当前位置: 首页>>代码示例>>PHP>>正文


PHP Security::clear_token方法代码示例

本文整理汇总了PHP中Security::clear_token方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::clear_token方法的具体用法?PHP Security::clear_token怎么用?PHP Security::clear_token使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Security的用法示例。


在下文中一共展示了Security::clear_token方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: get_action

 function get_action()
 {
     $result = Request::get(self::PARAM_ACTION, self::ACTION_DEFAULT);
     if ($result != self::ACTION_DEFAULT) {
         $passed = Security::check_token('get');
         Security::clear_token();
         $result = $passed ? $result : self::ACTION_SECURITY_FAILED;
     }
     return $result;
 }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:10,代码来源:system_management.php

示例2: manage_form

function manage_form($default, $select_from_user_list = null, $sent_to = null)
{
    $group_id = isset($_REQUEST['group_id']) ? intval($_REQUEST['group_id']) : null;
    $message_id = isset($_GET['message_id']) ? intval($_GET['message_id']) : null;
    $param_f = isset($_GET['f']) && $_GET['f'] == 'social' ? 'social' : null;
    $form = new FormValidator('compose_message', null, api_get_self() . '?f=' . $param_f, null, array('enctype' => 'multipart/form-data'));
    if (empty($group_id)) {
        if (isset($select_from_user_list)) {
            $form->addText('id_text_name', get_lang('SendMessageTo'), true, array('id' => 'id_text_name', 'onkeyup' => 'send_request_and_search()', 'autocomplete' => 'off'));
            $form->addRule('id_text_name', get_lang('ThisFieldIsRequired'), 'required');
            $form->addElement('html', '<div id="id_div_search" style="padding:0px" class="message-select-box" >&nbsp;</div>');
            $form->addElement('hidden', 'user_list', 0, array('id' => 'user_list'));
        } else {
            if (!empty($sent_to)) {
                $form->addLabel(get_lang('SendMessageTo'), $sent_to);
            }
            if (empty($default['users'])) {
                //fb select
                $form->addElement('select_ajax', 'users', get_lang('SendMessageTo'), array(), ['multiple' => 'multiple', 'url' => api_get_path(WEB_AJAX_PATH) . 'message.ajax.php?a=find_users']);
            } else {
                $form->addElement('hidden', 'hidden_user', $default['users'][0], array('id' => 'hidden_user'));
            }
        }
    } else {
        $userGroup = new UserGroup();
        $group_info = $userGroup->get($group_id);
        $form->addElement('label', get_lang('ToGroup'), api_xml_http_response_encode($group_info['name']));
        $form->addElement('hidden', 'group_id', $group_id);
        $form->addElement('hidden', 'parent_id', $message_id);
    }
    $form->addText('title', get_lang('Subject'), true);
    $form->addHtmlEditor('content', get_lang('Message'), false, false, array('ToolbarSet' => 'Messages', 'Width' => '100%', 'Height' => '250'));
    if (isset($_GET['re_id'])) {
        $message_reply_info = MessageManager::get_message_by_id($_GET['re_id']);
        $default['title'] = get_lang('MailSubjectReplyShort') . " " . $message_reply_info['title'];
        $form->addElement('hidden', 're_id', intval($_GET['re_id']));
        $form->addElement('hidden', 'save_form', 'save_form');
        //adding reply mail
        $user_reply_info = api_get_user_info($message_reply_info['user_sender_id']);
        $default['content'] = '<p><br/></p>' . sprintf(get_lang('XWroteY'), $user_reply_info['complete_name'], Security::filter_terms($message_reply_info['content']));
    }
    if (empty($group_id)) {
        $form->addElement('label', '', '<div  id="filepaths" class="form-group">
                    <div id="filepath_1">
                    <label>' . get_lang('FilesAttachment') . '</label>
                    <input type="file" name="attach_1"/>
                    <label>' . get_lang('Description') . '</label>
                    <input id="file-descrtiption" type="text" name="legend[]" class="form-control"/>
                    </div>
                </div>');
        $form->addElement('label', '', '<span id="link-more-attach"><a href="javascript://" onclick="return add_image_form()">' . get_lang('AddOneMoreFile') . '</a></span>&nbsp;(' . sprintf(get_lang('MaximunFileSizeX'), format_file_size(api_get_setting('message.message_max_upload_filesize'))) . ')');
    }
    $form->addButtonSend(get_lang('SendMessage'), 'compose');
    $form->setRequiredNote('<span class="form_required">*</span> <small>' . get_lang('ThisFieldIsRequired') . '</small>');
    if (!empty($group_id) && !empty($message_id)) {
        $message_info = MessageManager::get_message_by_id($message_id);
        $default['title'] = get_lang('MailSubjectReplyShort') . " " . $message_info['title'];
    }
    $form->setDefaults($default);
    $html = '';
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $user_list = $default['users'];
            $file_comments = $_POST['legend'];
            $title = $default['title'];
            $content = $default['content'];
            $group_id = isset($default['group_id']) ? $default['group_id'] : null;
            $parent_id = isset($default['parent_id']) ? $default['parent_id'] : null;
            if (is_array($user_list) && count($user_list) > 0) {
                //all is well, send the message
                foreach ($user_list as $user) {
                    $res = MessageManager::send_message($user, $title, $content, $_FILES, $file_comments, $group_id, $parent_id);
                    if ($res) {
                        $html .= MessageManager::display_success_message($user);
                    }
                }
            } else {
                Display::display_error_message('ErrorSendingMessage');
            }
        }
        Security::clear_token();
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $html .= $form->returnForm();
    }
    return $html;
}
开发者ID:jloguercio,项目名称:chamilo-lms,代码行数:90,代码来源:new_message.php

示例3: api_get_course_id

        break;
    case 'delete_all_certificates':
        Category::deleteAllCertificates($cat_id);
        break;
}
$course_code = api_get_course_id();
$interbreadcrumb[] = array('url' => Security::remove_XSS($_SESSION['gradebook_dest']) . '?', 'name' => get_lang('Gradebook'));
$interbreadcrumb[] = array('url' => '#', 'name' => get_lang('GradebookListOfStudentsCertificates'));
$this_section = SECTION_COURSES;
Display::display_header('');
if (isset($_GET['action']) && $_GET['action'] == 'delete') {
    $check = Security::check_token('get');
    if ($check) {
        $certificate = new Certificate($_GET['certificate_id']);
        $result = $certificate->delete(true);
        Security::clear_token();
        if ($result == true) {
            Display::display_confirmation_message(get_lang('CertificateRemoved'));
        } else {
            Display::display_error_message(get_lang('CertificateNotRemoved'));
        }
    }
}
$token = Security::get_token();
echo Display::page_header(get_lang('GradebookListOfStudentsCertificates'));
//@todo replace all this code with something like get_total_weight()
$cats = Category::load($cat_id, null, null, null, null, null, false);
if (!empty($cats)) {
    //with this fix the teacher only can view 1 gradebook
    if (api_is_platform_admin()) {
        $stud_id = api_is_allowed_to_edit() ? null : api_get_user_id();
开发者ID:KRCM13,项目名称:chamilo-lms,代码行数:31,代码来源:gradebook_display_certificate.php

示例4: add_category_form

/**
 * form to add a category
 * @todo move to TestCategory.class.php
 * @param string $action
 */
function add_category_form($action)
{
    $action = Security::remove_XSS($action);
    // initiate the object
    $form = new FormValidator('note', 'post', api_get_self() . '?action=' . $action);
    // Setting the form elements
    $form->addElement('header', get_lang('AddACategory'));
    $form->addElement('text', 'category_name', get_lang('CategoryName'), array('size' => '95'));
    $form->addHtmlEditor('category_description', get_lang('CategoryDescription'), false, false, array('ToolbarSet' => 'test_category', 'Height' => '200'));
    $form->addButtonCreate(get_lang('AddTestCategory'), 'SubmitNote');
    // setting the rules
    $form->addRule('category_name', get_lang('ThisFieldIsRequired'), 'required');
    // The validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            $v_name = Security::remove_XSS($values['category_name'], COURSEMANAGER);
            $v_description = Security::remove_XSS($values['category_description'], COURSEMANAGER);
            $objcat = new TestCategory(0, $v_name, $v_description);
            if ($objcat->addCategoryInBDD()) {
                Display::display_confirmation_message(get_lang('AddCategoryDone'));
            } else {
                Display::display_confirmation_message(get_lang('AddCategoryNameAlreadyExists'));
            }
        }
        Security::clear_token();
    } else {
        display_goback();
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $form->display();
    }
}
开发者ID:secuencia24,项目名称:chamilo-lms,代码行数:40,代码来源:tests_category.php

示例5: attendance_edit

 /**
  * It's used for editing attendace,
  * render to attendance_edit or attendance_list view
  * @param int	attendance id
  */
 public function attendance_edit($attendance_id)
 {
     $attendance = new Attendance();
     $data = array();
     $attendance_id = intval($attendance_id);
     if (strtoupper($_SERVER['REQUEST_METHOD']) == "POST") {
         if (!empty($_POST['title'])) {
             $check = Security::check_token();
             if ($check) {
                 $attendance->set_name($_POST['title']);
                 $attendance->set_description($_POST['description']);
                 $attendance->set_attendance_qualify_title($_POST['attendance_qualify_title']);
                 $attendance->set_attendance_weight($_POST['attendance_weight']);
                 $attendance->category_id = $_POST['category_id'];
                 $link_to_gradebook = false;
                 if (isset($_POST['attendance_qualify_gradebook']) && $_POST['attendance_qualify_gradebook'] == 1) {
                     $link_to_gradebook = true;
                 }
                 $last_id = $attendance->attendance_edit($attendance_id, $link_to_gradebook);
                 Security::clear_token();
                 $param_gradebook = '';
                 if (isset($_SESSION['gradebook'])) {
                     $param_gradebook = '&gradebook=' . Security::remove_XSS($_SESSION['gradebook']);
                 }
                 header('location:index.php?action=attendance_list&' . api_get_cidreq() . $param_gradebook);
                 exit;
             }
         } else {
             $data['attendance_id'] = $_POST['attendance_id'];
             $data['error'] = true;
             $this->view->set_data($data);
             $this->view->set_layout('layout');
             $this->view->set_template('attendance_edit');
             $this->view->render();
         }
     } else {
         // default values
         $attendance_data = $attendance->get_attendance_by_id($attendance_id);
         $data['attendance_id'] = $attendance_data['id'];
         $data['title'] = $attendance_data['name'];
         $data['description'] = $attendance_data['description'];
         $data['attendance_qualify_title'] = $attendance_data['attendance_qualify_title'];
         $data['attendance_weight'] = $attendance_data['attendance_weight'];
         $this->view->set_data($data);
         $this->view->set_layout('layout');
         $this->view->set_template('attendance_edit');
         $this->view->render();
     }
 }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:54,代码来源:attendance_controller.php

示例6: get_action

 function get_action()
 {
     /**
      * todo check token
      */
     $check = Security::check_token('post');
     Security::clear_token();
     if (!$check) {
         return 'display';
     }
     return Request::post('action', 'display');
 }
开发者ID:omaoibrahim,项目名称:chamilo-lms,代码行数:12,代码来源:zombie_report.class.php

示例7: add_category_form

function add_category_form($in_action, $type = 'simple')
{
    $in_action = Security::remove_XSS($in_action);
    // Initiate the object
    $form = new FormValidator('note', 'post', api_get_self() . '?' . api_get_cidreq() . '&action=' . $in_action . "&type=" . $type);
    // Setting the form elements
    $form->addElement('header', get_lang('AddACategory'));
    $form->addElement('text', 'category_name', get_lang('CategoryName'), array('class' => 'span6'));
    $form->add_html_editor('category_description', get_lang('CategoryDescription'), false, false, array('ToolbarSet' => 'test_category', 'Width' => '90%', 'Height' => '200'));
    $form->addElement('select', 'parent_id', get_lang('Parent'), array(), array('id' => 'parent_id'));
    $form->addElement('style_submit_button', 'SubmitNote', get_lang('AddTestCategory'), 'class="add"');
    // Setting the rules
    $form->addRule('category_name', get_lang('ThisFieldIsRequired'), 'required');
    // The validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->getSubmitValues();
            $parent_id = isset($values['parent_id']) && isset($values['parent_id'][0]) ? $values['parent_id'][0] : null;
            $objcat = new Testcategory(0, $values['category_name'], $values['category_description'], $parent_id, $type, api_get_course_int_id());
            if ($objcat->addCategoryInBDD()) {
                Display::display_confirmation_message(get_lang('AddCategoryDone'));
            } else {
                Display::display_confirmation_message(get_lang('AddCategoryNameAlreadyExists'));
            }
        }
        Security::clear_token();
        display_add_category($type);
        display_categories($type);
    } else {
        display_goback($type);
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $form->display();
    }
}
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:37,代码来源:tests_category.php

示例8: show_add_post_form


//.........这里部分代码省略.........
            GradebookUtils::load_gradebook_select_in_tool($form);
            $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'), 'onclick="javascript:if(this.checked==true){document.getElementById(\'options_field\').style.display = \'block\';}else{document.getElementById(\'options_field\').style.display = \'none\';}"');
        } else {
            $form->addElement('hidden', 'thread_qualify_gradebook', false);
        }
        $form->addElement('html', '<div id="options_field" style="display:none">');
        $form->addElement('text', 'numeric_calification', get_lang('QualificationNumeric'));
        $form->applyFilter('numeric_calification', 'html_filter');
        $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'));
        $form->applyFilter('calification_notebook_title', 'html_filter');
        $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'), array('value' => '0.00', 'onfocus' => "javascript: this.select();"));
        $form->applyFilter('weight_calification', 'html_filter');
        $group = array();
        $group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('Yes'), 1);
        $group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('No'), 0);
        $form->addGroup($group, '', [get_lang('ForumThreadPeerScoring'), get_lang('ForumThreadPeerScoringComment')], ' ');
        $form->addElement('html', '</div>');
    }
    if ($forum_setting['allow_post_notification'] && isset($_user['user_id'])) {
        $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail') . ' (' . $_user['mail'] . ')');
    }
    if ($forum_setting['allow_sticky'] && api_is_allowed_to_edit(null, true) && $action == 'newthread') {
        $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost'));
    }
    if ($current_forum['allow_attachments'] == '1' || api_is_allowed_to_edit(null, true)) {
        $values = $form->exportValues();
    }
    $form->addElement('html', '</div>');
    if (in_array($action, ['quote', 'replymessage'])) {
        $form->addFile('user_upload[]', get_lang('Attachment'));
        $form->addButton('add_attachment', get_lang('AddAttachment'), 'paperclip', 'default', 'default', null, ['id' => 'reply-add-attachment']);
    } else {
        $form->addFile('user_upload', get_lang('Attachment'));
    }
    // Setting the class and text of the form title and submit button.
    if ($action == 'quote') {
        $form->addButtonCreate(get_lang('QuoteMessage'), 'SubmitPost');
    } elseif ($action == 'replythread') {
        $form->addButtonCreate(get_lang('ReplyToThread'), 'SubmitPost');
    } elseif ($action == 'replymessage') {
        $form->addButtonCreate(get_lang('ReplyToMessage'), 'SubmitPost');
    } else {
        $form->addButtonCreate(get_lang('CreateThread'), 'SubmitPost');
    }
    if (!empty($form_values)) {
        $defaults['post_title'] = prepare4display($form_values['post_title']);
        $defaults['post_text'] = prepare4display($form_values['post_text']);
        $defaults['post_notification'] = strval(intval($form_values['post_notification']));
        $defaults['thread_sticky'] = strval(intval($form_values['thread_sticky']));
        $defaults['thread_peer_qualify'] = intval($form_values['thread_peer_qualify']);
    } else {
        $defaults['thread_peer_qualify'] = 0;
    }
    // If we are quoting a message we have to retrieve the information of the post we are quoting so that
    // we can add this as default to the textarea.
    if (($action == 'quote' || $action == 'replymessage') && isset($my_post)) {
        // We also need to put the parent_id of the post in a hidden form when
        // we are quoting or replying to a message (<> reply to a thread !!!)
        $form->addElement('hidden', 'post_parent_id', intval($my_post));
        // If we are replying or are quoting then we display a default title.
        $values = get_post_information($my_post);
        $defaults['post_title'] = get_lang('ReplyShort') . api_html_entity_decode($values['post_title'], ENT_QUOTES);
        // When we are quoting a message then we have to put that message into the wysiwyg editor.
        // Note: The style has to be hardcoded here because using class="quote" didn't work.
        if ($action == 'quote') {
            $defaults['post_text'] = '<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">' . get_lang('Quoting') . ' ' . api_get_person_name($values['firstname'], $values['lastname']) . ':</div><div style="color: #006600; font-size: 90%;  font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">' . prepare4display($values['post_text']) . '</div></div><div>&nbsp;</div><div>&nbsp;</div>';
        }
    }
    $form->setDefaults(isset($defaults) ? $defaults : null);
    // The course admin can make a thread sticky (=appears with special icon and always on top).
    $form->addRule('post_title', get_lang('ThisFieldIsRequired'), 'required');
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addRule('poster_name', get_lang('ThisFieldIsRequired'), 'required');
    }
    // Validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            if (isset($values['thread_qualify_gradebook']) && $values['thread_qualify_gradebook'] == '1' && empty($values['weight_calification'])) {
                Display::display_error_message(get_lang('YouMustAssignWeightOfQualification') . '&nbsp;<a href="javascript:window.history.go(-1);">' . get_lang('Back') . '</a>', false);
                return false;
            }
            Security::clear_token();
            return $values;
        }
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        // Delete from $_SESSION forum attachment from other posts
        // and keep only attachments for new post
        clearAttachedFiles(FORUM_NEW_POST);
        // Get forum attachment ajax table to add it to form
        $attachmentAjaxTable = getAttachmentsAjaxTable(0, $current_forum['forum_id']);
        $ajaxHtml = $attachmentAjaxTable;
        $form->addElement('html', $ajaxHtml);
        $form->display();
    }
}
开发者ID:feroli1000,项目名称:chamilo-lms,代码行数:101,代码来源:forumfunction.inc.php

示例9: add

 /**
  * It's used for adding a course description,
  * render to listing or add view
  */
 public function add()
 {
     $course_description = new CourseDescription();
     $session_id = api_get_session_id();
     $course_description->set_session_id($session_id);
     $data = array();
     if (strtoupper($_SERVER['REQUEST_METHOD']) == "POST") {
         if (!empty($_POST['title']) && !empty($_POST['contentDescription'])) {
             $check = Security::check_token();
             if ($check) {
                 $title = $_POST['title'];
                 $content = $_POST['contentDescription'];
                 $description_type = $_POST['description_type'];
                 if ($description_type >= ADD_BLOCK) {
                     $course_description->set_description_type($description_type);
                     $course_description->set_title($title);
                     $course_description->set_content($content);
                     $course_description->insert(api_get_course_int_id());
                 }
                 Security::clear_token();
                 Display::addFlash(Display::return_message(get_lang('CourseDescriptionUpdated')));
             }
             $this->listing(false);
         } else {
             $data['error'] = 1;
             $data['default_description_titles'] = $course_description->get_default_description_title();
             $data['default_description_title_editable'] = $course_description->get_default_description_title_editable();
             $data['default_description_icon'] = $course_description->get_default_description_icon();
             $data['question'] = $course_description->get_default_question();
             $data['information'] = $course_description->get_default_information();
             $data['description_title'] = $_POST['title'];
             $data['description_content'] = $_POST['contentDescription'];
             $data['description_type'] = $_POST['description_type'];
             $this->view->set_data($data);
             $this->view->set_layout('layout');
             $this->view->set_template('add');
             $this->view->render();
         }
     } else {
         $data['default_description_titles'] = $course_description->get_default_description_title();
         $data['default_description_title_editable'] = $course_description->get_default_description_title_editable();
         $data['default_description_icon'] = $course_description->get_default_description_icon();
         $data['question'] = $course_description->get_default_question();
         $data['information'] = $course_description->get_default_information();
         $data['description_type'] = $course_description->get_max_description_type();
         // render to the view
         $this->view->set_data($data);
         $this->view->set_layout('layout');
         $this->view->set_template('add');
         $this->view->render();
     }
 }
开发者ID:secuencia24,项目名称:chamilo-lms,代码行数:56,代码来源:course_description_controller.php

示例10: thematic


//.........这里部分代码省略.........
                 break;
             case 'thematic_export':
                 $list = $thematic->get_thematic_list();
                 $csv = array();
                 $csv[] = array('type', 'data1', 'data2', 'data3');
                 foreach ($list as $theme) {
                     $csv[] = array('title', $theme['title'], $theme['content']);
                     $data = $thematic->get_thematic_plan_data($theme['id']);
                     if (!empty($data)) {
                         foreach ($data as $plan) {
                             $csv[] = array('plan', $plan['title'], $plan['description']);
                         }
                     }
                     $data = $thematic->get_thematic_advance_by_thematic_id($theme['id']);
                     if (!empty($data)) {
                         foreach ($data as $advance) {
                             $csv[] = array('progress', $advance['start_date'], $advance['duration'], $advance['content']);
                         }
                     }
                 }
                 Export::arrayToCsv($csv);
                 exit;
                 // Don't continue building a normal page.
                 return;
             case 'thematic_export_pdf':
                 $list = $thematic->get_thematic_list();
                 $table = array();
                 $table[] = array(get_lang('Thematic'), get_lang('ThematicPlan'), get_lang('ThematicAdvance'));
                 foreach ($list as $theme) {
                     $data = $thematic->get_thematic_plan_data($theme['id']);
                     $plan_html = null;
                     if (!empty($data)) {
                         foreach ($data as $plan) {
                             $plan_html .= '<strong>' . $plan['title'] . '</strong><br /> ' . $plan['description'] . '<br />';
                         }
                     }
                     $data = $thematic->get_thematic_advance_by_thematic_id($theme['id']);
                     $advance_html = null;
                     if (!empty($data)) {
                         foreach ($data as $advance) {
                             $advance_html .= api_convert_and_format_date($advance['start_date'], DATE_FORMAT_LONG) . ' (' . $advance['duration'] . ' ' . get_lang('HourShort') . ')<br />' . $advance['content'] . '<br />';
                         }
                     }
                     $table[] = array($theme['title'], $plan_html, $advance_html);
                 }
                 $params = array('filename' => get_lang('Thematic') . '-' . api_get_local_time(), 'pdf_title' => get_lang('Thematic'), 'add_signatures' => true, 'format' => 'A4-L', 'orientation' => 'L');
                 Export::export_table_pdf($table, $params);
                 break;
             case 'moveup':
                 $thematic->move_thematic('up', $thematic_id);
                 $action = 'thematic_details';
                 $thematic_id = null;
                 break;
             case 'movedown':
                 $thematic->move_thematic('down', $thematic_id);
                 $action = 'thematic_details';
                 $thematic_id = null;
                 break;
         }
         Security::clear_token();
     } else {
         $action = 'thematic_details';
         $thematic_id = null;
     }
     if (isset($thematic_id)) {
         $data['thematic_data'] = $thematic->get_thematic_list($thematic_id);
         $data['thematic_id'] = $thematic_id;
     }
     if ($action == 'thematic_details') {
         if (isset($thematic_id)) {
             $thematic_data_result = $thematic->get_thematic_list($thematic_id);
             if (!empty($thematic_data_result)) {
                 $thematic_data[$thematic_id] = $thematic_data_result;
             }
             $data['total_average_of_advances'] = $thematic->get_average_of_advances_by_thematic($thematic_id);
         } else {
             $thematic_data = $thematic->get_thematic_list(null, api_get_course_id(), api_get_session_id());
             $data['max_thematic_item'] = $thematic->get_max_thematic_item();
             $data['last_done_thematic_advance'] = $thematic->get_last_done_thematic_advance();
             $data['total_average_of_advances'] = $thematic->get_total_average_of_thematic_advances();
         }
         // Second column
         $thematic_plan_data = $thematic->get_thematic_plan_data();
         // Third column
         $thematic_advance_data = $thematic->get_thematic_advance_list(null, null, true);
         $data['thematic_plan_div'] = $thematic->get_thematic_plan_div($thematic_plan_data);
         $data['thematic_advance_div'] = $thematic->get_thematic_advance_div($thematic_advance_data);
         $data['thematic_plan_data'] = $thematic_plan_data;
         $data['thematic_advance_data'] = $thematic_advance_data;
         $data['thematic_data'] = $thematic_data;
     }
     $data['default_thematic_plan_title'] = $thematic->get_default_thematic_plan_title();
     $data['action'] = $action;
     $layoutName = $displayHeader ? 'layout' : 'layout_no_header';
     // render to the view
     $this->view->set_data($data);
     $this->view->set_layout($layoutName);
     $this->view->set_template('thematic');
     $this->view->render();
 }
开发者ID:KRCM13,项目名称:chamilo-lms,代码行数:101,代码来源:thematic_controller.php

示例11: add_edit_template


//.........这里部分代码省略.........
        $title = get_lang('AddTemplate');
    } else {
        $title = get_lang('EditTemplate');
    }
    $form->addElement('header', '', $title);
    // Setting the form elements: the title of the template.
    $form->addText('title', get_lang('Title'), false);
    // Setting the form elements: the content of the template (wysiwyg editor).
    $form->addHtmlEditor('template_text', get_lang('Text'), false, false, array('ToolbarSet' => 'AdminTemplates', 'Width' => '100%', 'Height' => '400'));
    // Setting the form elements: the form to upload an image to be used with the template.
    $form->addElement('file', 'template_image', get_lang('Image'), '');
    // Setting the form elements: a little bit information about the template image.
    $form->addElement('static', 'file_comment', '', get_lang('TemplateImageComment100x70'));
    // Getting all the information of the template when editing a template.
    if ($_GET['action'] == 'edit') {
        // Database table definition.
        $table_system_template = Database::get_main_table('system_template');
        $sql = "SELECT * FROM {$table_system_template} WHERE id = " . intval($_GET['id']) . "";
        $result = Database::query($sql);
        $row = Database::fetch_array($result);
        $defaults['template_id'] = intval($_GET['id']);
        $defaults['template_text'] = $row['content'];
        // Forcing get_lang().
        $defaults['title'] = get_lang($row['title']);
        // Adding an extra field: a hidden field with the id of the template we are editing.
        $form->addElement('hidden', 'template_id');
        // Adding an extra field: a preview of the image that is currently used.
        if (!empty($row['image'])) {
            $form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/' . $row['image'] . '" alt="' . get_lang('TemplatePreview') . '"/>');
        } else {
            $form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/noimage.gif" alt="' . get_lang('NoTemplatePreview') . '"/>');
        }
        // Setting the information of the template that we are editing.
        $form->setDefaults($defaults);
    }
    // Setting the form elements: the submit button.
    $form->addButtonSave(get_lang('Ok'), 'submit');
    // Setting the rules: the required fields.
    $form->addRule('template_image', get_lang('ThisFieldIsRequired'), 'required');
    $form->addRule('title', get_lang('ThisFieldIsRequired'), 'required');
    $form->addRule('template_text', get_lang('ThisFieldIsRequired'), 'required');
    // if the form validates (complies to all rules) we save the information, else we display the form again (with error message if needed)
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            // Exporting the values.
            $values = $form->exportValues();
            // Upload the file.
            if (!empty($_FILES['template_image']['name'])) {
                $upload_ok = process_uploaded_file($_FILES['template_image']);
                if ($upload_ok) {
                    // Try to add an extension to the file if it hasn't one.
                    $new_file_name = add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']);
                    // The upload directory.
                    $upload_dir = api_get_path(SYS_APP_PATH) . 'home/default_platform_document/template_thumb/';
                    // Create the directory if it does not exist.
                    if (!is_dir($upload_dir)) {
                        mkdir($upload_dir, api_get_permissions_for_new_directories());
                    }
                    // Resize the preview image to max default and upload.
                    $temp = new Image($_FILES['template_image']['tmp_name']);
                    $picture_info = $temp->get_image_info();
                    $max_width_for_picture = 100;
                    if ($picture_info['width'] > $max_width_for_picture) {
                        $temp->resize($max_width_for_picture);
                    }
                    $temp->send_image($upload_dir . $new_file_name);
                }
            }
            // Store the information in the database (as insert or as update).
            $table_system_template = Database::get_main_table('system_template');
            if ($_GET['action'] == 'add') {
                $content_template = Security::remove_XSS($values['template_text'], COURSEMANAGERLOWSECURITY);
                $params = ['title' => $values['title'], 'content' => $content_template, 'image' => $new_file_name];
                Database::insert($table_system_template, $params);
                // Display a feedback message.
                Display::display_confirmation_message(get_lang('TemplateAdded'));
                echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
            } else {
                $content_template = '<head>{CSS}<style type="text/css">.text{font-weight: normal;}</style></head><body>' . Database::escape_string($values['template_text']) . '</body>';
                $sql = "UPDATE {$table_system_template} set title = '" . Database::escape_string($values['title']) . "', content = '" . $content_template . "'";
                if (!empty($new_file_name)) {
                    $sql .= ", image = '" . Database::escape_string($new_file_name) . "'";
                }
                $sql .= " WHERE id = " . intval($_GET['id']) . "";
                Database::query($sql);
                // Display a feedback message.
                Display::display_confirmation_message(get_lang('TemplateEdited'));
            }
        }
        Security::clear_token();
        display_templates();
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        // Display the form.
        $form->display();
    }
}
开发者ID:omaoibrahim,项目名称:chamilo-lms,代码行数:101,代码来源:settings.lib.php

示例12: store_add_dropbox


//.........这里部分代码省略.........
    if ($thisIsAMailing && count($_POST['recipients']) != 1) {
        return get_lang('MailingSelectNoOther');
    }
    // we are doing a just upload but an additional recipient is selected.
    // note: why can't this be valid? It is like sending a document to yourself AND to a different person (I do this quite often with my e-mails)
    if ($thisIsJustUpload && count($_POST['recipients']) != 1) {
        return get_lang('MailingJustUploadSelectNoOther');
    }
    if (empty($_FILES['file']['name'])) {
        $error = true;
        return get_lang('NoFileSpecified');
    }
    // are we overwriting a previous file or sending a new one
    $dropbox_overwrite = false;
    if (isset($_POST['cb_overwrite']) && $_POST['cb_overwrite']) {
        $dropbox_overwrite = true;
    }
    // doing the upload
    $dropbox_filename = $_FILES['file']['name'];
    $dropbox_filesize = $_FILES['file']['size'];
    $dropbox_filetype = $_FILES['file']['type'];
    $dropbox_filetmpname = $_FILES['file']['tmp_name'];
    // check if the filesize does not exceed the allowed size.
    if ($dropbox_filesize <= 0 || $dropbox_filesize > $dropbox_cnf['maxFilesize']) {
        return get_lang('DropboxFileTooBig');
        // TODO: The "too big" message does not fit in the case of uploading zero-sized file.
    }
    // check if the file is actually uploaded
    if (!is_uploaded_file($dropbox_filetmpname)) {
        // check user fraud : no clean error msg.
        return get_lang('TheFileIsNotUploaded');
    }
    $upload_ok = process_uploaded_file($_FILES['file'], true);
    if (!$upload_ok) {
        return null;
    }
    // Try to add an extension to the file if it hasn't got one
    $dropbox_filename = add_ext_on_mime($dropbox_filename, $dropbox_filetype);
    // Replace dangerous characters
    $dropbox_filename = replace_dangerous_char($dropbox_filename);
    // Transform any .php file in .phps fo security
    $dropbox_filename = php2phps($dropbox_filename);
    //filter extension
    if (!filter_extension($dropbox_filename)) {
        return get_lang('UplUnableToSaveFileFilteredExtension');
    }
    // set title
    $dropbox_title = $dropbox_filename;
    // set author
    if (!isset($_POST['authors'])) {
        $_POST['authors'] = getUserNameFromId($_user['user_id']);
    }
    // note: I think we could better migrate everything from here on to separate functions: store_new_dropbox, store_new_mailing, store_just_upload
    if ($dropbox_overwrite) {
        $dropbox_person = new Dropbox_Person($_user['user_id'], api_is_course_admin(), api_is_course_tutor());
        foreach ($dropbox_person->sentWork as $w) {
            if ($w->title == $dropbox_filename) {
                if ($w->recipients[0]['id'] > dropbox_cnf('mailingIdBase') xor $thisIsAMailing) {
                    return get_lang('MailingNonMailingError');
                }
                if ($w->recipients[0]['id'] == $_user['user_id'] xor $thisIsJustUpload) {
                    return get_lang('MailingJustUploadSelectNoOther');
                }
                $dropbox_filename = $w->filename;
                $found = true;
                // note: do we still need this?
                break;
            }
        }
    } else {
        // rename file to login_filename_uniqueId format
        $dropbox_filename = getLoginFromId($_user['user_id']) . "_" . $dropbox_filename . "_" . uniqid('');
    }
    // creating the array that contains all the users who will receive the file
    $new_work_recipients = array();
    foreach ($_POST['recipients'] as $rec) {
        if (strpos($rec, 'user_') === 0) {
            $new_work_recipients[] = substr($rec, strlen('user_'));
        } elseif (strpos($rec, 'group_') === 0) {
            $userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_')));
            foreach ($userList as $usr) {
                if (!in_array($usr['user_id'], $new_work_recipients) && $usr['user_id'] != $_user['user_id']) {
                    $new_work_recipients[] = $usr['user_id'];
                }
            }
        }
    }
    @move_uploaded_file($dropbox_filetmpname, dropbox_cnf('sysPath') . '/' . $dropbox_filename);
    $b_send_mail = api_get_course_setting('email_alert_on_new_doc_dropbox');
    if ($b_send_mail) {
        foreach ($new_work_recipients as $recipient_id) {
            $recipent_temp = UserManager::get_user_info_by_id($recipient_id);
            $additionalParameters = array('smsType' => ClockworksmsPlugin::NEW_FILE_SHARED_COURSE_BY, 'userId' => $recipient_id, 'courseTitle' => $_course['title'], 'userUsername' => $recipent_temp['username']);
            api_mail_html(api_get_person_name($recipent_temp['firstname'] . ' ' . $recipent_temp['lastname'], null, PERSON_NAME_EMAIL_ADDRESS), $recipent_temp['email'], get_lang('NewDropboxFileUploaded'), get_lang('NewDropboxFileUploadedContent') . ' ' . api_get_path(WEB_CODE_PATH) . 'dropbox/index.php?cidReq=' . $_course['sysCode'] . "\n\n" . api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS) . "\n" . get_lang('Email') . " : " . $_user['mail'], api_get_person_name($_user['firstName'], $_user['lastName'], null, PERSON_NAME_EMAIL_ADDRESS), $_user['mail'], null, null, null, $additionalParameters);
        }
    }
    new Dropbox_SentWork($_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $new_work_recipients);
    Security::clear_token();
    return get_lang('FileUploadSucces');
}
开发者ID:annickvdp,项目名称:Chamilo1.9.10,代码行数:101,代码来源:dropbox_functions.inc.php

示例13: add

 /**
  * It's used for adding a course description,
  * render to listing or add view
  */
 public function add()
 {
     $course_description = new CourseDescription();
     $session_id = api_get_session_id();
     $course_description->set_session_id($session_id);
     $data = array();
     if (strtoupper($_SERVER['REQUEST_METHOD']) == "POST") {
         if (!empty($_POST['title']) && !empty($_POST['contentDescription'])) {
             $check = Security::check_token();
             if ($check) {
                 $title = $_POST['title'];
                 if (api_get_setting('wcag_anysurfer_public_pages') == 'true') {
                     $content = WCAG_Rendering::prepareXHTML();
                 } else {
                     $content = $_POST['contentDescription'];
                 }
                 $description_type = $_POST['description_type'];
                 if ($description_type >= ADD_BLOCK) {
                     $course_description->set_description_type($description_type);
                     $course_description->set_title($title);
                     $course_description->set_content($content);
                     $affected_rows = $course_description->insert(api_get_course_int_id());
                 }
                 Security::clear_token();
             }
             if ($affected_rows) {
                 $message['add'] = true;
             }
             $this->listing(false, $message);
         } else {
             $data['error'] = 1;
             $data['default_description_titles'] = $course_description->get_default_description_title();
             $data['default_description_title_editable'] = $course_description->get_default_description_title_editable();
             $data['default_description_icon'] = $course_description->get_default_description_icon();
             $data['question'] = $course_description->get_default_question();
             $data['information'] = $course_description->get_default_information();
             $data['description_title'] = $_POST['title'];
             $data['description_content'] = $_POST['contentDescription'];
             $data['description_type'] = $_POST['description_type'];
             $this->view->set_data($data);
             $this->view->set_layout('layout');
             $this->view->set_template('add');
             $this->view->render();
         }
     } else {
         $data['default_description_titles'] = $course_description->get_default_description_title();
         $data['default_description_title_editable'] = $course_description->get_default_description_title_editable();
         $data['default_description_icon'] = $course_description->get_default_description_icon();
         $data['question'] = $course_description->get_default_question();
         $data['information'] = $course_description->get_default_information();
         $data['description_type'] = $course_description->get_max_description_type();
         // render to the view
         $this->view->set_data($data);
         $this->view->set_layout('layout');
         $this->view->set_template('add');
         $this->view->render();
     }
 }
开发者ID:annickvdp,项目名称:Chamilo1.9.10,代码行数:62,代码来源:course_description_controller.php

示例14: show_add_post_form


//.........这里部分代码省略.........
    // If anonymous posts are allowed we also display a form to allow the user to put his name or username in.
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addElement('text', 'poster_name', get_lang('Name'));
        $form->applyFilter('poster_name', 'html_filter');
    }
    $form->addElement('text', 'post_title', get_lang('Title'));
    $form->addElement('html_editor', 'post_text', get_lang('Text'), true, api_is_allowed_to_edit(null, true) ? array('ToolbarSet' => 'Forum', 'Width' => '100%', 'Height' => '300') : array('ToolbarSet' => 'ForumStudent', 'Width' => '100%', 'Height' => '300', 'UserStatus' => 'student'));
    $form->addRule('post_text', get_lang('ThisFieldIsRequired'), 'required');
    $form->addElement('advanced_settings', '<a href="javascript://" onclick="return advanced_parameters()">
    						  <span id="img_plus_and_minus">&nbsp;' . Display::return_icon('div_show.gif', get_lang('Show'), array('style' => 'vertical-align:middle')) . ' ' . get_lang('AdvancedParameters') . '</span></a>');
    $form->addElement('html', '<div id="id_qualify" style="display:none">');
    if ((api_is_course_admin() || api_is_course_coach() || api_is_course_tutor()) && !$my_thread) {
        // Thread qualify
        if (Gradebook::is_active()) {
            //Loading gradebook select
            load_gradebook_select_in_tool($form);
            $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'), 'onclick="javascript:if(this.checked==true){document.getElementById(\'options_field\').style.display = \'block\';}else{document.getElementById(\'options_field\').style.display = \'none\';}"');
        } else {
            $form->addElement('hidden', 'thread_qualify_gradebook', false);
        }
        $form->addElement('html', '<div id="options_field" style="display:none">');
        $form->addElement('text', 'numeric_calification', get_lang('QualificationNumeric'));
        $form->applyFilter('numeric_calification', 'html_filter');
        $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'));
        $form->applyFilter('calification_notebook_title', 'html_filter');
        $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'), 'value="0.00" Style="width:40px" onfocus="javascript: this.select();"');
        $form->applyFilter('weight_calification', 'html_filter');
        $form->addElement('html', '</div>');
    }
    if ($forum_setting['allow_post_notification'] && isset($_user['user_id'])) {
        $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail') . ' (' . $_user['mail'] . ')');
    }
    if ($forum_setting['allow_sticky'] && api_is_allowed_to_edit(null, true) && $action == 'newthread') {
        $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost'));
    }
    if ($current_forum['allow_attachments'] == '1' || api_is_allowed_to_edit(null, true)) {
        $values = $form->exportValues();
    }
    // User upload
    $form->addElement('static', null, null, get_lang('AddAnAttachment'));
    $form->addElement('file', 'user_upload', get_lang('FileName'), '');
    $form->addElement('textarea', 'file_comment', get_lang('FileComment'), array('rows' => 4, 'cols' => 34));
    $form->applyFilter('file_comment', 'html_filter');
    $form->addElement('html', '</div>');
    $form->addElement('style_submit_button', 'SubmitPost', $text, 'class="' . $class . '"');
    $form->add_real_progress_bar('DocumentUpload', 'user_upload');
    if (!empty($form_values)) {
        $defaults['post_title'] = prepare4display($form_values['post_title']);
        $defaults['post_text'] = prepare4display($form_values['post_text']);
        $defaults['post_notification'] = strval(intval($form_values['post_notification']));
        $defaults['thread_sticky'] = strval(intval($form_values['thread_sticky']));
    }
    // If we are quoting a message we have to retrieve the information of the post we are quoting so that
    // we can add this as default to the textarea.
    if (($action == 'quote' || $action == 'replymessage') && isset($my_post)) {
        // We also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!)
        $form->addElement('hidden', 'post_parent_id', strval(intval($my_post)));
        // Note: This has to be cleaned first.
        // If we are replying or are quoting then we display a default title.
        $values = get_post_information($my_post);
        // Note: This has to be cleaned first.
        $defaults['post_title'] = get_lang('ReplyShort') . api_html_entity_decode($values['post_title'], ENT_QUOTES);
        // When we are quoting a message then we have to put that message into the wysiwyg editor.
        // Note: The style has to be hardcoded here because using class="quote" didn't work.
        if ($action == 'quote') {
            $defaults['post_text'] = '<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">' . get_lang('Quoting') . ' ' . api_get_person_name($values['firstname'], $values['lastname']) . ':</div><div style="color: #006600; font-size: 90%;	font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">' . prepare4display($values['post_text']) . '</div></div><div>&nbsp;</div><div>&nbsp;</div>';
        }
    }
    $form->setDefaults(isset($defaults) ? $defaults : null);
    // The course admin can make a thread sticky (=appears with special icon and always on top).
    $form->addRule('post_title', get_lang('ThisFieldIsRequired'), 'required');
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addRule('poster_name', get_lang('ThisFieldIsRequired'), 'required');
    }
    // Validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            if ($values['thread_qualify_gradebook'] == '1' && empty($values['weight_calification'])) {
                Display::display_error_message(get_lang('YouMustAssignWeightOfQualification') . '&nbsp;<a href="javascript:window.back()">' . get_lang('Back') . '</a>', false);
                return false;
            }
            Security::clear_token();
            return $values;
        }
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $iframe = null;
        if ($forum_setting['show_thread_iframe_on_reply'] && $action != 'newthread') {
            $iframe = "<iframe style=\"border: 1px solid black\" src=\"iframe_thread.php?forum=" . Security::remove_XSS($my_forum) . "&amp;thread=" . Security::remove_XSS($my_thread) . "#" . Security::remove_XSS($my_post) . "\" width=\"100%\"></iframe>";
        }
        if (!empty($iframe)) {
            $form->addElement('label', get_lang('Thread'), $iframe);
        }
        $form->display();
    }
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:101,代码来源:forumfunction.inc.php


注:本文中的Security::clear_token方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。