blog.lib.php 122 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Class Blog
  5. *
  6. * Contains several functions dealing with displaying,
  7. * editing,... of a blog
  8. * @package chamilo.blogs
  9. * @author Toon Keppens <toon@vi-host.net>
  10. * @author Julio Montoya - Cleaning code
  11. */
  12. class Blog
  13. {
  14. /**
  15. * Get the title of a blog
  16. * @author Toon Keppens
  17. * @param int $blog_id The internal ID of the blog
  18. * @return string Blog Title
  19. */
  20. public static function getBlogTitle($blog_id)
  21. {
  22. $course_id = api_get_course_int_id();
  23. if (is_numeric($blog_id)) {
  24. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  25. $sql = "SELECT blog_name
  26. FROM $tbl_blogs
  27. WHERE c_id = $course_id AND blog_id = ".intval($blog_id);
  28. $result = Database::query($sql);
  29. $blog = Database::fetch_array($result);
  30. return stripslashes($blog['blog_name']);
  31. }
  32. }
  33. /**
  34. * Get the description of a blog
  35. * @author Toon Keppens
  36. * @param int $blog_id The internal ID of the blog
  37. * @return string Blog description
  38. */
  39. public static function getBlogSubtitle($blog_id)
  40. {
  41. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  42. $course_id = api_get_course_int_id();
  43. $sql = "SELECT blog_subtitle FROM $tbl_blogs
  44. WHERE c_id = $course_id AND blog_id ='".intval($blog_id)."'";
  45. $result = Database::query($sql);
  46. $blog = Database::fetch_array($result);
  47. return stripslashes($blog['blog_subtitle']);
  48. }
  49. /**
  50. * Get the users of a blog
  51. * @author Toon Keppens
  52. * @param int $blog_id The ID of the blog
  53. * @return array Returns an array with [userid]=>[username]
  54. */
  55. public static function getBlogUsers($blog_id)
  56. {
  57. // Database table definitions
  58. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  59. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  60. $course_id = api_get_course_int_id();
  61. // Get blog members
  62. $sql = "SELECT user.user_id, user.firstname, user.lastname
  63. FROM $tbl_blogs_rel_user blogs_rel_user
  64. INNER JOIN $tbl_users user
  65. ON (blogs_rel_user.user_id = user.user_id)
  66. WHERE
  67. blogs_rel_user.c_id = $course_id AND
  68. blogs_rel_user.blog_id = '".(int) $blog_id."'";
  69. $result = Database::query($sql);
  70. $blog_members = array();
  71. while ($user = Database::fetch_array($result)) {
  72. $blog_members[$user['user_id']] = api_get_person_name(
  73. $user['firstname'],
  74. $user['lastname']
  75. );
  76. }
  77. return $blog_members;
  78. }
  79. /**
  80. * Creates a new blog in the given course
  81. * @author Toon Keppens
  82. * @param string $title The title of the new blog
  83. * @param string $subtitle The description (or subtitle) of the new blog
  84. * @return void
  85. */
  86. public static function addBlog($title, $subtitle)
  87. {
  88. $_user = api_get_user_info();
  89. $course_id = api_get_course_int_id();
  90. $current_date = api_get_utc_datetime();
  91. $session_id = api_get_session_id();
  92. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  93. $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST);
  94. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  95. $title = Database::escape_string($title);
  96. $subtitle = Database::escape_string($subtitle);
  97. //verified if exist blog
  98. $sql = "SELECT COUNT(*) as count FROM $tbl_blogs
  99. WHERE
  100. c_id = $course_id AND
  101. blog_name = '$title' AND
  102. blog_subtitle = '$subtitle'";
  103. $res = Database::query($sql);
  104. $info_count = Database::result($res, 0, 0);
  105. if ($info_count == 0) {
  106. // Create the blog
  107. $params = [
  108. 'blog_id' => 0,
  109. 'c_id' => $course_id,
  110. 'blog_name' => $title,
  111. 'blog_subtitle' => $subtitle,
  112. 'date_creation' => $current_date,
  113. 'visibility' => 1,
  114. 'session_id' => $session_id,
  115. ];
  116. $this_blog_id = Database::insert($tbl_blogs, $params);
  117. if ($this_blog_id > 0) {
  118. $sql = "UPDATE $tbl_blogs SET blog_id = iid WHERE iid = $this_blog_id";
  119. Database::query($sql);
  120. // insert into item_property
  121. api_item_property_update(
  122. api_get_course_info(),
  123. TOOL_BLOGS,
  124. $this_blog_id,
  125. 'BlogAdded',
  126. api_get_user_id()
  127. );
  128. }
  129. // Make first post. :)
  130. $params = [
  131. 'post_id' => 0,
  132. 'c_id' => $course_id,
  133. 'title' => get_lang("Welcome"),
  134. 'full_text' => get_lang('FirstPostText'),
  135. 'date_creation' => $current_date,
  136. 'blog_id' => $this_blog_id,
  137. 'author_id' => $_user['user_id'],
  138. ];
  139. $postId = Database::insert($tbl_blogs_posts, $params);
  140. if ($postId) {
  141. $sql = "UPDATE $tbl_blogs_posts SET post_id = iid WHERE iid = $postId";
  142. Database::query($sql);
  143. }
  144. // Put it on course homepage
  145. $sql = "INSERT INTO $tbl_tool (c_id, name, link, image, visibility, admin, address, added_tool, session_id, target)
  146. VALUES ($course_id, '$title', 'blog/blog.php?blog_id=$this_blog_id','blog.gif','1','0','pastillegris.gif',0,'$session_id', '')";
  147. Database::query($sql);
  148. $toolId = Database::insert_id();
  149. if ($toolId) {
  150. $sql = "UPDATE $tbl_tool SET id = iid WHERE iid = $toolId";
  151. Database::query($sql);
  152. }
  153. // Subscribe the teacher to this blog
  154. self::subscribeUser($this_blog_id, $_user['user_id']);
  155. }
  156. }
  157. /**
  158. * Subscribes a user to a given blog
  159. * @author Toon Keppens
  160. * @param int $blog_id The internal blog ID
  161. * @param int $user_id The internal user ID (of the user to be subscribed)
  162. * @return void
  163. */
  164. public static function subscribeUser($blog_id, $user_id)
  165. {
  166. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  167. $tbl_user_permissions = Database::get_course_table(TABLE_PERMISSION_USER);
  168. $course_id = api_get_course_int_id();
  169. $blog_id = intval($blog_id);
  170. $user_id = intval($user_id);
  171. // Subscribe the user
  172. $sql = "INSERT INTO $tbl_blogs_rel_user (c_id, blog_id, user_id )
  173. VALUES ($course_id, $blog_id, $user_id)";
  174. Database::query($sql);
  175. // Give this user basic rights
  176. $sql = "INSERT INTO $tbl_user_permissions (c_id, user_id, tool, action)
  177. VALUES ($course_id, $user_id, 'BLOG_$blog_id', 'article_add')";
  178. Database::query($sql);
  179. $id = Database::insert_id();
  180. if ($id) {
  181. $sql = "UPDATE $tbl_user_permissions SET id = iid WHERE iid = $id";
  182. Database::query($sql);
  183. }
  184. $sql = "INSERT INTO $tbl_user_permissions (c_id, user_id, tool, action)
  185. VALUES ($course_id, $user_id,'BLOG_$blog_id', 'article_comments_add')";
  186. Database::query($sql);
  187. $id = Database::insert_id();
  188. if ($id) {
  189. $sql = "UPDATE $tbl_user_permissions SET id = iid WHERE iid = $id";
  190. Database::query($sql);
  191. }
  192. }
  193. /**
  194. * Update title and subtitle of a blog in the given course
  195. * @author Toon Keppens
  196. * @param int $blog_id The internal ID of the blog
  197. * @param string $title The title to be set
  198. * @param string $subtitle The subtitle (or description) to be set
  199. * @return void
  200. */
  201. public static function editBlog($blog_id, $title, $subtitle = '')
  202. {
  203. // Table definitions
  204. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  205. $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST);
  206. $course_id = api_get_course_int_id();
  207. $blog_id = intval($blog_id);
  208. $title = Database::escape_string($title);
  209. $subtitle = Database::escape_string($subtitle);
  210. // Update the blog
  211. $sql = "UPDATE $tbl_blogs SET
  212. blog_name = '$title',
  213. blog_subtitle = '$subtitle'
  214. WHERE
  215. c_id = $course_id AND
  216. blog_id = $blog_id
  217. LIMIT 1";
  218. Database::query($sql);
  219. //update item_property (update)
  220. api_item_property_update(
  221. api_get_course_info(),
  222. TOOL_BLOGS,
  223. $blog_id,
  224. 'BlogUpdated',
  225. api_get_user_id()
  226. );
  227. // Update course homepage link
  228. $sql = "UPDATE $tbl_tool SET
  229. name = '$title'
  230. WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=$blog_id'
  231. LIMIT 1";
  232. Database::query($sql);
  233. }
  234. /**
  235. * Deletes a blog and it's posts from the course database
  236. * @author Toon Keppens
  237. * @param Integer $blog_id The internal blog ID
  238. * @return void
  239. */
  240. public static function deleteBlog($blog_id)
  241. {
  242. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  243. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  244. $tbl_blogs_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  245. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  246. $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST);
  247. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  248. $course_id = api_get_course_int_id();
  249. $blog_id = intval($blog_id);
  250. // Delete posts from DB and the attachments
  251. self::deleteAllBlogAttachments($blog_id);
  252. //Delete comments
  253. $sql = "DELETE FROM $tbl_blogs_comment WHERE c_id = $course_id AND blog_id = $blog_id";
  254. Database::query($sql);
  255. // Delete posts
  256. $sql = "DELETE FROM $tbl_blogs_posts WHERE c_id = $course_id AND blog_id = $blog_id";
  257. Database::query($sql);
  258. // Delete tasks
  259. $sql = "DELETE FROM $tbl_blogs_tasks WHERE c_id = $course_id AND blog_id = $blog_id";
  260. Database::query($sql);
  261. // Delete ratings
  262. $sql = "DELETE FROM $tbl_blogs_rating WHERE c_id = $course_id AND blog_id = $blog_id";
  263. Database::query($sql);
  264. // Delete blog
  265. $sql = "DELETE FROM $tbl_blogs WHERE c_id = $course_id AND blog_id = $blog_id";
  266. Database::query($sql);
  267. // Delete from course homepage
  268. $sql = "DELETE FROM $tbl_tool WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=$blog_id";
  269. Database::query($sql);
  270. //update item_property (delete)
  271. api_item_property_update(
  272. api_get_course_info(),
  273. TOOL_BLOGS,
  274. $blog_id,
  275. 'delete',
  276. api_get_user_id()
  277. );
  278. }
  279. /**
  280. * Creates a new post in a given blog
  281. * @author Toon Keppens
  282. * @param string $title The title of the new post
  283. * @param string $full_text The full text of the new post
  284. * @param string $file_comment The text of the comment (if any)
  285. * @param int $blog_id The internal blog ID
  286. * @return void
  287. */
  288. public static function createPost($title, $full_text, $file_comment, $blog_id)
  289. {
  290. $_user = api_get_user_info();
  291. $_course = api_get_course_info();
  292. $course_id = $_course['real_id'];
  293. $blog_id = intval($blog_id);
  294. $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);
  295. $upload_ok = true;
  296. $has_attachment = false;
  297. $current_date = api_get_utc_datetime();
  298. if (!empty($_FILES['user_upload']['name'])) {
  299. $upload_ok = process_uploaded_file($_FILES['user_upload']);
  300. $has_attachment = true;
  301. }
  302. if ($upload_ok) {
  303. // Table Definitions
  304. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  305. $title = Database::escape_string($title);
  306. $full_text = Database::escape_string($full_text);
  307. // Create the post
  308. $sql = "INSERT INTO $tbl_blogs_posts (c_id, title, full_text, date_creation, blog_id, author_id )
  309. VALUES ($course_id, '$title', '$full_text', '$current_date', '$blog_id', ".$_user['user_id'].")";
  310. Database::query($sql);
  311. $last_post_id = Database::insert_id();
  312. if ($last_post_id) {
  313. $sql = "UPDATE $tbl_blogs_posts SET post_id = iid WHERE iid = $last_post_id";
  314. Database::query($sql);
  315. }
  316. if ($has_attachment) {
  317. $courseDir = $_course['path'].'/upload/blog';
  318. $sys_course_path = api_get_path(SYS_COURSE_PATH);
  319. $updir = $sys_course_path.$courseDir;
  320. // Try to add an extension to the file if it hasn't one
  321. $new_file_name = add_ext_on_mime(
  322. stripslashes($_FILES['user_upload']['name']),
  323. $_FILES['user_upload']['type']
  324. );
  325. // user's file name
  326. $file_name = $_FILES['user_upload']['name'];
  327. if (!filter_extension($new_file_name)) {
  328. echo Display::return_message(get_lang('UplUnableToSaveFileFilteredExtension'), 'error');
  329. } else {
  330. $new_file_name = uniqid('');
  331. $new_path = $updir.'/'.$new_file_name;
  332. $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path);
  333. $comment = Database::escape_string($file_comment);
  334. $file_name = Database::escape_string($file_name);
  335. $size = intval($_FILES['user_upload']['size']);
  336. // Storing the attachments if any
  337. if ($result) {
  338. $sql = "INSERT INTO $blog_table_attachment (c_id, filename,comment, path, post_id,size, blog_id,comment_id)
  339. VALUES ($course_id, '$file_name', '$comment', '$new_file_name', $last_post_id, $size, $blog_id, 0)";
  340. Database::query($sql);
  341. $id = Database::insert_id();
  342. if ($id) {
  343. $sql = "UPDATE $blog_table_attachment SET id = iid WHERE iid = $id";
  344. Database::query($sql);
  345. }
  346. }
  347. }
  348. }
  349. return $last_post_id;
  350. } else {
  351. echo Display::return_message(get_lang('UplNoFileUploaded'), 'error');
  352. }
  353. }
  354. /**
  355. * Edits a post in a given blog
  356. * @author Toon Keppens
  357. * @param int $post_id The internal ID of the post to edit
  358. * @param string $title The title
  359. * @param string $full_text The full post text
  360. * @param int $blog_id The internal ID of the blog in which the post is located
  361. */
  362. public static function editPost($post_id, $title, $full_text, $blog_id)
  363. {
  364. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  365. $course_id = api_get_course_int_id();
  366. $title = Database::escape_string($title);
  367. $full_text = Database::escape_string($full_text);
  368. $post_id = intval($post_id);
  369. $blog_id = intval($blog_id);
  370. // Create the post
  371. $sql = "UPDATE $tbl_blogs_posts SET
  372. title = '$title',
  373. full_text = '$full_text'
  374. WHERE c_id = $course_id AND post_id = $post_id AND blog_id = $blog_id
  375. LIMIT 1";
  376. Database::query($sql);
  377. }
  378. /**
  379. * Deletes an article and its comments
  380. * @author Toon Keppens
  381. * @param int $blog_id The internal blog ID
  382. * @param int $post_id The internal post ID
  383. */
  384. public static function deletePost($blog_id, $post_id)
  385. {
  386. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  387. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  388. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  389. $blog_id = intval($blog_id);
  390. $post_id = intval($post_id);
  391. $course_id = api_get_course_int_id();
  392. // Delete ratings on this comment
  393. $sql = "DELETE FROM $tbl_blogs_rating
  394. WHERE c_id = $course_id AND blog_id = $blog_id AND item_id = $post_id AND rating_type = 'post'";
  395. Database::query($sql);
  396. // Delete the post
  397. $sql = "DELETE FROM $tbl_blogs_posts
  398. WHERE c_id = $course_id AND post_id = $post_id";
  399. Database::query($sql);
  400. // Delete the comments
  401. $sql = "DELETE FROM $tbl_blogs_comments
  402. WHERE c_id = $course_id AND post_id = $post_id AND blog_id = $blog_id";
  403. Database::query($sql);
  404. // Delete posts and attachments
  405. self::deleteAllBlogAttachments($blog_id, $post_id);
  406. }
  407. /**
  408. * Creates a comment on a post in a given blog
  409. * @author Toon Keppens
  410. * @param string $title The comment title
  411. * @param string $full_text The full text of the comment
  412. * @param string $file_comment A comment on a file, if any was uploaded
  413. * @param int $blog_id The internal blog ID
  414. * @param int $post_id The internal post ID
  415. * @param int $parent_id The internal parent post ID
  416. * @param int $task_id The internal task ID (if any)
  417. */
  418. public static function createComment(
  419. $title,
  420. $full_text,
  421. $file_comment,
  422. $blog_id,
  423. $post_id,
  424. $parent_id,
  425. $task_id = null
  426. ) {
  427. $_user = api_get_user_info();
  428. $_course = api_get_course_info();
  429. $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);
  430. $upload_ok = true;
  431. $has_attachment = false;
  432. $current_date = api_get_utc_datetime();
  433. $course_id = api_get_course_int_id();
  434. if (!empty($_FILES['user_upload']['name'])) {
  435. $upload_ok = process_uploaded_file($_FILES['user_upload']);
  436. $has_attachment = true;
  437. }
  438. if ($upload_ok) {
  439. // Table Definition
  440. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  441. $title = Database::escape_string($title);
  442. $full_text = Database::escape_string($full_text);
  443. $blog_id = intval($blog_id);
  444. $post_id = intval($post_id);
  445. $parent_id = intval($parent_id);
  446. $task_id = !empty($task_id) ? intval($task_id) : 'null';
  447. // Create the comment
  448. $sql = "INSERT INTO $tbl_blogs_comments (c_id, title, comment, author_id, date_creation, blog_id, post_id, parent_comment_id, task_id )
  449. VALUES ($course_id, '$title', '$full_text', ".$_user['user_id'].", '$current_date', $blog_id, $post_id, $parent_id, '$task_id')";
  450. Database::query($sql);
  451. // Empty post values, or they are shown on the page again
  452. $last_id = Database::insert_id();
  453. if ($last_id) {
  454. $sql = "UPDATE $tbl_blogs_comments SET comment_id = iid WHERE iid = $last_id";
  455. Database::query($sql);
  456. if ($has_attachment) {
  457. $courseDir = $_course['path'].'/upload/blog';
  458. $sys_course_path = api_get_path(SYS_COURSE_PATH);
  459. $updir = $sys_course_path.$courseDir;
  460. // Try to add an extension to the file if it hasn't one
  461. $new_file_name = add_ext_on_mime(
  462. stripslashes($_FILES['user_upload']['name']),
  463. $_FILES['user_upload']['type']
  464. );
  465. // user's file name
  466. $file_name = Database::escape_string($_FILES['user_upload']['name']);
  467. if (!filter_extension($new_file_name)) {
  468. echo Display::return_message(get_lang('UplUnableToSaveFileFilteredExtension'), 'error');
  469. } else {
  470. $new_file_name = uniqid('');
  471. $new_path = $updir.'/'.$new_file_name;
  472. $result = @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path);
  473. $comment = Database::escape_string($file_comment);
  474. $size = intval($_FILES['user_upload']['size']);
  475. // Storing the attachments if any
  476. if ($result) {
  477. $sql = "INSERT INTO $blog_table_attachment (c_id, filename,comment, path, post_id,size,blog_id,comment_id)
  478. VALUES ($course_id, '$file_name', '$comment', '$new_file_name', $post_id, $size, $blog_id, $last_id)";
  479. Database::query($sql);
  480. $id = Database::insert_id();
  481. if ($id) {
  482. $sql = "UPDATE $blog_table_attachment SET id = iid WHERE iid = $id";
  483. Database::query($sql);
  484. }
  485. }
  486. }
  487. }
  488. }
  489. }
  490. }
  491. /**
  492. * Deletes a comment from a blogpost
  493. * @author Toon Keppens
  494. * @param int $blog_id The internal blog ID
  495. * @param int $post_id The internal post ID
  496. * @param int $comment_id The internal comment ID
  497. */
  498. public static function deleteComment($blog_id, $post_id, $comment_id)
  499. {
  500. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  501. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  502. $blog_id = intval($blog_id);
  503. $post_id = intval($post_id);
  504. $comment_id = intval($comment_id);
  505. $course_id = api_get_course_int_id();
  506. self::deleteAllBlogAttachments($blog_id, $post_id, $comment_id);
  507. // Delete ratings on this comment
  508. $sql = "DELETE FROM $tbl_blogs_rating
  509. WHERE
  510. c_id = $course_id AND
  511. blog_id = $blog_id AND
  512. item_id = $comment_id AND
  513. rating_type = 'comment'";
  514. Database::query($sql);
  515. // select comments that have the selected comment as their parent
  516. $sql = "SELECT comment_id FROM $tbl_blogs_comments
  517. WHERE c_id = $course_id AND parent_comment_id = $comment_id";
  518. $result = Database::query($sql);
  519. // Delete them recursively
  520. while ($comment = Database::fetch_array($result)) {
  521. self::deleteComment($blog_id, $post_id, $comment['comment_id']);
  522. }
  523. // Finally, delete the selected comment to
  524. $sql = "DELETE FROM $tbl_blogs_comments
  525. WHERE c_id = $course_id AND comment_id = $comment_id";
  526. Database::query($sql);
  527. }
  528. /**
  529. * Creates a new task in a blog
  530. * @author Toon Keppens
  531. * @param int $blog_id
  532. * @param string $title
  533. * @param string $description
  534. * @param string $articleDelete Set to 'on' to register as 'article_delete' in tasks_permissions
  535. * @param string $articleEdit Set to 'on' to register as 'article_edit' in tasks_permissions
  536. * @param string $commentsDelete Set to 'on' to register as 'article_comments_delete' in tasks permissions
  537. * @param string $color
  538. */
  539. public static function addTask(
  540. $blog_id,
  541. $title,
  542. $description,
  543. $articleDelete,
  544. $articleEdit,
  545. $commentsDelete,
  546. $color
  547. ) {
  548. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  549. $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS);
  550. $course_id = api_get_course_int_id();
  551. $blog_id = intval($blog_id);
  552. $title = Database::escape_string($title);
  553. $description = Database::escape_string($description);
  554. $color = Database::escape_string($color);
  555. // Create the task
  556. $sql = "INSERT INTO $tbl_blogs_tasks (c_id, blog_id, title, description, color, system_task)
  557. VALUES ($course_id , $blog_id, '$title', '$description', '$color', '0');";
  558. Database::query($sql);
  559. $task_id = Database::insert_id();
  560. if ($task_id) {
  561. $sql = "UPDATE $tbl_blogs_tasks SET task_id = iid WHERE iid = $task_id";
  562. Database::query($sql);
  563. }
  564. $tool = 'BLOG_'.$blog_id;
  565. if ($articleDelete == 'on') {
  566. $sql = "INSERT INTO $tbl_tasks_permissions ( c_id, task_id, tool, action)
  567. VALUES ($course_id, $task_id, '$tool', 'article_delete')";
  568. Database::query($sql);
  569. $id = Database::insert_id();
  570. if ($id) {
  571. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  572. Database::query($sql);
  573. }
  574. }
  575. if ($articleEdit == 'on') {
  576. $sql = "
  577. INSERT INTO $tbl_tasks_permissions (c_id, task_id, tool, action )
  578. VALUES ($course_id, $task_id, '$tool', 'article_edit')";
  579. Database::query($sql);
  580. $id = Database::insert_id();
  581. if ($id) {
  582. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  583. Database::query($sql);
  584. }
  585. }
  586. if ($commentsDelete == 'on') {
  587. $sql = "
  588. INSERT INTO $tbl_tasks_permissions (c_id, task_id, tool, action )
  589. VALUES ($course_id, $task_id, '$tool', 'article_comments_delete')";
  590. Database::query($sql);
  591. $id = Database::insert_id();
  592. if ($id) {
  593. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  594. Database::query($sql);
  595. }
  596. }
  597. }
  598. /**
  599. * Edit a task in a blog
  600. * @author Toon Keppens
  601. * @param int $blog_id The internal blog ID
  602. * @param int $task_id The internal task ID
  603. * @param string $title The task title
  604. * @param string $description The task description
  605. * @param string $articleDelete Set to 'on' to register as 'article_delete' in tasks_permissions
  606. * @param string $articleEdit Set to 'on' to register as 'article_edit' in tasks_permissions
  607. * @param string $commentsDelete Set to 'on' to register as 'article_comments_delete' in tasks permissions
  608. * @param string $color The color code
  609. */
  610. public static function editTask(
  611. $blog_id,
  612. $task_id,
  613. $title,
  614. $description,
  615. $articleDelete,
  616. $articleEdit,
  617. $commentsDelete,
  618. $color
  619. ) {
  620. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  621. $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS);
  622. $course_id = api_get_course_int_id();
  623. $blog_id = intval($blog_id);
  624. $task_id = intval($task_id);
  625. $title = Database::escape_string($title);
  626. $description = Database::escape_string($description);
  627. $color = Database::escape_string($color);
  628. // Create the task
  629. $sql = "UPDATE $tbl_blogs_tasks SET
  630. title = '$title',
  631. description = '$description',
  632. color = '$color'
  633. WHERE c_id = $course_id AND task_id = task_id LIMIT 1";
  634. Database::query($sql);
  635. $tool = 'BLOG_'.$blog_id;
  636. $sql = "DELETE FROM $tbl_tasks_permissions
  637. WHERE c_id = $course_id AND task_id = $task_id";
  638. Database::query($sql);
  639. if ($articleDelete == 'on') {
  640. $sql = "INSERT INTO $tbl_tasks_permissions ( c_id, task_id, tool, action)
  641. VALUES ($course_id, $task_id, '$tool', 'article_delete')";
  642. Database::query($sql);
  643. $id = Database::insert_id();
  644. if ($id) {
  645. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  646. Database::query($sql);
  647. }
  648. }
  649. if ($articleEdit == 'on') {
  650. $sql = "INSERT INTO $tbl_tasks_permissions (c_id, task_id, tool, action)
  651. VALUES ($course_id, $task_id, '$tool', 'article_edit')";
  652. Database::query($sql);
  653. $id = Database::insert_id();
  654. if ($id) {
  655. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  656. Database::query($sql);
  657. }
  658. }
  659. if ($commentsDelete == 'on') {
  660. $sql = "INSERT INTO $tbl_tasks_permissions (c_id, task_id, tool, action)
  661. VALUES ($course_id, $task_id, '$tool', 'article_comments_delete')";
  662. Database::query($sql);
  663. $id = Database::insert_id();
  664. if ($id) {
  665. $sql = "UPDATE $tbl_tasks_permissions SET id = iid WHERE iid = $id";
  666. Database::query($sql);
  667. }
  668. }
  669. }
  670. /**
  671. * Deletes a task from a blog
  672. * @param int $blog_id
  673. * @param int $task_id
  674. * @return void
  675. */
  676. public static function deleteTask($blog_id, $task_id)
  677. {
  678. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  679. $course_id = api_get_course_int_id();
  680. $blog_id = intval($blog_id);
  681. $task_id = intval($task_id);
  682. // Delete posts
  683. $sql = "DELETE FROM $tbl_blogs_tasks
  684. WHERE c_id = $course_id AND blog_id = $blog_id AND task_id = $task_id";
  685. Database::query($sql);
  686. }
  687. /**
  688. * Deletes an assigned task from a blog
  689. * @param int $blog_id
  690. * @param int $task_id
  691. * @param int $user_id
  692. * @return void
  693. */
  694. public static function deleteAssignedTask($blog_id, $task_id, $user_id)
  695. {
  696. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  697. $course_id = api_get_course_int_id();
  698. $blog_id = intval($blog_id);
  699. $task_id = intval($task_id);
  700. $user_id = intval($user_id);
  701. // Delete posts
  702. $sql = "DELETE FROM $tbl_blogs_tasks_rel_user
  703. WHERE
  704. c_id = $course_id AND
  705. blog_id = $blog_id AND
  706. task_id = $task_id AND
  707. user_id = $user_id";
  708. Database::query($sql);
  709. }
  710. /**
  711. * Get personal task list
  712. * @author Toon Keppens
  713. * @return string Returns an unsorted list (<ul></ul>) with the users' tasks
  714. */
  715. public static function getPersonalTasksList()
  716. {
  717. $_user = api_get_user_info();
  718. $html = null;
  719. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  720. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  721. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  722. $course_id = api_get_course_int_id();
  723. $blog_id = intval($_GET['blog_id']);
  724. if ($_user['user_id']) {
  725. $sql = "SELECT task_rel_user.*, task.title, blog.blog_name
  726. FROM $tbl_blogs_tasks_rel_user task_rel_user
  727. INNER JOIN $tbl_blogs_tasks task
  728. ON task_rel_user.task_id = task.task_id
  729. INNER JOIN $tbl_blogs blog
  730. ON task_rel_user.blog_id = blog.blog_id
  731. AND blog.blog_id = $blog_id
  732. WHERE
  733. task.c_id = $course_id AND
  734. blog.c_id = $course_id AND
  735. task_rel_user.c_id = $course_id AND
  736. task_rel_user.user_id = ".$_user['user_id']."
  737. ORDER BY target_date ASC";
  738. $result = Database::query($sql);
  739. if (Database::num_rows($result) > 0) {
  740. $html .= '<ul>';
  741. while ($mytask = Database::fetch_array($result)) {
  742. $html .= '<li><a href="blog.php?action=execute_task&blog_id='.$mytask['blog_id'].'&task_id='.stripslashes(
  743. $mytask['task_id']
  744. ).'" title="[Blog: '.stripslashes($mytask['blog_name']).'] '.get_lang(
  745. 'ExecuteThisTask'
  746. ).'">'.stripslashes($mytask['title']).'</a></li>';
  747. }
  748. $html .= '<ul>';
  749. } else {
  750. $html .= get_lang('NoTasks');
  751. }
  752. } else {
  753. $html .= get_lang('NoTasks');
  754. }
  755. return $html;
  756. }
  757. /**
  758. * Changes the visibility of a blog
  759. * @author Toon Keppens
  760. * @param Integer $blog_id
  761. * @return void
  762. */
  763. public static function changeBlogVisibility($blog_id)
  764. {
  765. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  766. $tbl_tool = Database::get_course_table(TABLE_TOOL_LIST);
  767. $course_id = api_get_course_int_id();
  768. // Get blog properties
  769. $sql = "SELECT blog_name, visibility FROM $tbl_blogs
  770. WHERE c_id = $course_id AND blog_id='".(int) $blog_id."'";
  771. $result = Database::query($sql);
  772. $blog = Database::fetch_array($result);
  773. $visibility = $blog['visibility'];
  774. $title = $blog['blog_name'];
  775. if ($visibility == 1) {
  776. // Change visibility state, remove from course home.
  777. $sql = "UPDATE $tbl_blogs SET visibility = '0'
  778. WHERE c_id = $course_id AND blog_id ='".(int) $blog_id."' LIMIT 1";
  779. Database::query($sql);
  780. $sql = "DELETE FROM $tbl_tool
  781. WHERE c_id = $course_id AND name = '".Database::escape_string($title)."' LIMIT 1";
  782. Database::query($sql);
  783. } else {
  784. // Change visibility state, add to course home.
  785. $sql = "UPDATE $tbl_blogs SET visibility = '1'
  786. WHERE c_id = $course_id AND blog_id ='".(int) $blog_id."' LIMIT 1";
  787. Database::query($sql);
  788. $sql = "INSERT INTO $tbl_tool (c_id, name, link, image, visibility, admin, address, added_tool, target)
  789. VALUES ($course_id, '".Database::escape_string($title)."', 'blog/blog.php?blog_id=".(int) $blog_id."', 'blog.gif', '1', '0', 'pastillegris.gif', '0', '_self')";
  790. Database::query($sql);
  791. $id = Database::insert_id();
  792. if ($id) {
  793. $sql = "UPDATE $tbl_tool SET id = iid WHERE iid = $id";
  794. Database::query($sql);
  795. }
  796. }
  797. }
  798. /**
  799. * Display the search results
  800. * @param int $blog_id
  801. * @param string $query_string
  802. * @return string|array
  803. */
  804. public static function getSearchResults($blog_id, $query_string)
  805. {
  806. $query_string = Database::escape_string($query_string);
  807. $query_string_parts = explode(' ', $query_string);
  808. $query_string = array();
  809. foreach ($query_string_parts as $query_part) {
  810. $query_string[] = " full_text LIKE '%".$query_part."%' OR title LIKE '%".$query_part."%' ";
  811. }
  812. $query_string = '('.implode('OR', $query_string).')';
  813. // Display the posts
  814. return self::getPosts($blog_id, $query_string);
  815. }
  816. /**
  817. * Shows the posts of a blog
  818. * @author Toon Keppens
  819. * @param int $blog_id
  820. * @param string $filter
  821. * @param int $max_number_of_posts
  822. * @return string|array
  823. */
  824. public static function getPosts($blog_id, $filter = '1=1', $max_number_of_posts = 20)
  825. {
  826. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  827. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  828. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  829. $course_id = api_get_course_int_id();
  830. $blog_id = intval($blog_id);
  831. $filter = Database::escape_string($filter);
  832. $max_number_of_posts = intval($max_number_of_posts);
  833. // Get posts and authors
  834. $sql = "SELECT post.*, user.lastname, user.firstname, user.username
  835. FROM $tbl_blogs_posts post
  836. INNER JOIN $tbl_users user
  837. ON post.author_id = user.user_id
  838. WHERE post.blog_id = $blog_id AND
  839. post.c_id = $course_id AND
  840. $filter
  841. ORDER BY post_id DESC LIMIT 0, $max_number_of_posts";
  842. $result = Database::query($sql);
  843. // Display
  844. if (Database::num_rows($result) > 0) {
  845. $limit = 200;
  846. while ($blog_post = Database::fetch_array($result)) {
  847. // Get number of comments
  848. $sql = "SELECT COUNT(1) as number_of_comments
  849. FROM $tbl_blogs_comments
  850. WHERE
  851. c_id = $course_id AND
  852. blog_id = $blog_id AND
  853. post_id = ".$blog_post['post_id'];
  854. $tmp = Database::query($sql);
  855. $blog_post_comments = Database::fetch_array($tmp);
  856. $fileArray = self::getBlogAttachments($blog_id, $blog_post['post_id'], 0);
  857. $scoreRanking = self::displayRating(
  858. 'post',
  859. $blog_id,
  860. $blog_post['post_id']
  861. );
  862. // Prepare data
  863. $article = [
  864. 'id_blog' => $blog_post['blog_id'],
  865. 'c_id' => $blog_post['c_id'],
  866. 'id_post' => $blog_post['post_id'],
  867. 'id_autor' => $blog_post['author_id'],
  868. 'autor' => $blog_post['firstname'].' '.$blog_post['lastname'],
  869. 'username' => $blog_post['username'],
  870. 'title' => stripslashes($blog_post['title']),
  871. 'extract' => self::getPostExtract($blog_post['full_text'], BLOG_MAX_PREVIEW_CHARS),
  872. 'content' => stripslashes($blog_post['full_text']),
  873. 'post_date' => Display::dateToStringAgoAndLongDate($blog_post['date_creation']),
  874. 'n_comments' => $blog_post_comments['number_of_comments'],
  875. 'files' => $fileArray,
  876. 'score_ranking' => $scoreRanking
  877. ];
  878. $listArticle[] = $article;
  879. }
  880. return $listArticle;
  881. } else {
  882. if ($filter == '1=1') {
  883. return get_lang('NoArticles');
  884. } else {
  885. return get_lang('NoArticleMatches');
  886. }
  887. }
  888. }
  889. /**
  890. * Display posts from a certain date
  891. * @param int $blog_id
  892. * @param string $query_string
  893. * @return string|array
  894. */
  895. public static function getDailyResults($blog_id, $query_string)
  896. {
  897. //$date_output = $query_string;
  898. $date = explode('-', $query_string);
  899. $query_string = ' DAYOFMONTH(date_creation) ='.intval($date[2]).' AND MONTH(date_creation) ='.intval($date[1]).' AND YEAR(date_creation) ='.intval($date[0]);
  900. // Put date in correct output format
  901. //$date_output = api_format_date($date_output, DATE_FORMAT_LONG);
  902. // Display the posts
  903. //echo '<span class="blogpost_title">' . get_lang('PostsOf') . ': ' . $date_output . '</span>';
  904. $list = self::getPosts($blog_id, $query_string);
  905. return $list;
  906. }
  907. /**
  908. * Displays a post and his comments
  909. * @param int $blog_id
  910. * @param int $post_id
  911. * @return array
  912. */
  913. public static function getSinglePost($blog_id, $post_id)
  914. {
  915. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  916. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  917. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  918. $listComments = null;
  919. global $charset;
  920. $course_id = api_get_course_int_id();
  921. $blog_id = intval($blog_id);
  922. $post_id = intval($post_id);
  923. // Get posts and author
  924. $sql = "SELECT post.*, user.lastname, user.firstname, user.username
  925. FROM $tbl_blogs_posts post
  926. INNER JOIN $tbl_users user
  927. ON post.author_id = user.user_id
  928. WHERE
  929. post.c_id = $course_id AND
  930. post.blog_id = $blog_id AND
  931. post.post_id = $post_id
  932. ORDER BY post_id DESC";
  933. $result = Database::query($sql);
  934. $blog_post = Database::fetch_array($result);
  935. // Get number of comments
  936. $sql = "SELECT COUNT(1) as number_of_comments
  937. FROM $tbl_blogs_comments
  938. WHERE c_id = $course_id AND blog_id = $blog_id AND post_id = $post_id";
  939. $result = Database::query($sql);
  940. $blog_post_comments = Database::fetch_array($result);
  941. $blogActions = null;
  942. $task_id = (isset($_GET['task_id']) && is_numeric($_GET['task_id'])) ? intval($_GET['task_id']) : 0;
  943. // Display comments if there are any
  944. if ($blog_post_comments['number_of_comments'] > 0) {
  945. $listComments = self::getThreadedComments(0, 0, $blog_id, $post_id, $task_id);
  946. }
  947. // Display comment form
  948. if (api_is_allowed('BLOG_'.$blog_id, 'article_comments_add')) {
  949. $formComments = self::displayCommentCreateForm($blog_id, $post_id, $blog_post['title'], false);
  950. }
  951. // Prepare data
  952. $fileArray = self::getBlogAttachments($blog_id, $post_id);
  953. $post_text = make_clickable(stripslashes($blog_post['full_text']));
  954. $post_text = stripslashes($post_text);
  955. if (api_is_allowed('BLOG_'.$blog_id, 'article_edit', $task_id)) {
  956. $blogActions .= '<a class="btn btn-default" href="blog.php?action=edit_post&blog_id='.$blog_id.'&post_id='.$post_id.'&article_id='.$blog_post['post_id'].'&task_id='.$task_id.'" title="'.get_lang('EditThisPost').'">';
  957. $blogActions .= Display::return_icon('edit.png', get_lang('Edit'), null, ICON_SIZE_TINY);
  958. $blogActions .= '</a>';
  959. }
  960. if (api_is_allowed('BLOG_'.$blog_id, 'article_delete', $task_id)) {
  961. $blogActions .= '<a class="btn btn-default" href="blog.php?action=view_post&blog_id='.$blog_id.'&post_id='.$post_id.'&do=delete_article&article_id='.$blog_post['post_id'].'&task_id='.$task_id.'" title="'.get_lang(
  962. 'DeleteThisArticle'
  963. ).'" onclick="javascript:if(!confirm(\''.addslashes(
  964. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  965. ).'\')) return false;">';
  966. $blogActions .= Display::return_icon('delete.png', get_lang('Delete'), null, ICON_SIZE_TINY);
  967. $blogActions .= '</a>';
  968. }
  969. $scoreRanking = self::displayRating('post', $blog_id, $post_id);
  970. $article = [
  971. 'id_blog' => $blog_post['blog_id'],
  972. 'c_id' => $blog_post['c_id'],
  973. 'id_post' => $blog_post['post_id'],
  974. 'id_author' => $blog_post['author_id'],
  975. 'author' => $blog_post['firstname'].' '.$blog_post['lastname'],
  976. 'username' => $blog_post['username'],
  977. 'title' => stripslashes($blog_post['title']),
  978. 'extract' => api_get_short_text_from_html(stripslashes($blog_post['full_text']), 400),
  979. 'content' => $post_text,
  980. 'post_date' => Display::dateToStringAgoAndLongDate($blog_post['date_creation']),
  981. 'n_comments' => $blog_post_comments['number_of_comments'],
  982. 'files' => $fileArray,
  983. 'id_task' => $task_id,
  984. 'comments' => $listComments,
  985. 'form_html' => $formComments,
  986. 'actions' => $blogActions,
  987. 'score_ranking' => (int) $scoreRanking,
  988. 'frm_rating' => api_is_allowed('BLOG_'.$blog_id, 'article_rate')
  989. ? self::displayRatingCreateForm('post', $blog_id, $post_id)
  990. : null
  991. ];
  992. return $article;
  993. }
  994. /**
  995. * This functions gets all replies to a post, threaded.
  996. *
  997. * @param int $current
  998. * @param int $current_level
  999. * @param int $blog_id
  1000. * @param int $post_id
  1001. * @param int $task_id
  1002. * @return array
  1003. */
  1004. public static function getThreadedComments(
  1005. $current = 0,
  1006. $current_level = 0,
  1007. $blog_id,
  1008. $post_id,
  1009. $task_id = 0
  1010. ) {
  1011. $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  1012. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  1013. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1014. $charset = api_get_system_encoding();
  1015. $course_id = api_get_course_int_id();
  1016. $blog_id = intval($blog_id);
  1017. $post_id = intval($post_id);
  1018. $task_id = intval($task_id);
  1019. $listComments = [];
  1020. // Select top level comments
  1021. $next_level = $current_level + 1;
  1022. $sql = "SELECT comments.*, user.lastname, user.firstname, user.username, task.color
  1023. FROM $tbl_blogs_comments comments
  1024. INNER JOIN $tbl_users user
  1025. ON comments.author_id = user.user_id
  1026. LEFT JOIN $tbl_blogs_tasks task
  1027. ON comments.task_id = task.task_id AND task.c_id = $course_id
  1028. WHERE
  1029. comments.c_id = $course_id AND
  1030. parent_comment_id = $current AND
  1031. comments.blog_id = $blog_id AND
  1032. comments.post_id = $post_id";
  1033. $result = Database::query($sql);
  1034. $html = null;
  1035. while ($comment = Database::fetch_array($result)) {
  1036. $commentActions = null;
  1037. $ratingSelect = null;
  1038. $comment_text = make_clickable(stripslashes($comment['comment']));
  1039. $comment_text = stripslashes($comment_text);
  1040. $commentActions .= Display::toolbarButton(
  1041. get_lang('ReplyToThisComment'),
  1042. '#',
  1043. 'reply',
  1044. 'default',
  1045. ['data-id' => $comment['iid'], 'role' => 'button', 'class' => 'btn-reply-to'],
  1046. false
  1047. );
  1048. if (api_is_allowed('BLOG_'.$blog_id, 'article_comments_delete', $task_id)) {
  1049. $commentActions .= ' <a class="btn btn-default" href="blog.php?action=view_post&blog_id='.$blog_id.'&post_id='.$post_id.'&do=delete_comment&comment_id='.$comment['comment_id'].'&task_id='.$task_id.'" title="'.get_lang(
  1050. 'DeleteThisComment'
  1051. ).'" onclick="javascript:if(!confirm(\''.addslashes(
  1052. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  1053. ).'\')) return false;">';
  1054. $commentActions .= Display::returnFontAwesomeIcon('trash');
  1055. $commentActions .= '</a>';
  1056. }
  1057. if (api_is_allowed('BLOG_'.$blog_id, 'article_comments_rate')) {
  1058. $ratingSelect = self::displayRatingCreateForm(
  1059. 'comment',
  1060. $blog_id,
  1061. $post_id,
  1062. $comment['comment_id']
  1063. );
  1064. }
  1065. $scoreRanking = self::displayRating(
  1066. 'comment',
  1067. $blog_id,
  1068. $comment['comment_id']
  1069. );
  1070. // Files
  1071. $fileArray = self::getBlogAttachments(
  1072. $blog_id,
  1073. $post_id,
  1074. $comment['comment_id']
  1075. );
  1076. $userInfo = api_get_user_info($comment['author_id']);
  1077. $comments = [
  1078. 'iid' => $comment['iid'],
  1079. 'id_comment' => $comment['comment_id'],
  1080. 'id_curso' => $comment['c_id'],
  1081. 'title' => $comment['title'],
  1082. 'content' => $comment_text,
  1083. 'id_author' => $comment['author_id'],
  1084. 'comment_date' => Display::dateToStringAgoAndLongDate($comment['date_creation']),
  1085. 'id_blog' => $comment['blog_id'],
  1086. 'id_post' => $comment['post_id'],
  1087. 'id_task' => $comment['task_id'],
  1088. 'id_parent' => $comment['parent_comment_id'],
  1089. 'user_info' => $userInfo,
  1090. 'color' => $comment['color'],
  1091. 'files' => $fileArray,
  1092. 'actions' => $commentActions,
  1093. 'form_ranking' => $ratingSelect,
  1094. 'score_ranking' => $scoreRanking,
  1095. 'comments' => self::getThreadedComments($comment['iid'], $next_level, $blog_id, $post_id)
  1096. ];
  1097. $listComments[] = $comments;
  1098. }
  1099. return $listComments;
  1100. }
  1101. /**
  1102. * Shows the rating form if not already rated by that user
  1103. * @author Toon Keppens
  1104. * @param string $type
  1105. * @param int $blog_id
  1106. * @param int $post_id
  1107. * @param int $comment_id
  1108. * @return void
  1109. */
  1110. public static function displayRatingCreateForm($type, $blog_id, $post_id, $comment_id = null)
  1111. {
  1112. $_user = api_get_user_info();
  1113. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  1114. $course_id = api_get_course_int_id();
  1115. $blog_id = intval($blog_id);
  1116. $post_id = intval($post_id);
  1117. $comment_id = isset($comment_id) ? intval($comment_id) : null;
  1118. $type = Database::escape_string($type);
  1119. $html = null;
  1120. if ($type == 'post') {
  1121. // Check if the user has already rated this post
  1122. $sql = "SELECT rating_id FROM $tbl_blogs_rating
  1123. WHERE c_id = $course_id AND
  1124. blog_id = $blog_id
  1125. AND item_id = $post_id
  1126. AND rating_type = '$type'
  1127. AND user_id = ".$_user['user_id'];
  1128. $result = Database::query($sql);
  1129. // Add rating
  1130. if (Database::num_rows($result) == 0) {
  1131. $html .= '<form class="form-horizontal" method="get" action="blog.php" id="frm_rating_'.$type.'_'.$post_id.'" name="frm_rating_'.$type.'_'.$post_id.'">';
  1132. $html .= '<div class="form-group">';
  1133. $html .= '<label class="col-sm-3 control-label">'.get_lang('RateThis').'</label>';
  1134. $html .= '<div class="col-sm-9">';
  1135. $html .= '<select class="selectpicker" name="rating" onchange="document.forms[\'frm_rating_'.$type.'_'.$post_id.'\'].submit()"><option value="">-</option><option value="1">1</option><option value="2">2</option><option value="3">3</option><option value="4">4</option><option value="5">5</option><option value="6">6</option><option value="7">7</option><option value="8">8</option><option value="9">9</option><option value="10">10</option></select><input type="hidden" name="action" value="view_post" /><input type="hidden" name="type" value="'.$type.'" /><input type="hidden" name="do" value="rate" /><input type="hidden" name="blog_id" value="'.$blog_id.'" /><input type="hidden" name="post_id" value="'.$post_id.'" />';
  1136. $html .= '</div>';
  1137. $html .= '</div>';
  1138. $html .= '</form>';
  1139. return $html;
  1140. } else {
  1141. return '';
  1142. }
  1143. }
  1144. if ($type = 'comment') {
  1145. // Check if the user has already rated this comment
  1146. $sql = "SELECT rating_id FROM $tbl_blogs_rating
  1147. WHERE c_id = $course_id AND blog_id = $blog_id
  1148. AND item_id = $comment_id
  1149. AND rating_type = '$type'
  1150. AND user_id = ".$_user['user_id'];
  1151. $result = Database::query($sql);
  1152. if (Database::num_rows($result) == 0) {
  1153. $html .= '<form class="form-horizontal" method="get" action="blog.php" id="frm_rating_'.$type.'_'.$comment_id.'" name="frm_rating_'.$type.'_'.$comment_id.'">';
  1154. $html .= '<div class="form-group">';
  1155. $html .= '<label class="col-sm-3 control-label">'.get_lang('RateThis').'</label>';
  1156. $html .= '<div class="col-sm-9">';
  1157. $html .= '<select class="selectpicker" name="rating" onchange="document.forms[\'frm_rating_'.$type.'_'.$comment_id.'\'].submit()"><option value="">-</option><option value="1">1</option><option value="2">2</option><option value="3">3</option><option value="4">4</option><option value="5">5</option><option value="6">6</option><option value="7">7</option><option value="8">8</option><option value="9">9</option><option value="10">10</option></select><input type="hidden" name="action" value="view_post" /><input type="hidden" name="type" value="'.$type.'" /><input type="hidden" name="do" value="rate" /><input type="hidden" name="blog_id" value="'.$blog_id.'" /><input type="hidden" name="post_id" value="'.$post_id.'" /><input type="hidden" name="comment_id" value="'.$comment_id.'" />';
  1158. $html .= '</div>';
  1159. $html .= '</div>';
  1160. $html .= '</form>';
  1161. return $html;
  1162. } else {
  1163. return '';
  1164. }
  1165. }
  1166. }
  1167. /**
  1168. * Shows the rating of user
  1169. * @param string $type
  1170. * @param integer $blog_id
  1171. * @param integer $item_id
  1172. * @return array
  1173. */
  1174. public static function displayRating($type, $blog_id, $item_id)
  1175. {
  1176. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  1177. $course_id = api_get_course_int_id();
  1178. $blog_id = intval($blog_id);
  1179. $item_id = intval($item_id);
  1180. $type = Database::escape_string($type);
  1181. // Calculate rating
  1182. $sql = "SELECT AVG(rating) as rating FROM $tbl_blogs_rating
  1183. WHERE
  1184. c_id = $course_id AND
  1185. blog_id = $blog_id AND
  1186. item_id = $item_id AND
  1187. rating_type = '$type'";
  1188. $result = Database::query($sql);
  1189. $result = Database::fetch_array($result);
  1190. return round($result['rating'], 2);
  1191. }
  1192. /**
  1193. * Displays the form to create a new post
  1194. * @author Toon Keppens
  1195. *
  1196. * @param int $blog_id
  1197. * @param int $post_id
  1198. * @return string HTML form
  1199. */
  1200. public static function displayCommentCreateForm($blog_id, $post_id)
  1201. {
  1202. $taskId = !empty($_GET['task_id']) ? intval($_GET['task_id']) : 0;
  1203. $blog_id = intval($blog_id);
  1204. $post_id = intval($post_id);
  1205. $form = new FormValidator(
  1206. 'add_post',
  1207. 'post',
  1208. api_get_self().'?'.api_get_cidreq().'&'.http_build_query([
  1209. 'action' => 'view_post',
  1210. 'blog_id' => $blog_id,
  1211. 'post_id' => $post_id,
  1212. 'task_id' => $taskId
  1213. ]),
  1214. null,
  1215. array('enctype' => 'multipart/form-data')
  1216. );
  1217. $header = $taskId ? get_lang('ExecuteThisTask') : get_lang('AddNewComment');
  1218. $form->addHeader($header);
  1219. $form->addText('title', get_lang('Title'));
  1220. $config = array();
  1221. if (!api_is_allowed_to_edit()) {
  1222. $config['ToolbarSet'] = 'ProjectComment';
  1223. } else {
  1224. $config['ToolbarSet'] = 'ProjectCommentStudent';
  1225. }
  1226. $form->addHtmlEditor(
  1227. 'comment',
  1228. get_lang('Comment'),
  1229. false,
  1230. false,
  1231. $config
  1232. );
  1233. $form->addFile('user_upload', get_lang('AddAnAttachment'));
  1234. $form->addTextarea('post_file_comment', get_lang('FileComment'));
  1235. $form->addHidden('action', null);
  1236. $form->addHidden('comment_parent_id', 0);
  1237. $form->addHidden('task_id', $taskId);
  1238. $form->addButton('save', get_lang('Save'));
  1239. if ($form->validate()) {
  1240. $values = $form->exportValues();
  1241. self::createComment(
  1242. $values['title'],
  1243. $values['comment'],
  1244. $values['post_file_comment'],
  1245. $blog_id,
  1246. $post_id,
  1247. $values['comment_parent_id'],
  1248. $taskId
  1249. );
  1250. Display::addFlash(
  1251. Display::return_message(get_lang('CommentAdded'), 'success')
  1252. );
  1253. header(
  1254. 'Location: '
  1255. .api_get_self()
  1256. .'?'
  1257. .api_get_cidreq()
  1258. .'&'
  1259. .http_build_query([
  1260. 'blog_id' => $blog_id,
  1261. 'post_id' => $post_id,
  1262. 'action' => 'view_post',
  1263. 'task_id' => $taskId
  1264. ])
  1265. );
  1266. exit;
  1267. }
  1268. return $form->returnForm();
  1269. }
  1270. /**
  1271. * Adds rating to a certain post or comment
  1272. * @author Toon Keppens
  1273. *
  1274. * @param string $type
  1275. * @param int $blog_id
  1276. * @param int $item_id
  1277. * @param int $rating
  1278. *
  1279. * @return Boolean success
  1280. */
  1281. public static function addRating($type, $blog_id, $item_id, $rating)
  1282. {
  1283. $_user = api_get_user_info();
  1284. $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING);
  1285. $course_id = api_get_course_int_id();
  1286. $blog_id = intval($blog_id);
  1287. $item_id = intval($item_id);
  1288. $type = Database::escape_string($type);
  1289. $rating = Database::escape_string($rating);
  1290. // Check if the user has already rated this post/comment
  1291. $sql = "SELECT rating_id FROM $tbl_blogs_rating
  1292. WHERE
  1293. c_id = $course_id AND
  1294. blog_id = $blog_id AND
  1295. item_id = $item_id AND
  1296. rating_type = '$type' AND
  1297. user_id = ".$_user['user_id'];
  1298. $result = Database::query($sql);
  1299. // Add rating
  1300. if (Database::num_rows($result) == 0) {
  1301. $sql = "INSERT INTO $tbl_blogs_rating (c_id, blog_id, rating_type, item_id, user_id, rating )
  1302. VALUES ($course_id, $blog_id, '$type', $item_id, ".$_user['user_id'].", '$rating')";
  1303. Database::query($sql);
  1304. $id = Database::insert_id();
  1305. if ($id) {
  1306. $sql = "UPDATE $tbl_blogs_rating SET rating_id = iid WHERE iid = $id";
  1307. Database::query($sql);
  1308. }
  1309. return true;
  1310. } else {
  1311. return false;
  1312. }
  1313. }
  1314. /**
  1315. * Displays the form to create a new post
  1316. * @author Toon Keppens
  1317. *
  1318. * @param Integer $blog_id
  1319. * @return string
  1320. */
  1321. public static function displayPostCreateForm($blog_id)
  1322. {
  1323. $blog_id = intval($blog_id);
  1324. if (!api_is_allowed('BLOG_'.$blog_id, 'article_add')) {
  1325. api_not_allowed();
  1326. }
  1327. $form = new FormValidator(
  1328. 'add_post',
  1329. 'post',
  1330. api_get_path(WEB_CODE_PATH)."blog/blog.php?action=new_post&blog_id=".$blog_id."&".api_get_cidreq(),
  1331. null,
  1332. array('enctype' => 'multipart/form-data')
  1333. );
  1334. $form->addHidden('post_title_edited', 'false');
  1335. $form->addHeader(get_lang('NewPost'));
  1336. $form->addText('title', get_lang('Title'));
  1337. $config = array();
  1338. $config['ToolbarSet'] = !api_is_allowed_to_edit() ? 'ProjectStudent' : 'Project';
  1339. $form->addHtmlEditor('full_text', get_lang('Content'), false, false, $config);
  1340. $form->addFile('user_upload', get_lang('AddAnAttachment'));
  1341. $form->addTextarea('post_file_comment', get_lang('FileComment'));
  1342. $form->addHidden('new_post_submit', 'true');
  1343. $form->addButton('save', get_lang('Save'));
  1344. if ($form->validate()) {
  1345. $values = $form->exportValues();
  1346. $postId = self::createPost(
  1347. $values['title'],
  1348. $values['full_text'],
  1349. $values['post_file_comment'],
  1350. $blog_id
  1351. );
  1352. if ($postId) {
  1353. Display::addFlash(
  1354. Display::return_message(get_lang('BlogAdded'), 'success')
  1355. );
  1356. header('Location: '.api_get_self().'?'.api_get_cidreq().'&'.http_build_query([
  1357. 'action' => 'view_post',
  1358. 'blog_id' => $blog_id,
  1359. 'post_id' => $postId,
  1360. ]));
  1361. exit;
  1362. }
  1363. }
  1364. return $form->returnForm();
  1365. }
  1366. /**
  1367. * Displays the form to edit a post
  1368. * @author Toon Keppens
  1369. *
  1370. * @param int $blog_id
  1371. * @param int $post_id
  1372. * @return string
  1373. */
  1374. public static function displayPostEditForm($blog_id, $post_id)
  1375. {
  1376. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  1377. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  1378. $course_id = api_get_course_int_id();
  1379. $blog_id = intval($blog_id);
  1380. $post_id = intval($post_id);
  1381. // Get posts and author
  1382. $sql = "SELECT post.*, user.lastname, user.firstname
  1383. FROM $tbl_blogs_posts post
  1384. INNER JOIN $tbl_users user ON post.author_id = user.user_id
  1385. WHERE
  1386. post.c_id = $course_id AND
  1387. post.blog_id = $blog_id
  1388. AND post.post_id = $post_id
  1389. ORDER BY post_id DESC";
  1390. $result = Database::query($sql);
  1391. $blog_post = Database::fetch_array($result);
  1392. // Form
  1393. $form = new FormValidator(
  1394. 'edit_post',
  1395. 'post',
  1396. api_get_path(WEB_CODE_PATH).'blog/blog.php?action=edit_post&post_id='.intval($_GET['post_id']).'&blog_id='.intval($blog_id).'&article_id='.intval($_GET['article_id']).'&task_id='.intval($_GET['task_id'])
  1397. );
  1398. $form->addHeader(get_lang('EditPost'));
  1399. $form->addText('title', get_lang('Title'));
  1400. if (!api_is_allowed_to_edit()) {
  1401. $config['ToolbarSet'] = 'ProjectStudent';
  1402. } else {
  1403. $config['ToolbarSet'] = 'Project';
  1404. }
  1405. $form->addHtmlEditor('full_text', get_lang('Content'), false, false, $config);
  1406. $form->addHidden('action', '');
  1407. $form->addHidden('edit_post_submit', 'true');
  1408. $form->addHidden('post_id', intval($_GET['post_id']));
  1409. $form->addButton('save', get_lang('Save'));
  1410. $form->setDefaults($blog_post);
  1411. return $form->returnForm();
  1412. }
  1413. /**
  1414. * Displays a list of tasks in this blog
  1415. * @author Toon Keppens
  1416. *
  1417. * @param int $blog_id
  1418. * @return string
  1419. */
  1420. public static function displayTasksList($blog_id)
  1421. {
  1422. global $charset;
  1423. $course_id = api_get_course_int_id();
  1424. $blog_id = intval($blog_id);
  1425. $html = '';
  1426. if (api_is_allowed('BLOG_'.$blog_id, 'article_add')) {
  1427. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1428. $counter = 0;
  1429. global $color2;
  1430. $html .= '<div class="actions">';
  1431. $html .= '<a href="'.api_get_self().'?action=manage_tasks&blog_id='.$blog_id.'&do=add">';
  1432. $html .= Display::return_icon('blog_newtasks.gif', get_lang('AddTasks'));
  1433. $html .= get_lang('AddTasks').'</a> ';
  1434. $html .= '<a href="'.api_get_self().'?action=manage_tasks&blog_id='.$blog_id.'&do=assign">';
  1435. $html .= Display::return_icon('blog_task.gif', get_lang('AssignTasks'));
  1436. $html .= get_lang('AssignTasks').'</a>';
  1437. $html .= Display::url(
  1438. Display::return_icon('blog_admin_users.png', get_lang('RightsManager')),
  1439. api_get_self().'?'.http_build_query([
  1440. 'action' => 'manage_rights',
  1441. 'blog_id' => $blog_id
  1442. ]),
  1443. ['title' => get_lang('ManageRights')]
  1444. );
  1445. $html .= '</div>';
  1446. $html .= '<span class="blogpost_title">'.get_lang('TaskList').'</span><br />';
  1447. $html .= "<table class=\"data_table\">";
  1448. $html .= "<tr bgcolor=\"$color2\" align=\"center\" valign=\"top\">"
  1449. ."<th width='240'><b>".get_lang('Title')."</b></th>"
  1450. ."<th><b>".get_lang('Description')."</b></th>"
  1451. ."<th><b>".get_lang('Color')."</b></th>"
  1452. ."<th width='50'><b>".get_lang('Modify')."</b></th></tr>";
  1453. $sql = " SELECT
  1454. blog_id,
  1455. task_id,
  1456. blog_id,
  1457. title,
  1458. description,
  1459. color,
  1460. system_task
  1461. FROM $tbl_blogs_tasks
  1462. WHERE c_id = $course_id AND blog_id = $blog_id
  1463. ORDER BY system_task, title";
  1464. $result = Database::query($sql);
  1465. while ($task = Database::fetch_array($result)) {
  1466. $counter++;
  1467. $css_class = (($counter % 2) == 0) ? "row_odd" : "row_even";
  1468. $delete_icon = ($task['system_task'] == '1') ? "delete_na.png" : "delete.png";
  1469. $delete_title = ($task['system_task'] == '1') ? get_lang('DeleteSystemTask') : get_lang('DeleteTask');
  1470. $delete_link = ($task['system_task'] == '1') ? '#' : api_get_self(
  1471. ).'?action=manage_tasks&blog_id='.$task['blog_id'].'&do=delete&task_id='.$task['task_id'];
  1472. $delete_confirm = ($task['system_task'] == '1') ? '' : 'onclick="javascript:if(!confirm(\''.addslashes(
  1473. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  1474. ).'\')) return false;"';
  1475. $html .= '<tr class="'.$css_class.'" valign="top">';
  1476. $html .= '<td width="240">'.Security::remove_XSS($task['title']).'</td>';
  1477. $html .= '<td>'.Security::remove_XSS($task['description']).'</td>';
  1478. $html .= '<td><span style="background-color: #'.$task['color'].'">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></td>';
  1479. $html .= '<td width="50">';
  1480. $html .= '<a href="'.api_get_self(
  1481. ).'?action=manage_tasks&blog_id='.$task['blog_id'].'&do=edit&task_id='.$task['task_id'].'">';
  1482. $html .= Display::return_icon('edit.png', get_lang('EditTask'));
  1483. $html .= "</a>";
  1484. $html .= '<a href="'.$delete_link.'"';
  1485. $html .= $delete_confirm;
  1486. $html .= '>';
  1487. $html .= Display::return_icon($delete_icon, $delete_title);
  1488. $html .= "</a>";
  1489. $html .= '</td>';
  1490. $html .= '</tr>';
  1491. }
  1492. $html .= "</table>";
  1493. }
  1494. return $html;
  1495. }
  1496. /**
  1497. * Displays a list of tasks assigned to a user in this blog
  1498. * @author Toon Keppens
  1499. *
  1500. * @param int $blog_id
  1501. * @return string
  1502. */
  1503. public static function displayAssignedTasksList($blog_id)
  1504. {
  1505. // Init
  1506. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  1507. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1508. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  1509. $counter = 0;
  1510. global $charset, $color2;
  1511. $return = '<span class="blogpost_title">'.get_lang('AssignedTasks').'</span><br />';
  1512. $return .= "<table class=\"data_table\">";
  1513. $return .= "<tr bgcolor=\"$color2\" align=\"center\" valign=\"top\">"
  1514. ."<th width='240'><b>".get_lang('Member')."</b></th>"
  1515. ."<th><b>".get_lang('Task')."</b></th>"
  1516. ."<th><b>".get_lang('Description')."</b></th>"
  1517. ."<th><b>".get_lang('TargetDate')."</b></th>"
  1518. ."<th width='50'><b>".get_lang('Modify')."</b></th>"
  1519. ."</tr>";
  1520. $course_id = api_get_course_int_id();
  1521. $blog_id = intval($blog_id);
  1522. $sql = "SELECT task_rel_user.*, task.title, user.firstname, user.lastname, user.username, task.description, task.system_task, task.blog_id, task.task_id
  1523. FROM $tbl_blogs_tasks_rel_user task_rel_user
  1524. INNER JOIN $tbl_blogs_tasks task
  1525. ON task_rel_user.task_id = task.task_id
  1526. INNER JOIN $tbl_users user
  1527. ON task_rel_user.user_id = user.user_id
  1528. WHERE
  1529. task_rel_user.c_id = $course_id AND
  1530. task.c_id = $course_id AND
  1531. task_rel_user.blog_id = $blog_id
  1532. ORDER BY target_date ASC";
  1533. $result = Database::query($sql);
  1534. while ($assignment = Database::fetch_array($result)) {
  1535. $counter++;
  1536. $css_class = (($counter % 2) == 0) ? "row_odd" : "row_even";
  1537. $delete_icon = ($assignment['system_task'] == '1') ? "delete_na.png" : "delete.png";
  1538. $delete_title = ($assignment['system_task'] == '1') ? get_lang('DeleteSystemTask') : get_lang('DeleteTask');
  1539. $delete_link = ($assignment['system_task'] == '1') ? '#' : api_get_self(
  1540. ).'?action=manage_tasks&blog_id='.$assignment['blog_id'].'&do=delete&task_id='.$assignment['task_id'];
  1541. $delete_confirm = ($assignment['system_task'] == '1') ? '' : 'onclick="javascript:if(!confirm(\''.addslashes(
  1542. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  1543. ).'\')) return false;"';
  1544. $username = api_htmlentities(sprintf(get_lang('LoginX'), $assignment['username']), ENT_QUOTES);
  1545. $return .= '<tr class="'.$css_class.'" valign="top">';
  1546. $return .= '<td width="240">'.Display::tag(
  1547. 'span',
  1548. api_get_person_name($assignment['firstname'], $assignment['lastname']),
  1549. array('title' => $username)
  1550. ).'</td>';
  1551. $return .= '<td>'.stripslashes($assignment['title']).'</td>';
  1552. $return .= '<td>'.stripslashes($assignment['description']).'</td>';
  1553. $return .= '<td>'.$assignment['target_date'].'</td>';
  1554. $return .= '<td width="50">';
  1555. $return .= '<a href="'.api_get_self(
  1556. ).'?action=manage_tasks&blog_id='.$assignment['blog_id'].'&do=edit_assignment&task_id='.$assignment['task_id'].'&user_id='.$assignment['user_id'].'">';
  1557. $return .= Display::return_icon('edit.png', get_lang('EditTask'));
  1558. $return .= "</a>";
  1559. $return .= '<a href="'.api_get_self(
  1560. ).'?action=manage_tasks&blog_id='.$assignment['blog_id'].'&do=delete_assignment&task_id='.$assignment['task_id'].'&user_id='.$assignment['user_id'].'" ';
  1561. $return .= 'onclick="javascript:if(!confirm(\''.addslashes(
  1562. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  1563. ).'\')) return false;"';
  1564. $return .= Display::return_icon($delete_icon, $delete_title);
  1565. $return .= "</a>";
  1566. $return .= '</td>';
  1567. $return .= '</tr>';
  1568. }
  1569. $return .= "</table>";
  1570. return $return;
  1571. }
  1572. /**
  1573. * Displays new task form
  1574. * @todo use FormValidator
  1575. * @author Toon Keppens
  1576. * @param int $blog_id
  1577. * @return string HTML form
  1578. */
  1579. public static function displayTaskCreateForm($blog_id)
  1580. {
  1581. $blog_id = intval($blog_id);
  1582. // Init
  1583. $colors = array(
  1584. 'FFFFFF',
  1585. 'FFFF99',
  1586. 'FFCC99',
  1587. 'FF9933',
  1588. 'FF6699',
  1589. 'CCFF99',
  1590. 'CC9966',
  1591. '66FF00',
  1592. '9966FF',
  1593. 'CF3F3F',
  1594. '990033',
  1595. '669933',
  1596. '0033FF',
  1597. '003366',
  1598. '000000',
  1599. );
  1600. // form
  1601. $return = '<form name="add_task" method="post" action="blog.php?action=manage_tasks&blog_id='.$blog_id.'">';
  1602. // form title
  1603. $return .= '<legend>'.get_lang('AddTask').'</legend>';
  1604. // task title
  1605. $return .= ' <div class="control-group">
  1606. <label class="control-label">
  1607. <span class="form_required">*</span>'.get_lang('Title').'
  1608. </label>
  1609. <div class="controls">
  1610. <input name="task_name" type="text" size="70" />
  1611. </div>
  1612. </div>';
  1613. // task comment
  1614. $return .= ' <div class="control-group">
  1615. <label class="control-label">
  1616. '.get_lang('Description').'
  1617. </label>
  1618. <div class="controls">
  1619. <textarea name="task_description" cols="45"></textarea>
  1620. </div>
  1621. </div>';
  1622. // task management
  1623. $return .= ' <div class="control-group">
  1624. <label class="control-label">
  1625. '.get_lang('TaskManager').'
  1626. </label>
  1627. <div class="controls">';
  1628. $return .= '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
  1629. $return .= '<tr>';
  1630. $return .= '<th colspan="2" style="width:223px;">'.get_lang('ArticleManager').'</th>';
  1631. $return .= '<th width:223px;>'.get_lang('CommentManager').'</th>';
  1632. $return .= '</tr>';
  1633. $return .= '<tr>';
  1634. $return .= '<th style="width:111px;"><label for="articleDelete">'.get_lang('Delete').'</label></th>';
  1635. $return .= '<th style="width:112px;"><label for="articleEdit">'.get_lang('Edit').'</label></th>';
  1636. $return .= '<th style="width:223px;"><label for="commentsDelete">'.get_lang('Delete').'</label></th>';
  1637. $return .= '</tr>';
  1638. $return .= '<tr>';
  1639. $return .= '<td style="text-align:center;"><input id="articleDelete" name="chkArticleDelete" type="checkbox" /></td>';
  1640. $return .= '<td style="text-align:center;"><input id="articleEdit" name="chkArticleEdit" type="checkbox" /></td>';
  1641. $return .= '<td style="border:1px dotted #808080; text-align:center;"><input id="commentsDelete" name="chkCommentsDelete" type="checkbox" /></td>';
  1642. $return .= '</tr>';
  1643. $return .= '</table>';
  1644. $return .= ' </div>
  1645. </div>';
  1646. // task color
  1647. $return .= ' <div class="control-group">
  1648. <label class="control-label">
  1649. '.get_lang('Color').'
  1650. </label>
  1651. <div class="controls">';
  1652. $return .= '<select name="task_color" id="color" style="width: 150px; background-color: #eeeeee" onchange="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value" onkeypress="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value">';
  1653. foreach ($colors as $color) {
  1654. $style = 'style="background-color: #'.$color.'"';
  1655. $return .= '<option value="'.$color.'" '.$style.'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
  1656. }
  1657. $return .= '</select>';
  1658. $return .= ' </div>
  1659. </div>';
  1660. // submit
  1661. $return .= ' <div class="control-group">
  1662. <div class="controls">
  1663. <input type="hidden" name="action" value="" />
  1664. <input type="hidden" name="new_task_submit" value="true" />
  1665. <button class="save" type="submit" name="Submit">'.get_lang('Save').'</button>
  1666. </div>
  1667. </div>';
  1668. $return .= '</form>';
  1669. $return .= '<div style="clear:both; margin-bottom: 10px;"></div>';
  1670. return $return;
  1671. }
  1672. /**
  1673. * Displays edit task form
  1674. * @author Toon Keppens
  1675. * @param int $blog_id
  1676. * @param int $task_id
  1677. * @return string
  1678. */
  1679. public static function displayTaskEditForm($blog_id, $task_id)
  1680. {
  1681. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1682. $course_id = api_get_course_int_id();
  1683. $blog_id = intval($blog_id);
  1684. $task_id = intval($task_id);
  1685. $colors = array(
  1686. 'FFFFFF',
  1687. 'FFFF99',
  1688. 'FFCC99',
  1689. 'FF9933',
  1690. 'FF6699',
  1691. 'CCFF99',
  1692. 'CC9966',
  1693. '66FF00',
  1694. '9966FF',
  1695. 'CF3F3F',
  1696. '990033',
  1697. '669933',
  1698. '0033FF',
  1699. '003366',
  1700. '000000',
  1701. );
  1702. $sql = "SELECT blog_id, task_id, title, description, color FROM $tbl_blogs_tasks
  1703. WHERE c_id = $course_id AND task_id = $task_id";
  1704. $result = Database::query($sql);
  1705. $task = Database::fetch_array($result);
  1706. // Display
  1707. $return = '<form name="edit_task" method="post" action="blog.php?action=manage_tasks&blog_id='.$blog_id.'">
  1708. <legend>'.get_lang('EditTask').'</legend>
  1709. <table width="100%" border="0" cellspacing="2">
  1710. <tr>
  1711. <td align="right">'.get_lang('Title').':&nbsp;&nbsp;</td>
  1712. <td><input name="task_name" type="text" size="70" value="'.Security::remove_XSS($task['title']).'" /></td>
  1713. </tr>
  1714. <tr>
  1715. <td align="right">'.get_lang('Description').':&nbsp;&nbsp;</td>
  1716. <td><textarea name="task_description" cols="45">'.Security::remove_XSS($task['description']).'</textarea></td>
  1717. </tr>';
  1718. /* edit by Kevin Van Den Haute (kevin@develop-it.be) */
  1719. $tbl_tasks_permissions = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS);
  1720. $sql = "SELECT id, action FROM $tbl_tasks_permissions
  1721. WHERE c_id = $course_id AND task_id = $task_id";
  1722. $result = Database::query($sql);
  1723. $arrPermissions = array();
  1724. while ($row = Database::fetch_array($result)) {
  1725. $arrPermissions[] = $row['action'];
  1726. }
  1727. $return .= '<tr>';
  1728. $return .= '<td style="text-align:right; vertical-align:top;">'.get_lang('TaskManager').':&nbsp;&nbsp;</td>';
  1729. $return .= '<td>';
  1730. $return .= '<table class="data_table" cellspacing="0" style="border-collapse:collapse; width:446px;">';
  1731. $return .= '<tr>';
  1732. $return .= '<th colspan="2" style="width:223px;">'.get_lang('ArticleManager').'</th>';
  1733. $return .= '<th width:223px;>'.get_lang('CommentManager').'</th>';
  1734. $return .= '</tr>';
  1735. $return .= '<tr>';
  1736. $return .= '<th style="width:111px;"><label for="articleDelete">'.get_lang('Delete').'</label></th>';
  1737. $return .= '<th style="width:112px;"><label for="articleEdit">'.get_lang('Edit').'</label></th>';
  1738. $return .= '<th style="width:223px;"><label for="commentsDelete">'.get_lang('Delete').'</label></th>';
  1739. $return .= '</tr>';
  1740. $return .= '<tr>';
  1741. $return .= '<td style="text-align:center;"><input '.((in_array(
  1742. 'article_delete',
  1743. $arrPermissions
  1744. )) ? 'checked ' : '').'id="articleDelete" name="chkArticleDelete" type="checkbox" /></td>';
  1745. $return .= '<td style="text-align:center;"><input '.((in_array(
  1746. 'article_edit',
  1747. $arrPermissions
  1748. )) ? 'checked ' : '').'id="articleEdit" name="chkArticleEdit" type="checkbox" /></td>';
  1749. $return .= '<td style="text-align:center;"><input '.((in_array(
  1750. 'article_comments_delete',
  1751. $arrPermissions
  1752. )) ? 'checked ' : '').'id="commentsDelete" name="chkCommentsDelete" type="checkbox" /></td>';
  1753. $return .= '</tr>';
  1754. $return .= '</table>';
  1755. $return .= '</td>';
  1756. $return .= '</tr>';
  1757. /* end of edit */
  1758. $return .= '<tr>
  1759. <td align="right">'.get_lang('Color').':&nbsp;&nbsp;</td>
  1760. <td>
  1761. <select name="task_color" id="color" style="width: 150px; background-color: #'.$task['color'].'" onchange="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value" onkeypress="document.getElementById(\'color\').style.backgroundColor=\'#\'+document.getElementById(\'color\').value">';
  1762. foreach ($colors as $color) {
  1763. $selected = ($color == $task['color']) ? ' selected' : '';
  1764. $style = 'style="background-color: #'.$color.'"';
  1765. $return .= '<option value="'.$color.'" '.$style.' '.$selected.' >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
  1766. }
  1767. $return .= ' </select>
  1768. </td>
  1769. </tr>
  1770. <tr>
  1771. <td align="right">&nbsp;</td>
  1772. <td><br /><input type="hidden" name="action" value="" />
  1773. <input type="hidden" name="edit_task_submit" value="true" />
  1774. <input type="hidden" name="task_id" value="'.$task['task_id'].'" />
  1775. <input type="hidden" name="blog_id" value="'.$task['blog_id'].'" />
  1776. <button class="save" type="submit" name="Submit">'.get_lang('Save').'</button></td>
  1777. </tr>
  1778. </table>
  1779. </form>';
  1780. return $return;
  1781. }
  1782. /**
  1783. * Displays assign task form
  1784. * @author Toon Keppens
  1785. *
  1786. */
  1787. public static function displayTaskAssignmentForm($blog_id)
  1788. {
  1789. $form = self::getTaskAssignmentForm($blog_id);
  1790. $form->addHidden('assign_task_submit', 'true');
  1791. return $form->returnForm()
  1792. . PHP_EOL
  1793. . '<div style="clear: both; margin-bottom:10px;"></div>';
  1794. }
  1795. /**
  1796. * Returns an HTML form to assign a task
  1797. * @param $blog_id
  1798. * @return string FormValidator
  1799. */
  1800. public static function getTaskAssignmentForm($blog_id)
  1801. {
  1802. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  1803. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  1804. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1805. $course_id = api_get_course_int_id();
  1806. $blog_id = intval($blog_id);
  1807. // Get users in this blog / make select list of it
  1808. $sql = "SELECT user.user_id, user.firstname, user.lastname, user.username
  1809. FROM $tbl_users user
  1810. INNER JOIN $tbl_blogs_rel_user blogs_rel_user
  1811. ON user.user_id = blogs_rel_user.user_id
  1812. WHERE blogs_rel_user.c_id = $course_id AND blogs_rel_user.blog_id = $blog_id";
  1813. $result = Database::query($sql);
  1814. $options = array();
  1815. while ($user = Database::fetch_array($result)) {
  1816. $options[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']);
  1817. }
  1818. // Get tasks in this blog / make select list of it
  1819. $sql = "SELECT
  1820. blog_id,
  1821. task_id,
  1822. blog_id,
  1823. title,
  1824. description,
  1825. color,
  1826. system_task
  1827. FROM $tbl_blogs_tasks
  1828. WHERE c_id = $course_id AND blog_id = $blog_id
  1829. ORDER BY system_task, title";
  1830. $result = Database::query($sql);
  1831. $taskOptions = array();
  1832. while ($task = Database::fetch_array($result)) {
  1833. $taskOptions[$task['task_id']] = stripslashes($task['title']);
  1834. }
  1835. $form = new FormValidator(
  1836. 'assign_task',
  1837. 'post',
  1838. api_get_path(
  1839. WEB_CODE_PATH
  1840. ).'blog/blog.php?action=manage_tasks&blog_id='.$blog_id
  1841. );
  1842. $form->addHeader(get_lang('AssignTask'));
  1843. $form->addSelect('task_user_id', get_lang('SelectUser'), $options);
  1844. $form->addSelect('task_task_id', get_lang('SelectTask'), $taskOptions);
  1845. $form->addDatePicker('task_day', get_lang('SelectTargetDate'));
  1846. $form->addHidden('action', '');
  1847. $form->addButtonSave(get_lang('Ok'));
  1848. return $form;
  1849. }
  1850. /**
  1851. * Displays assign task form
  1852. * @author Toon Keppens
  1853. * @param int $blog_id
  1854. * @param int $task_id
  1855. * @param int $user_id
  1856. * @return string HTML form
  1857. */
  1858. public static function displayAssignedTaskEditForm($blog_id, $task_id, $user_id)
  1859. {
  1860. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  1861. $course_id = api_get_course_int_id();
  1862. $blog_id = intval($blog_id);
  1863. $task_id = intval($task_id);
  1864. $user_id = intval($user_id);
  1865. // Get assign date;
  1866. $sql = "
  1867. SELECT target_date
  1868. FROM $tbl_blogs_tasks_rel_user
  1869. WHERE c_id = $course_id AND
  1870. blog_id = $blog_id AND
  1871. user_id = $user_id AND
  1872. task_id = $task_id";
  1873. $result = Database::query($sql);
  1874. $row = Database::fetch_assoc($result);
  1875. $date = $row['target_date'];
  1876. $defaults = [
  1877. 'task_user_id' => $user_id,
  1878. 'task_task_id' => $task_id,
  1879. 'task_day' => $date,
  1880. ];
  1881. $form = self::getTaskAssignmentForm($blog_id);
  1882. $form->addHidden('old_task_id', $task_id);
  1883. $form->addHidden('old_user_id', $user_id);
  1884. $form->addHidden('old_target_date', $date);
  1885. $form->addHidden('assign_task_edit_submit', 'true');
  1886. $form->setDefaults($defaults);
  1887. return $form->returnForm();
  1888. }
  1889. /**
  1890. * Assigns a task to a user in a blog
  1891. * @param int $blog_id
  1892. * @param int $user_id
  1893. * @param int $task_id
  1894. * @param string $target_date date
  1895. * @return void
  1896. */
  1897. public static function assignTask($blog_id, $user_id, $task_id, $target_date)
  1898. {
  1899. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  1900. $course_id = api_get_course_int_id();
  1901. $blog_id = intval($blog_id);
  1902. $user_id = intval($user_id);
  1903. $task_id = intval($task_id);
  1904. $target_date = Database::escape_string($target_date);
  1905. $sql = "
  1906. SELECT COUNT(*) as 'number'
  1907. FROM $tbl_blogs_tasks_rel_user
  1908. WHERE c_id = $course_id
  1909. AND blog_id = $blog_id
  1910. AND user_id = $user_id
  1911. AND task_id = $task_id";
  1912. $result = Database::query($sql);
  1913. $row = Database::fetch_assoc($result);
  1914. if ($row['number'] == 0) {
  1915. $sql = "
  1916. INSERT INTO ".$tbl_blogs_tasks_rel_user." (
  1917. c_id,
  1918. blog_id,
  1919. user_id,
  1920. task_id,
  1921. target_date
  1922. ) VALUES (
  1923. $course_id,
  1924. $blog_id,
  1925. $user_id,
  1926. $task_id,
  1927. '$target_date'
  1928. )";
  1929. Database::query($sql);
  1930. }
  1931. }
  1932. /**
  1933. * Edit an assigned task
  1934. * @param $blog_id
  1935. * @param $user_id
  1936. * @param $task_id
  1937. * @param $target_date
  1938. * @param $old_user_id
  1939. * @param $old_task_id
  1940. * @param $old_target_date
  1941. * @return void
  1942. */
  1943. public static function updateAssignedTask(
  1944. $blog_id,
  1945. $user_id,
  1946. $task_id,
  1947. $target_date,
  1948. $old_user_id,
  1949. $old_task_id,
  1950. $old_target_date
  1951. ) {
  1952. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  1953. $course_id = api_get_course_int_id();
  1954. $blog_id = intval($blog_id);
  1955. $user_id = intval($user_id);
  1956. $task_id = intval($task_id);
  1957. $target_date = Database::escape_string($target_date);
  1958. $old_user_id = intval($old_user_id);
  1959. $old_task_id = intval($old_task_id);
  1960. $old_target_date = Database::escape_string($old_target_date);
  1961. $sql = "SELECT COUNT(*) as 'number'
  1962. FROM $tbl_blogs_tasks_rel_user
  1963. WHERE
  1964. c_id = $course_id AND
  1965. blog_id = $blog_id AND
  1966. user_id = $user_id AND
  1967. task_id = $task_id";
  1968. $result = Database::query($sql);
  1969. $row = Database::fetch_assoc($result);
  1970. if ($row['number'] == 0 ||
  1971. ($row['number'] != 0 && $task_id == $old_task_id && $user_id == $old_user_id)
  1972. ) {
  1973. $sql = "UPDATE $tbl_blogs_tasks_rel_user
  1974. SET
  1975. user_id = $user_id,
  1976. task_id = $task_id,
  1977. target_date = '$target_date'
  1978. WHERE
  1979. c_id = $course_id AND
  1980. blog_id = $blog_id AND
  1981. user_id = $old_user_id AND
  1982. task_id = $old_task_id AND
  1983. target_date = '$old_target_date'
  1984. ";
  1985. Database::query($sql);
  1986. }
  1987. }
  1988. /**
  1989. * Displays a list with posts a user can select to execute his task.
  1990. *
  1991. * @param int $blog_id
  1992. * @param int $task_id
  1993. * @return string
  1994. */
  1995. public static function displayPostSelectionForTask($blog_id, $task_id)
  1996. {
  1997. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  1998. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  1999. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  2000. $course_id = api_get_course_int_id();
  2001. $blog_id = intval($blog_id);
  2002. $task_id = intval($task_id);
  2003. $sql = "SELECT title, description FROM $tbl_blogs_tasks
  2004. WHERE task_id = $task_id
  2005. AND c_id = $course_id";
  2006. $result = Database::query($sql);
  2007. $row = Database::fetch_assoc($result);
  2008. // Get posts and authors
  2009. $sql = "SELECT post.*, user.lastname, user.firstname, user.username
  2010. FROM $tbl_blogs_posts post
  2011. INNER JOIN $tbl_users user ON post.author_id = user.user_id
  2012. WHERE post.blog_id = $blog_id AND post.c_id = $course_id
  2013. ORDER BY post_id DESC
  2014. LIMIT 0, 100";
  2015. $result = Database::query($sql);
  2016. // Display
  2017. $return = '<span class="blogpost_title">'.get_lang('SelectTaskArticle').' "'.stripslashes($row['title']).'"</span>';
  2018. $return .= '<span style="font-style: italic;"">'.stripslashes($row['description']).'</span><br><br>';
  2019. if (Database::num_rows($result) == 0) {
  2020. $return .= get_lang('NoArticles');
  2021. return $return;
  2022. }
  2023. while ($blog_post = Database::fetch_array($result)) {
  2024. $username = api_htmlentities(sprintf(get_lang('LoginX'), $blog_post['username']), ENT_QUOTES);
  2025. $return .= '<a href="blog.php?action=execute_task&blog_id='.$blog_id.'&task_id='.$task_id.'&post_id='.$blog_post['post_id'].'#add_comment">'.stripslashes(
  2026. $blog_post['title']
  2027. ).'</a>, '.get_lang('WrittenBy').' '.stripslashes(
  2028. Display::tag(
  2029. 'span',
  2030. api_get_person_name($blog_post['firstname'], $blog_post['lastname']),
  2031. array('title' => $username)
  2032. )
  2033. ).'<br />';
  2034. }
  2035. return $return;
  2036. }
  2037. /**
  2038. * Unsubscribe a user from a given blog
  2039. * @author Toon Keppens
  2040. *
  2041. * @param int $blog_id
  2042. * @param int $user_id
  2043. * @return void
  2044. */
  2045. public static function unsubscribeUser($blog_id, $user_id)
  2046. {
  2047. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  2048. $tbl_user_permissions = Database::get_course_table(TABLE_PERMISSION_USER);
  2049. $blog_id = intval($blog_id);
  2050. $user_id = intval($user_id);
  2051. // Unsubscribe the user
  2052. $sql = "DELETE FROM $tbl_blogs_rel_user
  2053. WHERE blog_id = $blog_id AND user_id = $user_id";
  2054. Database::query($sql);
  2055. // Remove this user's permissions.
  2056. $sql = "DELETE FROM $tbl_user_permissions
  2057. WHERE user_id = $user_id";
  2058. Database::query($sql);
  2059. }
  2060. /**
  2061. * Displays the form to register users in a blog (in a course)
  2062. * The listed users are users subscribed in the course.
  2063. * @author Toon Keppens
  2064. *
  2065. * @param Integer $blog_id
  2066. *
  2067. * @return string Html Form with sortable table with users to subcribe in a blog, in a course.
  2068. */
  2069. public static function displayUserSubscriptionForm($blog_id)
  2070. {
  2071. $_course = api_get_course_info();
  2072. $is_western_name_order = api_is_western_name_order();
  2073. $session_id = api_get_session_id();
  2074. $course_id = $_course['real_id'];
  2075. $blog_id = intval($blog_id);
  2076. $currentCourse = $_course['code'];
  2077. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  2078. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  2079. $html = null;
  2080. $html .= '<legend>'.get_lang('SubscribeMembers').'</legend>';
  2081. $properties['width'] = '100%';
  2082. // Get blog members' id.
  2083. $sql = "SELECT user.user_id FROM $tbl_users user
  2084. INNER JOIN $tbl_blogs_rel_user blogs_rel_user
  2085. ON user.user_id = blogs_rel_user.user_id
  2086. WHERE blogs_rel_user.c_id = $course_id AND blogs_rel_user.blog_id = $blog_id";
  2087. $result = Database::query($sql);
  2088. $blog_member_ids = array();
  2089. while ($user = Database::fetch_array($result)) {
  2090. $blog_member_ids[] = $user['user_id'];
  2091. }
  2092. // Set table headers
  2093. $column_header[] = array('', false, '');
  2094. if ($is_western_name_order) {
  2095. $column_header[] = array(get_lang('FirstName'), true, '');
  2096. $column_header[] = array(get_lang('LastName'), true, '');
  2097. } else {
  2098. $column_header[] = array(get_lang('LastName'), true, '');
  2099. $column_header[] = array(get_lang('FirstName'), true, '');
  2100. }
  2101. $column_header[] = array(get_lang('Email'), false, '');
  2102. $column_header[] = array(get_lang('Register'), false, '');
  2103. $student_list = CourseManager:: get_student_list_from_course_code(
  2104. $currentCourse,
  2105. false,
  2106. $session_id
  2107. );
  2108. $user_data = array();
  2109. // Add users that are not in this blog to the list.
  2110. foreach ($student_list as $key => $user) {
  2111. if (isset($user['id_user'])) {
  2112. $user['user_id'] = $user['id_user'];
  2113. }
  2114. if (!in_array($user['user_id'], $blog_member_ids)) {
  2115. $a_infosUser = api_get_user_info($user['user_id']);
  2116. $row = array();
  2117. $row[] = '<input type="checkbox" name="user[]" value="'.$a_infosUser['user_id'].'" '.((isset($_GET['selectall']) && $_GET['selectall'] == "subscribe") ? ' checked="checked" ' : '').'/>';
  2118. $username = api_htmlentities(sprintf(get_lang('LoginX'), $a_infosUser["username"]), ENT_QUOTES);
  2119. if ($is_western_name_order) {
  2120. $row[] = $a_infosUser["firstname"];
  2121. $row[] = Display::tag('span', $a_infosUser["lastname"], array('title' => $username));
  2122. } else {
  2123. $row[] = Display::tag('span', $a_infosUser["lastname"], array('title' => $username));
  2124. $row[] = $a_infosUser["firstname"];
  2125. }
  2126. $row[] = Display::icon_mailto_link($a_infosUser["email"]);
  2127. //Link to register users
  2128. if ($a_infosUser["user_id"] != api_get_user_id()) {
  2129. $row[] = "<a class=\"btn btn-primary \" href=\"".api_get_self()."?action=manage_members&blog_id=$blog_id&register=yes&user_id=".$a_infosUser["user_id"]."\">".
  2130. get_lang('Register')."</a>";
  2131. } else {
  2132. $row[] = '';
  2133. }
  2134. $user_data[] = $row;
  2135. }
  2136. }
  2137. // Display
  2138. $query_vars['action'] = 'manage_members';
  2139. $query_vars['blog_id'] = $blog_id;
  2140. $html .= '<form class="form-inline" method="post" action="blog.php?action=manage_members&blog_id='.$blog_id.'">';
  2141. $html .= Display::return_sortable_table($column_header, $user_data, null, null, $query_vars);
  2142. $link = '';
  2143. $link .= isset ($_GET['action']) ? 'action='.Security::remove_XSS($_GET['action']).'&' : '';
  2144. $link .= "blog_id=$blog_id&";
  2145. $html .= '<a class="btn btn-default" href="blog.php?'.$link.'selectall=subscribe">'.get_lang('SelectAll').'</a> - ';
  2146. $html .= '<a class="btn btn-default" href="blog.php?'.$link.'">'.get_lang('UnSelectAll').'</a> ';
  2147. $html .= '<div class="form-group">';
  2148. $html .= '<label>';
  2149. $html .= get_lang('WithSelected').' : ';
  2150. $html .= '</label>';
  2151. $html .= '<select class="selectpicker" name="action">';
  2152. $html .= '<option value="select_subscribe">'.get_lang('Register').'</option>';
  2153. $html .= '</select>';
  2154. $html .= '<input type="hidden" name="register" value="true" />';
  2155. $html .= '<button class="btn btn-default" type="submit">'.get_lang('Ok').'</button>';
  2156. $html .= '</div>';
  2157. $html .= '</form>';
  2158. return $html;
  2159. }
  2160. /**
  2161. * Displays the form to register users in a blog (in a course)
  2162. * The listed users are users subcribed in the course.
  2163. * @author Toon Keppens
  2164. * @param int $blog_id
  2165. * @return false|null Form with sortable table with users to unsubcribe from a blog.
  2166. */
  2167. public static function displayUserUnsubscriptionForm($blog_id)
  2168. {
  2169. $_user = api_get_user_info();
  2170. $is_western_name_order = api_is_western_name_order();
  2171. $html = null;
  2172. // Init
  2173. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  2174. $tbl_blogs_rel_user = Database::get_course_table(TABLE_BLOGS_REL_USER);
  2175. $blog_id = intval($blog_id);
  2176. $html .= '<legend>'.get_lang('UnsubscribeMembers').'</legend>';
  2177. $properties["width"] = "100%";
  2178. //table column titles
  2179. $column_header[] = array('', false, '');
  2180. if ($is_western_name_order) {
  2181. $column_header[] = array(get_lang('FirstName'), true, '');
  2182. $column_header[] = array(get_lang('LastName'), true, '');
  2183. } else {
  2184. $column_header[] = array(get_lang('LastName'), true, '');
  2185. $column_header[] = array(get_lang('FirstName'), true, '');
  2186. }
  2187. $column_header[] = array(get_lang('Email'), false, '');
  2188. $column_header[] = array(get_lang('TaskManager'), true, '');
  2189. $column_header[] = array(get_lang('UnRegister'), false, '');
  2190. $course_id = api_get_course_int_id();
  2191. $sql = "SELECT user.user_id, user.lastname, user.firstname, user.email, user.username
  2192. FROM $tbl_users user INNER JOIN $tbl_blogs_rel_user blogs_rel_user
  2193. ON user.user_id = blogs_rel_user.user_id
  2194. WHERE blogs_rel_user.c_id = $course_id AND blogs_rel_user.blog_id = $blog_id";
  2195. if (!($sql_result = Database::query($sql))) {
  2196. return false;
  2197. }
  2198. $user_data = array();
  2199. while ($myrow = Database::fetch_array($sql_result)) {
  2200. $row = array();
  2201. $row[] = '<input type="checkbox" name="user[]" value="'.$myrow['user_id'].'" '.((isset($_GET['selectall']) && $_GET['selectall'] == "unsubscribe") ? ' checked="checked" ' : '').'/>';
  2202. $username = api_htmlentities(sprintf(get_lang('LoginX'), $myrow["username"]), ENT_QUOTES);
  2203. if ($is_western_name_order) {
  2204. $row[] = $myrow["firstname"];
  2205. $row[] = Display::tag('span', $myrow["lastname"], array('title' => $username));
  2206. } else {
  2207. $row[] = Display::tag('span', $myrow["lastname"], array('title' => $username));
  2208. $row[] = $myrow["firstname"];
  2209. }
  2210. $row[] = Display::icon_mailto_link($myrow["email"]);
  2211. $sql = "SELECT bt.title task
  2212. FROM ".Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER)." btu
  2213. INNER JOIN ".Database::get_course_table(TABLE_BLOGS_TASKS)." bt
  2214. ON btu.task_id = bt.task_id
  2215. WHERE btu.c_id = $course_id AND
  2216. bt.c_id = $course_id AND
  2217. btu.blog_id = $blog_id AND
  2218. btu.user_id = ".$myrow['user_id'];
  2219. $sql_res = Database::query($sql);
  2220. $task = '';
  2221. while ($r = Database::fetch_array($sql_res)) {
  2222. $task .= stripslashes($r['task']).', ';
  2223. }
  2224. //echo $task;
  2225. $task = (api_strlen(trim($task)) != 0) ? api_substr($task, 0, api_strlen($task) - 2) : get_lang('Reader');
  2226. $row[] = $task;
  2227. //Link to register users
  2228. if ($myrow["user_id"] != $_user['user_id']) {
  2229. $row[] = "<a class=\"btn btn-primary\" href=\"".api_get_self(
  2230. )."?action=manage_members&blog_id=$blog_id&unregister=yes&user_id=".$myrow['user_id']."\">".get_lang(
  2231. 'UnRegister'
  2232. )."</a>";
  2233. } else {
  2234. $row[] = '';
  2235. }
  2236. $user_data[] = $row;
  2237. }
  2238. $query_vars['action'] = 'manage_members';
  2239. $query_vars['blog_id'] = $blog_id;
  2240. $html .= '<form class="form-inline" method="post" action="blog.php?action=manage_members&blog_id='.$blog_id.'">';
  2241. $html .= Display::return_sortable_table($column_header, $user_data, null, null, $query_vars);
  2242. $link = '';
  2243. $link .= isset ($_GET['action']) ? 'action='.Security::remove_XSS($_GET['action']).'&' : '';
  2244. $link .= "blog_id=$blog_id&";
  2245. $html .= '<a class="btn btn-default" href="blog.php?'.$link.'selectall=unsubscribe">'.get_lang('SelectAll').'</a> - ';
  2246. $html .= '<a class="btn btn-default" href="blog.php?'.$link.'">'.get_lang('UnSelectAll').'</a> ';
  2247. $html .= '<div class="form-group">';
  2248. $html .= '<label>';
  2249. $html .= get_lang('WithSelected').' : ';
  2250. $html .= '</label>';
  2251. $html .= '<select name="action" class="selectpicker">';
  2252. $html .= '<option value="select_unsubscribe">'.get_lang('UnRegister').'</option>';
  2253. $html .= '</select>';
  2254. $html .= '<input type="hidden" name="unregister" value="true" />';
  2255. $html .= '<button class="btn btn-default" type="submit">'.get_lang('Ok').'</button>';
  2256. $html .= '</div>';
  2257. $html .= '</form>';
  2258. return $html;
  2259. }
  2260. /**
  2261. * Displays a matrix with selectboxes. On the left: users, on top: possible rights.
  2262. * The blog admin can thus select what a certain user can do in the current blog
  2263. *
  2264. * @param int $blog_id
  2265. */
  2266. public static function displayUserRightsForm($blog_id)
  2267. {
  2268. echo '<legend>'.get_lang('RightsManager').'</legend>';
  2269. echo '<br />';
  2270. // Integration of patricks permissions system.
  2271. require_once api_get_path(SYS_CODE_PATH).'permissions/blog_permissions.inc.php';
  2272. }
  2273. /**
  2274. * show the calender of the given month
  2275. * @author Patrick Cool
  2276. * @author Toon Keppens
  2277. *
  2278. * @param int $month The integer value of the month we are viewing
  2279. * @param int $year The 4-digit year indication e.g. 2005
  2280. * @param int $blog_id
  2281. * @return string html code
  2282. */
  2283. public static function displayMiniMonthCalendar($month, $year, $blog_id)
  2284. {
  2285. // Init
  2286. $_user = api_get_user_info();
  2287. global $DaysShort;
  2288. global $MonthsLong;
  2289. $html = null;
  2290. $posts = array();
  2291. $tasks = array();
  2292. $tbl_users = Database::get_main_table(TABLE_MAIN_USER);
  2293. $tbl_blogs_posts = Database::get_course_table(TABLE_BLOGS_POSTS);
  2294. $tbl_blogs_tasks = Database::get_course_table(TABLE_BLOGS_TASKS);
  2295. $tbl_blogs_tasks_rel_user = Database::get_course_table(TABLE_BLOGS_TASKS_REL_USER);
  2296. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  2297. $course_id = api_get_course_int_id();
  2298. $blog_id = intval($blog_id);
  2299. $month = intval($month);
  2300. $year = intval($year);
  2301. //Handle leap year
  2302. $numberofdays = array(0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
  2303. if (($year % 400 == 0) or ($year % 4 == 0 and $year % 100 <> 0)) {
  2304. $numberofdays[2] = 29;
  2305. }
  2306. //Get the first day of the month
  2307. $dayone = getdate(mktime(0, 0, 0, $month, 1, $year));
  2308. $monthName = $MonthsLong[$month - 1];
  2309. //Start the week on monday
  2310. $startdayofweek = $dayone['wday'] <> 0 ? ($dayone['wday'] - 1) : 6;
  2311. $blogId = isset($_GET['blog_id']) ? intval($_GET['blog_id']) : null;
  2312. $filter = isset($_GET['filter']) ? Security::remove_XSS($_GET['filter']) : null;
  2313. $backwardsURL = api_get_self(
  2314. )."?blog_id=".$blogId."&filter=".$filter."&month=".($month == 1 ? 12 : $month - 1)."&year=".($month == 1 ? $year - 1 : $year);
  2315. $forewardsURL = api_get_self(
  2316. )."?blog_id=".$blogId."&filter=".$filter."&month=".($month == 12 ? 1 : $month + 1)."&year=".($month == 12 ? $year + 1 : $year);
  2317. // Get posts for this month
  2318. $sql = "SELECT post.*, DAYOFMONTH(date_creation) as post_day, user.lastname, user.firstname
  2319. FROM $tbl_blogs_posts post
  2320. INNER JOIN $tbl_users user
  2321. ON post.author_id = user.user_id
  2322. WHERE
  2323. post.c_id = $course_id AND
  2324. post.blog_id = $blog_id AND
  2325. MONTH(date_creation) = '$month' AND
  2326. YEAR(date_creation) = '$year'
  2327. ORDER BY date_creation";
  2328. $result = Database::query($sql);
  2329. // We will create an array of days on which there are posts.
  2330. if (Database::num_rows($result) > 0) {
  2331. while ($blog_post = Database::fetch_array($result)) {
  2332. // If the day of this post is not yet in the array, add it.
  2333. if (!in_array($blog_post['post_day'], $posts)) {
  2334. $posts[] = $blog_post['post_day'];
  2335. }
  2336. }
  2337. }
  2338. // Get tasks for this month
  2339. if ($_user['user_id']) {
  2340. $sql = " SELECT task_rel_user.*, DAYOFMONTH(target_date) as task_day, task.title, blog.blog_name
  2341. FROM $tbl_blogs_tasks_rel_user task_rel_user
  2342. INNER JOIN $tbl_blogs_tasks task ON task_rel_user.task_id = task.task_id
  2343. INNER JOIN $tbl_blogs blog ON task_rel_user.blog_id = blog.blog_id
  2344. WHERE
  2345. task_rel_user.c_id = $course_id AND
  2346. task.c_id = $course_id AND
  2347. blog.c_id = $course_id AND
  2348. task_rel_user.user_id = ".$_user['user_id']." AND
  2349. MONTH(target_date) = '$month' AND
  2350. YEAR(target_date) = '$year'
  2351. ORDER BY target_date ASC";
  2352. $result = Database::query($sql);
  2353. if (Database::num_rows($result) > 0) {
  2354. while ($mytask = Database::fetch_array($result)) {
  2355. $tasks[$mytask['task_day']][$mytask['task_id']]['task_id'] = $mytask['task_id'];
  2356. $tasks[$mytask['task_day']][$mytask['task_id']]['title'] = $mytask['title'];
  2357. $tasks[$mytask['task_day']][$mytask['task_id']]['blog_id'] = $mytask['blog_id'];
  2358. $tasks[$mytask['task_day']][$mytask['task_id']]['blog_name'] = $mytask['blog_name'];
  2359. $tasks[$mytask['task_day']][$mytask['task_id']]['day'] = $mytask['task_day'];
  2360. }
  2361. }
  2362. }
  2363. $html .= '<table id="smallcalendar" class="table table-responsive">
  2364. <tr id="title">
  2365. <th width="10%"><a href="'.$backwardsURL.'">&laquo;</a></th>
  2366. <th align="center" width="80%" colspan="5" class="month">'.$monthName.' '.$year.'</th>
  2367. <th width="10%" align="right"><a href="'.$forewardsURL.'">&raquo;</a></th></tr>';
  2368. $html .= '<tr>';
  2369. for ($ii = 1; $ii < 8; $ii++) {
  2370. $html .= '<td class="weekdays">'.$DaysShort[$ii % 7].'</td>';
  2371. }
  2372. $html .= '</tr>';
  2373. $curday = -1;
  2374. $today = getdate();
  2375. while ($curday <= $numberofdays[$month]) {
  2376. $html .= '<tr>';
  2377. for ($ii = 0; $ii < 7; $ii++) {
  2378. if (($curday == -1) && ($ii == $startdayofweek)) {
  2379. $curday = 1;
  2380. }
  2381. if (($curday > 0) && ($curday <= $numberofdays[$month])) {
  2382. $bgcolor = $ii < 5 ? $class = "class=\"days_week\"" : $class = "class=\"days_weekend\"";
  2383. $dayheader = "$curday";
  2384. if (($curday == $today['mday']) && ($year == $today['year']) && ($month == $today['mon'])) {
  2385. $dayheader = "$curday";
  2386. $class = "class=\"days_today\"";
  2387. }
  2388. $html .= '<td '.$class.'>';
  2389. // If there are posts on this day, create a filter link.
  2390. if (in_array($curday, $posts)) {
  2391. $html .= '<a href="blog.php?blog_id='.$blog_id.'&filter='.$year.'-'.$month.'-'.$curday.'&month='.$month.'&year='.$year.'" title="'.get_lang(
  2392. 'ViewPostsOfThisDay'
  2393. ).'">'.$curday.'</a>';
  2394. } else {
  2395. $html .= $dayheader;
  2396. }
  2397. if (count($tasks) > 0) {
  2398. if (isset($tasks[$curday]) && is_array($tasks[$curday])) {
  2399. // Add tasks to calendar
  2400. foreach ($tasks[$curday] as $task) {
  2401. $html .= '<a href="blog.php?action=execute_task&blog_id='.$task['blog_id'].'&task_id='.stripslashes(
  2402. $task['task_id']
  2403. ).'" title="'.$task['title'].' : '.get_lang(
  2404. 'InBlog'
  2405. ).' : '.$task['blog_name'].' - '.get_lang('ExecuteThisTask').'">';
  2406. $html .= Display::return_icon('blog_task.gif', get_lang('ExecuteThisTask'));
  2407. $html .= '</a>';
  2408. }
  2409. }
  2410. }
  2411. $html .= '</td>';
  2412. $curday++;
  2413. } else {
  2414. $html .= '<td>&nbsp;</td>';
  2415. }
  2416. }
  2417. $html .= '</tr>';
  2418. }
  2419. $html .= '</table>';
  2420. return $html;
  2421. }
  2422. /**
  2423. * Blog admin | Display the form to add a new blog.
  2424. * @return void (direct output)
  2425. */
  2426. public static function displayBlogCreateForm()
  2427. {
  2428. $form = new FormValidator('add_blog', 'post', 'blog_admin.php?action=add');
  2429. $form->addElement('header', get_lang('AddBlog'));
  2430. $form->addElement('text', 'blog_name', get_lang('Title'));
  2431. $form->addElement('textarea', 'blog_subtitle', get_lang('SubTitle'));
  2432. $form->addElement('hidden', 'new_blog_submit', 'true');
  2433. $form->addButtonSave(get_lang('SaveProject'));
  2434. $defaults = array(
  2435. 'blog_name' => isset($_POST['blog_name']) ? Security::remove_XSS($_POST['blog_name']) : null,
  2436. 'blog_subtitle' => isset($_POST['blog_subtitle']) ? Security::remove_XSS($_POST['blog_subtitle']) : null,
  2437. );
  2438. $form->setDefaults($defaults);
  2439. $form->display();
  2440. }
  2441. /**
  2442. * Blog admin | Display the form to edit a blog.
  2443. * @param int $blog_id
  2444. * @return void Direct output
  2445. */
  2446. public static function displayBlogEditForm($blog_id)
  2447. {
  2448. $course_id = api_get_course_int_id();
  2449. $blog_id = intval($blog_id);
  2450. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  2451. $sql = "SELECT blog_id, blog_name, blog_subtitle
  2452. FROM $tbl_blogs
  2453. WHERE c_id = $course_id AND blog_id = $blog_id";
  2454. $result = Database::query($sql);
  2455. $blog = Database::fetch_array($result);
  2456. // the form contained errors but we do not want to lose the changes the user already did
  2457. if ($_POST) {
  2458. $blog['blog_name'] = Security::remove_XSS($_POST['blog_name']);
  2459. $blog['blog_subtitle'] = Security::remove_XSS($_POST['blog_subtitle']);
  2460. }
  2461. $form = new FormValidator('edit_blog', 'post', 'blog_admin.php?action=edit&blog_id='.intval($_GET['blog_id']));
  2462. $form->addElement('header', get_lang('EditBlog'));
  2463. $form->addElement('text', 'blog_name', get_lang('Title'));
  2464. $form->addElement('textarea', 'blog_subtitle', get_lang('SubTitle'));
  2465. $form->addElement('hidden', 'edit_blog_submit', 'true');
  2466. $form->addElement('hidden', 'blog_id', $blog['blog_id']);
  2467. $form->addButtonSave(get_lang('Save'));
  2468. $defaults = array();
  2469. $defaults['blog_name'] = $blog['blog_name'];
  2470. $defaults['blog_subtitle'] = $blog['blog_subtitle'];
  2471. $form->setDefaults($defaults);
  2472. $form->display();
  2473. }
  2474. /**
  2475. * Blog admin | Returns table with blogs in this course
  2476. * @return void Direct output
  2477. */
  2478. public static function displayBlogsList()
  2479. {
  2480. global $charset;
  2481. $_user = api_get_user_info();
  2482. $course_id = api_get_course_int_id();
  2483. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  2484. //condition for the session
  2485. $session_id = api_get_session_id();
  2486. $sql = "SELECT blog_name, blog_subtitle, visibility, blog_id, session_id
  2487. FROM $tbl_blogs WHERE c_id = $course_id
  2488. ORDER BY date_creation DESC";
  2489. $result = Database::query($sql);
  2490. $list_info = array();
  2491. if (Database::num_rows($result)) {
  2492. while ($row_project = Database::fetch_row($result)) {
  2493. $list_info[] = $row_project;
  2494. }
  2495. }
  2496. $list_content_blog = array();
  2497. $list_body_blog = array();
  2498. if (is_array($list_info)) {
  2499. foreach ($list_info as $key => $info_log) {
  2500. // Validation when belongs to a session
  2501. $session_img = api_get_session_image($info_log[4], $_user['status']);
  2502. $url_start_blog = 'blog.php'."?"."blog_id=".$info_log[3]."&".api_get_cidreq();
  2503. $title = $info_log[0];
  2504. $image = Display::return_icon('blog.png', $title);
  2505. $list_name = '<div style="float: left; width: 35px; height: 22px;"><a href="'.$url_start_blog.'">'.$image.'</a></div><a href="'.$url_start_blog.'">'.$title.'</a>'.$session_img;
  2506. $list_body_blog[] = $list_name;
  2507. $list_body_blog[] = $info_log[1];
  2508. $visibility_icon = ($info_log[2] == 0) ? 'invisible' : 'visible';
  2509. $visibility_info = ($info_log[2] == 0) ? 'Visible' : 'Invisible';
  2510. $my_image = '<a href="'.api_get_self().'?action=visibility&blog_id='.$info_log[3].'">';
  2511. $my_image .= Display::return_icon($visibility_icon.'.png', get_lang($visibility_info));
  2512. $my_image .= "</a>";
  2513. $my_image .= '<a href="'.api_get_self().'?action=edit&blog_id='.$info_log[3].'">';
  2514. $my_image .= Display::return_icon('edit.png', get_lang('EditBlog'));
  2515. $my_image .= "</a>";
  2516. $my_image .= '<a href="'.api_get_self().'?action=delete&blog_id='.$info_log[3].'" ';
  2517. $my_image .= 'onclick="javascript:if(!confirm(\''.addslashes(
  2518. api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)
  2519. ).'\')) return false;" >';
  2520. $my_image .= Display::return_icon('delete.png', get_lang('DeleteBlog'));
  2521. $my_image .= "</a>";
  2522. $list_body_blog[] = $my_image;
  2523. $list_content_blog[] = $list_body_blog;
  2524. $list_body_blog = array();
  2525. }
  2526. $table = new SortableTableFromArrayConfig(
  2527. $list_content_blog,
  2528. 1,
  2529. 20,
  2530. 'project'
  2531. );
  2532. $table->set_header(0, get_lang('Title'));
  2533. $table->set_header(1, get_lang('SubTitle'));
  2534. $table->set_header(2, get_lang('Modify'));
  2535. $table->display();
  2536. }
  2537. }
  2538. /**
  2539. * Show a list with all the attachments according the parameter's
  2540. * @param int $blog_id the blog's id
  2541. * @param int $post_id the post's id
  2542. * @param int $comment_id the comment's id
  2543. * @return array with the post info according the parameters
  2544. * @author Julio Montoya
  2545. * @version avril 2008, dokeos 1.8.5
  2546. */
  2547. public static function getBlogAttachments($blog_id, $post_id = 0, $comment_id = 0)
  2548. {
  2549. $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);
  2550. $blog_id = intval($blog_id);
  2551. $comment_id = intval($comment_id);
  2552. $post_id = intval($post_id);
  2553. $row = array();
  2554. $where = '';
  2555. if (!empty ($post_id) && is_numeric($post_id)) {
  2556. $where .= " AND post_id = $post_id ";
  2557. }
  2558. if (!empty ($comment_id) && is_numeric($comment_id)) {
  2559. if (!empty ($post_id)) {
  2560. $where .= ' AND ';
  2561. }
  2562. $where .= " comment_id = $comment_id ";
  2563. }
  2564. $course_id = api_get_course_int_id();
  2565. $sql = "SELECT path, filename, comment FROM $blog_table_attachment
  2566. WHERE c_id = $course_id AND blog_id = $blog_id $where";
  2567. $result = Database::query($sql);
  2568. if (Database::num_rows($result) != 0) {
  2569. $row = Database::fetch_array($result);
  2570. }
  2571. return $row;
  2572. }
  2573. /**
  2574. * Delete the all the attachments according the parameters.
  2575. * @param int $blog_id
  2576. * @param int $post_id post's id
  2577. * @param int $comment_id the comment's id
  2578. * @return void
  2579. * @author Julio Montoya
  2580. * @version avril 2008, dokeos 1.8.5
  2581. */
  2582. public static function deleteAllBlogAttachments(
  2583. $blog_id,
  2584. $post_id = 0,
  2585. $comment_id = 0
  2586. ) {
  2587. $_course = api_get_course_info();
  2588. $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT);
  2589. $blog_id = intval($blog_id);
  2590. $comment_id = intval($comment_id);
  2591. $post_id = intval($post_id);
  2592. $course_id = api_get_course_int_id();
  2593. $where = null;
  2594. // delete files in DB
  2595. if (!empty ($post_id) && is_numeric($post_id)) {
  2596. $where .= " AND post_id = $post_id ";
  2597. }
  2598. if (!empty ($comment_id) && is_numeric($comment_id)) {
  2599. if (!empty ($post_id)) {
  2600. $where .= ' AND ';
  2601. }
  2602. $where .= " comment_id = $comment_id ";
  2603. }
  2604. // delete all files in directory
  2605. $courseDir = $_course['path'].'/upload/blog';
  2606. $sys_course_path = api_get_path(SYS_COURSE_PATH);
  2607. $updir = $sys_course_path.$courseDir;
  2608. $sql = "SELECT path FROM $blog_table_attachment
  2609. WHERE c_id = $course_id AND blog_id = $blog_id $where";
  2610. $result = Database::query($sql);
  2611. while ($row = Database::fetch_row($result)) {
  2612. $file = $updir.'/'.$row[0];
  2613. if (Security::check_abs_path($file, $updir)) {
  2614. @ unlink($file);
  2615. }
  2616. }
  2617. $sql = "DELETE FROM $blog_table_attachment
  2618. WHERE c_id = $course_id AND blog_id = $blog_id $where";
  2619. Database::query($sql);
  2620. }
  2621. /**
  2622. * Gets all the post from a given user id
  2623. * @param int $courseId
  2624. * @param int $userId
  2625. * @param string $courseCode
  2626. * @return string
  2627. */
  2628. public static function getBlogPostFromUser($courseId, $userId, $courseCode)
  2629. {
  2630. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  2631. $tbl_blog_post = Database::get_course_table(TABLE_BLOGS_POSTS);
  2632. $courseId = intval($courseId);
  2633. $userId = intval($userId);
  2634. $sql = "SELECT DISTINCT blog.blog_id, post_id, title, full_text, post.date_creation
  2635. FROM $tbl_blogs blog
  2636. INNER JOIN $tbl_blog_post post
  2637. ON (blog.blog_id = post.blog_id AND blog.c_id = post.c_id)
  2638. WHERE
  2639. blog.c_id = $courseId AND
  2640. post.c_id = $courseId AND
  2641. author_id = $userId AND
  2642. visibility = 1
  2643. ORDER BY post.date_creation DESC ";
  2644. $result = Database::query($sql);
  2645. $return_data = '';
  2646. if (Database::num_rows($result) != 0) {
  2647. while ($row = Database::fetch_array($result)) {
  2648. $return_data .= '<div class="clear"></div><br />';
  2649. $return_data .= '<div class="actions" style="margin-left:5px;margin-right:5px;">'.Display::return_icon(
  2650. 'blog_article.png',
  2651. get_lang('BlogPosts')
  2652. ).' '.$row['title'].'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<div style="float:right;margin-top:-18px"><a href="../blog/blog.php?blog_id='.$row['blog_id'].'&gidReq=&cidReq='.$courseCode.' " >'.get_lang(
  2653. 'SeeBlog'
  2654. ).'</a></div></div>';
  2655. $return_data .= '<br / >';
  2656. $return_data .= $row['full_text'];
  2657. $return_data .= '<br /><br />';
  2658. }
  2659. }
  2660. return $return_data;
  2661. }
  2662. /**
  2663. * Gets all the post comments from a given user id
  2664. * @param int $courseId
  2665. * @param int $userId
  2666. * @param string $courseCode
  2667. * @return string
  2668. */
  2669. public static function getBlogCommentsFromUser($courseId, $userId, $courseCode)
  2670. {
  2671. $tbl_blogs = Database::get_course_table(TABLE_BLOGS);
  2672. $tbl_blog_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS);
  2673. $userId = intval($userId);
  2674. $courseId = intval($courseId);
  2675. $sql = "SELECT DISTINCT blog.blog_id, comment_id, title, comment, comment.date_creation
  2676. FROM $tbl_blogs blog
  2677. INNER JOIN $tbl_blog_comment comment
  2678. ON (blog.blog_id = comment.blog_id AND blog.c_id = comment.c_id)
  2679. WHERE blog.c_id = $courseId AND
  2680. comment.c_id = $courseId AND
  2681. author_id = $userId AND
  2682. visibility = 1
  2683. ORDER BY blog_name";
  2684. $result = Database::query($sql);
  2685. $return_data = '';
  2686. if (Database::num_rows($result) != 0) {
  2687. while ($row = Database::fetch_array($result)) {
  2688. $return_data .= '<div class="clear"></div><br />';
  2689. $return_data .= '<div class="actions" style="margin-left:5px;margin-right:5px;">'.$row['title'].'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<div style="float:right;margin-top:-18px"><a href="../blog/blog.php?blog_id='.$row['blog_id'].'&gidReq=&cidReq='.Security::remove_XSS(
  2690. $courseCode
  2691. ).' " >'.get_lang('SeeBlog').'</a></div></div>';
  2692. $return_data .= '<br / >';
  2693. $return_data .= $row['comment'];
  2694. $return_data .= '<br />';
  2695. }
  2696. }
  2697. return $return_data;
  2698. }
  2699. /**
  2700. * Filter the post $fullText to get a extract of $length characters
  2701. * @param string $fullText
  2702. * @param int $length
  2703. * @return null|string
  2704. */
  2705. private static function getPostExtract($fullText, $length = BLOG_MAX_PREVIEW_CHARS)
  2706. {
  2707. $parts = explode(BLOG_PAGE_BREAK, $fullText);
  2708. if (count($parts) > 1) {
  2709. return $parts[0];
  2710. }
  2711. // Remove any HTML from the string
  2712. $text = strip_tags($fullText);
  2713. $text = api_html_entity_decode($text);
  2714. // Replace end of lines with spaces
  2715. $text = preg_replace('/\s+/', ' ', $text);
  2716. // Count whitespaces to add to the cut() call below
  2717. $countBlanks = substr_count($text, ' ');
  2718. // Get a version of the string without spaces for comparison purposes
  2719. $textWithoutBlanks = str_replace(' ', '', $text);
  2720. // utf8_decode replaces non-ISO chars by '?' which avoids counting
  2721. // multi-byte characters as more than one character
  2722. $stringLength = strlen(utf8_decode($textWithoutBlanks));
  2723. if ($stringLength <= $length) {
  2724. return null;
  2725. }
  2726. // Cut the string to the BLOG_MAX_PREVIEX_CHARS limit, adding
  2727. // whitespaces
  2728. $extract = cut($text, $length + $countBlanks);
  2729. // Return an HTML string for printing
  2730. return api_htmlentities($extract);
  2731. }
  2732. }