123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258 |
- <?php
- /* For licensing terms, see /license.txt */
- use ChamiloSession as Session;
- $language_file = array('exercice', 'work', 'document', 'admin', 'gradebook');
- require_once '../inc/global.inc.php';
- $current_course_tool = TOOL_STUDENTPUBLICATION;
- /* Configuration settings */
- api_protect_course_script(true);
- // Including necessary files
- require_once 'work.lib.php';
- require_once api_get_path(LIBRARY_PATH).'fileManage.lib.php';
- require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
- require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
- $this_section = SECTION_COURSES;
- $work_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
- $item_id = isset($_REQUEST['item_id']) ? intval($_REQUEST['item_id']) : null;
- $work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION);
- $is_allowed_to_edit = api_is_allowed_to_edit();
- $course_id = api_get_course_int_id();
- $user_id = api_get_user_id();
- $session_id = api_get_session_id();
- $course_code = api_get_course_id();
- $course_info = api_get_course_info();
- if (empty($work_id) || empty($item_id)) {
- api_not_allowed(true);
- }
- $parent_data = $my_folder_data = get_work_data_by_id($work_id);
- if (empty($parent_data)) {
- api_not_allowed(true);
- }
- $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($user_id, $course_code, $session_id);
- $is_course_member = $is_course_member || api_is_platform_admin();
- if ($is_course_member == false) {
- api_not_allowed(true);
- }
- $check = Security::check_token('post');
- $token = Security::get_token();
- $student_can_edit_in_session = api_is_allowed_to_session_edit(false, true);
- $has_ended = false;
- $is_author = false;
- $work_item = get_work_data_by_id($item_id);
- // Get the author ID for that document from the item_property table
- $is_author = user_is_author($item_id);
- if (!$is_author) {
- api_not_allowed(true);
- }
- // Student's can't edit work only if he can delete his docs.
- if (!api_is_allowed_to_edit()) {
- if (api_get_course_setting('student_delete_own_publication') != 1) {
- api_not_allowed(true);
- }
- }
- if (!empty($my_folder_data)) {
- $homework = get_work_assignment_by_id($my_folder_data['id']);
- if ($homework['expires_on'] != '0000-00-00 00:00:00' || $homework['ends_on'] != '0000-00-00 00:00:00') {
- $time_now = time();
- if (!empty($homework['expires_on']) && $homework['expires_on'] != '0000-00-00 00:00:00') {
- $time_expires = api_strtotime($homework['expires_on'], 'UTC');
- $difference = $time_expires - $time_now;
- if ($difference < 0) {
- $has_expired = true;
- }
- }
- if (empty($homework['expires_on']) || $homework['expires_on'] == '0000-00-00 00:00:00') {
- $has_expired = false;
- }
- if (!empty($homework['ends_on']) && $homework['ends_on'] != '0000-00-00 00:00:00') {
- $time_ends = api_strtotime($homework['ends_on'], 'UTC');
- $difference2 = $time_ends - $time_now;
- if ($difference2 < 0) {
- $has_ended = true;
- }
- }
- $ends_on = api_convert_and_format_date($homework['ends_on']);
- $expires_on = api_convert_and_format_date($homework['expires_on']);
- }
- }
- $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'work/work.php?'.api_get_cidreq(), 'name' => get_lang('StudentPublications'));
- $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH).'work/work_list.php?'.api_get_cidreq().'&id='.$work_id, 'name' => $parent_data['title']);
- // form title
- $form_title = get_lang('Edit');
- $interbreadcrumb[] = array('url' => '#', 'name' => $form_title);
- $form = new FormValidator(
- 'form',
- 'POST',
- api_get_self()."?".api_get_cidreq()."&id=".$work_id."&gradebook=".Security::remove_XSS($_GET['gradebook'])."&origin=$origin",
- '',
- array('enctype' => "multipart/form-data")
- );
- $form->addElement('header', $form_title);
- $show_progress_bar = false;
- if ($submitGroupWorkUrl) {
- // For user coming from group space to publish his work
- $realUrl = str_replace($_configuration['root_sys'], api_get_path(WEB_PATH), str_replace("\\", '/', realpath($submitGroupWorkUrl)));
- $form->addElement('hidden', 'newWorkUrl', $submitGroupWorkUrl);
- $text_document = $form->addElement('text', 'document', get_lang('Document'));
- $defaults['document'] = '<a href="' . format_url($submitGroupWorkUrl) . '">' . $realUrl . '</a>';
- $text_document->freeze();
- } elseif ($item_id && ($is_allowed_to_edit or $is_author)) {
- $workUrl = $currentCourseRepositoryWeb . $workUrl;
- }
- $form->addElement('hidden', 'id', $work_id);
- $form->addElement('hidden', 'item_id', $item_id);
- $form->addElement('text', 'title', get_lang('Title'), array('id' => 'file_upload', 'class' => 'span4'));
- $form->add_html_editor('description', get_lang('Description'), false, false, getWorkDescriptionToolbar());
- $defaults['title'] = $work_item['title'];
- $defaults["description"] = $work_item['description'];
- $defaults['qualification'] = $work_item['qualification'];
- if ($is_allowed_to_edit && !empty($item_id)) {
- // Get qualification from parent_id that'll allow the validation qualification over
- $sql = "SELECT qualification FROM $work_table WHERE c_id = $course_id AND id ='$work_id' ";
- $result = Database::query($sql);
- $row = Database::fetch_array($result);
- $qualification_over = $row['qualification'];
- if (!empty($qualification_over) && intval($qualification_over) > 0) {
- $form->addElement('text', 'qualification', array(get_lang('Qualification'), null, " / ".$qualification_over), 'size="10"');
- $form->addElement('hidden', 'qualification_over', $qualification_over);
- }
- }
- $form->addElement('hidden', 'active', 1);
- $form->addElement('hidden', 'accepted', 1);
- $form->addElement('hidden', 'item_to_edit', $item_id);
- $form->addElement('hidden', 'sec_token', $token);
- $text = get_lang('UpdateWork');
- $class = 'save';
- // fix the Ok button when we see the tool in the learn path
- $form->addElement('style_submit_button', 'editWork', $text, array('class'=> $class, 'value' => "editWork"));
- $form->setDefaults($defaults);
- $error_message = null;
- $_course = api_get_course_info();
- $currentCourseRepositorySys = api_get_path(SYS_COURSE_PATH).$_course['path'] . '/';
- $succeed = false;
- if ($form->validate()) {
- if ($student_can_edit_in_session && $check) {
- if (isset($_POST['editWork'])) {
- /*
- * SPECIAL CASE ! For a work edited
- */
- //Get the author ID for that document from the item_property table
- $item_to_edit_id = intval($_POST['item_to_edit']);
- $is_author = user_is_author($item_to_edit_id);
- if ($is_author) {
- $work_data = get_work_data_by_id($item_to_edit_id);
- if (!empty($_POST['title'])) {
- $title = isset($_POST['title']) ? $_POST['title'] : $work_data['title'];
- }
- $description = isset($_POST['description']) ? $_POST['description'] : $work_data['description'];
- if ($is_allowed_to_edit && ($_POST['qualification'] !='' )) {
- $add_to_update = ', qualificator_id ='."'".api_get_user_id()."', ";
- $add_to_update .= ' qualification = '."'".Database::escape_string($_POST['qualification'])."',";
- $add_to_update .= ' date_of_qualification = '."'".api_get_utc_datetime()."'";
- }
- if ($_POST['qualification'] > $_POST['qualification_over']) {
- Display::display_error_message(get_lang('QualificationMustNotBeMoreThanQualificationOver'));
- } else {
- $sql = "UPDATE " . $work_table . "
- SET title = '".Database::escape_string($title)."',
- description = '".Database::escape_string($description)."'
- ".$add_to_update."
- WHERE c_id = $course_id AND id = $item_to_edit_id";
- Database::query($sql);
- }
- api_item_property_update($_course, 'work', $item_to_edit_id, 'DocumentUpdated', $user_id);
- $succeed = true;
- $error_message .= Display::return_message(get_lang('ItemUpdated'), false);
- } else {
- $error_message .= Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
- }
- } else {
- $error_message .= Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
- }
- Security::clear_token();
- } else {
- // Bad token or can't add works
- $error_message = Display::return_message(get_lang('IsNotPosibleSaveTheDocument'), 'error');
- }
- $script = 'work_list.php';
- if ($is_allowed_to_edit) {
- $script = 'work_list_all.php';
- }
- header('Location: '.api_get_path(WEB_CODE_PATH).'work/'.$script.'?'.api_get_cidreq().'&id='.$work_id.'&error_message='.$error_message);
- exit;
- }
- $htmlHeadXtra[] = to_javascript_work();
- Display :: display_header(null);
- if (!empty($work_id)) {
- if ($is_allowed_to_edit) {
- if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) {
- echo Display::display_warning_message(get_lang('ResourceLockedByGradebook'));
- } else {
- $form->display();
- }
- } elseif ($is_author) {
- if (empty($work_item['qualificator_id']) || $work_item['qualificator_id'] == 0) {
- $form->display();
- } else {
- Display::display_error_message(get_lang('ActionNotAllowed'));
- }
- } elseif ($student_can_edit_in_session && $has_ended == false) {
- $form->display();
- } else {
- Display::display_error_message(get_lang('ActionNotAllowed'));
- }
- } else {
- Display::display_error_message(get_lang('ActionNotAllowed'));
- }
- Display :: display_footer();
|