userLog.php 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. // TODO: Is this file deprecated?
  4. /**
  5. * @package chamilo.tracking
  6. * @todo clean code - structure is unclear and difficult to modify
  7. */
  8. require_once __DIR__.'/../inc/global.inc.php';
  9. $uInfo = isset($_REQUEST['uInfo']) ? intval($_REQUEST['uInfo']) : 0;
  10. $view = isset($_REQUEST['view']) ? Security::remove_XSS($_REQUEST['view']) : '';
  11. // the section (for the tabs)
  12. $this_section = "session_my_space";
  13. // variables
  14. $user_id = api_get_user_id();
  15. $course_id = api_get_course_id();
  16. $courseId = api_get_course_int_id();
  17. //YW Hack security to quick fix RolesRights bug
  18. $is_allowed = true;
  19. require_once api_get_path(SYS_CODE_PATH).'exercise/hotpotatoes.lib.php';
  20. if (isset($uInfo)) {
  21. $interbreadcrumb[] = array(
  22. 'url'=>'../user/userInfo.php?uInfo='.Security::remove_XSS($uInfo),
  23. "name"=> api_ucfirst(get_lang('Users'))
  24. );
  25. }
  26. $nameTools = get_lang('ToolName');
  27. $htmlHeadXtra[] = "<style type='text/css'>
  28. /*<![CDATA[*/
  29. .secLine {background-color : #E6E6E6;}
  30. .content {padding-left : 15px;padding-right : 15px; }
  31. .specialLink{color : #0000FF;}
  32. /*]]>*/
  33. </style>
  34. <style media='print' type='text/css'>
  35. /*<![CDATA[*/
  36. td {border-bottom: thin dashed gray;}
  37. /*]]>*/
  38. </style>";
  39. Display::display_header($nameTools, "Tracking");
  40. /* Constants and variables */
  41. $is_allowedToTrack = $is_courseAdmin;
  42. $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($user_id, $courseId);
  43. // Database Table Definitions
  44. $TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  45. $TABLEUSER = Database::get_main_table(TABLE_MAIN_USER);
  46. $tbl_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
  47. $tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
  48. $TABLECOURSE_GROUPSUSER = Database::get_course_table(TABLE_GROUP_USER);
  49. $now = api_get_utc_datetime();
  50. $sql = "SELECT 1
  51. FROM $tbl_session_course_user AS session_course_user
  52. INNER JOIN $tbl_session AS session
  53. ON session_course_user.session_id = session.id
  54. AND ((access_start_date <= '$now'
  55. AND access_end_date >= '$now')
  56. OR (access_start_date IS NULL AND access_end_date IS NULL))
  57. WHERE session_id='".api_get_session_id()."' AND c_id = $courseId";
  58. //echo $sql;
  59. $result = Database::query($sql);
  60. if (!Database::num_rows($result)) {
  61. $disabled = true;
  62. }
  63. $tbl_learnpath_main = Database::get_course_table(TABLE_LP_MAIN);
  64. $tbl_learnpath_item = Database::get_course_table(TABLE_LP_ITEM);
  65. $tbl_learnpath_view = Database::get_course_table(TABLE_LP_VIEW);
  66. $tbl_learnpath_item_view = Database::get_course_table(TABLE_LP_ITEM_VIEW);
  67. $documentPath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
  68. // The variables for the days and the months
  69. $DaysShort = api_get_week_days_short();
  70. $DaysLong = api_get_week_days_long();
  71. $MonthsLong = api_get_months_long();
  72. $MonthsShort = api_get_months_short();
  73. //$is_allowedToTrack = $is_groupTutor; // allowed to track only user of one group
  74. //$is_allowedToTrackEverybodyInCourse = $is_allowed[EDIT_RIGHT]; // allowed to track all students in course
  75. //YW hack security to fix RolesRights bug
  76. $is_allowedToTrack = true; // allowed to track only user of one group
  77. $is_allowedToTrackEverybodyInCourse = $is_allowedToTrack; // allowed to track all students in course
  78. /* MAIN SECTION */
  79. ?>
  80. <h3>
  81. <?php echo $nameTools ?>
  82. </h3>
  83. <h4>
  84. <?php echo get_lang('StatsOfUser'); ?>
  85. </h4>
  86. <table width="100%" cellpadding="2" cellspacing="3" border="0">
  87. <?php
  88. // check if uid is tutor of this group
  89. if (($is_allowedToTrack || $is_allowedToTrackEverybodyInCourse)) {
  90. if (!$uInfo && !isset($uInfo)) {
  91. /*
  92. * Display list of user of this group
  93. */
  94. echo "<h4>".get_lang('ListStudents')."</h4>";
  95. if ($is_allowedToTrackEverybodyInCourse) {
  96. // if user can track everybody : list user of course
  97. $sql = "SELECT count(user_id)
  98. FROM $TABLECOURSUSER
  99. WHERE c_id = '".$courseId."' AND relation_type<>".COURSE_RELATION_TYPE_RRHH."";
  100. } else {
  101. // if user can only track one group : list users of this group
  102. $sql = "SELECT count(user)
  103. FROM $TABLECOURSE_GROUPSUSER
  104. WHERE group_id = '".intval($_gid)."'";
  105. }
  106. $userGroupNb = StatsUtils::getOneResult($sql);
  107. $step = 25; // number of student per page
  108. if ($userGroupNb > $step) {
  109. if (!isset($offset)) {
  110. $offset = 0;
  111. }
  112. $next = $offset + $step;
  113. $previous = $offset - $step;
  114. $navLink = "<table width='100%' border='0'>\n"
  115. ."<tr>\n"
  116. ."<td align='left'>";
  117. if ($previous >= 0) {
  118. $navLink .= "<a href='".api_get_self()."?offset=$previous'>&lt;&lt; ".get_lang('PreviousPage')."</a>";
  119. }
  120. $navLink .= "</td>\n"
  121. ."<td align='right'>";
  122. if ($next < $userGroupNb) {
  123. $navLink .= "<a href='".api_get_self()."?offset=$next'>".get_lang('NextPage')." &gt;&gt;</a>";
  124. }
  125. $navLink .= "</td>\n"
  126. ."</tr>\n"
  127. ."</table>\n";
  128. } else {
  129. $offset = 0;
  130. }
  131. echo $navLink;
  132. //sanity check of integer vars
  133. if (!settype($offset, 'integer') || !settype($step, 'integer')) {
  134. die('Offset or step variables are not integers.');
  135. }
  136. if ($is_allowedToTrackEverybodyInCourse) {
  137. // list of users in this course
  138. $sql = "SELECT u.user_id, u.firstname,u.lastname
  139. FROM $TABLECOURSUSER cu , $TABLEUSER u
  140. WHERE
  141. cu.user_id = u.user_id AND
  142. cu.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND
  143. cu.c_id = '".$courseId."'
  144. LIMIT $offset,$step";
  145. } else {
  146. // list of users of this group
  147. $sql = "SELECT u.user_id, u.firstname,u.lastname
  148. FROM $TABLECOURSE_GROUPSUSER gu , $TABLEUSER u
  149. WHERE
  150. gu.user_id = u.user_id AND
  151. gu.group_id = '".intval($_gid)."'
  152. LIMIT $offset,$step";
  153. }
  154. $list_users = getManyResults3Col($sql);
  155. echo "<table width='100%' cellpadding='2' cellspacing='1' border='0'>\n"
  156. ."<tr align='center' valign='top' bgcolor='#E6E6E6'>\n"
  157. ."<td align='left'>", get_lang('UserName'), "</td>\n"
  158. ."</tr>\n";
  159. for ($i = 0; $i < sizeof($list_users); $i++) {
  160. echo "<tr valign='top' align='center'>\n"
  161. ."<td align='left'>"
  162. ."<a href='".api_get_self()."?uInfo=", $list_users[$i][0], "'>"
  163. .$list_users[$i][1], " ", $list_users[$i][2]
  164. ."</a>".
  165. "</td>\n";
  166. }
  167. echo "</table>";
  168. echo $navLink;
  169. } else {
  170. // if uInfo is set
  171. /*
  172. * Information about student uInfo
  173. */
  174. // these checks exists for security reasons, neither a prof nor a tutor can see statistics of a user from
  175. // another course, or group
  176. if ($is_allowedToTrackEverybodyInCourse) {
  177. // check if user is in this course
  178. $tracking_is_accepted = $is_course_member;
  179. $tracked_user_info = api_get_user_info($uInfo);
  180. } else {
  181. // check if user is in the group of this tutor
  182. $sql = "SELECT u.firstname,u.lastname, u.email
  183. FROM $TABLECOURSE_GROUPSUSER gu , $TABLEUSER u
  184. WHERE gu.user_id = u.user_id
  185. AND gu.group_id = '".intval($_gid)."'
  186. AND u.user_id = '".intval($uInfo)."'";
  187. $query = Database::query($sql);
  188. $tracked_user_info = @Database::fetch_assoc($query);
  189. if (is_array($tracked_user_info)) {
  190. $tracking_is_accepted = true;
  191. }
  192. }
  193. if ($tracking_is_accepted) {
  194. $tracked_user_info['email'] == '' ? $mail_link = get_lang('NoEmail') : $mail_link = Display::encrypted_mailto_link($tracked_user_info['email']);
  195. echo "<tr><td>";
  196. echo get_lang('informationsAbout').' :';
  197. echo "<ul>\n"
  198. ."<li>".get_lang('FirstName')." : ".$tracked_user_info['firstname']."</li>\n"
  199. ."<li>".get_lang('LastName')." : ".$tracked_user_info['lastname']."</li>\n"
  200. ."<li>".get_lang('Email')." : ".$mail_link."</li>\n"
  201. ."</ul>";
  202. echo "</td></tr>\n";
  203. // show all : number of 1 is equal to or bigger than number of categories
  204. // show none : number of 0 is equal to or bigger than number of categories
  205. echo "<tr>
  206. <td>
  207. [<a href='".api_get_self()."?uInfo=".Security::remove_XSS($uInfo)."&view=1111111'>".get_lang('ShowAll')."</a>]
  208. [<a href='".api_get_self()."?uInfo=".Security::remove_XSS($uInfo)."&view=0000000'>".get_lang('ShowNone')."</a>]".
  209. //"||[<a href='".api_get_self()."'>".get_lang('BackToList')."</a>]".
  210. "</td>
  211. </tr>
  212. ";
  213. if (!isset($view)) {
  214. $view = '0000000';
  215. }
  216. //Logins
  217. TrackingUserLog::display_login_tracking_info($view, $uInfo, $courseId);
  218. //Exercise results
  219. TrackingUserLog::display_exercise_tracking_info($view, $uInfo, $_cid);
  220. //Student publications uploaded
  221. TrackingUserLog::display_student_publications_tracking_info($view, $uInfo, $courseId);
  222. //Links usage
  223. TrackingUserLog::display_links_tracking_info($view, $uInfo, $_cid);
  224. //Documents downloaded
  225. TrackingUserLog::display_document_tracking_info($view, $uInfo, $_cid);
  226. } else {
  227. echo get_lang('ErrorUserNotInGroup');
  228. }
  229. /*
  230. * Scorm contents and Learning Path
  231. */
  232. if (substr($view, 5, 1) == '1') {
  233. $new_view = substr_replace($view, '0', 5, 1);
  234. echo "<tr>
  235. <td valign='top'>
  236. <font color='#0000FF'>-&nbsp;&nbsp;&nbsp;</font><b>".get_lang('ScormAccess')."</b>&nbsp;&nbsp;&nbsp;[<a href='".api_get_self()."?view=".Security::remove_XSS($new_view)."&uInfo=".Security::remove_XSS($uInfo)."'>".get_lang('Close')."</a>]&nbsp;&nbsp;&nbsp;[<a href='userLogCSV.php?".api_get_cidreq()."&uInfo=".Security::remove_XSS($_GET['uInfo'])."&view=000001'>".get_lang('ExportAsCSV')."</a>]
  237. </td>
  238. </tr>";
  239. $sql = "SELECT id, name FROM $tbl_learnpath_main";
  240. $result = Database::query($sql);
  241. $ar = Database::fetch_array($result);
  242. echo "<tr><td style='padding-left : 40px;padding-right : 40px;'>";
  243. echo "<table cellpadding='2' cellspacing='1' border='0' align='center'><tr>
  244. <td class='secLine'>
  245. &nbsp;".get_lang('ScormContentColumn')."&nbsp;
  246. </td>
  247. </tr>";
  248. if (is_array($ar)) {
  249. while ($ar['id'] != '') {
  250. $lp_title = stripslashes($ar['name']);
  251. echo "<tr><td>";
  252. echo "<a href='".api_get_self()."?view=".$view."&scormcontopen=".$ar['id']."&uInfo=".Security::remove_XSS($uInfo)."' class='specialLink'>$lp_title</a>";
  253. echo "</td></tr>";
  254. if ($ar['id'] == $scormcontopen) {
  255. //have to list the students here
  256. $contentId = intval($ar['id']);
  257. $sql3 = "SELECT iv.status, iv.score, i.title, iv.total_time ".
  258. "FROM $tbl_learnpath_item i ".
  259. "INNER JOIN $tbl_learnpath_item_view iv ON i.id=iv.lp_item_id ".
  260. "INNER JOIN $tbl_learnpath_view v ON iv.lp_view_id=v.id ".
  261. "WHERE (v.user_id=".intval($uInfo)." and v.lp_id=$contentId)
  262. ORDER BY v.id, i.id";
  263. $result3 = Database::query($sql3);
  264. $ar3 = Database::fetch_array($result3);
  265. if (is_array($ar3)) {
  266. echo "<tr><td>&nbsp;&nbsp;&nbsp;</td>
  267. <td class='secLine'>
  268. &nbsp;".get_lang('ScormTitleColumn')."&nbsp;
  269. </td>
  270. <td class='secLine'>
  271. &nbsp;".get_lang('ScormStatusColumn')."&nbsp;
  272. </td>
  273. <td class='secLine'>
  274. &nbsp;".get_lang('ScormScoreColumn')."&nbsp;
  275. </td>
  276. <td class='secLine'>
  277. &nbsp;".get_lang('ScormTimeColumn')."&nbsp;
  278. </td>
  279. </tr>";
  280. while ($ar3['status'] != '') {
  281. require_once '../lp/learnpathItem.class.php';
  282. $time = learnpathItem::getScormTimeFromParameter('php', $ar3['total_time']);
  283. echo "<tr><td>&nbsp;&nbsp;&nbsp;</td><td>";
  284. echo "$title</td><td align=right>{$ar3['status']}</td><td align=right>{$ar3['score']}</td><td align=right>$time</td>";
  285. echo "</tr>";
  286. $ar3 = Database::fetch_array($result3);
  287. }
  288. } else {
  289. echo "<tr>";
  290. echo "<td colspan='3'><center>".get_lang('ScormNeverOpened')."</center></td>";
  291. echo"</tr>";
  292. }
  293. }
  294. $ar = Database::fetch_array($result);
  295. }
  296. } else {
  297. $noscorm = true;
  298. }
  299. if ($noscorm) {
  300. echo "<tr>";
  301. echo "<td colspan='3'><center>".get_lang('NoResult')."</center></td>";
  302. echo "</tr>";
  303. }
  304. echo "</table>";
  305. echo "</td></tr>";
  306. } else {
  307. $new_view = substr_replace($view, '1', 5, 1);
  308. echo "
  309. <tr>
  310. <td valign='top'>
  311. +<font color='#0000FF'>&nbsp;&nbsp;</font><a href='".api_get_self()."?view=".Security::remove_XSS($new_view)."&uInfo=".Security::remove_XSS($uInfo)."' class='specialLink'>".get_lang('ScormAccess')."</a>
  312. </td>
  313. </tr>
  314. ";
  315. }
  316. }
  317. } else {
  318. // not allowed
  319. api_not_allowed();
  320. }
  321. ?>
  322. </table>
  323. <?php
  324. Display::display_footer();