123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071 |
- <?php
- /* For licensing terms, see /license.txt */
- /**
- * Function library for the links tool.
- *
- * This is a complete remake of the original link tool.
- * New features:
- * - Organize links into categories;
- * - favorites/bookmarks interface;
- * - move links up/down within a category;
- * - move categories up/down;
- * - expand/collapse all categories;
- * - add link to 'root' category => category-less link is always visible.
- *
- * @author Patrick Cool, complete remake (December 2003 - January 2004)
- * @author René Haentjens, CSV file import (October 2004)
- * @package chamilo.link
- */
- /* FUNCTIONS */
- class Link extends Model
- {
- public $table;
- public $is_course_model = true;
- public $columns = array('id', 'c_id','url','title','description','category_id', 'display_order', 'on_homepage', 'target', 'session_id');
- public $required = array('url', 'title');
- public function __construct()
- {
- $this->table = Database::get_course_table(TABLE_LINK);
- }
- public function save($params, $show_query = null)
- {
- $course_info = api_get_course_info();
- $params['session_id'] = api_get_session_id();
- $params['category_id'] = isset($params['category_id']) ? $params['category_id'] : 0;
- $id = parent::save($params, $show_query);
- if (!empty($id)) {
- api_item_property_update($course_info, TOOL_LINK, $id, 'LinkAdded', api_get_user_id());
- }
- return $id;
- }
- }
- /**
- * Used to add a link or a category
- * @param string $type, "link" or "category"
- * @todo replace strings by constants
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function addlinkcategory($type)
- {
- global $catlinkstatus;
- global $msgErr;
- $ok = true;
- $course_id = api_get_course_int_id();
- $courseInfo = api_get_course_info();
- if ($type == 'link') {
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $title = Security :: remove_XSS(stripslashes($_POST['title']));
- $urllink = Security :: remove_XSS($_POST['urllink']);
- $description = Security :: remove_XSS($_POST['description']);
- $selectcategory = Security :: remove_XSS($_POST['selectcategory']);
- if ($_POST['onhomepage'] == '') {
- $onhomepage = 0;
- } else {
- $onhomepage = Security :: remove_XSS($_POST['onhomepage']);
- }
- if (empty($_POST['target_link'])) {
- $target = '_self'; // Default target.
- } else {
- $target = Security :: remove_XSS($_POST['target_link']);
- }
- $urllink = trim($urllink);
- $title = trim($title);
- $description = trim($description);
- // We ensure URL to be absolute.
- if (strpos($urllink, '://') === false) {
- $urllink = 'http://' . $urllink;
- }
- // If the title is empty, we use the URL as title.
- if ($title == '') {
- $title = $urllink;
- }
- // If the URL is invalid, an error occurs.
- // Ivan, 13-OCT-2010, Chamilo 1.8.8: Let us still tolerate PHP 5.1.x and avoid a specific bug in filter_var(), see http://bugs.php.net/51192
- //if (!filter_var($urllink, FILTER_VALIDATE_URL)) {
- if (!api_valid_url($urllink, true)) { // A check against an absolute URL
- $msgErr = get_lang('GiveURL');
- Display :: display_error_message(get_lang('GiveURL'));
- $ok = false;
- } else {
- // Looking for the largest order number for this category.
- $result = Database :: query("SELECT MAX(display_order) FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id = '" . intval($_POST['selectcategory']) . "'");
- list ($orderMax) = Database :: fetch_row($result);
- $order = $orderMax +1;
- $session_id = api_get_session_id();
- $sql = "INSERT INTO " . $tbl_link . " (c_id, url, title, description, category_id, display_order, on_homepage, target, session_id)
- VALUES (".$course_id.", '".Database :: escape_string($urllink) . "','" . Database :: escape_string($title) . "','" . Database :: escape_string($description) . "','" .
- Database :: escape_string($selectcategory) . "','" . Database :: escape_string($order) . "', '" . Database :: escape_string($onhomepage) . "','" .
- Database :: escape_string($target) . "','" . Database :: escape_string($session_id) . "')";
- $catlinkstatus = get_lang('LinkAdded');
- Database :: query($sql);
- $link_id = Database :: insert_id();
- if ($link_id) {
- api_set_default_visibility($courseInfo, $link_id, TOOL_LINK);
- }
- if ((api_get_setting('search_enabled') == 'true') && $link_id && extension_loaded('xapian')) {
- require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
- require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
- require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
- $course_int_id = api_get_course_int_id();
- $courseid = api_get_course_id();
- $specific_fields = get_specific_field_list();
- $ic_slide = new IndexableChunk();
- // Add all terms to db.
- $all_specific_terms = '';
- foreach ($specific_fields as $specific_field) {
- if (isset ($_REQUEST[$specific_field['code']])) {
- $sterms = trim($_REQUEST[$specific_field['code']]);
- if (!empty ($sterms)) {
- $all_specific_terms .= ' ' . $sterms;
- $sterms = explode(',', $sterms);
- foreach ($sterms as $sterm) {
- $ic_slide->addTerm(trim($sterm), $specific_field['code']);
- add_specific_field_value($specific_field['id'], $courseid, TOOL_LINK, $link_id, $sterm);
- }
- }
- }
- }
- // Build the chunk to index.
- $ic_slide->addValue('title', $title);
- $ic_slide->addCourseId($courseid);
- $ic_slide->addToolId(TOOL_LINK);
- $xapian_data = array (
- SE_COURSE_ID => $courseid,
- SE_TOOL_ID => TOOL_LINK,
- SE_DATA => array (
- 'link_id' => (int) $link_id
- ),
- SE_USER => (int) api_get_user_id(),
- );
- $ic_slide->xapian_data = serialize($xapian_data);
- $description = $all_specific_terms . ' ' . $description;
- $ic_slide->addValue('content', $description);
- // Add category name if set.
- if (isset ($_POST['selectcategory']) && $selectcategory > 0) {
- $table_link_category = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $sql_cat = 'SELECT * FROM %s WHERE id=%d AND c_id = %d LIMIT 1';
- $sql_cat = sprintf($sql_cat, $table_link_category, (int) $selectcategory, $course_int_id);
- $result = Database :: query($sql_cat);
- if (Database :: num_rows($result) == 1) {
- $row = Database :: fetch_array($result);
- $ic_slide->addValue('category', $row['category_title']);
- }
- }
- $di = new ChamiloIndexer();
- isset ($_POST['language']) ? $lang = Database :: escape_string($_POST['language']) : $lang = 'english';
- $di->connectDb(NULL, NULL, $lang);
- $di->addChunk($ic_slide);
- // Index and return search engine document id.
- $did = $di->index();
- if ($did) {
- // Save it to db.
- $tbl_se_ref = Database :: get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
- $sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did)
- VALUES (NULL , \'%s\', \'%s\', %s, %s)';
- $sql = sprintf($sql, $tbl_se_ref, $course_int_id, $courseid, TOOL_LINK, $link_id, $did);
- Database :: query($sql);
- }
- }
- unset ($urllink, $title, $description, $selectcategory);
- Display :: display_confirmation_message(get_lang('LinkAdded'));
- }
- } elseif ($type == 'category') {
- $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $category_title = trim($_POST['category_title']);
- $description = trim($_POST['description']);
- if (empty($category_title)) {
- $msgErr = get_lang('GiveCategoryName');
- Display :: display_error_message(get_lang('GiveCategoryName'));
- $ok = false;
- } else {
- // Looking for the largest order number for this category.
- $result = Database :: query("SELECT MAX(display_order) FROM " . $tbl_categories." WHERE c_id = $course_id ");
- list ($orderMax) = Database :: fetch_row($result);
- $order = $orderMax +1;
- $order = intval($order);
- $session_id = api_get_session_id();
- $sql = "INSERT INTO ".$tbl_categories." (c_id, category_title, description, display_order, session_id)
- VALUES (".$course_id.", '" .Database::escape_string($category_title) . "', '" . Database::escape_string($description) . "', '$order', '$session_id')";
- Database :: query($sql);
- $catlinkstatus = get_lang('CategoryAdded');
- unset ($category_title, $description);
- Display :: display_confirmation_message(get_lang('CategoryAdded'));
- }
- }
- // "WHAT'S NEW" notification : update last tool Edit.
- if ($type == 'link') {
- global $_user;
- $_course = api_get_course_info();
- global $nameTools;
- api_item_property_update($_course, TOOL_LINK, $link_id, 'LinkAdded', $_user['user_id']);
- }
- return $ok;
- }
- /**
- * Used to delete a link or a category
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function deletelinkcategory($type)
- {
- global $catlinkstatus;
- $_course = api_get_course_info();
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $TABLE_ITEM_PROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY);
- $course_id = api_get_course_int_id();
- if ($type == 'link') {
- global $id;
- // -> Items are no longer fysically deleted, but the visibility is set to 2 (in item_property).
- // This will make a restore function possible for the platform administrator.
- if (isset ($_GET['id']) && $_GET['id'] == strval(intval($_GET['id']))) {
- $sql = "UPDATE $tbl_link SET on_homepage='0' WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'";
- Database :: query($sql);
- }
- api_item_property_update($_course, TOOL_LINK, $id, 'delete', api_get_user_id());
- delete_link_from_search_engine(api_get_course_id(), $id);
- $catlinkstatus = get_lang('LinkDeleted');
- unset ($id);
- Display :: display_confirmation_message(get_lang('LinkDeleted'));
- }
- if ($type == 'category') {
- global $id;
- if (isset ($_GET['id']) && !empty ($_GET['id'])) {
- // First we delete the category itself and afterwards all the links of this category.
- $sql = "DELETE FROM " . $tbl_categories . " WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'";
- Database :: query($sql);
- $sql = "DELETE FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id='" . intval($_GET['id']) . "'";
- $catlinkstatus = get_lang('CategoryDeleted');
- unset ($id);
- Database :: query($sql);
- Display :: display_confirmation_message(get_lang('CategoryDeleted'));
- }
- }
- }
- /**
- * Removes a link from search engine database
- *
- * @param string $course_id Course code
- * @param int $document_id Document id to delete
- */
- function delete_link_from_search_engine($course_id, $link_id)
- {
- // Remove from search engine if enabled.
- if (api_get_setting('search_enabled') == 'true') {
- $tbl_se_ref = Database :: get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
- $sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
- $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- $res = Database :: query($sql);
- if (Database :: num_rows($res) > 0) {
- $row = Database :: fetch_array($res);
- require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
- $di = new ChamiloIndexer();
- $di->remove_document((int) $row['search_did']);
- }
- $sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
- $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- Database :: query($sql);
- // Remove terms from db.
- require_once (api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php');
- delete_all_values_for_item($course_id, TOOL_DOCUMENT, $link_id);
- }
- }
- /**
- *
- * Get link info
- * @param int link id
- * @return array link info
- *
- * */
- function get_link_info($id)
- {
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $course_id = api_get_course_int_id();
- $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($id) . "' ";
- $result = Database::query($sql);
- if (Database::num_rows($result)) {
- $data = Database::fetch_array($result);
- }
- return $data;
- }
- /**
- * Used to edit a link or a category
- * @todo Rewrite the whole links tool because it is becoming completely cluttered,
- * code does not follow the coding conventions, does not use html_quickform, ...
- * Some features were patched in.
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- * @todo replace the globals with the appropriate $_POST or $_GET values
- */
- function editlinkcategory($type)
- {
- global $catlinkstatus;
- global $id;
- global $submit_link;
- global $submit_category;
- global $_user;
- $_course = api_get_course_info();
- global $nameTools;
- global $urllink;
- global $title;
- global $description;
- global $category;
- global $selectcategory;
- global $description;
- global $category_title;
- global $onhomepage;
- global $target_link;
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $course_id = api_get_course_int_id();
- if ($type == 'link') {
- // This is used to populate the link-form with the info found in the database.
- if (!empty ($_GET['id'])) {
- $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'";
- $result = Database :: query($sql);
- if ($myrow = Database :: fetch_array($result)) {
- $urllink = $myrow['url'];
- $title = $myrow['title'];
- $description = $myrow['description'];
- $category = $myrow['category_id'];
- if ($myrow['on_homepage'] != 0) {
- $onhomepage = 'checked';
- }
- $target_link = $myrow['target'];
- }
- }
- // This is used to put the modified info of the link-form into the database.
- if ($_POST['submitLink']) {
- // Ivan, 13-OCT-2010: It is a litle bit messy code below, just in case I added some extra-security checks here.
- $_POST['urllink'] = trim($_POST['urllink']);
- $_POST['title'] = trim(Security :: remove_XSS($_POST['title']));
- $_POST['description'] = trim(Security :: remove_XSS($_POST['description']));
- $_POST['selectcategory'] = intval($_POST['selectcategory']);
- $_POST['id'] = intval($_POST['id']);
- // We ensure URL to be absolute.
- if (strpos($_POST['urllink'], '://') === false) {
- $_POST['urllink'] = 'http://' . $_POST['urllink'];
- }
- // If the title is empty, we use the URL as title.
- if ($_POST['title'] == '') {
- $_POST['title'] = $_POST['urllink'];
- }
- // If the URL is invalid, an error occurs.
- // Ivan, 13-OCT-2010, Chamilo 1.8.8: Let us still tolerate PHP 5.1.x and avoid a specific bug in filter_var(), see http://bugs.php.net/51192
- //if (!filter_var($urllink, FILTER_VALIDATE_URL)) {
- if (!api_valid_url($urllink, true)) { // A check against an absolute URL.
- $msgErr = get_lang('GiveURL');
- Display :: display_error_message(get_lang('GiveURL'));
- return false;
- }
- $onhomepage = Security :: remove_XSS($_POST['onhomepage']);
- $target = Database::escape_string($_POST['target_link']);
- if (empty ($mytarget)) {
- $mytarget = '_self';
- }
- $mytarget = ",target='" . $target . "'";
- // Finding the old category_id.
- $sql = "SELECT * FROM " . $tbl_link . " WHERE c_id = $course_id AND id='" . intval($_POST['id']) . "'";
- $result = Database :: query($sql);
- $row = Database :: fetch_array($result);
- $category_id = $row['category_id'];
- if ($category_id != $_POST['selectcategory']) {
- $sql = "SELECT MAX(display_order) FROM " . $tbl_link . " WHERE c_id = $course_id AND category_id='" . intval($_POST['selectcategory']) . "'";
- $result = Database :: query($sql);
- list ($max_display_order) = Database :: fetch_row($result);
- $max_display_order++;
- } else {
- $max_display_order = $row['display_order'];
- }
- $sql = "UPDATE " . $tbl_link . " SET " .
- "url='" . Database :: escape_string($_POST['urllink']) . "', " .
- "title='" . Database :: escape_string($_POST['title']) . "', " .
- "description='" . Database :: escape_string($_POST['description']) . "', " .
- "category_id='" . Database :: escape_string($_POST['selectcategory']) . "', " .
- "display_order='" . $max_display_order . "', " .
- "on_homepage='" . Database :: escape_string($onhomepage) . " ' $mytarget " .
- " WHERE c_id = $course_id AND id='" . intval($_POST['id']) . "'";
- Database :: query($sql);
- // Update search enchine and its values table if enabled.
- if (api_get_setting('search_enabled') == 'true') {
- $link_id = intval($_POST['id']);
- $course_int_id = api_get_course_int_id();
- $course_id = api_get_course_id();
- $link_url = Database :: escape_string($_POST['urllink']);
- $link_title = Database :: escape_string($_POST['title']);
- $link_description = Database :: escape_string($_POST['description']);
- // Actually, it consists on delete terms from db, insert new ones, create a new search engine document, and remove the old one.
- // Get search_did.
- $tbl_se_ref = Database :: get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
- $sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
- $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- $res = Database :: query($sql);
- if (Database :: num_rows($res) > 0) {
- require_once api_get_path(LIBRARY_PATH) . 'search/ChamiloIndexer.class.php';
- require_once api_get_path(LIBRARY_PATH) . 'search/IndexableChunk.class.php';
- require_once api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php';
- $se_ref = Database :: fetch_array($res);
- $specific_fields = get_specific_field_list();
- $ic_slide = new IndexableChunk();
- $all_specific_terms = '';
- foreach ($specific_fields as $specific_field) {
- delete_all_specific_field_value($course_id, $specific_field['id'], TOOL_LINK, $link_id);
- if (isset ($_REQUEST[$specific_field['code']])) {
- $sterms = trim($_REQUEST[$specific_field['code']]);
- if (!empty ($sterms)) {
- $all_specific_terms .= ' ' . $sterms;
- $sterms = explode(',', $sterms);
- foreach ($sterms as $sterm) {
- $ic_slide->addTerm(trim($sterm), $specific_field['code']);
- add_specific_field_value($specific_field['id'], $course_id, TOOL_LINK, $link_id, $sterm);
- }
- }
- }
- }
- // Build the chunk to index.
- $ic_slide->addValue("title", $link_title);
- $ic_slide->addCourseId($course_id);
- $ic_slide->addToolId(TOOL_LINK);
- $xapian_data = array (
- SE_COURSE_ID => $course_id,
- SE_TOOL_ID => TOOL_LINK,
- SE_DATA => array (
- 'link_id' => (int) $link_id
- ),
- SE_USER => (int) api_get_user_id(),
- );
- $ic_slide->xapian_data = serialize($xapian_data);
- $link_description = $all_specific_terms . ' ' . $link_description;
- $ic_slide->addValue('content', $link_description);
- // Add category name if set.
- if (isset ($_POST['selectcategory']) && $selectcategory > 0) {
- $table_link_category = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $sql_cat = 'SELECT * FROM %s WHERE id=%d and c_id = %d LIMIT 1';
- $sql_cat = sprintf($sql_cat, $table_link_category, (int) $selectcategory, $course_int_id);
- $result = Database :: query($sql_cat);
- if (Database :: num_rows($result) == 1) {
- $row = Database :: fetch_array($result);
- $ic_slide->addValue('category', $row['category_title']);
- }
- }
- $di = new ChamiloIndexer();
- isset ($_POST['language']) ? $lang = Database :: escape_string($_POST['language']) : $lang = 'english';
- $di->connectDb(NULL, NULL, $lang);
- $di->remove_document((int) $se_ref['search_did']);
- $di->addChunk($ic_slide);
- // Index and return search engine document id.
- $did = $di->index();
- if ($did) {
- // Save it to db.
- $sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=\'%s\'';
- $sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_LINK, $link_id);
- Database :: query($sql);
- $sql = 'INSERT INTO %s (c_id, id, course_code, tool_id, ref_id_high_level, search_did)
- VALUES (NULL , \'%s\', \'%s\', %s, %s)';
- $sql = sprintf($sql, $tbl_se_ref, $course_int_id, $course_id, TOOL_LINK, $link_id, $did);
- Database :: query($sql);
- }
- }
- }
- // "WHAT'S NEW" notification: update table last_toolEdit.
- api_item_property_update($_course, TOOL_LINK, $_POST['id'], 'LinkUpdated', $_user['user_id']);
- Display :: display_confirmation_message(get_lang('LinkModded'));
- }
- }
- if ($type == 'category') {
- // This is used to populate the category-form with the info found in the database.
- if (!$submit_category) {
- $sql = "SELECT * FROM " . $tbl_categories . " WHERE c_id = $course_id AND id='" . intval($_GET['id']) . "'";
- $result = Database :: query($sql);
- if ($myrow = Database :: fetch_array($result)) {
- $category_title = $myrow['category_title'];
- $description = $myrow['description'];
- }
- }
- // This is used to put the modified info of the category-form into the database.
- if ($submit_category) {
- $sql = "UPDATE " . $tbl_categories . "
- SET category_title='" . Database :: escape_string($_POST['category_title']) . "', description='" . Database :: escape_string($_POST['description']) . "'
- WHERE c_id = $course_id AND id='" . Database :: escape_string($_POST['id']) . "'";
- Database :: query($sql);
- Display :: display_confirmation_message(get_lang('CategoryModded'));
- }
- }
- return true; // On errors before this statement, exit from this function by returning false value.
- }
- /**
- * Creates a correct $view for in the URL
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function makedefaultviewcode($locatie) {
- global $aantalcategories, $view;
- for ($j = 0; $j <= $aantalcategories -1; $j++) {
- $view[$j] = 0;
- }
- $view[intval($locatie)] = '1';
- }
- /**
- * Changes the visibility of a link
- * @todo add the changing of the visibility of a course
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function change_visibility($id, $scope) {
- global $_user;
- $_course = api_get_course_info();
- if ($scope == 'link') {
- api_item_property_update($_course, TOOL_LINK, $id, $_GET['action'], $_user['user_id']);
- Display :: display_confirmation_message(get_lang('VisibilityChanged'));
- }
- }
- /**
- * Displays all the links of a given category.
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function showlinksofcategory($catid) {
- global $is_allowed, $charset, $urlview, $up, $down, $_user, $token;
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $TABLE_ITEM_PROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY);
- // Condition for the session.
- $session_id = api_get_session_id();
- $condition_session = api_get_session_condition($session_id, true, true);
- $catid = intval($catid);
- $course_id = api_get_course_int_id();
- $sqlLinks = "SELECT *, link.id FROM " . $tbl_link . " link, " . $TABLE_ITEM_PROPERTY . " itemproperties
- WHERE itemproperties.tool='" . TOOL_LINK . "' AND
- link.id=itemproperties.ref AND
- link.category_id='" . $catid . "' AND
- (itemproperties.visibility='0' OR itemproperties.visibility='1')
- $condition_session AND
- link.c_id = ".$course_id." AND
- itemproperties.c_id = ".$course_id."
- ORDER BY link.display_order DESC";
- $result = Database :: query($sqlLinks);
- $numberoflinks = Database :: num_rows($result);
- if ($numberoflinks > 0) {
- echo '<table class="data_table" width="100%">';
- $i = 1;
- while ($myrow = Database :: fetch_array($result)) {
- // Validacion when belongs to a session.
- $session_img = api_get_session_image($myrow['session_id'], $_user['status']);
- $css_class = $i % 2 == 0 ? $css_class = 'row_odd' : $css_class = 'row_even';
- $link_validator = '';
- if (api_is_allowed_to_edit(null, true)) {
- $link_validator = ''.Display::url(Display::return_icon('preview_view.png', get_lang('CheckURL'), array(), 16), '#', array('onclick'=>"check_url('".$myrow['id']."', '".addslashes($myrow['url'])."');"));
- $link_validator .= Display::span('', array('id'=>'url_id_'.$myrow['id']));
- }
- if ($myrow['visibility'] == '1') {
- echo '<tr class="'.$css_class.'">';
- echo '<td align="center" valign="middle" width="15">';
- echo '<a href="link_goto.php?'.api_get_cidreq().'&link_id='.$myrow['id'].'&link_url='.urlencode($myrow['url']).'" target="_blank">
- <img src="../../main/img/link.gif" border="0" alt="'.get_lang('Link').'"/></a></td>
- <td width="80%" valign="top"><a href="link_goto.php?'.api_get_cidreq().'&link_id='.$myrow['id'].'&link_url='.urlencode($myrow['url']).'" target="'.$myrow['target'].'">';
- echo Security :: remove_XSS($myrow['title']);
- echo '</a>';
- echo $link_validator;
- echo $session_img;
- echo '<br />'.$myrow['description'];
- } else {
- if (api_is_allowed_to_edit(null, true)) {
- echo '<tr class="'.$css_class.'">';
- echo '<td align="center" valign="middle" width="15"><a href="link_goto.php?'.api_get_cidreq().'&link_id='.$myrow['id']."&link_url=".urlencode($myrow['url']).'" target="_blank" class="invisible">';
- echo Display :: return_icon('link_na.gif', get_lang('Link')), '</a>';
- echo '</td><td width="80%" valign="top"><a href="link_goto.php?', api_get_cidreq(), '&link_id=', $myrow['id'], '&link_url=', urlencode($myrow['url']),'" target="', $myrow['target'], '" class="invisible">';
- echo Security :: remove_XSS($myrow['url']);
- echo "</a>";
- echo $link_validator;
- echo $session_img, '<br />', $myrow['title'];
- }
- }
- echo '<td style="text-align:center;">';
- if (api_is_allowed_to_edit(null, true)) {
- if ($session_id == $myrow['session_id']) {
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&action=editlink&category=' . (!empty ($category) ? $category : '') . '&id=' . $myrow['id'] . '&urlview=' . $urlview . '" title="' . get_lang('Modify') . '">' .
- Display :: return_icon('edit.png', get_lang('Modify'), array (), ICON_SIZE_SMALL) . '</a>';
- // DISPLAY MOVE UP COMMAND only if it is not the top link.
- /*
- if ($i != 1) {
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&urlview=' . $urlview . '&up=', $myrow[0], '" title="' . get_lang('Up') . '">' . Display :: return_icon('up.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . '', "</a>\n";
- } else {
- echo Display :: return_icon('up_na.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . '</a>';
- }
- // DISPLAY MOVE DOWN COMMAND only if it is not the bottom link.
- if ($i < $numberoflinks) {
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&urlview=' . $urlview . '&down=' . $myrow[0] . '" title="' . get_lang('Down') . '">' . Display :: return_icon('down.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '', "</a>\n";
- } else {
- echo Display :: return_icon('down_na.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '', "</a>\n";
- }*/
- if ($myrow['visibility'] == '1') {
- echo '<a href="link.php?' . api_get_cidreq() . '&sec_token='.$token.'&action=invisible&id=' . $myrow['id'] . '&scope=link&urlview=' . $urlview . '" title="' . get_lang('Hide') . '">' .
- Display :: return_icon('visible.png', get_lang('Hide'), array (), ICON_SIZE_SMALL) . '</a>';
- }
- if ($myrow['visibility'] == '0') {
- echo ' <a href="link.php?' . api_get_cidreq() . '&sec_token='.$token.'&action=visible&id=' . $myrow['id'] . '&scope=link&urlview=' . $urlview . '" title="' . get_lang('Show') . '">' .
- Display :: return_icon('invisible.png', get_lang('Show'), array (), ICON_SIZE_SMALL) . '</a>';
- }
- echo ' <a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&action=deletelink&id=', $myrow['id'], '&urlview=', $urlview, "\" onclick=\"javascript: if(!confirm('" . get_lang('LinkDelconfirm') . "')) return false;\" title=\"" . get_lang('Delete') . '">' .
- Display :: return_icon('delete.png', get_lang('Delete'), array (), ICON_SIZE_SMALL) . '</a>';
- } else {
- echo Display :: return_icon('edit_na.png', get_lang('EditionNotAvailableFromSession'), array (), ICON_SIZE_SMALL); //get_lang('EditionNotAvailableFromSession');
- }
- }
- echo '</td></tr>';
- $i++;
- }
- echo '</table>';
- }
- }
- /**
- * Displays the edit, delete and move icons
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function showcategoryadmintools($categoryid) {
- global $urlview, $aantalcategories, $catcounter, $token;
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&action=editcategory&id=' . $categoryid . '&urlview=' . $urlview . '" title=' . get_lang('Modify') . '">' . Display :: return_icon('edit.png', get_lang('Modify'), array (), ICON_SIZE_SMALL) . '</a>';
- // DISPLAY MOVE UP COMMAND only if it is not the top link.
- if ($catcounter != 1) {
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&catmove=true&up=', $categoryid, '&urlview=' . $urlview . '" title="' . get_lang('Up') . '">' . Display :: return_icon('up.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . '</a>';
- } else {
- echo Display :: return_icon('up_na.png', get_lang('Up'), array (), ICON_SIZE_SMALL) . '</a>';
- }
- // DISPLAY MOVE DOWN COMMAND only if it is not the bottom link.
- if ($catcounter < $aantalcategories) {
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() .'&sec_token='.$token.'&catmove=true&down=' . $categoryid . '&urlview=' . $urlview . '">
- ' . Display :: return_icon('down.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '</a>';
- } else {
- echo Display :: return_icon('down_na.png', get_lang('Down'), array (), ICON_SIZE_SMALL) . '</a>';
- }
- echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&sec_token='.$token.'&action=deletecategory&id=', $categoryid, "&urlview=$urlview\" onclick=\"javascript: if(!confirm('" . get_lang('CategoryDelconfirm') . "')) return false;\">", Display :: return_icon('delete.png', get_lang('Delete'), array (), ICON_SIZE_SMALL) . '</a>';
- $catcounter++;
- }
- /**
- * move a link or a linkcategory up or down
- * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
- */
- function movecatlink($catlinkid) {
- global $catmove;
- global $up;
- global $down;
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $course_id = api_get_course_int_id();
- if (!empty ($down)) {
- $thiscatlinkId = intval($down);
- $sortDirection = 'DESC';
- }
- if (!empty ($up)) {
- $thiscatlinkId = intval($up);
- $sortDirection = 'ASC';
- }
- // We check if it is a category we are moving or a link. If it is a category, a querystring catmove = true is present in the url.
- if ($catmove == 'true') {
- $movetable = $tbl_categories;
- $catid = $catlinkid;
- } else {
- $movetable = $tbl_link;
- // Getting the category of the link.
- if (!empty ($thiscatlinkId)) {
- $sql = "SELECT category_id FROM " . $movetable . " WHERE c_id = $course_id AND id='$thiscatlinkId'";
- $result = Database :: query($sql);
- $catid = Database :: fetch_array($result);
- }
- }
- // This code is copied and modified from announcements.php.
- if (!empty($sortDirection)) {
- if (!in_array(trim(strtoupper($sortDirection)), array ('ASC', 'DESC'))){
- $sortDirection = 'ASC';
- }
- if ($catmove == 'true') {
- $sqlcatlinks = "SELECT id, display_order FROM " . $movetable . " WHERE c_id = $course_id ORDER BY display_order $sortDirection";
- } else {
- $sqlcatlinks = "SELECT id, display_order FROM " . $movetable . "
- WHERE c_id = $course_id AND category_id='" . $catid[0] . "'
- ORDER BY display_order $sortDirection";
- }
- $linkresult = Database :: query($sqlcatlinks);
- while ($sortrow = Database :: fetch_array($linkresult)) {
- // STEP 2 : FOUND THE NEXT ANNOUNCEMENT ID AND ORDER, COMMIT SWAP
- // This part seems unlogic, but it isn't . We first look for the current link with the querystring ID
- // and we know the next iteration of the while loop is the next one. These should be swapped.
- if (isset ($thislinkFound) && $thislinkFound) {
- $nextlinkId = $sortrow['id'];
- $nextlinkOrdre = $sortrow['display_order'];
- Database :: query("UPDATE " . $movetable . "
- SET display_order = '$nextlinkOrdre'
- WHERE c_id = $course_id AND id = '$thiscatlinkId'");
- Database :: query("UPDATE " . $movetable . "
- SET display_order = '$thislinkOrdre'
- WHERE c_id = $course_id AND id = '$nextlinkId'");
- break;
- }
- if ($sortrow['id'] == $thiscatlinkId) {
- $thislinkOrdre = $sortrow['display_order'];
- $thislinkFound = true;
- }
- }
- }
- Display :: display_confirmation_message(get_lang('LinkMoved'));
- }
- /**
- * CSV file import functions
- * @author René Haentjens , Ghent University
- */
- function get_cat($catname) {
- // Get category id (existing or make new).
- $tbl_categories = Database :: get_course_table(TABLE_LINK_CATEGORY);
- $course_id = api_get_course_int_id();
- $result = Database :: query("SELECT id FROM " . $tbl_categories . " WHERE c_id = $course_id AND category_title='" . Database::escape_string($catname) . "'");
- if (Database :: num_rows($result) >= 1 && ($row = Database :: fetch_array($result))) {
- return $row['id']; // Several categories with same name: take the first.
- }
- $result = Database :: query("SELECT MAX(display_order) FROM " . $tbl_categories." WHERE c_id = $course_id ");
- list ($max_order) = Database :: fetch_row($result);
- Database :: query("INSERT INTO " . $tbl_categories . " (c_id, category_title, description, display_order)
- VALUES (".$course_id.", '" . Database::escape_string($catname) . "','','" . ($max_order +1) . "')");
- return Database :: insert_id();
- }
- /**
- * CSV file import functions
- * @author René Haentjens , Ghent University
- */
- function put_link($url, $cat, $title, $description, $on_homepage, $hidden) {
- $tbl_link = Database :: get_course_table(TABLE_LINK);
- $course_id = api_get_course_int_id();
- $urleq = "url='" . Database :: escape_string($url) . "'";
- $cateq = "category_id=" . intval($cat);
- $result = Database :: query("SELECT id FROM $tbl_link WHERE c_id = $course_id AND " . $urleq . ' AND ' . $cateq);
- if (Database :: num_rows($result) >= 1 && ($row = Database :: fetch_array($result))) {
- Database :: query("UPDATE $tbl_link set title='" . Database :: escape_string($title) . "', description='" . Database :: escape_string($description) . "'
- WHERE c_id = $course_id AND id='" . Database :: escape_string($row['id']) . "'");
- $ipu = 'LinkUpdated';
- $rv = 1; // 1 = upd
- } else {
- // Add new link
- $result = Database :: query("SELECT MAX(display_order) FROM $tbl_link WHERE c_id = $course_id AND category_id='" . intval($cat) . "'");
- list ($max_order) = Database :: fetch_row($result);
- Database :: query("INSERT INTO $tbl_link (c_id, url, title, description, category_id, display_order, on_homepage)
- VALUES (".api_get_course_int_id().", '" . Database :: escape_string($url) . "','" . Database :: escape_string($title) . "','" . Database :: escape_string($description) . "','" . intval($cat) . "','" . (intval($max_order) + 1) . "','" . intval($on_homepage) . "')");
- $id = Database :: insert_id();
- $ipu = 'LinkAdded';
- $rv = 2; // 2 = new
- }
- global $nameTools, $_user;
- $_course = api_get_course_info();
- api_item_property_update($_course, TOOL_LINK, $id, $ipu, $_user['user_id']);
- if ($hidden && $ipu == 'LinkAdded') {
- api_item_property_update($_course, TOOL_LINK, $id, 'invisible', $_user['user_id']);
- }
- return $rv;
- }
- /**
- * CSV file import functions
- * @author René Haentjens , Ghent University
- */
- function import_link($linkdata) {
- // url, category_id, title, description, ...
- // Field names used in the uploaded file
- $known_fields = array (
- 'url',
- 'category',
- 'title',
- 'description',
- 'on_homepage',
- 'hidden'
- );
- $hide_fields = array (
- 'kw',
- 'kwd',
- 'kwds',
- 'keyword',
- 'keywords'
- );
- // All other fields are added to description, as "name:value".
- // Only one hide_field is assumed to be present, <> is removed from value.
- if (!($url = trim($linkdata['url'])) || !($title = trim($linkdata['title']))) {
- return 0; // 0 = fail
- }
- $cat = ($catname = trim($linkdata['category'])) ? get_cat($catname) : 0;
- $regs = array (); // Will be passed to ereg()
- foreach ($linkdata as $key => $value)
- if (!in_array($key, $known_fields))
- if (in_array($key, $hide_fields) && ereg('^<?([^>]*)>?$', $value, $regs)) // possibly in <...>
- if (($kwlist = trim($regs[1])) != '')
- $kw = '<i kw="' . htmlspecialchars($kwlist) . '">';
- else
- $kw = '';
- // i.e. assume only one of the $hide_fields will be present
- // and if found, hide the value as expando property of an <i> tag
- elseif (trim($value)) {
- $d .= ', ' . $key . ':' . $value;
- }
- if ($d) {
- $d = substr($d, 2) . ' - ';
- }
- return put_link($url, $cat, $title, $kw . ereg_replace('\[((/?(b|big|i|small|sub|sup|u))|br/)\]', '<\\1>', htmlspecialchars($d . $linkdata['description'])) . ($kw ? '</i>' : ''), $linkdata['on_homepage'] ? '1' : '0', $linkdata['hidden'] ? '1' : '0');
- // i.e. allow some BBcode tags, e.g. [b]...[/b]
- }
- /**
- * CSV file import functions
- * @author René Haentjens , Ghent University
- */
- function import_csvfile()
- {
- global $catlinkstatus; // Feedback message to user.
- if (is_uploaded_file($filespec = $_FILES['import_file']['tmp_name']) && filesize($filespec) && ($myFile = @ fopen($filespec, 'r'))) {
- // read first line of file (column names) and find ',' or ';'
- $listsep = strpos($colnames = trim(fgets($myFile)), ',') !== false ? ',' : (strpos($colnames, ';') !== false ? ';' : '');
- if ($listsep) {
- $columns = array_map('strtolower', explode($listsep, $colnames));
- if (in_array('url', $columns) && in_array('title', $columns)) {
- $stats = array (
- 0,
- 0,
- 0
- ); // fails, updates, inserts
- // Modified by Ivan Tcholakov, 01-FEB-2010.
- //while (($data = fgetcsv($myFile, 32768, $listsep))) {
- while (($data = Text::api_fgetcsv($myFile, null, $listsep))) {
- //
- foreach ($data as $i => & $text) {
- $linkdata[$columns[$i]] = $text;
- }
- $stats[import_link($linkdata)]++;
- unset ($linkdata);
- }
- $catlinkstatus = '';
- if ($stats[0]) {
- $catlinkstatus .= $stats[0] . ' ' . get_lang('CsvLinesFailed');
- }
- if ($stats[1]) {
- $catlinkstatus .= $stats[1] . ' ' . get_lang('CsvLinesOld');
- }
- if ($stats[2]) {
- $catlinkstatus .= $stats[2] . ' ' . get_lang('CsvLinesNew');
- }
- } else {
- $catlinkstatus = get_lang('CsvFileNoURL') . ($colnames ? get_lang('CsvFileLine1') . htmlspecialchars(substr($colnames, 0, 200)) . '...' : '');
- }
- } else {
- $catlinkstatus = get_lang('CsvFileNoSeps') . ($colnames ? get_lang('CsvFileLine1') . htmlspecialchars(substr($colnames, 0, 200)) . '...' : '');
- }
- fclose($myFile);
- } else {
- $catlinkstatus = get_lang('CsvFileNotFound');
- }
- }
- /**
- * This function checks if the url is a vimeo link
- * @author Julio Montoya
- * @version 1.0
- */
- function isVimeoLink($url)
- {
- $isLink = strrpos($url, "vimeo.com");
- return $isLink;
- }
- function getVimeoLinkId($url)
- {
- $possibleUrls = array(
- 'http://www.vimeo.com/',
- 'http://vimeo.com/',
- 'https://www.vimeo.com/',
- 'https://vimeo.com/'
- );
- $url = str_replace($possibleUrls, '', $url);
- if (is_numeric($url)) {
- return $url;
- }
- return false;
- }
- /**
- * This function checks if the url is a youtube link
- * @author Jorge Frisancho
- * @author Julio Montoya - Fixing code
- * @version 1.0
- */
- function is_youtube_link($url)
- {
- $is_youtube_link = strrpos($url, "youtube") || strrpos($url, "youtu.be");
- return $is_youtube_link;
- }
- function get_youtube_video_id($url)
- {
- // This is the length of YouTube's video IDs
- $len = 11;
- // The ID string starts after "v=", which is usually right after
- // "youtube.com/watch?" in the URL
- $pos = strpos($url, "v=");
- $id = '';
- //If false try other options
- if ($pos === false) {
- $url_parsed = parse_url($url);
- //Youtube shortener
- //http://youtu.be/ID
- $pos = strpos($url, "youtu.be");
- if ($pos == false) {
- $id = '';
- } else {
- return substr($url_parsed['path'], 1);
- }
- //if empty try the youtube.com/embed/ID
- if (empty($id)) {
- $pos = strpos($url, "embed");
- if ($pos === false) {
- return '';
- } else {
- return substr($url_parsed['path'], 7);
- }
- }
- } else {
- // Offset the start location to match the beginning of the ID string
- $pos += 2;
- // Get the ID string and return it
- $id = substr($url, $pos, $len);
- return $id;
- }
- }
|