search_course_widget.class.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449
  1. <?php
  2. require_once dirname(__FILE__) . '/register_course_widget.class.php';
  3. /**
  4. * Search course widget.
  5. * Display a search form and a list of courses that matches the search.
  6. *
  7. * @copyright (c) 2011 University of Geneva
  8. * @license GNU General Public License - http://www.gnu.org/copyleft/gpl.html
  9. * @author Laurent Opprecht
  10. */
  11. class SearchCourseWidget
  12. {
  13. const PARAM_ACTION = 'action';
  14. const ACTION_SUBSCRIBE = 'subscribe';
  15. /**
  16. * Returns $_POST data for $key is it exists or $default otherwise.
  17. *
  18. * @param string $key
  19. * @param object $default
  20. * @return string
  21. */
  22. public static function post($key, $default = '')
  23. {
  24. return isset($_POST[$key]) ? $_POST[$key] : $default;
  25. }
  26. /**
  27. * Returns $_GET data for $key is it exists or $default otherwise.
  28. *
  29. * @param string $key
  30. * @param object $default
  31. * @return string
  32. */
  33. public static function get($key, $default = '')
  34. {
  35. return isset($_GET[$key]) ? $_GET[$key] : $default;
  36. }
  37. public static function server($key, $default = '')
  38. {
  39. return isset($_SERVER[$key]) ? $_SERVER[$key] : $default;
  40. }
  41. public static function get_lang($name)
  42. {
  43. return SearchCoursePlugin::create()->get_lang($name);
  44. }
  45. /**
  46. *
  47. * @return bool
  48. */
  49. function is_homepage()
  50. {
  51. $url = self::server('REQUEST_URI');
  52. $url = explode('?', $url);
  53. $url = reset($url);
  54. $url = self::server('SERVER_NAME') . $url;
  55. $root = api_get_path('WEB_PATH');
  56. $root = str_replace('https://', '', $root);
  57. $root = str_replace('http://', '', $root);
  58. $index_url = $root . 'index.php';
  59. return $url == $index_url || $url == $root;
  60. }
  61. /**
  62. *
  63. * @return bool
  64. */
  65. function is_user_portal()
  66. {
  67. $url = self::server('REQUEST_URI');
  68. $url = explode('?', $url);
  69. $url = reset($url);
  70. $url = self::server('SERVER_NAME') . $url;
  71. $root = api_get_path('WEB_PATH');
  72. $root = str_replace('https://', '', $root);
  73. $root = str_replace('http://', '', $root);
  74. $index_url = $root . 'user_portal.php';
  75. return $url == $index_url || $url == $root;
  76. }
  77. /**
  78. *
  79. */
  80. function accept()
  81. {
  82. return $this->is_homepage() || $this->is_user_portal();
  83. }
  84. /**
  85. * Display the search course widget:
  86. *
  87. * Title
  88. * Search form
  89. *
  90. * Search results
  91. */
  92. function run()
  93. {
  94. if (!$this->accept())
  95. {
  96. return;
  97. }
  98. $this->display_header();
  99. $this->display_form();
  100. $search_term = self::post('search_term');
  101. $action = self::get('action');
  102. $has_content = !empty($search_term) || !empty($action);
  103. if ($has_content)
  104. {
  105. echo '<div class="list">';
  106. }
  107. else
  108. {
  109. echo '<div>';
  110. }
  111. if (RegisterCourseWidget::factory()->run())
  112. {
  113. $result = true;
  114. }
  115. else
  116. {
  117. $result = $this->action_display();
  118. }
  119. echo '</div>';
  120. $this->display_footer();
  121. return $result;
  122. }
  123. function get_url($action = '')
  124. {
  125. $self = $_SERVER['PHP_SELF'];
  126. $parameters = array();
  127. if ($action)
  128. {
  129. $parameters[self::PARAM_ACTION] = $action;
  130. }
  131. $parameters = implode('&', $parameters);
  132. $parameters = $parameters ? '?' . $parameters : '';
  133. return $self . $parameters;
  134. }
  135. /**
  136. * Handle the display action
  137. */
  138. function action_display()
  139. {
  140. global $charset;
  141. $search_term = self::post('search_term');
  142. if ($search_term)
  143. {
  144. $search_result_for_label = self::get_lang('SearchResultsFor');
  145. $search_term_html = htmlentities($search_term, ENT_QUOTES, $charset);
  146. echo "<h5>$search_result_for_label $search_term_html</h5>";
  147. $courses = $this->retrieve_courses($search_term);
  148. $this->display_list($courses);
  149. }
  150. return true;
  151. }
  152. function display_header()
  153. {
  154. $search_course_label = self::get_lang('SearchCourse');
  155. echo <<<EOT
  156. <div class="well course_search">
  157. <div class="menusection">
  158. <h4>$search_course_label</h4>
  159. EOT;
  160. }
  161. function display_footer()
  162. {
  163. echo '</div></div>';
  164. }
  165. /**
  166. * Display the search course form.
  167. */
  168. function display_form()
  169. {
  170. global $stok;
  171. $search_label = self::get_lang('_search');
  172. $self = api_get_self();
  173. $search_term = self::post('search_term');
  174. $form = <<<EOT
  175. <form class="course_list" method="post" action="$self">
  176. <input type="hidden" name="sec_token" value="$stok" />
  177. <input type="hidden" name="search_course" value="1" />
  178. <input type="text" name="search_term" class="span2" value="$search_term" />
  179. &nbsp;<input class="btn" type="submit" value="$search_label" />
  180. </form>
  181. EOT;
  182. echo $form;
  183. }
  184. /**
  185. *
  186. * @param array $courses
  187. * @return bool
  188. */
  189. function display_list($courses)
  190. {
  191. if (empty($courses))
  192. {
  193. return false;
  194. }
  195. $user_courses = $this->retrieve_user_courses();
  196. $display_coursecode = (api_get_setting('display_coursecode_in_courselist') == 'true');
  197. $display_teacher = (api_get_setting('display_teacher_in_courselist') == 'true');
  198. echo '<table cellpadding="4">';
  199. foreach ($courses as $key => $course)
  200. {
  201. $details = array();
  202. if ($display_coursecode)
  203. {
  204. $details[] = $course['visual_code'];
  205. }
  206. if ($display_teacher)
  207. {
  208. $details[] = $course['tutor'];
  209. }
  210. $details = implode(' - ', $details);
  211. $title = $course['title'];
  212. $href = api_get_path(WEB_PATH) . 'courses/' . $course['code'] .'/index.php';
  213. echo '<tr><td><b><a href="' . $href . '">' . "$title</a></b><br/>$details</td><td>";
  214. if (!api_is_anonymous())
  215. {
  216. if ($course['registration_code'])
  217. {
  218. Display::display_icon('passwordprotected.png', '', array('style' => 'float:left;'));
  219. }
  220. $this->display_subscribe_icon($course, $user_courses);
  221. }
  222. echo '</td></tr>';
  223. }
  224. echo '</table>';
  225. return true;
  226. }
  227. /**
  228. * Displays the subscribe icon if subscribing is allowed and
  229. * if the user is not yet subscribed to this course
  230. *
  231. * @global type $stok
  232. * @param array $current_course
  233. * @param array $user_courses
  234. * @return bool
  235. */
  236. function display_subscribe_icon($current_course, $user_courses)
  237. {
  238. global $stok;
  239. //Already subscribed
  240. $code = $current_course['code'];
  241. if (isset($user_courses[$code]))
  242. {
  243. echo self::get_lang('AlreadySubscribed');
  244. return false;
  245. }
  246. //Not authorized to subscribe
  247. if ($current_course['subscribe'] != SUBSCRIBE_ALLOWED)
  248. {
  249. echo self::get_lang('SubscribingNotAllowed');
  250. return false;
  251. }
  252. //Subscribe form
  253. $self = $_SERVER['PHP_SELF'];
  254. echo <<<EOT
  255. <form action="$self?action=subscribe" method="post">
  256. <input type="hidden" name="sec_token" value="$stok" />
  257. <input type="hidden" name="subscribe" value="$code" />
  258. EOT;
  259. $search_term = $this->post('search_term');
  260. if ($search_term)
  261. {
  262. $search_term = Security::remove_XSS($search_term);
  263. echo <<<EOT
  264. <input type="hidden" name="search_course" value="1" />
  265. <input type="hidden" name="search_term" value="$search_term" />
  266. EOT;
  267. }
  268. $web_path = api_get_path(WEB_PATH);
  269. $subscribe_label = get_lang('Subscribe');
  270. echo <<<EOT
  271. <input type="image" name="unsub" src="$web_path/main/img/enroll.gif" alt="$subscribe_label" />$subscribe_label
  272. </form>
  273. EOT;
  274. return true;
  275. }
  276. /**
  277. * DB functions - DB functions - DB functions
  278. */
  279. /**
  280. * Search courses that match the search term.
  281. * Search is done on the code, title and tutor fields.
  282. *
  283. * @param string $search_term
  284. * @return array
  285. */
  286. function retrieve_courses($search_term)
  287. {
  288. if (empty($search_term))
  289. {
  290. return array();
  291. }
  292. $search_term = Database::escape_string($search_term);
  293. $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
  294. if (api_is_anonymous())
  295. {
  296. $course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD;
  297. }
  298. else
  299. {
  300. $course_fiter = 'visibility = ' . COURSE_VISIBILITY_OPEN_WORLD . ' OR ';
  301. $course_fiter .= 'visibility = ' . COURSE_VISIBILITY_OPEN_PLATFORM . ' OR ';
  302. $course_fiter .= '(visibility = ' . COURSE_VISIBILITY_REGISTERED . ' AND subscribe = 1)';
  303. }
  304. $sql = <<<EOT
  305. SELECT * FROM $course_table
  306. WHERE ($course_fiter) AND (code LIKE '%$search_term%' OR visual_code LIKE '%$search_term%' OR title LIKE '%$search_term%' OR tutor_name LIKE '%$search_term%')
  307. ORDER BY title, visual_code ASC
  308. EOT;
  309. $result = array();
  310. $resultset = api_sql_query($sql, __FILE__, __LINE__);
  311. while ($row = Database::fetch_array($resultset))
  312. {
  313. $code = $row['code'];
  314. $result[$code] = array(
  315. 'code' => $code,
  316. 'directory' => $row['directory'],
  317. 'db' => $row['db_name'],
  318. 'visual_code' => $row['visual_code'],
  319. 'title' => $row['title'],
  320. 'tutor' => $row['tutor_name'],
  321. 'subscribe' => $row['subscribe'],
  322. 'unsubscribe' => $row['unsubscribe']
  323. );
  324. }
  325. return $result;
  326. }
  327. /**
  328. * Retrieves courses that the user is subscribed to
  329. *
  330. * @param int $user_id
  331. * @return array
  332. */
  333. function retrieve_user_courses($user_id = null)
  334. {
  335. if (is_null($user_id))
  336. {
  337. global $_user;
  338. $user_id = $_user['user_id'];
  339. }
  340. $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
  341. $user_course_table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
  342. $user_id = intval($user_id);
  343. $sql_select_courses = "SELECT course.code k, course.visual_code vc, course.subscribe subscr, course.unsubscribe unsubscr,
  344. course.title i, course.tutor_name t, course.db_name db, course.directory dir, course_rel_user.status status,
  345. course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
  346. FROM $course_table course, $user_course_table course_rel_user
  347. WHERE course.id = course_rel_user.c_id
  348. AND course_rel_user.user_id = $user_id
  349. ORDER BY course_rel_user.sort ASC";
  350. $result = array();
  351. $resultset = api_sql_query($sql_select_courses, __FILE__, __LINE__);
  352. while ($row = Database::fetch_array($resultset))
  353. {
  354. $code = $row['k'];
  355. $result[$code] = array(
  356. 'db' => $row['db'],
  357. 'code' => $code,
  358. 'visual_code' => $row['vc'],
  359. 'title' => $row['i'],
  360. 'directory' => $row['dir'],
  361. 'status' => $row['status'],
  362. 'tutor' => $row['t'],
  363. 'subscribe' => $row['subscr'],
  364. 'unsubscribe' => $row['unsubscr'],
  365. 'sort' => $row['sort'],
  366. 'user_course_category' => $row['user_course_cat']);
  367. }
  368. return $result;
  369. }
  370. /*
  371. * Utility functions - Utility functions - Utility functions
  372. */
  373. /**
  374. * Removes from $courses all courses the user is subscribed to.
  375. *
  376. * @global array $_user
  377. * @param array $courses
  378. * @return array
  379. */
  380. function filter_out_user_courses($courses)
  381. {
  382. if (empty($courses))
  383. {
  384. return $courses;
  385. }
  386. global $_user;
  387. $user_id = $_user['user_id'];
  388. $user_courses = $this->retrieve_user_courses($user_id);
  389. foreach ($user_courses as $key => $value)
  390. {
  391. unset($courses[$key]);
  392. }
  393. return $courses;
  394. }
  395. }