").innerHTML = ""; destination = document.getElementById("destination_users"); for (i=0;i<destination.length;i++) { if(destination.options[i].text == content) { return false; } } destination.options[destination.length] = new Option(content,code); destination.selectedIndex = -1; sortOptions(destination.options); } function remove_item(origin) { for(var i = 0 ; i<origin.options.length ; i++) { if(origin.options[i].selected) { origin.options[i]=null; i = i-1; } } } function validate_filter() { document.formulaire.add_type.value = \''.$add_type.'\'; document.formulaire.form_sent.value=0; document.formulaire.submit(); } function checked_in_no_session(checked) { $("#first_letter_user") .find("option") .attr("selected", false); xajax_search_users(checked, "any_session"); } function change_select(val) { $("#user_with_any_session_id").attr("checked", false); xajax_search_users(val,"multiple"); } </script>'; $form_sent = 0; $firstLetterUser = $firstLetterSession = ''; $UserList = $SessionList = array(); $sessions = array(); $noPHP_SELF = true; if (isset($_POST['form_sent']) && $_POST['form_sent']) { $form_sent = $_POST['form_sent']; $firstLetterUser = $_POST['firstLetterUser']; $firstLetterSession = $_POST['firstLetterSession']; $UserList = $_POST['sessionUsersList']; if (!is_array($UserList)) { $UserList = array(); } if ($form_sent == 1) { //added a parameter to send emails when registering a user SessionManager::subscribe_users_to_session($id_session, $UserList, null, true); header('Location: resume_session.php?id_session='.$id_session); exit; } } $session_info = SessionManager::fetch($id_session); Display::display_header($tool_name); $nosessionUsersList = $sessionUsersList = array(); $ajax_search = $add_type === 'unique' ? true : false; $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username'; if ($ajax_search) { $sql = "SELECT u.user_id, lastname, firstname, username, session_id FROM $tbl_user u INNER JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." AND $tbl_session_rel_user.session_id = ".intval($id_session)." WHERE u.status <> ".DRH." AND u.status<>6 $order_clause"; if (api_is_multiple_url_enabled()) { $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { $sql = "SELECT u.user_id, lastname, firstname, username, session_id FROM $tbl_user u INNER JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." AND $tbl_session_rel_user.session_id = ".intval($id_session)." INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=u.user_id) WHERE access_url_id = $access_url_id AND u.status<>".DRH." AND u.status<>6 $order_clause"; } } $result = Database::query($sql); $users = Database::store_result($result); foreach ($users as $user) { $sessionUsersList[$user['user_id']] = $user; } unset($users); //clean to free memory } else { //Filter by Extra Fields $use_extra_fields = false; if (is_array($extra_field_list)) { if (is_array($new_field_list) && count($new_field_list) > 0) { $result_list = array(); foreach ($new_field_list as $new_field) { $varname = 'field_'.$new_field['variable']; if (UserManager::is_extra_field_available($new_field['variable'])) { if (isset($_POST[$varname]) && $_POST[$varname] != '0') { $use_extra_fields = true; $extra_field_result[] = UserManager::get_extra_user_data_by_value( $new_field['variable'], $_POST[$varname] ); } } } } } if ($use_extra_fields) { $final_result = array(); if (count($extra_field_result) > 1) { for ($i = 0; $i < count($extra_field_result) - 1; $i++) { if (is_array($extra_field_result[$i + 1])) { $final_result = array_intersect( $extra_field_result[$i], $extra_field_result[$i + 1] ); } } } else { $final_result = $extra_field_result[0]; } $where_filter = ''; if (api_is_multiple_url_enabled()) { if (is_array($final_result) && count($final_result) > 0) { $where_filter = " AND u.user_id IN ('".implode("','", $final_result)."') "; } else { //no results $where_filter = " AND u.user_id = -1"; } } else { if (is_array($final_result) && count($final_result) > 0) { $where_filter = " WHERE u.user_id IN ('".implode("','", $final_result)."') "; } else { //no results $where_filter = " WHERE u.user_id = -1"; } } } if ($use_extra_fields) { $sql = "SELECT u.user_id, lastname, firstname, username, session_id FROM $tbl_user u LEFT JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.session_id = '$id_session' AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." $where_filter AND u.status<>".DRH." AND u.status<>6 $order_clause"; } else { $sql = "SELECT user_id, lastname, firstname, username, session_id FROM $tbl_user u LEFT JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.session_id = '$id_session' AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." WHERE u.status <> ".DRH." AND u.status<>6 $order_clause"; } if (api_is_multiple_url_enabled()) { $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { $sql = "SELECT u.user_id, lastname, firstname, username, session_id FROM $tbl_user u LEFT JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.session_id = '$id_session' AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=u.user_id) WHERE access_url_id = $access_url_id $where_filter AND u.status<>".DRH." AND u.status<>6 $order_clause"; } } $result = Database::query($sql); $users = Database::store_result($result, 'ASSOC'); foreach ($users as $uid => $user) { if ($user['session_id'] != $id_session) { $nosessionUsersList[$user['user_id']] = array( 'fn' => $user['firstname'], 'ln' => $user['lastname'], 'un' => $user['username'] ); unset($users[$uid]); } } unset($users); //clean to free memory //filling the correct users in list $sql = "SELECT user_id, lastname, firstname, username, session_id FROM $tbl_user u LEFT JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.id AND $tbl_session_rel_user.session_id = '$id_session' AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." WHERE u.status <> ".DRH." AND u.status<>6 $order_clause"; if (api_is_multiple_url_enabled()) { $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1) { $sql = "SELECT u.user_id, lastname, firstname, username, session_id FROM $tbl_user u LEFT JOIN $tbl_session_rel_user ON $tbl_session_rel_user.user_id = u.user_id AND $tbl_session_rel_user.session_id = '$id_session' AND $tbl_session_rel_user.relation_type<>".SESSION_RELATION_TYPE_RRHH." INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=u.user_id) WHERE access_url_id = $access_url_id AND u.status<>".DRH." AND u.status<>6 $order_clause"; } } $result = Database::query($sql); $users = Database::store_result($result, 'ASSOC'); foreach ($users as $uid => $user) { if ($user['session_id'] == $id_session) { $sessionUsersList[$user['user_id']] = $user; if (array_key_exists($user['user_id'], $nosessionUsersList)) { unset($nosessionUsersList[$user['user_id']]); } } unset($users[$uid]); } unset($users); //clean to free memory } if ($add_type === 'multiple') { $link_add_type_unique = '<a href="'.api_get_self().'?id_session='.$id_session.'&add='.Security::remove_XSS($_GET['add']).'&add_type=unique">'.Display::return_icon('single.gif').get_lang('SessionAddTypeUnique').'</a>'; $link_add_type_multiple = Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple'); } else { $link_add_type_unique = Display::return_icon('single.gif').get_lang('SessionAddTypeUnique'); $link_add_type_multiple = '<a href="'.api_get_self().'?id_session='.$id_session.'&add='.Security::remove_XSS($_GET['add']).'&add_type=multiple">'.Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple').'</a>'; } $link_add_group = '<a href="usergroups.php">'. Display::return_icon('multiple.gif', get_lang('RegistrationByUsersGroups')).get_lang('RegistrationByUsersGroups').'</a>'; ?> <div class="actions"> <?php echo $link_add_type_unique ?> | <?php echo $link_add_type_multiple ?> | <?php echo $link_add_group; ?> </div> <form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?page=<?php echo $page; ?>&id_session=<?php echo $id_session; ?><?php if (!empty($_GET['add'])) echo '&add=true'; ?>" style="margin:0px;" <?php if ($ajax_search) {echo ' onsubmit="valide();"'; }?>> <?php echo '<legend>'.$tool_name.' ('.$session->getName().') </legend>'; ?> <?php if ($add_type === 'multiple') { if (is_array($extra_field_list)) { if (is_array($new_field_list) && count($new_field_list) > 0) { echo '<h3>'.get_lang('FilterUsers').'</h3>'; foreach ($new_field_list as $new_field) { echo $new_field['name']; $varname = 'field_'.$new_field['variable']; echo ' <select name="'.$varname.'">'; echo '<option value="0">--'.get_lang('Select').'--</option>'; foreach ($new_field['data'] as $option) { $checked = ''; if (isset($_POST[$varname])) { if ($_POST[$varname] == $option[1]) { $checked = 'selected="true"'; } } echo '<option value="'.$option[1].'" '.$checked.'>'.$option[1].'</option>'; } echo '</select>'; echo ' '; } echo '<input type="button" value="'.get_lang('Filter').'" onclick="validate_filter()" />'; echo '<br /><br />'; } } } ?> <input type="hidden" name="form_sent" value="1" /> <input type="hidden" name="add_type" /> <div class="row"> <div class="span5"> <div class="multiple_select_header"> <b><?php echo get_lang('UserListInPlatform') ?> :</b> <?php if ($add_type == 'multiple') { ?> <?php echo get_lang('FirstLetterUser'); ?> : <select id="first_letter_user" name="firstLetterUser" onchange = "change_select(this.value);" > <option value = "%">--</option> <?php echo Display :: get_alphabet_options(); ?> </select> <?php } ?> </div> <div id="content_source"> <?php if (!($add_type == 'multiple')) { ?> <input type="text" id="user_to_add" onkeyup="xajax_search_users(this.value,'single')" /> <div id="ajax_list_users_single"></div> <?php } else { ?> <div id="ajax_list_users_multiple"> <select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" class="span5"> <?php foreach ($nosessionUsersList as $uid => $enreg) { ?> <option value="<?php echo $uid; ?>" <?php if (in_array($uid, $UserList)) echo 'selected="selected"'; ?>><?php echo api_get_person_name($enreg['fn'], $enreg['ln']).' ('.$enreg['un'].')'; ?></option> <?php } ?> </select> </div> <input type="checkbox" onchange="checked_in_no_session(this.checked);" name="user_with_any_session" id="user_with_any_session_id"> <label for="user_with_any_session_id"><?php echo get_lang('UsersRegisteredInNoSession'); ?></label> <?php } unset($nosessionUsersList); ?> </div> </div> <div class="span2"> <div style="padding-top:54px;width:auto;text-align: center;"> <?php if ($ajax_search) { ?> <button class="btn btn-default" type="button" onclick="remove_item(document.getElementById('destination_users'))" ><em class="fa fa-arrow-left"></em></button> <?php } else { ?> <button class="btn btn-default" type="button" onclick="moveItem(document.getElementById('origin_users'), document.getElementById('destination_users'))" onclick="moveItem(document.getElementById('origin_users'), document.getElementById('destination_users'))"> <em class="fa fa-arrow-right"></em> </button> <br /><br /> <button class="btn btn-default" type="button" onclick="moveItem(document.getElementById('destination_users'), document.getElementById('origin_users'))" onclick="moveItem(document.getElementById('destination_users'), document.getElementById('origin_users'))"> <em class="fa fa-arrow-left"></em> </button> <?php } ?> </div> <br /> <br /> <?php if (isset($_GET['add'])) { echo '<button class="btn btn-primary" type="button" value="" onclick="valide()" >'.get_lang('FinishSessionCreation').'</button>'; } else { //@todo see that the call to "valide()" doesn't duplicate the onsubmit of the form (necessary to avoid delete on "enter" key pressed) echo '<button class="save" type="button" value="" onclick="valide()" >'.get_lang('SubscribeUsersToSession').'</button>'; } ?> </div> <div class="span5"> <div class="multiple_select_header"> <b><?php echo get_lang('UserListInSession') ?> :</b> </div> <select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" class="span5"> <?php foreach ($sessionUsersList as $enreg) { ?> <option value="<?php echo $enreg['user_id']; ?>"><?php echo api_get_person_name($enreg['firstname'], $enreg['lastname']).' ('.$enreg['username'].')'; ?></option> <?php } unset($sessionUsersList); ?> </select> </div> </div> </form> <script> function moveItem(origin , destination) { for (var i = 0 ; i<origin.options.length ; i++) { if (origin.options[i].selected) { destination.options[destination.length] = new Option(origin.options[i].text,origin.options[i].value); origin.options[i]=null; i = i-1; } } destination.selectedIndex = -1; sortOptions(destination.options); } function sortOptions(options) { newOptions = new Array(); for (i = 0 ; i<options.length ; i++) newOptions[i] = options[i]; newOptions = newOptions.sort(mysort); options.length = 0; for (i = 0 ; i < newOptions.length ; i++) options[i] = newOptions[i]; } function mysort(a, b) { if (a.text.toLowerCase() > b.text.toLowerCase()) { return 1; } if (a.text.toLowerCase() < b.text.toLowerCase()) { return -1; } return 0; } function valide() { var options = document.getElementById('destination_users').options; for (i = 0 ; i<options.length ; i++) options[i].selected = true; document.forms.formulaire.submit(); } function loadUsersInSelect(select) { var xhr_object = null; if(window.XMLHttpRequest) // Firefox xhr_object = new XMLHttpRequest(); else if(window.ActiveXObject) // Internet Explorer xhr_object = new ActiveXObject("Microsoft.XMLHTTP"); else // XMLHttpRequest non supporté par le navigateur alert("Votre navigateur ne supporte pas les objets XMLHTTPRequest..."); //xhr_object.open("GET", "loadUsersInSelect.ajax.php?id_session=<?php echo $id_session ?>&letter="+select.options[select.selectedIndex].text, false); xhr_object.open("POST", "loadUsersInSelect.ajax.php"); xhr_object.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); nosessionUsers = makepost(document.getElementById('origin_users')); sessionUsers = makepost(document.getElementById('destination_users')); nosessionClasses = makepost(document.getElementById('origin_classes')); sessionClasses = makepost(document.getElementById('destination_classes')); xhr_object.send("nosessionusers="+nosessionUsers+"&sessionusers="+sessionUsers+"&nosessionclasses="+nosessionClasses+"&sessionclasses="+sessionClasses); xhr_object.onreadystatechange = function() { if (xhr_object.readyState == 4) { document.getElementById('content_source').innerHTML = result = xhr_object.responseText; //alert(xhr_object.responseText); } } } function makepost(select) { var options = select.options; var ret = ""; for (i = 0 ; i<options.length ; i++) ret = ret + options[i].value +'::'+options[i].text+";;"; return ret; } </script> <?php } else { api_not_allowed(); } Display::display_footer();