session.ajax.php 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. use Chamilo\UserBundle\Entity\User;
  4. /**
  5. * Responses to AJAX calls.
  6. */
  7. require_once __DIR__.'/../global.inc.php';
  8. $action = $_REQUEST['a'];
  9. switch ($action) {
  10. case 'get_user_sessions':
  11. if (api_is_platform_admin() || api_is_session_admin()) {
  12. $user_id = (int) $_POST['user_id'];
  13. $list_sessions = SessionManager::get_sessions_by_user($user_id, true);
  14. if (!empty($list_sessions)) {
  15. foreach ($list_sessions as $session_item) {
  16. echo $session_item['session_name'].'<br />';
  17. }
  18. } else {
  19. echo get_lang('This user isn\'t subscribed in a session');
  20. }
  21. unset($list_sessions);
  22. }
  23. break;
  24. case 'order':
  25. api_protect_admin_script();
  26. $allowOrder = api_get_configuration_value('session_list_order');
  27. if ($allowOrder) {
  28. $order = isset($_GET['order']) ? $_GET['order'] : [];
  29. $order = json_decode($order);
  30. if (!empty($order)) {
  31. $table = Database::get_main_table(TABLE_MAIN_SESSION);
  32. foreach ($order as $data) {
  33. if (isset($data->order) && isset($data->id)) {
  34. $orderId = (int) $data->order;
  35. $sessionId = (int) $data->id;
  36. $sql = "UPDATE $table SET position = $orderId WHERE id = $sessionId ";
  37. Database::query($sql);
  38. }
  39. }
  40. }
  41. }
  42. break;
  43. case 'search_session':
  44. if (api_is_platform_admin()) {
  45. $sessions = SessionManager::get_sessions_list(
  46. [
  47. 's.name' => [
  48. 'operator' => 'LIKE',
  49. 'value' => "%".$_REQUEST['q']."%",
  50. ],
  51. ]
  52. );
  53. $list = [
  54. 'items' => [],
  55. ];
  56. if (empty($sessions)) {
  57. echo json_encode([]);
  58. break;
  59. }
  60. foreach ($sessions as $session) {
  61. $list['items'][] = [
  62. 'id' => $session['id'],
  63. 'text' => $session['name'],
  64. ];
  65. }
  66. echo json_encode($list);
  67. }
  68. break;
  69. case 'search_session_all':
  70. if (api_is_platform_admin()) {
  71. $results = SessionManager::get_sessions_list(
  72. [
  73. 's.name' => ['operator' => 'like', 'value' => "%".$_REQUEST['q']."%"],
  74. 'c.id' => ['operator' => '=', 'value' => $_REQUEST['course_id']],
  75. ]
  76. );
  77. $results2 = [];
  78. if (!empty($results)) {
  79. foreach ($results as $item) {
  80. $item2 = [];
  81. foreach ($item as $id => $internal) {
  82. if ($id == 'id') {
  83. $item2[$id] = $internal;
  84. }
  85. if ($id == 'name') {
  86. $item2['text'] = $internal;
  87. }
  88. }
  89. $results2[] = $item2;
  90. }
  91. $results2[] = ['T', 'text' => 'TODOS', 'id' => 'T'];
  92. echo json_encode($results2);
  93. } else {
  94. echo json_encode([['T', 'text' => 'TODOS', 'id' => 'T']]);
  95. }
  96. }
  97. break;
  98. case 'search_session_by_course':
  99. if (api_is_platform_admin()) {
  100. $results = SessionManager::get_sessions_list(
  101. [
  102. 's.name' => ['operator' => 'like', 'value' => "%".$_REQUEST['q']."%"],
  103. 'c.id' => ['operator' => '=', 'value' => $_REQUEST['course_id']],
  104. ]
  105. );
  106. $json = [
  107. 'items' => [
  108. ['id' => 'T', 'text' => get_lang('All')],
  109. ],
  110. ];
  111. if (!empty($results)) {
  112. foreach ($results as $item) {
  113. $item2 = [];
  114. foreach ($item as $id => $internal) {
  115. if ($id == 'id') {
  116. $item2[$id] = $internal;
  117. }
  118. if ($id == 'name') {
  119. $item2['text'] = $internal;
  120. }
  121. }
  122. $json['items'][] = $item2;
  123. }
  124. }
  125. echo json_encode($json);
  126. }
  127. break;
  128. case 'session_info':
  129. $sessionId = isset($_GET['session_id']) ? $_GET['session_id'] : '';
  130. $sessionInfo = api_get_session_info($sessionId);
  131. $extraFieldValues = new ExtraFieldValue('session');
  132. $extraField = new ExtraField('session');
  133. $values = $extraFieldValues->getAllValuesByItem($sessionId);
  134. $load = isset($_GET['load_empty_extra_fields']) ? true : false;
  135. if ($load) {
  136. $allExtraFields = $extraField->get_all();
  137. $valueList = array_column($values, 'id');
  138. foreach ($allExtraFields as $extra) {
  139. if (!in_array($extra['id'], $valueList)) {
  140. $values[] = [
  141. 'id' => $extra['id'],
  142. 'variable' => $extra['variable'],
  143. 'value' => '',
  144. 'field_type' => $extra['field_type'],
  145. ];
  146. }
  147. }
  148. }
  149. $sessionInfo['extra_fields'] = $values;
  150. if (!empty($sessionInfo)) {
  151. echo json_encode($sessionInfo);
  152. }
  153. break;
  154. case 'get_description':
  155. if (isset($_GET['session'])) {
  156. $sessionInfo = api_get_session_info($_GET['session']);
  157. echo '<h2>'.$sessionInfo['name'].'</h2>';
  158. echo '<div class="home-course-intro"><div class="page-course"><div class="page-course-intro">';
  159. echo $sessionInfo['show_description'] == 1 ? $sessionInfo['description'] : get_lang('none');
  160. echo '</div></div></div>';
  161. }
  162. break;
  163. case 'search_general_coach':
  164. SessionManager::protectSession(null, false);
  165. api_protect_limit_for_session_admin();
  166. if (api_is_anonymous()) {
  167. echo '';
  168. break;
  169. }
  170. $list = [
  171. 'items' => [],
  172. ];
  173. $usersRepo = UserManager::getRepository();
  174. $users = $usersRepo->searchUsersByStatus($_GET['q'], COURSEMANAGER, api_get_current_access_url_id());
  175. /** @var User $user */
  176. foreach ($users as $user) {
  177. $list['items'][] = [
  178. 'id' => $user->getId(),
  179. 'text' => UserManager::formatUserFullName($user),
  180. ];
  181. }
  182. header('Content-Type: application/json');
  183. echo json_encode($list);
  184. break;
  185. case 'get_courses_inside_session':
  186. $userId = api_get_user_id();
  187. $isAdmin = api_is_platform_admin();
  188. if ($isAdmin) {
  189. $sessionList = SessionManager::get_sessions_list();
  190. $sessionIdList = array_column($sessionList, 'id');
  191. } else {
  192. $sessionList = SessionManager::get_sessions_by_user($userId);
  193. $sessionIdList = array_column($sessionList, 'session_id');
  194. }
  195. $sessionId = isset($_GET['session_id']) ? (int) $_GET['session_id'] : 0;
  196. $courseList = [];
  197. if (empty($sessionId)) {
  198. $preCourseList = CourseManager::get_courses_list_by_user_id(
  199. $userId,
  200. false,
  201. true
  202. );
  203. $courseList = array_column($preCourseList, 'real_id');
  204. } else {
  205. if ($isAdmin) {
  206. $courseList = SessionManager::getCoursesInSession($sessionId);
  207. } else {
  208. if (in_array($sessionId, $sessionIdList)) {
  209. $courseList = SessionManager::getCoursesInSession($sessionId);
  210. }
  211. }
  212. }
  213. $courseListToSelect = [];
  214. if (!empty($courseList)) {
  215. // Course List
  216. foreach ($courseList as $courseId) {
  217. $courseInfo = api_get_course_info_by_id($courseId);
  218. $courseListToSelect[] = [
  219. 'id' => $courseInfo['real_id'],
  220. 'name' => $courseInfo['title'],
  221. ];
  222. }
  223. }
  224. echo json_encode($courseListToSelect);
  225. break;
  226. case 'get_basic_course_documents_list':
  227. case 'get_basic_course_documents_form':
  228. $courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
  229. $sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
  230. $currentUserId = api_get_user_id();
  231. $em = Database::getManager();
  232. $course = $em->find('ChamiloCoreBundle:Course', $courseId);
  233. $session = $em->find('ChamiloCoreBundle:Session', $sessionId);
  234. if (!$course || !$session) {
  235. break;
  236. }
  237. if (!api_is_platform_admin(true) || $session->getSessionAdminId() != $currentUserId) {
  238. break;
  239. }
  240. $folderName = '/basic-course-documents__'.$session->getId().'__0';
  241. if ('get_basic_course_documents_list' === $action) {
  242. $courseInfo = api_get_course_info_by_id($course->getId());
  243. $exists = DocumentManager::folderExists('/basic-course-documents', $courseInfo, $session->getId(), 0);
  244. if (!$exists) {
  245. $courseDir = $courseInfo['directory'].'/document';
  246. $sysCoursePath = api_get_path(SYS_COURSE_PATH);
  247. $baseWorkDir = $sysCoursePath.$courseDir;
  248. $newFolderData = create_unexisting_directory(
  249. $courseInfo,
  250. $currentUserId,
  251. $session->getId(),
  252. 0,
  253. 0,
  254. $baseWorkDir,
  255. '/basic-course-documents',
  256. get_lang('Basic course documents'),
  257. 1
  258. );
  259. $id = (int) $newFolderData['iid'];
  260. } else {
  261. $id = DocumentManager::get_document_id($courseInfo, $folderName, $session->getId());
  262. }
  263. $http_www = api_get_path(WEB_COURSE_PATH).$courseInfo['directory'].'/document';
  264. $documentAndFolders = DocumentManager::getAllDocumentData(
  265. $courseInfo,
  266. $folderName,
  267. 0,
  268. 0,
  269. false,
  270. false,
  271. $session->getId()
  272. );
  273. $documentAndFolders = array_filter(
  274. $documentAndFolders,
  275. function (array $documentData) {
  276. return $documentData['filetype'] != 'folder';
  277. }
  278. );
  279. $documentAndFolders = array_map(
  280. function (array $documentData) use ($course, $session, $courseInfo, $currentUserId, $http_www, $folderName, $id) {
  281. $downloadUrl = api_get_path(WEB_CODE_PATH).'document/document.php?'
  282. .api_get_cidreq_params($course->getCode(), $session->getId()).'&'
  283. .http_build_query(['action' => 'download', 'id' => $documentData['id']]);
  284. $deleteUrl = api_get_path(WEB_AJAX_PATH).'session.ajax.php?'
  285. .http_build_query(
  286. [
  287. 'a' => 'delete_basic_course_documents',
  288. 'deleteid' => $documentData['id'],
  289. 'curdirpath' => $folderName,
  290. 'course' => $course->getId(),
  291. 'session' => $session->getId(),
  292. ]
  293. );
  294. $row = [];
  295. $row[] = DocumentManager::build_document_icon_tag($documentData['filetype'], $documentData['path']);
  296. $row[] = Display::url($documentData['title'], $downloadUrl);
  297. $row[] = format_file_size($documentData['size']);
  298. $row[] = date_to_str_ago($documentData['lastedit_date']).PHP_EOL
  299. .'<div class="muted"><small>'
  300. .api_get_local_time($documentData['lastedit_date'])
  301. ."</small></div>";
  302. $row[] = Display::url(
  303. Display::return_icon('save.png', get_lang('Download')),
  304. $downloadUrl
  305. )
  306. .PHP_EOL
  307. .Display::url(
  308. Display::return_icon('delete.png', get_lang('Delete')),
  309. $deleteUrl,
  310. [
  311. 'class' => 'delete_document',
  312. 'data-course' => $course->getId(),
  313. 'data-session' => $session->getId(),
  314. ]
  315. );
  316. return $row;
  317. },
  318. $documentAndFolders
  319. );
  320. $table = new SortableTableFromArray($documentAndFolders, 1, count($documentAndFolders));
  321. $table->set_header(0, get_lang('Type'), false, [], ['class' => 'text-center', 'width' => '60px']);
  322. $table->set_header(1, get_lang('Name'), false);
  323. $table->set_header(2, get_lang('Size'), false, [], ['class' => 'text-right', 'style' => 'width: 80px;']);
  324. $table->set_header(3, get_lang('Date'), false, [], ['class' => 'text-center', 'style' => 'width: 200px;']);
  325. $table->set_header(4, get_lang('Detail'), false, [], ['class' => 'text-center']);
  326. $table->display();
  327. }
  328. if ('get_basic_course_documents_form' === $action) {
  329. $form = new FormValidator('get_basic_course_documents_form_'.$session->getId());
  330. $form->addMultipleUpload(
  331. api_get_path(WEB_AJAX_PATH).'document.ajax.php?'
  332. .api_get_cidreq_params($course->getCode(), $session->getId())
  333. .'&a=upload_file&curdirpath='.$folderName,
  334. ''
  335. );
  336. $form->display();
  337. }
  338. break;
  339. case 'delete_basic_course_documents':
  340. $curdirpath = isset($_GET['curdirpath']) ? Security::remove_XSS($_GET['curdirpath']) : null;
  341. $docId = isset($_GET['deleteid']) ? (int) $_GET['deleteid'] : 0;
  342. $courseId = isset($_GET['course']) ? (int) $_GET['course'] : 0;
  343. $sessionId = isset($_GET['session']) ? (int) $_GET['session'] : 0;
  344. if (empty($curdirpath) || empty($docId) || empty($courseId) || empty($sessionId)) {
  345. break;
  346. }
  347. $em = Database::getManager();
  348. $courseInfo = api_get_course_info_by_id($courseId);
  349. $session = $em->find('ChamiloCoreBundle:Session', $sessionId);
  350. $currentUserId = api_get_user_id();
  351. if (empty($courseInfo) || !$session) {
  352. break;
  353. }
  354. if (!api_is_platform_admin(true) || $session->getSessionAdminId() != $currentUserId) {
  355. break;
  356. }
  357. $sysCoursePath = api_get_path(SYS_COURSE_PATH);
  358. $courseDir = $courseInfo['directory'].'/document';
  359. $baseWorkDir = $sysCoursePath.$courseDir;
  360. $documentInfo = DocumentManager::get_document_data_by_id(
  361. $docId,
  362. $courseInfo['code'],
  363. false,
  364. $session->getId()
  365. );
  366. if (empty($documentInfo)) {
  367. break;
  368. }
  369. if ($documentInfo['filetype'] != 'link') {
  370. $deletedDocument = DocumentManager::delete_document(
  371. $courseInfo,
  372. null,
  373. $baseWorkDir,
  374. $session->getId(),
  375. $docId
  376. );
  377. } else {
  378. $deletedDocument = DocumentManager::deleteCloudLink(
  379. $courseInfo,
  380. $docId
  381. );
  382. }
  383. if (!$deletedDocument) {
  384. break;
  385. }
  386. echo true;
  387. break;
  388. default:
  389. echo '';
  390. }
  391. exit;