Home Explore Help
Register Sign In
aj
/
chamilo-lms2
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 29ba4fe866
Branches Tags
chamilo-lms2
/
main
/
admin
/
configure_homepage.php

configure_homepage.php 51 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt */
    3. 

  3. /**
    4. 

  4.  * Configure the portal homepage (manages multi-urls and languages)
    5. 

  5.  * @package chamilo.admin
    6. 

  6.  */
    7. 

  7. /**
    8. 

  8.  * Code
    9. 

  9.  */
    10. 

  10. $language_file = array('index', 'admin', 'accessibility');
    11. 

  11. $cidReset = true;
    12. 

  12. ////require_once '../inc/global.inc.php';
    13. 

  13. 

  14. $this_section = SECTION_PLATFORM_ADMIN;
    15. 

  15. $_SESSION['this_section'] = $this_section;
    16. 

  16. $this_page = '';
    17. 

  17. 

  18. api_protect_admin_script();
    19. 

  19. 

  20. 

  21. $action = isset($_GET['action']) ? Security::remove_XSS($_GET['action']) : null;
    22. 

  22. $tbl_category = Database::get_main_table(TABLE_MAIN_CATEGORY);
    23. 

  23. $tool_name = get_lang('ConfigureHomePage');
    24. 

  24. $_languages = api_get_languages();
    25. 

  25. 

  26. $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
    27. 

  27. 

  28. if (!empty($action)) {
    29. 

  29.     $interbreadcrumb[] = array('url' => 'configure_homepage.php', 'name' => get_lang('ConfigureHomePage'));
    30. 

  30.     switch ($action) {
    31. 

  31.         case 'edit_top':
    32. 

  32.             $tool_name = get_lang('EditHomePage');
    33. 

  33.             break;
    34. 

  34.         case 'edit_news':
    35. 

  35.             $tool_name = get_lang('EditNews');
    36. 

  36.             break;
    37. 

  37.         case 'edit_notice':
    38. 

  38.             $tool_name = get_lang('EditNotice');
    39. 

  39.             break;
    40. 

  40.         case 'insert_link':
    41. 

  41.             $tool_name = get_lang('InsertLink');
    42. 

  42.             break;
    43. 

  43.         case 'edit_link':
    44. 

  44.             $tool_name = get_lang('EditLink');
    45. 

  45.             break;
    46. 

  46.         case 'insert_tabs':
    47. 

  47.             $tool_name = get_lang('InsertTabs');
    48. 

  48.             break;
    49. 

  49.         case 'edit_tabs':
    50. 

  50.             $tool_name = get_lang('EditTabs');
    51. 

  51.             break;
    52. 

  52.     }
    53. 

  53. }
    54. 

  54. 

  55. // The global logic for language priorities should be:
    56. 

  56. // - take language selected when connecting ($_SESSION['user_language_choice'])
    57. 

  57. //   or last language selected (taken from select box into SESSION by global.inc.php)
    58. 

  58. //   or, if unavailable;
    59. 

  59. // - take default user language ($_SESSION['_user']['language']) - which is taken from
    60. 

  60. //   the database in local.inc.php or, if unavailable;
    61. 

  61. // - take platform language (taken from the database campus setting 'platformLanguage')
    62. 

  62. // Then if a language file doesn't exist, it should be created.
    63. 

  63. // The default language for the homepage should use the default platform language
    64. 

  64. // (if nothing else is selected), which means the 'no-language' file should be taken
    65. 

  65. // to fill a new 'language-specified' language file, and then only the latter should be
    66. 

  66. // modified. The original 'no-language' files should never be modified.
    67. 

  67. 

  68. // ----- Language selection -----
    69. 

  69. // The final language selected and used everywhere in this script follows the rules
    70. 

  70. // described above and is put into "$lang". Because this script includes
    71. 

  71. // global.inc.php, the variables used for language purposes below are considered safe.
    72. 

  72. 

  73. $lang = ''; //el for "Edit Language"
    74. 

  74. if (!empty($_SESSION['user_language_choice'])) {
    75. 

  75.     $lang = $_SESSION['user_language_choice'];
    76. 

  76. } elseif (!empty($_SESSION['_user']['language'])) {
    77. 

  77.     $lang = $_SESSION['_user']['language'];
    78. 

  78. } else {
    79. 

  79.     $lang = api_get_setting('platformLanguage');
    80. 

  80. }
    81. 

  81. 

  82. // Ensuring availability of main files in the corresponding language
    83. 

  83. $homePath = api_get_path(SYS_DATA_PATH).'home/';
    84. 

  84. 

  85. if (api_is_multiple_url_enabled()) {
    86. 

  86.     $access_url_id = api_get_current_access_url_id();
    87. 

  87.     if ($access_url_id != -1) {
    88. 

  88.         $url_info = api_get_access_url($access_url_id);
    89. 

  89.         $url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $url_info['url']));
    90. 

  90.         $clean_url = api_replace_dangerous_char($url);
    91. 

  91.         $clean_url = str_replace('/', '-', $clean_url);
    92. 

  92.         $clean_url .= '/';
    93. 

  93. 

  94.         $homep_new = $homePath.$clean_url; //homep for Home Path added the url
    95. 

  95.         $new_url_dir = $homePath.$clean_url;
    96. 

  96.         //we create the new dir for the new sites
    97. 

  97.         if (!is_dir($new_url_dir)) {
    98. 

  98.             mkdir($new_url_dir, api_get_permissions_for_new_directories());
    99. 

  99.         }
    100. 

  100.     }
    101. 

  101. } else {
    102. 

  102.     $homep_new = '';
    103. 

  103.     //$homep = api_get_path(SYS_PATH).'home/'; //homep for Home Path
    104. 

  104. }
    105. 

  105. 

  106. $menuf = 'home_menu'; //menuf for Menu File
    107. 

  107. $newsf = 'home_news'; //newsf for News File
    108. 

  108. $topf = 'home_top'; //topf for Top File
    109. 

  109. $noticef = 'home_notice'; //noticef for Notice File
    110. 

  110. $menutabs = 'home_tabs'; //menutabs for tabs Menu
    111. 

  111. $ext = '.html'; //ext for HTML Extension - when used frequently, variables are
    112. 

  112. // faster than hardcoded strings
    113. 

  113. $homef = array($menuf, $newsf, $topf, $noticef, $menutabs);
    114. 

  114. 

  115. // If language-specific file does not exist, create it by copying default file
    116. 

  116. foreach ($homef as $my_file) {
    117. 

  117.     if (api_is_multiple_url_enabled()) {
    118. 

  118.         if (!file_exists($homep_new.$my_file.'_'.$lang.$ext)) {
    119. 

  119.             copy($homePath.$my_file.$ext, $homep_new.$my_file.'_'.$lang.$ext);
    120. 

  120.         }
    121. 

  121.     } else {
    122. 

  122.         if (!file_exists($homePath.$my_file.'_'.$lang.$ext)) {
    123. 

  123.             copy($homePath.$my_file.$ext, $homePath.$my_file.'_'.$lang.$ext);
    124. 

  124.         }
    125. 

  125.     }
    126. 

  126. }
    127. 

  127. if (api_is_multiple_url_enabled()) {
    128. 

  128.     $homePath = $homep_new;
    129. 

  129. }
    130. 

  130. 

  131. $errorMsg = '';
    132. 

  132. 

  133. // Filter link param
    134. 

  134. $link = '';
    135. 

  135. if (!empty($_GET['link'])) {
    136. 

  136.     $link = $_GET['link'];
    137. 

  137.     // If the link parameter is suspicious, empty it
    138. 

  138.     if (strstr($link, '/') || !strstr($link, '.html') || strstr($link, '\\')) {
    139. 

  139.         $link = '';
    140. 

  140.         $action = '';
    141. 

  141.     }
    142. 

  142. }
    143. 

  143. 

  144. // Start analysing requested actions
    145. 

  145. if (!empty($action)) {
    146. 

  146.     if (isset($_POST['formSent']) && $_POST['formSent']) {
    147. 

  147.         // Variables used are $homep for home path, $menuf for menu file, $newsf
    148. 

  148.         // for news file, $topf for top file, $noticef for noticefile,
    149. 

  149.         // $ext for '.html'
    150. 

  150.         switch ($action) {
    151. 

  151.             case 'edit_top':
    152. 

  152.                 // Filter
    153. 

  153.                 $home_top = trim(stripslashes($_POST['home_top']));
    154. 

  154. 

  155.                 // Write
    156. 

  156.                 if (file_exists($homePath.$topf.'_'.$lang.$ext)) {
    157. 

  157.                     if (is_writable($homePath.$topf.'_'.$lang.$ext)) {
    158. 

  158.                         $fp = fopen($homePath.$topf.'_'.$lang.$ext, 'w');
    159. 

  159.                         fputs($fp, $home_top);
    160. 

  160.                         fclose($fp);
    161. 

  161.                     } else {
    162. 

  162.                         $errorMsg = get_lang('HomePageFilesNotWritable');
    163. 

  163.                     }
    164. 

  164.                 } else {
    165. 

  165.                     //File does not exist
    166. 

  166.                     $fp = fopen($homePath.$topf.'_'.$lang.$ext, 'w');
    167. 

  167.                     fputs($fp, $home_top);
    168. 

  168.                     fclose($fp);
    169. 

  169.                 }
    170. 

  170. 

  171.                 if (EventsMail::check_if_using_class('portal_homepage_edited')) {
    172. 

  172.                     EventsDispatcher::events('portal_homepage_edited', array('about_user' => api_get_user_id()));
    173. 

  173.                 }
    174. 

  174.                 Event::addEvent(
    175. 

  175.                     LOG_HOMEPAGE_CHANGED,
    176. 

  176.                     'edit_top',
    177. 

  177.                     Text::cut(strip_tags($home_top), 254),
    178. 

  178.                     api_get_utc_datetime(),
    179. 

  179.                     api_get_user_id()
    180. 

  180.                 );
    181. 

  181.                 break;
    182. 

  182.             case 'edit_notice':
    183. 

  183.                 // Filter
    184. 

  184.                 $notice_title = trim(strip_tags(stripslashes($_POST['notice_title'])));
    185. 

  185.                 $notice_text = trim(
    186. 

  186.                     str_replace(
    187. 

  187.                         array("\r", "\n"),
    188. 

  188.                         array('', '<br />'),
    189. 

  189.                         strip_tags(stripslashes($_POST['notice_text']), '<a>')
    190. 

  190.                     )
    191. 

  191.                 );
    192. 

  192.                 if (empty($notice_title) || empty($notice_text)) {
    193. 

  193.                     $errorMsg = get_lang('NoticeWillBeNotDisplayed');
    194. 

  194.                 }
    195. 

  195.                 // Write
    196. 

  196.                 if (file_exists($homePath.$noticef.'_'.$lang.$ext)) {
    197. 

  197.                     if (is_writable($homePath.$noticef.'_'.$lang.$ext)) {
    198. 

  198.                         $fp = fopen($homePath.$noticef.'_'.$lang.$ext, 'w');
    199. 

  199.                         if ($errorMsg == '') {
    200. 

  200.                             fputs($fp, "<b>$notice_title</b><br />\n$notice_text");
    201. 

  201.                         } else {
    202. 

  202.                             fputs($fp, '');
    203. 

  203.                         }
    204. 

  204.                         fclose($fp);
    205. 

  205.                     } else {
    206. 

  206.                         $errorMsg .= "<br/>\n".get_lang('HomePageFilesNotWritable');
    207. 

  207.                     }
    208. 

  208.                 } else {
    209. 

  209.                     //File does not exist
    210. 

  210.                     $fp = fopen($homePath.$noticef.'_'.$lang.$ext, 'w');
    211. 

  211.                     fputs($fp, "<b>$notice_title</b><br />\n$notice_text");
    212. 

  212.                     fclose($fp);
    213. 

  213.                 }
    214. 

  214.                 Event::addEvent(
    215. 

  215.                     LOG_HOMEPAGE_CHANGED,
    216. 

  216.                     'edit_notice',
    217. 

  217.                     Text::cut(strip_tags($notice_title), 254),
    218. 

  218.                     api_get_utc_datetime(),
    219. 

  219.                     api_get_user_id()
    220. 

  220.                 );
    221. 

  221.                 break;
    222. 

  222.             case 'edit_news':
    223. 

  223.                 //Filter
    224. 

  224.                 $home_news = trim(stripslashes($_POST['home_news']));
    225. 

  225.                 //Write
    226. 

  226.                 if ($s_languages_news != 'all') {
    227. 

  227.                     if (file_exists($homePath.$newsf.'_'.$s_languages_news.$ext)) {
    228. 

  228.                         if (is_writable($homePath.$newsf.'_'.$s_languages_news.$ext)) {
    229. 

  229.                             $fp = fopen($homePath.$newsf.'_'.$s_languages_news.$ext, 'w');
    230. 

  230.                             fputs($fp, $home_news);
    231. 

  231.                             fclose($fp);
    232. 

  232.                         } else {
    233. 

  233.                             $errorMsg = get_lang('HomePageFilesNotWritable');
    234. 

  234.                         }
    235. 

  235.                     } else {
    236. 

  236.                         // File does not exist
    237. 

  237.                         $fp = fopen($homePath.$newsf.'_'.$s_languages_news.$ext, 'w');
    238. 

  238.                         fputs($fp, $home_news);
    239. 

  239.                         fclose($fp);
    240. 

  240.                     }
    241. 

  241.                 } else {
    242. 

  242.                     // We update all the news file
    243. 

  243.                     $_languages = api_get_languages();
    244. 

  244.                     foreach ($_languages['name'] as $key => $value) {
    245. 

  245.                         $english_name = $_languages['folder'][$key];
    246. 

  246.                         if (file_exists($homePath.$newsf.'_'.$english_name.$ext)) {
    247. 

  247.                             if (is_writable($homePath.$newsf.'_'.$english_name.$ext)) {
    248. 

  248.                                 $fp = fopen($homePath.$newsf.'_'.$english_name.$ext, 'w');
    249. 

  249.                                 fputs($fp, $home_news);
    250. 

  250.                                 fclose($fp);
    251. 

  251.                             } else {
    252. 

  252.                                 $errorMsg = get_lang('HomePageFilesNotWritable');
    253. 

  253.                             }
    254. 

  254.                         } else {
    255. 

  255.                             // File does not exist
    256. 

  256.                             $fp = fopen($homePath.$newsf.'_'.$english_name.$ext, 'w');
    257. 

  257.                             fputs($fp, $home_news);
    258. 

  258.                             fclose($fp);
    259. 

  259.                         }
    260. 

  260.                     }
    261. 

  261.                 }
    262. 

  262.                 Event::addEvent(
    263. 

  263.                     LOG_HOMEPAGE_CHANGED,
    264. 

  264.                     'edit_news',
    265. 

  265.                     strip_tags(Text::cut($home_news, 254)),
    266. 

  266.                     api_get_utc_datetime(),
    267. 

  267.                     api_get_user_id()
    268. 

  268.                 );
    269. 

  269.                 break;
    270. 

  270.             case 'insert_tabs':
    271. 

  271.             case 'edit_tabs':
    272. 

  272.             case 'insert_link':
    273. 

  273.             case 'edit_link':
    274. 

  274.                 $link_index = intval($_POST['link_index']);
    275. 

  275.                 $insert_where = intval($_POST['insert_where']);
    276. 

  276.                 $link_name = trim(stripslashes($_POST['link_name']));
    277. 

  277.                 $link_url = trim(stripslashes($_POST['link_url']));
    278. 

  278.                 $add_in_tab = intval($_POST['add_in_tab']);
    279. 

  279. 

  280.                 // WCAG
    281. 

  281.                 if (api_get_setting('wcag_anysurfer_public_pages') == 'true') {
    282. 

  282.                     $link_html = WCAG_Rendering::prepareXHTML();
    283. 

  283.                 } else {
    284. 

  284.                     $link_html = trim(stripslashes($_POST['link_html']));
    285. 

  285.                 }
    286. 

  286. 

  287.                 $filename = trim(stripslashes($_POST['filename']));
    288. 

  288.                 $target_blank = $_POST['target_blank'] ? true : false;
    289. 

  289. 

  290.                 if ($link_url == 'http://' || $link_url == 'https://') {
    291. 

  291.                     $link_url = '';
    292. 

  292.                 } elseif (!empty($link_url) && !strstr($link_url, '://')) {
    293. 

  293.                     $link_url = 'http://'.$link_url;
    294. 

  294.                 }
    295. 

  295.                 $menuf = ($action == 'insert_tabs' || $action == 'edit_tabs') ? $menutabs : $menuf;
    296. 

  296.                 if (!is_writable($homePath.$menuf.'_'.$lang.$ext)) {
    297. 

  297.                     $errorMsg = get_lang('HomePageFilesNotWritable');
    298. 

  298.                 } elseif (empty($link_name)) {
    299. 

  299.                     $errorMsg = get_lang('PleaseEnterLinkName');
    300. 

  300.                 } else {
    301. 

  301.                     // New links are added as new files in the home/ directory
    302. 

  302.                     if ($action == 'insert_link' || $action == 'insert_tabs' || empty($filename) || strstr(
    303. 

  303.                         $filename,
    304. 

  304.                         '/'
    305. 

  305.                     ) || !strstr($filename, '.html')
    306. 

  306.                     ) {
    307. 

  307.                         $filename = api_replace_dangerous_char($link_name, 'strict').'.html';
    308. 

  308.                     }
    309. 

  309.                     // "home_" prefix for links are renamed to "user_" prefix (to avoid name clash with existing home page files)
    310. 

  310.                     if (!empty($filename)) {
    311. 

  311.                         $filename = str_replace('home_', 'user_', $filename);
    312. 

  312.                     }
    313. 

  313.                     // If the typical language suffix is not found in the file name,
    314. 

  314.                     // replace the ".html" suffix by "_en.html" or the active menu language
    315. 

  315.                     if (!strstr($filename, '_'.$lang.$ext)) {
    316. 

  316.                         $filename = str_replace($ext, '_'.$lang.$ext, $filename);
    317. 

  317.                     }
    318. 

  318.                     // Get the contents of home_menu_en.html (or active menu language
    319. 

  319.                     // version) into $home_menu as an array of one entry per line
    320. 

  320.                     $home_menu = file($homePath.$menuf.'_'.$lang.$ext);
    321. 

  321.                     $home_menu = implode("\n", $home_menu);
    322. 

  322.                     $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    323. 

  323.                     $home_menu = explode("\n", $home_menu);
    324. 

  324.                     $home_menu = array_values(array_filter(array_map('trim', $home_menu), 'strlen'));
    325. 

  325.                     // Prepare place to insert the new link into (default is end of file)
    326. 

  326.                     if ($insert_where < -1 || $insert_where > (sizeof($home_menu) - 1)) {
    327. 

  327.                         $insert_where = sizeof($home_menu) - 1;
    328. 

  328.                     }
    329. 

  329.                     //
    330. 

  330.                     // For each line of the file, remove trailing spaces and special chars
    331. 

  331.                     //foreach ($home_menu as $key => $enreg) {
    332. 

  332.                     //	$home_menu[$key] = trim($enreg);
    333. 

  333.                     //}
    334. 

  334.                     //
    335. 

  335.                     // If the given link url is empty, then replace the link url by a link to the link file created
    336. 

  336. 

  337.                     if (empty($link_url) || $link_url == 'http://' || $link_url == 'https://') {
    338. 

  338.                         $link_url = api_get_path(WEB_PATH).'index.php?include='.urlencode($filename);
    339. 

  339.                         // If the file doesn't exist, then create it and
    340. 

  340.                         // fill it with default text
    341. 

  341. 

  342.                         $fp = @fopen($homePath.$filename, 'w');
    343. 

  343.                         if ($fp) {
    344. 

  344.                             if (empty($link_html)) {
    345. 

  345.                                 fputs($fp, get_lang('MyTextHere'));
    346. 

  346.                             } else {
    347. 

  347.                                 fputs($fp, $link_html);
    348. 

  348.                             }
    349. 

  349.                             fclose($fp);
    350. 

  350.                         }
    351. 

  351.                     }
    352. 

  352.                     // If the requested action is to edit a link, open the file and
    353. 

  353.                     // write to it (if the file doesn't exist, create it)
    354. 

  354.                     if (in_array($action, array('edit_link')) && !empty($link_html)) {
    355. 

  355.                         $fp = @fopen($homePath.$filename, 'w');
    356. 

  356.                         if ($fp) {
    357. 

  357.                             fputs($fp, $link_html);
    358. 

  358.                             fclose($fp);
    359. 

  359.                         }
    360. 

  360.                     }
    361. 

  361. 

  362.                     $class_add_in_tab = 'class="show_menu"';
    363. 

  363.                     if (!$add_in_tab) {
    364. 

  364.                         $class_add_in_tab = 'class="hide_menu"';
    365. 

  365.                     }
    366. 

  366. 

  367.                     // If the requested action is to create a link, make some room
    368. 

  368.                     // for the new link in the home_menu array at the requested place
    369. 

  369.                     // and insert the new link there
    370. 

  370.                     if ($action == 'insert_link' || $action == 'insert_tabs') {
    371. 

  371.                         for ($i = sizeof($home_menu); $i; $i--) {
    372. 

  372.                             if ($i > $insert_where) {
    373. 

  373.                                 $home_menu[$i] = $home_menu[$i - 1];
    374. 

  374.                             } else {
    375. 

  375.                                 break;
    376. 

  376.                             }
    377. 

  377.                         }
    378. 

  378. 

  379. 

  380.                         $home_menu[$insert_where + 1] = '<li '.$class_add_in_tab.'><a href="'.$link_url.'" target="'.($target_blank ? '_blank' : '_self').'"><span>'.$link_name.'</span></a></li>';
    381. 

  381.                     } else {
    382. 

  382.                         // If the request is about a link edition, change the link
    383. 

  383.                         $home_menu[$link_index] = '<li '.$class_add_in_tab.'><a href="'.$link_url.'" target="'.($target_blank ? '_blank' : '_self').'"><span>'.$link_name.'</span></a></li>';
    384. 

  384.                     }
    385. 

  385.                     // Re-build the file from the home_menu array
    386. 

  386.                     $home_menu = implode("\n", $home_menu);
    387. 

  387.                     // Write
    388. 

  388.                     if (file_exists($homePath.$menuf.'_'.$lang.$ext)) {
    389. 

  389.                         if (is_writable($homePath.$menuf.'_'.$lang.$ext)) {
    390. 

  390.                             $fp = fopen($homePath.$menuf.'_'.$lang.$ext, 'w');
    391. 

  391.                             fputs($fp, $home_menu);
    392. 

  392.                             fclose($fp);
    393. 

  393.                             if (file_exists($homePath.$menuf.$ext)) {
    394. 

  394.                                 if (is_writable($homePath.$menuf.$ext)) {
    395. 

  395.                                     $fpo = fopen($homePath.$menuf.$ext, 'w');
    396. 

  396.                                     fputs($fpo, $home_menu);
    397. 

  397.                                     fclose($fpo);
    398. 

  398.                                 }
    399. 

  399.                             }
    400. 

  400.                         } else {
    401. 

  401.                             $errorMsg = get_lang('HomePageFilesNotWritable');
    402. 

  402.                         }
    403. 

  403.                     } else {
    404. 

  404.                         //File does not exist
    405. 

  405.                         $fp = fopen($homePath.$menuf.'_'.$lang.$ext, 'w');
    406. 

  406.                         fputs($fp, $home_menu);
    407. 

  407.                         fclose($fp);
    408. 

  408.                     }
    409. 

  409.                 }
    410. 

  410.                 Event::addEvent(
    411. 

  411.                     LOG_HOMEPAGE_CHANGED,
    412. 

  412.                     $action,
    413. 

  413.                     Text::cut($link_name.':'.$link_url, 254),
    414. 

  414.                     api_get_utc_datetime(),
    415. 

  415.                     api_get_user_id()
    416. 

  416.                 );
    417. 

  417.                 break;
    418. 

  418.         } //end of switch($action)
    419. 

  419. 

  420.         if (empty($errorMsg)) {
    421. 

  421.             header('Location: '.api_get_self());
    422. 

  422.             exit();
    423. 

  423.         }
    424. 

  424.     } else {
    425. 

  425.         //if POST[formSent] is not set
    426. 

  426.         switch ($action) {
    427. 

  427.             case 'open_link':
    428. 

  428.                 // Previously, filtering of GET['link'] was done here but it left
    429. 

  429.                 // a security threat. Filtering has now been moved outside conditions
    430. 

  430.                 break;
    431. 

  431.             case 'delete_tabs':
    432. 

  432.             case 'delete_link':
    433. 

  433.                 // A link is deleted by getting the file into an array, removing the
    434. 

  434.                 // link and re-writing the array to the file
    435. 

  435.                 $link_index = intval($_GET['link_index']);
    436. 

  436.                 $menuf = ($action == 'delete_tabs') ? $menutabs : $menuf;
    437. 

  437.                 $home_menu = @file($homePath.$menuf.'_'.$lang.$ext);
    438. 

  438.                 if (empty($home_menu)) {
    439. 

  439.                     $home_menu = array();
    440. 

  440.                 }
    441. 

  441.                 foreach ($home_menu as $key => $enreg) {
    442. 

  442.                     if ($key == $link_index) {
    443. 

  443.                         unset($home_menu[$key]);
    444. 

  444.                     } else {
    445. 

  445.                         $home_menu[$key] = trim($enreg);
    446. 

  446.                     }
    447. 

  447.                 }
    448. 

  448.                 $home_menu = implode("\n", $home_menu);
    449. 

  449.                 $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    450. 

  450. 

  451.                 $fp = fopen($homePath.$menuf.'_'.$lang.$ext, 'w');
    452. 

  452.                 fputs($fp, $home_menu);
    453. 

  453.                 fclose($fp);
    454. 

  454.                 if (file_exists($homePath.$menuf.$ext)) {
    455. 

  455.                     if (is_writable($homePath.$menuf.$ext)) {
    456. 

  456.                         $fpo = fopen($homePath.$menuf.$ext, 'w');
    457. 

  457.                         fputs($fpo, $home_menu);
    458. 

  458.                         fclose($fpo);
    459. 

  459.                     }
    460. 

  460.                 }
    461. 

  461.                 header('Location: '.api_get_self());
    462. 

  462.                 exit();
    463. 

  463.                 break;
    464. 

  464.             case 'edit_top':
    465. 

  465.                 // This request is only the preparation for the update of the home_top
    466. 

  466.                 $home_top = '';
    467. 

  467.                 if (is_file($homePath.$topf.'_'.$lang.$ext) && is_readable($homePath.$topf.'_'.$lang.$ext)) {
    468. 

  468.                     $home_top = @(string)file_get_contents($homePath.$topf.'_'.$lang.$ext);
    469. 

  469.                 } elseif (is_file($homePath.$topf.$lang.$ext) && is_readable($homePath.$topf.$lang.$ext)) {
    470. 

  470.                     $home_top = @(string)file_get_contents($homePath.$topf.$lang.$ext);
    471. 

  471.                 } else {
    472. 

  472.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    473. 

  473.                 }
    474. 

  474.                 $home_top = api_to_system_encoding($home_top, api_detect_encoding(strip_tags($home_top)));
    475. 

  475.                 break;
    476. 

  476.             case 'edit_notice':
    477. 

  477.                 // This request is only the preparation for the update of the home_notice
    478. 

  478.                 $home_notice = '';
    479. 

  479.                 if (is_file($homePath.$noticef.'_'.$lang.$ext) && is_readable($homePath.$noticef.'_'.$lang.$ext)) {
    480. 

  480.                     $home_notice = @file($homePath.$noticef.'_'.$lang.$ext);
    481. 

  481.                 } elseif (is_file($homePath.$noticef.$lang.$ext) && is_readable($homePath.$noticef.$lang.$ext)) {
    482. 

  482.                     $home_notice = @file($homePath.$noticef.$lang.$ext);
    483. 

  483.                 } else {
    484. 

  484.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    485. 

  485.                 }
    486. 

  486.                 if (empty($home_notice)) {
    487. 

  487.                     $home_notice = array();
    488. 

  488.                 }
    489. 

  489.                 $notice_title = strip_tags($home_notice[0]);
    490. 

  490.                 $notice_title = api_to_system_encoding($notice_title, api_detect_encoding($notice_title));
    491. 

  491.                 $notice_text = strip_tags(str_replace('<br />', "\n", $home_notice[1]), '<a>');
    492. 

  492.                 $notice_text = api_to_system_encoding($notice_text, api_detect_encoding(strip_tags($notice_text)));
    493. 

  493.                 break;
    494. 

  494.             case 'edit_news':
    495. 

  495.                 // This request is the preparation for the update of the home_news page
    496. 

  496.                 $home_news = '';
    497. 

  497.                 if (is_file($homePath.$newsf.'_'.$lang.$ext) && is_readable($homePath.$newsf.'_'.$lang.$ext)) {
    498. 

  498.                     $home_news = @(string)file_get_contents($homePath.$newsf.'_'.$lang.$ext);
    499. 

  499.                 } elseif (is_file($homePath.$newsf.$lang.$ext) && is_readable($homePath.$newsf.$lang.$ext)) {
    500. 

  500.                     $home_news = @(string)file_get_contents($homePath.$newsf.$lang.$ext);
    501. 

  501.                 } else {
    502. 

  502.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    503. 

  503.                 }
    504. 

  504.                 $home_news = api_to_system_encoding($home_news, api_detect_encoding(strip_tags($home_news)));
    505. 

  505.                 break;
    506. 

  506.             case 'insert_link':
    507. 

  507.                 // This request is the preparation for the addition of an item in home_menu
    508. 

  508.                 $home_menu = '';
    509. 

  509.                 $menuf = ($action == 'edit_tabs') ? $menutabs : $menuf;
    510. 

  510.                 if (is_file($homePath.$menuf.'_'.$lang.$ext) && is_readable($homePath.$menuf.'_'.$lang.$ext)) {
    511. 

  511.                     $home_menu = @file($homePath.$menuf.'_'.$lang.$ext);
    512. 

  512.                 } elseif (is_file($homePath.$menuf.$lang.$ext) && is_readable($homePath.$menuf.$lang.$ext)) {
    513. 

  513.                     $home_menu = @file($homePath.$menuf.$lang.$ext);
    514. 

  514.                 } else {
    515. 

  515.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    516. 

  516.                 }
    517. 

  517.                 if (empty($home_menu)) {
    518. 

  518.                     $home_menu = array();
    519. 

  519.                 }
    520. 

  520.                 if (!empty($home_menu)) {
    521. 

  521.                     $home_menu = implode("\n", $home_menu);
    522. 

  522.                     $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    523. 

  523.                     $home_menu = explode("\n", $home_menu);
    524. 

  524.                 }
    525. 

  525.                 $home_menu = array_values(array_filter(array_map('trim', $home_menu), 'strlen'));
    526. 

  526.                 break;
    527. 

  527.             case 'insert_tabs':
    528. 

  528.                 // This request is the preparation for the addition of an item in home_menu
    529. 

  529.                 $home_menu = '';
    530. 

  530.                 if (is_file($homePath.$menutabs.'_'.$lang.$ext) && is_readable($homePath.$menutabs.'_'.$lang.$ext)) {
    531. 

  531.                     $home_menu = @file($homePath.$menutabs.'_'.$lang.$ext);
    532. 

  532.                 } elseif (is_file($homePath.$menutabs.$lang.$ext) && is_readable($homePath.$menutabs.$lang.$ext)) {
    533. 

  533.                     $home_menu = @file($homePath.$menutabs.$lang.$ext);
    534. 

  534.                 } else {
    535. 

  535.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    536. 

  536.                 }
    537. 

  537.                 if (empty($home_menu)) {
    538. 

  538.                     $home_menu = array();
    539. 

  539.                 }
    540. 

  540.                 if (!empty($home_menu)) {
    541. 

  541.                     $home_menu = implode("\n", $home_menu);
    542. 

  542.                     $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    543. 

  543.                     $home_menu = explode("\n", $home_menu);
    544. 

  544.                 }
    545. 

  545.                 $home_menu = array_values(array_filter(array_map('trim', $home_menu), 'strlen'));
    546. 

  546.                 break;
    547. 

  547.             case 'edit_tabs':
    548. 

  548.             case 'edit_link':
    549. 

  549.                 // This request is the preparation for the edition of the links array
    550. 

  550.                 $home_menu = '';
    551. 

  551.                 $menuf = ($action == 'edit_tabs') ? $menutabs : $menuf;
    552. 

  552.                 if (is_file($homePath.$menuf.'_'.$lang.$ext) && is_readable($homePath.$menuf.'_'.$lang.$ext)) {
    553. 

  553.                     $home_menu = @file($homePath.$menuf.'_'.$lang.$ext);
    554. 

  554.                 } elseif (is_file($homePath.$menuf.$lang.$ext) && is_readable($homePath.$menuf.$lang.$ext)) {
    555. 

  555.                     $home_menu = @file($homePath.$menuf.$lang.$ext);
    556. 

  556.                 } else {
    557. 

  557.                     $errorMsg = get_lang('HomePageFilesNotReadable');
    558. 

  558.                 }
    559. 

  559.                 if (empty($home_menu)) {
    560. 

  560.                     $home_menu = array();
    561. 

  561.                 }
    562. 

  562.                 if (!empty($home_menu)) {
    563. 

  563.                     $home_menu = implode("\n", $home_menu);
    564. 

  564.                     $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    565. 

  565.                     $home_menu = explode("\n", $home_menu);
    566. 

  566.                 }
    567. 

  567. 

  568.                 $link_index = intval($_GET['link_index']);
    569. 

  569. 

  570.                 $target_blank = false;
    571. 

  571.                 $link_name = '';
    572. 

  572.                 $link_url = '';
    573. 

  573. 

  574.                 //$home_menu_new = array();
    575. 

  575.                 //
    576. 

  576.                 //Cleaning array
    577. 

  577.                 //foreach ($home_menu as $item) {
    578. 

  578.                 //	if(!empty($item)) {
    579. 

  579.                 //		$home_menu_new[] = $item;
    580. 

  580.                 //	}
    581. 

  581.                 //}
    582. 

  582.                 //$home_menu = $home_menu_new;
    583. 

  583. 

  584.                 // Cleaning the array
    585. 

  585.                 $home_menu = array_values(array_filter(array_map('trim', $home_menu), 'strlen'));
    586. 

  586. 

  587.                 // For each line of the home_menu file
    588. 

  588.                 foreach ($home_menu as $key => $enreg) {
    589. 

  589. 

  590.                     // Check if the current item is the one we want to update
    591. 

  591.                     if ($key == $link_index) {
    592. 

  592.                         // This is the link we want to update
    593. 

  593.                         // Check if the target should be "_blank"
    594. 

  594.                         if (strstr($enreg, 'target="_blank"')) {
    595. 

  595.                             $target_blank = true;
    596. 

  596.                         }
    597. 

  597. 

  598.                         if (strstr($enreg, 'hide_menu')) {
    599. 

  599.                             $add_in_tab = false;
    600. 

  600.                         } else {
    601. 

  601.                             $add_in_tab = true;
    602. 

  602.                         }
    603. 

  603. 

  604.                         // Remove dangerous HTML tags from the link itself (this is an
    605. 

  605.                         // additional measure in case a link previously contained
    606. 

  606.                         // unsecure tags)
    607. 

  607.                         $link_name = strip_tags($enreg);
    608. 

  608. 

  609.                         // Get the contents of "href" attribute in $link_url
    610. 

  610.                         $enreg = explode('href="', $enreg);
    611. 

  611.                         list($link_url) = explode('"', $enreg[sizeof($enreg) - 1]);
    612. 

  612. 

  613.                         // If the link contains the web root of this portal, then strip
    614. 

  614.                         // it off and keep only the name of the file that needs edition
    615. 

  615.                         if (strstr($link_url, '?include=')) {
    616. 

  616.                             $link_url = explode('?include=', $link_url);
    617. 

  617. 

  618.                             $filename = $link_url[sizeof($link_url) - 1];
    619. 

  619. 

  620.                             if (!strstr($filename, '/') && strstr($filename, '.html')) {
    621. 

  621.                                 // Get oonly the contents of the link file
    622. 

  622.                                 $link_html = @file($homePath.$filename);
    623. 

  623.                                 $link_html = implode('', $link_html);
    624. 

  624.                                 $link_url = '';
    625. 

  625.                             } else {
    626. 

  626.                                 $filename = '';
    627. 

  627.                             }
    628. 

  628.                         }
    629. 

  629.                         break;
    630. 

  630.                     }
    631. 

  631.                 }
    632. 

  632.                 break;
    633. 

  633.         }
    634. 

  634.         //end of second switch($action) (when POST['formSent'] was not set, yet)
    635. 

  635.     }
    636. 

  636.     // end of "else" in if($_POST['formSent']) condition
    637. 

  637. } else {
    638. 

  638.     //if $action is empty, then prepare a list of the course categories to display (?)
    639. 

  639.     $Categories = Database::store_result(
    640. 

  640.         Database::query("SELECT name FROM $tbl_category WHERE parent_id IS NULL ORDER BY tree_pos")
    641. 

  641.     );
    642. 

  642. }
    643. 

  643. 

  644. // Display section
    645. 

  645. 

  646. Display::display_header($tool_name);
    647. 

  647. 

  648. switch ($action) {
    649. 

  649.     case 'open_link':
    650. 

  650.         if (!empty($link)) {
    651. 

  651.             // $link is only set in case of action=open_link and is filtered
    652. 

  652.             $open = @(string)file_get_contents($homePath.$link);
    653. 

  653.             $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
    654. 

  654.             echo $open;
    655. 

  655.         }
    656. 

  656.         break;
    657. 

  657.     case 'edit_notice':
    658. 

  658.         // Display for edit_notice case
    659. 

  659.         ?>
    660. 

  660.     <form action="<?php echo api_get_self(); ?>?action=<?php echo $action; ?>" method="post" style="margin:0px;">
    661. 

  661.         <legend><?php echo $tool_name; ?></legend>
    662. 

  662.         <input type="hidden" name="formSent" value="1"/>
    663. 

  663.         <?php
    664. 

  664.         if (!empty($errorMsg)) {
    665. 

  665.             Display::display_normal_message($errorMsg);
    666. 

  666.         }
    667. 

  667.         ?>
    668. 

  668.         <table border="0" cellpadding="5" cellspacing="0">
    669. 

  669.             <tr>
    670. 

  670.                 <td colspan="2"><?php echo '<span style="font-style: italic;">'.get_lang(
    671. 

  671.                 'LetThoseFieldsEmptyToHideTheNotice'
    672. 

  672.             ).'</span>'; ?></tr>
    673. 

  673.             <tr>
    674. 

  674.                 <td nowrap="nowrap"><?php echo get_lang('NoticeTitle'); ?> :</td>
    675. 

  675.                 <td><input type="text" name="notice_title" size="30" maxlength="50" value="<?php echo $notice_title; ?>"
    676. 

  676.                            style="width: 350px;"/></td>
    677. 

  677.             </tr>
    678. 

  678.             <tr>
    679. 

  679.                 <td nowrap="nowrap" valign="top"><?php echo get_lang('NoticeText'); ?> :</td>
    680. 

  680.                 <td><textarea name="notice_text" cols="30" rows="5" wrap="virtual"
    681. 

  681.                               style="width: 350px;"><?php echo $notice_text; ?></textarea></td>
    682. 

  682.             </tr>
    683. 

  683.             <tr>
    684. 

  684.                 <td>&nbsp;</td>
    685. 

  685.                 <td>
    686. 

  686.                     <button class="save" type="submit" value="<?php echo get_lang('Ok'); ?>"><?php echo get_lang(
    687. 

  687.                         'Ok'
    688. 

  688.                     ); ?></button>
    689. 

  689.                 </td>
    690. 

  690.             </tr>
    691. 

  691.         </table>
    692. 

  692.     </form>
    693. 

  693.     <?php
    694. 

  694.         break;
    695. 

  695.     case 'insert_tabs':
    696. 

  696.     case 'edit_tabs':
    697. 

  697.     case 'insert_link':
    698. 

  698.     case 'edit_link':
    699. 

  699. 

  700.         if (!empty($errorMsg)) {
    701. 

  701.             Display::display_normal_message($errorMsg);
    702. 

  702.         }
    703. 

  703.         $default = array();
    704. 

  704.         $form = new FormValidator('configure_homepage_'.$action, 'post', api_get_self(
    705. 

  705.         ).'?action='.$action, '', array('style' => 'margin: 0px;'));
    706. 

  706.         $renderer =& $form->defaultRenderer();
    707. 

  707. 

  708.         $form->addElement('header', '', $tool_name);
    709. 

  709.         $form->addElement('hidden', 'formSent', '1');
    710. 

  710.         $form->addElement(
    711. 

  711.             'hidden',
    712. 

  712.             'link_index',
    713. 

  713.             ($action == 'edit_link' || $action == 'edit_tabs') ? $link_index : '0'
    714. 

  714.         );
    715. 

  715.         $form->addElement('hidden', 'filename', ($action == 'edit_link' || $action == 'edit_tabs') ? $filename : '');
    716. 

  716. 

  717.         $form->addElement('text', 'link_name', get_lang('LinkName'), array('size' => '30', 'maxlength' => '50'));
    718. 

  718.         $default['link_name'] = $link_name;
    719. 

  719. 

  720.         $default['link_url'] = empty($link_url) ? 'http://' : api_htmlentities($link_url, ENT_QUOTES);
    721. 

  721.         $form->addElement(
    722. 

  722.             'text',
    723. 

  723.             'link_url',
    724. 

  724.             array(get_lang('LinkURL'), get_lang('Optional')),
    725. 

  725.             array('size' => '30', 'maxlength' => '100', 'style' => 'width: 350px;')
    726. 

  726.         );
    727. 

  727. 

  728.         $options = array('-1' => get_lang('FirstPlace'));
    729. 

  729. 

  730.         $selected = '';
    731. 

  731. 

  732.         if ($action == 'insert_link' || $action == 'insert_tabs') {
    733. 

  733.             $add_in_tab = 1;
    734. 

  734.             if (is_array($home_menu)) {
    735. 

  735.                 foreach ($home_menu as $key => $enreg) {
    736. 

  736.                     if (strlen($enreg = trim(strip_tags($enreg))) > 0) {
    737. 

  737.                         $options[$key] = get_lang('After').' &quot;'.$enreg.'&quot;';
    738. 

  738.                         $selected = $formSent && $insert_where == $key ? $key : '';
    739. 

  739.                     }
    740. 

  740.                 }
    741. 

  741.             }
    742. 

  742.             $default['insert_link'] = $selected;
    743. 

  743.             $form->addElement('select', 'insert_where', get_lang('InsertThisLink'), $options);
    744. 

  744.         }
    745. 

  745. 

  746.         $target_blank_checkbox = $form->addElement('checkbox', 'target_blank', null, get_lang('OpenInNewWindow'), 1);
    747. 

  747. 

  748.         if ($action == 'insert_tabs' || $action == 'edit_tabs') {
    749. 

  749.             $form->addElement('checkbox', 'add_in_tab', null, get_lang('AddInMenu'), 1);
    750. 

  750.             $default['add_in_tab'] = $add_in_tab;
    751. 

  751.         }
    752. 

  752. 

  753.         if ($target_blank) {
    754. 

  754.             $target_blank_checkbox->setChecked(true);
    755. 

  755.         }
    756. 

  756. 

  757.         if ($action == 'edit_link' && (empty($link_url) || $link_url == 'http://' || $link_url == 'https://')) {
    758. 

  758.             if (api_get_setting('wcag_anysurfer_public_pages') == 'true') {
    759. 

  759.                 $form->addElement(
    760. 

  760.                     'html',
    761. 

  761.                     WCAG_Rendering::create_xhtml(isset($_POST['link_html']) ? $_POST['link_html'] : $link_html)
    762. 

  762.                 );
    763. 

  763.             } else {
    764. 

  764.                 $default['link_html'] = isset($_POST['link_html']) ? $_POST['link_html'] : $link_html;
    765. 

  765.                 $form->add_html_editor(
    766. 

  766.                     'link_html',
    767. 

  767.                     get_lang('Content'),
    768. 

  768.                     false,
    769. 

  769.                     false,
    770. 

  770.                     array('ToolbarSet' => 'PortalHomePage', 'Width' => '100%', 'Height' => '400')
    771. 

  771.                 );
    772. 

  772.             }
    773. 

  773.             $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
    774. 

  774.         } else {
    775. 

  775.             if (in_array($action, array('edit_tabs', 'insert_tabs'))) {
    776. 

  776.                 if (api_get_setting('wcag_anysurfer_public_pages') == 'true') {
    777. 

  777.                     $form->addElement('html', get_lang('Content').' ('.get_lang('Optional').')');
    778. 

  778.                     $form->addElement(
    779. 

  779.                         'html',
    780. 

  780.                         WCAG_Rendering::create_xhtml(isset($_POST['link_html']) ? $_POST['link_html'] : $link_html)
    781. 

  781.                     );
    782. 

  782.                 } else {
    783. 

  783.                     $default['link_html'] = isset($_POST['link_html']) ? $_POST['link_html'] : $link_html;
    784. 

  784.                     $form->add_html_editor(
    785. 

  785.                         'link_html',
    786. 

  786.                         get_lang('Content'),
    787. 

  787.                         false,
    788. 

  788.                         false,
    789. 

  789.                         array('ToolbarSet' => 'PortalHomePage', 'Width' => '100%', 'Height' => '400')
    790. 

  790.                     );
    791. 

  791.                 }
    792. 

  792.             }
    793. 

  793.             $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
    794. 

  794.         }
    795. 

  795. 

  796.         $form->setDefaults($default);
    797. 

  797.         $form->display();
    798. 

  798. 

  799.         break;
    800. 

  800.     case 'edit_top':
    801. 

  801.     case 'edit_news':
    802. 

  802.         if ($action == 'edit_top') {
    803. 

  803.             $name = $topf;
    804. 

  804.             $open = $home_top;
    805. 

  805.         } else {
    806. 

  806.             $name = $newsf;
    807. 

  807.             $open = @(string)file_get_contents($homePath.$newsf.'_'.$lang.$ext);
    808. 

  808.         }
    809. 

  809.         $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
    810. 

  810. 

  811.         if (!empty($errorMsg)) {
    812. 

  812.             Display::display_normal_message($errorMsg); //main API
    813. 

  813.         }
    814. 

  814. 

  815.         $default = array();
    816. 

  816.         $form = new FormValidator('configure_homepage_'.$action, 'post', api_get_self(
    817. 

  817.         ).'?action='.$action, '', array('style' => 'margin: 0px;'));
    818. 

  818.         $renderer =& $form->defaultRenderer();
    819. 

  819.         $renderer->setHeaderTemplate('');
    820. 

  820.         $renderer->setFormTemplate(
    821. 

  821.             '<form{attributes}><table border="0" cellpadding="5" cellspacing="0" width="100%">{content}</table></form>'
    822. 

  822.         );
    823. 

  823.         $renderer->setElementTemplate('<tr><td>{element}</td></tr>');
    824. 

  824.         $renderer->setRequiredNoteTemplate('');
    825. 

  825.         $form->addElement('hidden', 'formSent', '1');
    826. 

  826. 

  827.         if ($action == 'edit_news') {
    828. 

  828.             $_languages = api_get_languages();
    829. 

  829.             $html = '<tr><td>'.get_lang('ChooseNewsLanguage').' : ';
    830. 

  830.             $html .= '<select name="news_languages">';
    831. 

  831.             $html .= '<option value="all">'.get_lang('AllLanguages').'</option>';
    832. 

  832.             foreach ($_languages['name'] as $key => $value) {
    833. 

  833.                 $english_name = $_languages['folder'][$key];
    834. 

  834.                 if ($language == $english_name) {
    835. 

  835.                     $html .= '<option value="'.$english_name.'" selected="selected">'.$value.'</option>';
    836. 

  836.                 } else {
    837. 

  837.                     $html .= '<option value="'.$english_name.'">'.$value.'</option>';
    838. 

  838.                 }
    839. 

  839.             }
    840. 

  840.             $html .= '</select></td></tr>';
    841. 

  841.             $form->addElement('html', $html);
    842. 

  842.         }
    843. 

  843.         if (api_get_setting('wcag_anysurfer_public_pages') == 'true') {
    844. 

  844.             //TODO: review these lines
    845. 

  845.             // Print WCAG-specific HTML editor
    846. 

  846.             $html = '<tr><td>';
    847. 

  847.             $html .= WCAG_Rendering::create_xhtml($open);
    848. 

  848.             $html .= '</td></tr>';
    849. 

  849.             $form->addElement('html', $html);
    850. 

  850.         } else {
    851. 

  851.             $default[$name] = str_replace('{rel_path}', api_get_path(REL_PATH), $open);
    852. 

  852.             $form->add_html_editor(
    853. 

  853.                 $name,
    854. 

  854.                 '',
    855. 

  855.                 true,
    856. 

  856.                 false,
    857. 

  857.                 array('ToolbarSet' => 'PortalHomePage', 'Width' => '100%', 'Height' => '400')
    858. 

  858.             );
    859. 

  859.         }
    860. 

  860.         $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"');
    861. 

  861.         $form->setDefaults($default);
    862. 

  862.         $form->display();
    863. 

  863. 

  864.         break;
    865. 

  865.     default: // When no action applies, default page to update campus homepage
    866. 

  866.         ?>
    867. 

  867.         <table border="0" cellpadding="5" cellspacing="0" width="100%">
    868. 

  868.         <tr>
    869. 

  869.         <td width="70%" valign="top">
    870. 

  870.             <div class="actions">
    871. 

  871.                 <a href="<?php echo api_get_self(); ?>?action=edit_top"><?php Display::display_icon(
    872. 

  872.                     'edit.gif',
    873. 

  873.                     get_lang('EditHomePage')
    874. 

  874.                 ); ?></a>
    875. 

  875.                 <a href="<?php echo api_get_self(); ?>?action=edit_top"><?php echo get_lang(
    876. 

  876.                     'EditHomePage'
    877. 

  877.                 ); ?></a>
    878. 

  878.             </div>
    879. 

  879. 

  880.             <table border="0" cellpadding="5" cellspacing="0" width="100%">
    881. 

  881.                 <tr>
    882. 

  882.                     <td colspan="2">
    883. 

  883.                         <?php
    884. 

  884.                         //print home_top contents
    885. 

  885.                         if (file_exists($homePath.$topf.'_'.$lang.$ext)) {
    886. 

  886.                             $home_top_temp = @(string)file_get_contents($homePath.$topf.'_'.$lang.$ext);
    887. 

  887.                         } else {
    888. 

  888.                             $home_top_temp = @(string)file_get_contents($homePath.$topf.$ext);
    889. 

  889.                         }
    890. 

  890.                         $open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp);
    891. 

  891.                         $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
    892. 

  892.                         echo $open;
    893. 

  893.                         ?>
    894. 

  894.                     </td>
    895. 

  895.                 </tr>
    896. 

  896.                 <tr>
    897. 

  897.                     <?php
    898. 

  898. 

  899.                     $access_url_id = 1;
    900. 

  900.                     // we only show the category options for the main chamilo installation
    901. 

  901.                     if (api_is_multiple_url_enabled()) {
    902. 

  902.                         $access_url_id = api_get_current_access_url_id();
    903. 

  903.                     }
    904. 

  904.                     echo '<td width="50%">';
    905. 

  905.                     if ($access_url_id == 1) {
    906. 

  906.                         echo '<div class="actions">';
    907. 

  907.                         echo '<a href="course_category.php">'.Display::display_icon(
    908. 

  908.                             'edit.gif',
    909. 

  909.                             get_lang('Edit')
    910. 

  910.                         ).'</a>
    911. 

  911. 					  <a href="course_category.php">'.get_lang('EditCategories').'</a>';
    912. 

  912.                         echo '</div>';
    913. 

  913.                     }
    914. 

  914.                     echo '</td>
    915. 

  915. 				  <td width="50%">
    916. 

  916. 				  <br />';
    917. 

  917.                     /* <!--<a href="<?php echo api_get_self(); ?>?action=edit_news"><?php Display::display_icon('edit.gif', get_lang('Edit')); ?></a> <a href="<?php echo api_get_self(); ?>?action=edit_news"><?php echo get_lang('EditNews'); ?></a>--> */
    918. 

  918.                     echo '</td></tr>
    919. 

  919. 				<tr>
    920. 

  920. 				<td width="50%" valign="top">
    921. 

  921. 				<table border="0" cellpadding="5" cellspacing="0" width="100%">';
    922. 

  922.                     if ($access_url_id == 1) {
    923. 

  923.                         if (sizeof($Categories)) {
    924. 

  924.                             foreach ($Categories as $enreg) {
    925. 

  925.                                 echo '<tr><td>'.Display::return_icon(
    926. 

  926.                                     'folder_document.gif',
    927. 

  927.                                     $enreg['name']
    928. 

  928.                                 ).'&nbsp;'.$enreg['name'].'</td></tr>';
    929. 

  929.                             }
    930. 

  930.                             unset($Categories);
    931. 

  931.                         } else {
    932. 

  932.                             echo get_lang('NoCategories');
    933. 

  933.                         }
    934. 

  934.                     }
    935. 

  935. 

  936.                     echo '</table>';
    937. 

  937.                     ?>
    938. 

  938.                     </td>
    939. 

  939.                     <!--<td width="50%" valign="top">
    940. 

  940. 				<?php
    941. 

  941.                     if (file_exists($homePath.$newsf.'_'.$lang.$ext)) {
    942. 

  942.                         $open = @(string)file_get_contents($homePath.$newsf.'_'.$lang.$ext);
    943. 

  943.                         $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
    944. 

  944.                         echo $open;
    945. 

  945.                     } else {
    946. 

  946.                         $open = @(string)file_get_contents($homePath.$newsf.$ext);
    947. 

  947.                         $open = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
    948. 

  948.                         echo $open;
    949. 

  949.                     }
    950. 

  950.                     ?>
    951. 

  951. 			  </td>-->
    952. 

  952.                 </tr>
    953. 

  953.             </table>
    954. 

  954.             <?php
    955. 

  955. 

  956.             // Add new page
    957. 

  957. 

  958.             $home_menu = '';
    959. 

  959.             if (file_exists($homePath.$menutabs.'_'.$lang.$ext)) {
    960. 

  960.                 $home_menu = @file($homePath.$menutabs.'_'.$lang.$ext);
    961. 

  961.             } else {
    962. 

  962.                 $home_menu = @file($homePath.$menutabs.$ext);
    963. 

  963.             }
    964. 

  964.             if (empty($home_menu)) {
    965. 

  965.                 $home_menu = array();
    966. 

  966.             }
    967. 

  967.             if (!empty($home_menu)) {
    968. 

  968.                 $home_menu = implode("\n", $home_menu);
    969. 

  969.                 $home_menu = api_to_system_encoding($home_menu, api_detect_encoding(strip_tags($home_menu)));
    970. 

  970.                 $home_menu = explode("\n", $home_menu);
    971. 

  971.             }
    972. 

  972.             $link_list = '';
    973. 

  973.             $tab_counter = 0;
    974. 

  974.             foreach ($home_menu as $enreg) {
    975. 

  975.                 $enreg = trim($enreg);
    976. 

  976.                 if (!empty($enreg)) {
    977. 

  977.                     $edit_link = ' <a href="'.api_get_self(
    978. 

  978.                     ).'?action=edit_tabs&amp;link_index='.$tab_counter.'" ><span>'.Display::return_icon(
    979. 

  979.                         'edit.gif',
    980. 

  980.                         get_lang('Edit')
    981. 

  981.                     ).'</span></a>';
    982. 

  982.                     $delete_link = ' <a href="'.api_get_self(
    983. 

  983.                     ).'?action=delete_tabs&amp;link_index='.$tab_counter.'"  onclick="javascript: if(!confirm(\''.addslashes(
    984. 

  984.                         api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)
    985. 

  985.                     ).'\')) return false;"><span>'.Display::return_icon(
    986. 

  986.                         'delete.gif',
    987. 

  987.                         get_lang('Delete')
    988. 

  988.                     ).'</span></a>';
    989. 

  989.                     $tab_string = str_replace(
    990. 

  990.                         array('href="'.api_get_path(WEB_PATH).'index.php?include=', '</li>'),
    991. 

  991.                         array(
    992. 

  992.                             'href="'.api_get_path(WEB_CODE_PATH).'admin/'.basename(
    993. 

  993.                                 api_get_self()
    994. 

  994.                             ).'?action=open_link&link=',
    995. 

  995.                             $edit_link.$delete_link.'</li>'
    996. 

  996.                         ),
    997. 

  997.                         $enreg
    998. 

  998.                     );
    999. 

  999.                     $tab_string = str_replace(
    1000. 

  1000.                         array('<li>', '</li>', 'class="hide_menu"', 'hide_menu'),
    1001. 

  1001.                         '',
    1002. 

  1002.                         $tab_string
    1003. 

  1003.                     );
    1004. 

  1004. 

  1005.                     $link_list .= Display::tag('tr', Display::tag('td', $tab_string));
    1006. 

  1006.                     $tab_counter++;
    1007. 

  1007.                 }
    1008. 

  1008.             }
    1009. 

  1009.             ?>
    1010. 

  1010.             <div class="actions">
    1011. 

  1011.                 <a href="<?php echo api_get_self(); ?>?action=insert_tabs"><?php Display::display_icon(
    1012. 

  1012.                     'addd.gif',
    1013. 

  1013.                     get_lang('InsertLink')
    1014. 

  1014.                 ); echo get_lang('InsertLink'); ?></a>
    1015. 

  1015.             </div>
    1016. 

  1016.             <?php
    1017. 

  1017.             echo '<table class="data_table">';
    1018. 

  1018.             echo $link_list;
    1019. 

  1019.             echo '</table>';
    1020. 

  1020.             ?>
    1021. 

  1021.         </td>
    1022. 

  1022.         <td width="10%" valign="top"></td>
    1023. 

  1023.         <td width="20%" rowspan="3" valign="top">
    1024. 

  1024. 

  1025.             <div id="login_block" class="well sidebar-nav">
    1026. 

  1026.                 <?php echo api_display_language_form(); ?>
    1027. 

  1027.                 <form id="formLogin">
    1028. 

  1028.                     <div><label><?php echo get_lang('LoginName'); ?></label></div>
    1029. 

  1029.                     <div><input type="text" id="login" size="15" value="" disabled="disabled"/></div>
    1030. 

  1030.                     <div><label><?php echo get_lang('UserPassword'); ?></label></div>
    1031. 

  1031.                     <div><input type="password" id="password" size="15" value="" disabled="disabled"/></div>
    1032. 

  1032.                     <div>
    1033. 

  1033.                         <button class="btn" type="button" name="submitAuth"
    1034. 

  1034.                                 value="<?php echo get_lang('Ok'); ?>" disabled="disabled"><?php echo get_lang(
    1035. 

  1035.                             'Ok'
    1036. 

  1036.                         ); ?></button>
    1037. 

  1037.                     </div>
    1038. 

  1038.                 </form>
    1039. 

  1039.             </div>
    1040. 

  1040. 

  1041.             <div id="profile_block" class="well sidebar-nav">
    1042. 

  1042.                 <h4><?php echo get_lang('MenuUser'); ?></h4>
    1043. 

  1043.                 <ul class="nav nav-list">
    1044. 

  1044.                     <li><span style="color: #9D9DA1; font-weight: bold;"><?php echo api_ucfirst(
    1045. 

  1045.                         get_lang('Registration')
    1046. 

  1046.                     ); ?></span></li>
    1047. 

  1047.                     <li><span style="color: #9D9DA1; font-weight: bold;"><?php echo api_ucfirst(
    1048. 

  1048.                         get_lang('LostPassword')
    1049. 

  1049.                     ); ?></span></li>
    1050. 

  1050.                 </ul>
    1051. 

  1051.             </div>
    1052. 

  1052. 

  1053.             <div id="notice_block" class="well sidebar-nav">
    1054. 

  1054.                 <h4><?php echo get_lang('Notice'); ?>
    1055. 

  1055.                     <a href="<?php echo api_get_self(); ?>?action=edit_notice"><?php Display::display_icon(
    1056. 

  1056.                         'edit.png',
    1057. 

  1057.                         get_lang('Edit'),
    1058. 

  1058.                         array(),
    1059. 

  1059.                         ICON_SIZE_SMALL
    1060. 

  1060.                     ); ?></a>
    1061. 

  1061.                 </h4>
    1062. 

  1062.                 <?php
    1063. 

  1063.                 $home_notice = '';
    1064. 

  1064.                 if (file_exists($homePath.$noticef.'_'.$lang.$ext)) {
    1065. 

  1065.                     $home_notice = @(string)file_get_contents($homePath.$noticef.'_'.$lang.$ext);
    1066. 

  1066.                 } else {
    1067. 

  1067.                     $home_notice = @(string)file_get_contents($homePath.$noticef.$ext);
    1068. 

  1068.                 }
    1069. 

  1069.                 $home_notice = api_to_system_encoding(
    1070. 

  1070.                     $home_notice,
    1071. 

  1071.                     api_detect_encoding(strip_tags($home_notice))
    1072. 

  1072.                 );
    1073. 

  1073.                 echo '<div class="homepage_notice">';
    1074. 

  1074.                 echo $home_notice;
    1075. 

  1075.                 echo '</div>';
    1076. 

  1076.                 ?>
    1077. 

  1077.             </div>
    1078. 

  1078. 

  1079. 

  1080.             <div class="well sidebar-nav">
    1081. 

  1081.                 <a href="<?php echo api_get_self(); ?>?action=insert_link"><?php Display::display_icon(
    1082. 

  1082.                     'addd.gif',
    1083. 

  1083.                     get_lang('InsertLink')
    1084. 

  1084.                 ); ?></a>
    1085. 

  1085.                 <a href="<?php echo api_get_self(); ?>?action=insert_link"><?php echo get_lang(
    1086. 

  1086.                     'InsertLink'
    1087. 

  1087.                 ); ?></a>
    1088. 

  1088. 

  1089.                 <h4><?php echo api_ucfirst(get_lang('General')); ?></h4>
    1090. 

  1090.                 <ul class="menulist">
    1091. 

  1091.                     <?php
    1092. 

  1092.                     $home_menu = '';
    1093. 

  1093.                     if (file_exists($homePath.$menuf.'_'.$lang.$ext)) {
    1094. 

  1094.                         $home_menu = @file($homePath.$menuf.'_'.$lang.$ext);
    1095. 

  1095.                     } else {
    1096. 

  1096.                         $home_menu = @file($homePath.$menuf.$ext);
    1097. 

  1097.                     }
    1098. 

  1098.                     if (empty($home_menu)) {
    1099. 

  1099.                         $home_menu = array();
    1100. 

  1100.                     }
    1101. 

  1101.                     if (!empty($home_menu)) {
    1102. 

  1102.                         $home_menu = implode("\n", $home_menu);
    1103. 

  1103.                         $home_menu = api_to_system_encoding(
    1104. 

  1104.                             $home_menu,
    1105. 

  1105.                             api_detect_encoding(strip_tags($home_menu))
    1106. 

  1106.                         );
    1107. 

  1107.                         $home_menu = explode("\n", $home_menu);
    1108. 

  1108.                     }
    1109. 

  1109.                     $i = 0;
    1110. 

  1110.                     foreach ($home_menu as $enreg) {
    1111. 

  1111.                         $enreg = trim($enreg);
    1112. 

  1112.                         if (!empty($enreg)) {
    1113. 

  1113.                             $edit_link = '<a href="'.api_get_self(
    1114. 

  1114.                             ).'?action=edit_link&amp;link_index='.$i.'">'.Display::return_icon(
    1115. 

  1115.                                 'edit.gif',
    1116. 

  1116.                                 get_lang('Edit')
    1117. 

  1117.                             ).'</a>';
    1118. 

  1118.                             $delete_link = '<a href="'.api_get_self(
    1119. 

  1119.                             ).'?action=delete_link&amp;link_index='.$i.'" onclick="javascript:if(!confirm(\''.addslashes(
    1120. 

  1120.                                 api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)
    1121. 

  1121.                             ).'\')) return false;">'.Display::return_icon(
    1122. 

  1122.                                 'delete.gif',
    1123. 

  1123.                                 get_lang('Delete')
    1124. 

  1124.                             ).'</a>';
    1125. 

  1125.                             echo str_replace(
    1126. 

  1126.                                 array('href="'.api_get_path(WEB_PATH).'index.php?include=', '</li>'),
    1127. 

  1127.                                 array(
    1128. 

  1128.                                     'href="'.api_get_path(WEB_CODE_PATH).'admin/'.basename(
    1129. 

  1129.                                         api_get_self()
    1130. 

  1130.                                     ).'?action=open_link&link=',
    1131. 

  1131.                                     '<br />'.$edit_link.' '.$delete_link.'</li>'
    1132. 

  1132.                                 ),
    1133. 

  1133.                                 $enreg
    1134. 

  1134.                             );
    1135. 

  1135.                             $i++;
    1136. 

  1136.                         }
    1137. 

  1137.                     }
    1138. 

  1138.                     ?>
    1139. 

  1139.                 </ul>
    1140. 

  1140.             </div>
    1141. 

  1141. 

  1142.         </td>
    1143. 

  1143.         </tr>
    1144. 

  1144.         </table>
    1145. 

  1145.         <?php
    1146. 

  1146.         break;
    1147. 

  1147. }
    1148. 

  1148. Display::display_footer();
    1149.