当前位置: 首页>>代码示例>>PHP>>正文


PHP Security::get_token方法代码示例

本文整理汇总了PHP中Security::get_token方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::get_token方法的具体用法?PHP Security::get_token怎么用?PHP Security::get_token使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Security的用法示例。


在下文中一共展示了Security::get_token方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: display_default

    function display_default()
    {
        $message = get_lang('RemoveOldDatabaseMessage');
        $message_table = get_lang('RemoveOldTables');
        $message_table .= "<br />" . implode(' , ', self::get_tables_to_delete());
        $token = Security::get_token();
        $url = $this->url(array(self::PARAM_ACTION => 'drop_old_databases', self::PARAM_SECURITY_TOKEN => $token));
        $url_table = $this->url(array(self::PARAM_ACTION => 'drop_old_tables', self::PARAM_SECURITY_TOKEN => $token));
        $go = get_lang('Go');
        $access_url_id = api_get_current_access_url_id();
        $message2 = '';
        if ($access_url_id === 1) {
            if (api_is_windows_os()) {
                $message2 .= get_lang('SpaceUsedOnSystemCannotBeMeasuredOnWindows');
            } else {
                $dir = api_get_path(SYS_PATH);
                $du = exec('du -sh ' . $dir, $err);
                list($size, $none) = explode("\t", $du);
                $limit = $_configuration[$url]['hosting_limit_disk_space'];
                $message2 .= sprintf(get_lang('TotalSpaceUsedByPortalXLimitIsYMB'), $size, $limit);
            }
        }
        if (!empty($message2)) {
            $message2 = '<li>' . $message2 . '</li>';
        }
        echo <<<EOT
        <ul>
        <li>
            <div>{$message}</div>        
            <a class="btn" href={$url}>{$go}</a>
        </li>
        <li>
            <div>{$message_table}</div>        
            <a class="btn" href={$url_table}>{$go}</a>
        </li>
        {$message2}
        </ul>
EOT;
    }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:39,代码来源:system_management.php

示例2: return_courses_in_categories

 /**
  * Display list of courses in a category.
  * (for anonymous users)
  *
  * @version 1.1
  * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University - refactoring and code cleaning
  * @author Julio Montoya <gugli100@gmail.com>, Beeznest template modifs
  * @assert () !== 0
  */
 public function return_courses_in_categories()
 {
     $result = '';
     $stok = Security::get_token();
     // Initialization.
     $user_identified = api_get_user_id() > 0 && !api_is_anonymous();
     $web_course_path = api_get_path(WEB_COURSE_PATH);
     $category = Database::escape_string($_GET['category']);
     $setting_show_also_closed_courses = api_get_setting('show_closed_courses') == 'true';
     // Database table definitions.
     $main_course_table = Database::get_main_table(TABLE_MAIN_COURSE);
     $main_category_table = Database::get_main_table(TABLE_MAIN_CATEGORY);
     // Get list of courses in category $category.
     $sql_get_course_list = "SELECT * FROM {$main_course_table} cours\n                                    WHERE category_code = '" . Database::escape_string($_GET['category']) . "'\n                                    ORDER BY title, UPPER(visual_code)";
     // Showing only the courses of the current access_url_id.
     if (api_is_multiple_url_enabled()) {
         $url_access_id = api_get_current_access_url_id();
         if ($url_access_id != -1) {
             $tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
             $sql_get_course_list = "SELECT * FROM {$main_course_table} as course INNER JOIN {$tbl_url_rel_course} as url_rel_course\n                        ON (url_rel_course.c_id = course.id)\n                        WHERE access_url_id = {$url_access_id} AND category_code = '" . Database::escape_string($_GET['category']) . "' ORDER BY title, UPPER(visual_code)";
         }
     }
     // Removed: AND cours.visibility='".COURSE_VISIBILITY_OPEN_WORLD."'
     $sql_result_courses = Database::query($sql_get_course_list);
     while ($course_result = Database::fetch_array($sql_result_courses)) {
         $course_list[] = $course_result;
     }
     $platform_visible_courses = '';
     // $setting_show_also_closed_courses
     if ($user_identified) {
         if ($setting_show_also_closed_courses) {
             $platform_visible_courses = '';
         } else {
             $platform_visible_courses = "  AND (t3.visibility='" . COURSE_VISIBILITY_OPEN_WORLD . "' OR t3.visibility='" . COURSE_VISIBILITY_OPEN_PLATFORM . "' )";
         }
     } else {
         if ($setting_show_also_closed_courses) {
             $platform_visible_courses = '';
         } else {
             $platform_visible_courses = "  AND (t3.visibility='" . COURSE_VISIBILITY_OPEN_WORLD . "' )";
         }
     }
     $sqlGetSubCatList = "\n                    SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse\n                    FROM {$main_category_table} t1\n                    LEFT JOIN {$main_category_table} t2 ON t1.code=t2.parent_id\n                    LEFT JOIN {$main_course_table} t3 ON (t3.category_code=t1.code {$platform_visible_courses})\n                    WHERE t1.parent_id " . (empty($category) ? "IS NULL" : "='{$category}'") . "\n                    GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name";
     // Showing only the category of courses of the current access_url_id
     if (api_is_multiple_url_enabled()) {
         $url_access_id = api_get_current_access_url_id();
         if ($url_access_id != -1) {
             $tbl_url_rel_course = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
             $sqlGetSubCatList = "\n                    SELECT t1.name,t1.code,t1.parent_id,t1.children_count,COUNT(DISTINCT t3.code) AS nbCourse\n                    FROM {$main_category_table} t1\n                    LEFT JOIN {$main_category_table} t2 ON t1.code=t2.parent_id\n                    LEFT JOIN {$main_course_table} t3 ON (t3.category_code=t1.code {$platform_visible_courses})\n                    INNER JOIN {$tbl_url_rel_course} as url_rel_course\n                        ON (url_rel_course.c_id = t3.id)\n                    WHERE access_url_id = {$url_access_id} AND t1.parent_id " . (empty($category) ? "IS NULL" : "='{$category}'") . "\n                    GROUP BY t1.name,t1.code,t1.parent_id,t1.children_count ORDER BY t1.tree_pos, t1.name";
         }
     }
     $resCats = Database::query($sqlGetSubCatList);
     $thereIsSubCat = false;
     if (Database::num_rows($resCats) > 0) {
         $htmlListCat = Display::page_header(get_lang('CatList'));
         $htmlListCat .= '<ul>';
         while ($catLine = Database::fetch_array($resCats)) {
             if ($catLine['code'] != $category) {
                 $category_has_open_courses = $this->category_has_open_courses($catLine['code']);
                 if ($category_has_open_courses) {
                     // The category contains courses accessible to anonymous visitors.
                     $htmlListCat .= '<li>';
                     $htmlListCat .= '<a href="' . api_get_self() . '?category=' . $catLine['code'] . '">' . $catLine['name'] . '</a>';
                     if (api_get_setting('show_number_of_courses') == 'true') {
                         $htmlListCat .= ' (' . $catLine['nbCourse'] . ' ' . get_lang('Courses') . ')';
                     }
                     $htmlListCat .= "</li>";
                     $thereIsSubCat = true;
                 } elseif ($catLine['children_count'] > 0) {
                     // The category has children, subcategories.
                     $htmlListCat .= '<li>';
                     $htmlListCat .= '<a href="' . api_get_self() . '?category=' . $catLine['code'] . '">' . $catLine['name'] . '</a>';
                     $htmlListCat .= "</li>";
                     $thereIsSubCat = true;
                 } elseif (api_get_setting('show_empty_course_categories') == 'true') {
                     $htmlListCat .= '<li>';
                     $htmlListCat .= $catLine['name'];
                     $htmlListCat .= "</li>";
                     $thereIsSubCat = true;
                 }
                 // Else don't set thereIsSubCat to true to avoid printing things if not requested.
             } else {
                 $htmlTitre = '<p>';
                 if (api_get_setting('show_back_link_on_top_of_tree') == 'true') {
                     $htmlTitre .= '<a href="' . api_get_self() . '">&lt;&lt; ' . get_lang('BackToHomePage') . '</a>';
                 }
                 if (!is_null($catLine['parent_id']) || api_get_setting('show_back_link_on_top_of_tree') != 'true' && !is_null($catLine['code'])) {
                     $htmlTitre .= '<a href="' . api_get_self() . '?category=' . $catLine['parent_id'] . '">&lt;&lt; ' . get_lang('Up') . '</a>';
                 }
                 $htmlTitre .= "</p>";
                 if ($category != "" && !is_null($catLine['code'])) {
//.........这里部分代码省略.........
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:101,代码来源:page.lib.php

示例3: add_category_form

function add_category_form($in_action, $type = 'simple')
{
    $in_action = Security::remove_XSS($in_action);
    // Initiate the object
    $form = new FormValidator('note', 'post', api_get_self() . '?' . api_get_cidreq() . '&action=' . $in_action . "&type=" . $type);
    // Setting the form elements
    $form->addElement('header', get_lang('AddACategory'));
    $form->addElement('text', 'category_name', get_lang('CategoryName'), array('class' => 'span6'));
    $form->add_html_editor('category_description', get_lang('CategoryDescription'), false, false, array('ToolbarSet' => 'test_category', 'Width' => '90%', 'Height' => '200'));
    $form->addElement('select', 'parent_id', get_lang('Parent'), array(), array('id' => 'parent_id'));
    $form->addElement('style_submit_button', 'SubmitNote', get_lang('AddTestCategory'), 'class="add"');
    // Setting the rules
    $form->addRule('category_name', get_lang('ThisFieldIsRequired'), 'required');
    // The validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->getSubmitValues();
            $parent_id = isset($values['parent_id']) && isset($values['parent_id'][0]) ? $values['parent_id'][0] : null;
            $objcat = new Testcategory(0, $values['category_name'], $values['category_description'], $parent_id, $type, api_get_course_int_id());
            if ($objcat->addCategoryInBDD()) {
                Display::display_confirmation_message(get_lang('AddCategoryDone'));
            } else {
                Display::display_confirmation_message(get_lang('AddCategoryNameAlreadyExists'));
            }
        }
        Security::clear_token();
        display_add_category($type);
        display_categories($type);
    } else {
        display_goback($type);
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $form->display();
    }
}
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:37,代码来源:tests_category.php

示例4: show_add_post_form


//.........这里部分代码省略.........
            GradebookUtils::load_gradebook_select_in_tool($form);
            $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'), 'onclick="javascript:if(this.checked==true){document.getElementById(\'options_field\').style.display = \'block\';}else{document.getElementById(\'options_field\').style.display = \'none\';}"');
        } else {
            $form->addElement('hidden', 'thread_qualify_gradebook', false);
        }
        $form->addElement('html', '<div id="options_field" style="display:none">');
        $form->addElement('text', 'numeric_calification', get_lang('QualificationNumeric'));
        $form->applyFilter('numeric_calification', 'html_filter');
        $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'));
        $form->applyFilter('calification_notebook_title', 'html_filter');
        $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'), array('value' => '0.00', 'onfocus' => "javascript: this.select();"));
        $form->applyFilter('weight_calification', 'html_filter');
        $group = array();
        $group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('Yes'), 1);
        $group[] = $form->createElement('radio', 'thread_peer_qualify', null, get_lang('No'), 0);
        $form->addGroup($group, '', [get_lang('ForumThreadPeerScoring'), get_lang('ForumThreadPeerScoringComment')], ' ');
        $form->addElement('html', '</div>');
    }
    if ($forum_setting['allow_post_notification'] && isset($_user['user_id'])) {
        $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail') . ' (' . $_user['mail'] . ')');
    }
    if ($forum_setting['allow_sticky'] && api_is_allowed_to_edit(null, true) && $action == 'newthread') {
        $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost'));
    }
    if ($current_forum['allow_attachments'] == '1' || api_is_allowed_to_edit(null, true)) {
        $values = $form->exportValues();
    }
    $form->addElement('html', '</div>');
    if (in_array($action, ['quote', 'replymessage'])) {
        $form->addFile('user_upload[]', get_lang('Attachment'));
        $form->addButton('add_attachment', get_lang('AddAttachment'), 'paperclip', 'default', 'default', null, ['id' => 'reply-add-attachment']);
    } else {
        $form->addFile('user_upload', get_lang('Attachment'));
    }
    // Setting the class and text of the form title and submit button.
    if ($action == 'quote') {
        $form->addButtonCreate(get_lang('QuoteMessage'), 'SubmitPost');
    } elseif ($action == 'replythread') {
        $form->addButtonCreate(get_lang('ReplyToThread'), 'SubmitPost');
    } elseif ($action == 'replymessage') {
        $form->addButtonCreate(get_lang('ReplyToMessage'), 'SubmitPost');
    } else {
        $form->addButtonCreate(get_lang('CreateThread'), 'SubmitPost');
    }
    if (!empty($form_values)) {
        $defaults['post_title'] = prepare4display($form_values['post_title']);
        $defaults['post_text'] = prepare4display($form_values['post_text']);
        $defaults['post_notification'] = strval(intval($form_values['post_notification']));
        $defaults['thread_sticky'] = strval(intval($form_values['thread_sticky']));
        $defaults['thread_peer_qualify'] = intval($form_values['thread_peer_qualify']);
    } else {
        $defaults['thread_peer_qualify'] = 0;
    }
    // If we are quoting a message we have to retrieve the information of the post we are quoting so that
    // we can add this as default to the textarea.
    if (($action == 'quote' || $action == 'replymessage') && isset($my_post)) {
        // We also need to put the parent_id of the post in a hidden form when
        // we are quoting or replying to a message (<> reply to a thread !!!)
        $form->addElement('hidden', 'post_parent_id', intval($my_post));
        // If we are replying or are quoting then we display a default title.
        $values = get_post_information($my_post);
        $defaults['post_title'] = get_lang('ReplyShort') . api_html_entity_decode($values['post_title'], ENT_QUOTES);
        // When we are quoting a message then we have to put that message into the wysiwyg editor.
        // Note: The style has to be hardcoded here because using class="quote" didn't work.
        if ($action == 'quote') {
            $defaults['post_text'] = '<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">' . get_lang('Quoting') . ' ' . api_get_person_name($values['firstname'], $values['lastname']) . ':</div><div style="color: #006600; font-size: 90%;  font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">' . prepare4display($values['post_text']) . '</div></div><div>&nbsp;</div><div>&nbsp;</div>';
        }
    }
    $form->setDefaults(isset($defaults) ? $defaults : null);
    // The course admin can make a thread sticky (=appears with special icon and always on top).
    $form->addRule('post_title', get_lang('ThisFieldIsRequired'), 'required');
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addRule('poster_name', get_lang('ThisFieldIsRequired'), 'required');
    }
    // Validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            if (isset($values['thread_qualify_gradebook']) && $values['thread_qualify_gradebook'] == '1' && empty($values['weight_calification'])) {
                Display::display_error_message(get_lang('YouMustAssignWeightOfQualification') . '&nbsp;<a href="javascript:window.history.go(-1);">' . get_lang('Back') . '</a>', false);
                return false;
            }
            Security::clear_token();
            return $values;
        }
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        // Delete from $_SESSION forum attachment from other posts
        // and keep only attachments for new post
        clearAttachedFiles(FORUM_NEW_POST);
        // Get forum attachment ajax table to add it to form
        $attachmentAjaxTable = getAttachmentsAjaxTable(0, $current_forum['forum_id']);
        $ajaxHtml = $attachmentAjaxTable;
        $form->addElement('html', $ajaxHtml);
        $form->display();
    }
}
开发者ID:feroli1000,项目名称:chamilo-lms,代码行数:101,代码来源:forumfunction.inc.php

示例5: sessionListBySearch

 /**
  * Show the Session Catalogue with filtered session by a query term
  * @param array $limit
  */
 public function sessionListBySearch(array $limit)
 {
     $q = isset($_REQUEST['q']) ? Security::remove_XSS($_REQUEST['q']) : null;
     $hiddenLinks = isset($_GET['hidden_links']) ? intval($_GET['hidden_links']) == 1 : false;
     $courseUrl = CourseCategoryManager::getCourseCategoryUrl(1, $limit['length'], null, 0, 'subscribe');
     $searchDate = isset($_POST['date']) ? $_POST['date'] : date('Y-m-d');
     $sessions = $this->model->browseSessionsBySearch($q, $limit);
     $sessionsBlocks = $this->getFormatedSessionsBlock($sessions);
     echo Container::getTemplating()->render('@temaplte_style/auth/session_catalog.html.twig', ['show_courses' => CoursesAndSessionsCatalog::showCourses(), 'show_sessions' => CoursesAndSessionsCatalog::showSessions(), 'show_tutor' => api_get_setting('session.show_session_coach') === 'true' ? true : false, 'course_url' => $courseUrl, 'already_subscribed_label' => $this->getAlreadyRegisteredInSessionLabel(), 'hidden_links' => $hiddenLinks, 'search_token' => Security::get_token(), 'search_date' => Security::remove_XSS($searchDate), 'search_tag' => Security::remove_XSS($q), 'sessions' => $sessionsBlocks]);
 }
开发者ID:omaoibrahim,项目名称:chamilo-lms,代码行数:14,代码来源:courses_controller.php

示例6: get_token

 public function get_token()
 {
     if (!$this->can_edit()) {
         return '';
     }
     if ($this->token) {
         return $this->token;
     }
     $this->session_token = $this->get_session_token();
     $this->token = \Security::get_token();
 }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:11,代码来源:access.class.php

示例7: Certificate

$this_section = SECTION_COURSES;
Display::display_header('');
if (isset($_GET['action']) && $_GET['action'] == 'delete') {
    $check = Security::check_token('get');
    if ($check) {
        $certificate = new Certificate($_GET['certificate_id']);
        $result = $certificate->delete(true);
        Security::clear_token();
        if ($result == true) {
            Display::display_confirmation_message(get_lang('CertificateRemoved'));
        } else {
            Display::display_error_message(get_lang('CertificateNotRemoved'));
        }
    }
}
$token = Security::get_token();
echo Display::page_header(get_lang('GradebookListOfStudentsCertificates'));
//@todo replace all this code with something like get_total_weight()
$cats = Category::load($cat_id, null, null, null, null, null, false);
if (!empty($cats)) {
    //with this fix the teacher only can view 1 gradebook
    if (api_is_platform_admin()) {
        $stud_id = api_is_allowed_to_edit() ? null : api_get_user_id();
    } else {
        $stud_id = api_get_user_id();
    }
    $total_weight = $cats[0]->get_weight();
    $allcat = $cats[0]->get_subcategories($stud_id, api_get_course_id(), api_get_session_id());
    $alleval = $cats[0]->get_evaluations($stud_id);
    $alllink = $cats[0]->get_links($stud_id);
    $datagen = new GradebookDataGenerator($allcat, $alleval, $alllink);
开发者ID:KRCM13,项目名称:chamilo-lms,代码行数:31,代码来源:gradebook_display_certificate.php

示例8: add_category_form

/**
 * form to add a category
 * @todo move to TestCategory.class.php
 * @param string $action
 */
function add_category_form($action)
{
    $action = Security::remove_XSS($action);
    // initiate the object
    $form = new FormValidator('note', 'post', api_get_self() . '?action=' . $action);
    // Setting the form elements
    $form->addElement('header', get_lang('AddACategory'));
    $form->addElement('text', 'category_name', get_lang('CategoryName'), array('size' => '95'));
    $form->addHtmlEditor('category_description', get_lang('CategoryDescription'), false, false, array('ToolbarSet' => 'test_category', 'Height' => '200'));
    $form->addButtonCreate(get_lang('AddTestCategory'), 'SubmitNote');
    // setting the rules
    $form->addRule('category_name', get_lang('ThisFieldIsRequired'), 'required');
    // The validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            $v_name = Security::remove_XSS($values['category_name'], COURSEMANAGER);
            $v_description = Security::remove_XSS($values['category_description'], COURSEMANAGER);
            $objcat = new TestCategory(0, $v_name, $v_description);
            if ($objcat->addCategoryInBDD()) {
                Display::display_confirmation_message(get_lang('AddCategoryDone'));
            } else {
                Display::display_confirmation_message(get_lang('AddCategoryNameAlreadyExists'));
            }
        }
        Security::clear_token();
    } else {
        display_goback();
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $form->display();
    }
}
开发者ID:secuencia24,项目名称:chamilo-lms,代码行数:40,代码来源:tests_category.php

示例9: display_form

function display_form()
{
    $html = '';
    $sessions = SessionManager::get_sessions_list(array(), array('name', 'ASC'));
    // Actions
    $html .= '<div class="actions">';
    // Link back to the documents overview
    $html .= '<a href="../admin/index.php">' . Display::return_icon('back.png', get_lang('BackTo') . ' ' . get_lang('PlatformAdmin'), '', ICON_SIZE_MEDIUM) . '</a>';
    $html .= '</div>';
    $html .= Display::return_message(get_lang('CopyCourseFromSessionToSessionExplanation'));
    $html .= '<form name="formulaire" method="post" action="' . api_get_self() . '" >';
    $html .= '<table border="0" cellpadding="5" cellspacing="0" width="100%">';
    // origin
    $html .= '<tr><td width="15%"><b>' . get_lang('OriginCoursesFromSession') . ':</b></td>';
    $html .= '<td width="10%" align="left">' . make_select_session_list('sessions_list_origin', $sessions, array('onchange' => 'javascript: xajax_search_courses(this.value,\'origin\');')) . '</td>';
    $html .= '<td width="50%"><div id="ajax_list_courses_origin">';
    $html .= '<select id="origin" name="SessionCoursesListOrigin[]"  style="width:380px;"></select></div></td></tr>';
    //destination
    $html .= '<tr><td width="15%"><b>' . get_lang('DestinationCoursesFromSession') . ':</b></td>';
    $html .= '<td width="10%" align="left"><div id="ajax_sessions_list_destination">';
    $html .= '<select name="sessions_list_destination" onchange="javascript: xajax_search_courses(this.value,\'destination\');">';
    $html .= '<option value = "0">' . get_lang('ThereIsNotStillASession') . '</option></select ></div></td>';
    $html .= '<td width="50%">';
    $html .= '<div id="ajax_list_courses_destination">';
    $html .= '<select id="destination" name="SessionCoursesListDestination[]" style="width:380px;" ></select></div></td>';
    $html .= '</tr></table>';
    $html .= '<h4>' . get_lang('TypeOfCopy') . '</h4>';
    $html .= '<label class="radio"><input type="radio" id="copy_option_1" name="copy_option" value="full_copy" checked="checked"/>';
    $html .= get_lang('FullCopy') . '</label><br/>';
    $html .= '<label class="radio"><input type="radio" id="copy_option_2" name="copy_option" value="select_items" disabled="disabled"/>';
    $html .= ' ' . get_lang('LetMeSelectItems') . '</label><br/>';
    $html .= '<label class="checkbox"><input type="checkbox" id="copy_base_content_id" name="copy_only_session_items" />' . get_lang('CopyOnlySessionItems') . '</label><br /><br/>';
    $html .= '<button class="btn btn-success" type="submit" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES)) . "'" . ')) return false;"><i class="fa fa-files-o"></i> ' . get_lang('CopyCourse') . '</button>';
    // Add Security token
    $html .= '<input type="hidden" value="' . Security::get_token() . '" name="sec_token">';
    $html .= '</form>';
    echo $html;
}
开发者ID:KRCM13,项目名称:chamilo-lms,代码行数:38,代码来源:copy_course_session.php

示例10: feedback_form

/**
* this function returns the code for the form for adding a new feedback message to a dropbox file.
* @return html code
*
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
* @version march 2006
*/
function feedback_form()
{
    $return = get_lang('AddNewFeedback') . '<br />';
    $number_users_who_see_file = check_if_file_exist($_GET['id']);
    if ($number_users_who_see_file) {
        $token = Security::get_token();
        $return .= '<textarea name="feedback" style="width: 80%; height: 80px;"></textarea>';
        $return .= '<input type="hidden" name="sec_token" value="' . $token . '"/>';
        $return .= '<br /><button type="submit" class="add" name="store_feedback" value="' . get_lang('Ok') . '"
                    onclick="javascript: document.form_dropbox.attributes.action.value = document.location;">' . get_lang('AddComment') . '</button>';
    } else {
        $return .= get_lang('AllUsersHaveDeletedTheFileAndWillNotSeeFeedback');
    }
    return $return;
}
开发者ID:annickvdp,项目名称:Chamilo1.9.10,代码行数:22,代码来源:dropbox_functions.inc.php

示例11: process_hot_course_item

 public static function process_hot_course_item($courses, $my_course_code_list = array())
 {
     $ajax_url = api_get_path(WEB_AJAX_PATH) . 'course.ajax.php?a=add_course_vote';
     foreach ($courses as &$my_course) {
         $course_info = api_get_course_info_by_id($my_course['c_id']);
         $my_course['extra_info'] = $course_info;
         $my_course['extra_info']['go_to_course_button'] = '';
         $my_course['extra_info']['register_button'] = '';
         $access_link = self::get_access_link_by_user(api_get_user_id(), $course_info, $my_course_code_list);
         //Course visibility
         if ($access_link && in_array('register', $access_link)) {
             $stok = Security::get_token();
             $my_course['extra_info']['register_button'] = Display::url(get_lang('Subscribe'), api_get_path(WEB_COURSE_PATH) . $course_info['path'] . '/index.php?action=subscribe&amp;sec_token=' . $stok, array('class' => 'btn btn-primary'));
         }
         if ($access_link && in_array('enter', $access_link)) {
             $my_course['extra_info']['go_to_course_button'] = Display::url(get_lang('GoToCourse'), api_get_path(WEB_COURSE_PATH) . $course_info['path'] . '/index.php', array('class' => 'btn btn-primary'));
         }
         // Description
         $my_course['extra_info']['description_button'] = '';
         if ($course_info['visibility'] == COURSE_VISIBILITY_OPEN_WORLD || in_array($course_info['real_id'], $my_course_code_list)) {
             $my_course['extra_info']['description_button'] = Display::url(get_lang('Description'), api_get_path(WEB_AJAX_PATH) . 'course_home.ajax.php?a=show_course_information&amp;code=' . $course_info['code'], array('class' => 'ajax btn btn-default'));
         }
         $my_course['extra_info']['teachers'] = CourseManager::get_teacher_list_from_course_code_to_string($course_info['real_id']);
         $point_info = self::get_course_ranking($course_info['real_id'], 0);
         $my_course['extra_info']['rating_html'] = Display::return_rating_system('star_' . $course_info['real_id'], $ajax_url . '&amp;course_id=' . $course_info['real_id'], $point_info);
     }
     return $courses;
 }
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:28,代码来源:course.lib.php

示例12: security_token

 /**
  * Returns the current secuirty token. Used to avoid see surfing attacks.
  * 
  * @return type 
  */
 static function security_token()
 {
     static $result = null;
     if (empty($result)) {
         $result = Security::get_token();
     }
     return $result;
 }
开发者ID:annickvdp,项目名称:Chamilo1.9.10,代码行数:13,代码来源:portfolio.class.php

示例13: show_add_post_form


//.........这里部分代码省略.........
    // If anonymous posts are allowed we also display a form to allow the user to put his name or username in.
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addElement('text', 'poster_name', get_lang('Name'));
        $form->applyFilter('poster_name', 'html_filter');
    }
    $form->addElement('text', 'post_title', get_lang('Title'));
    $form->addElement('html_editor', 'post_text', get_lang('Text'), true, api_is_allowed_to_edit(null, true) ? array('ToolbarSet' => 'Forum', 'Width' => '100%', 'Height' => '300') : array('ToolbarSet' => 'ForumStudent', 'Width' => '100%', 'Height' => '300', 'UserStatus' => 'student'));
    $form->addRule('post_text', get_lang('ThisFieldIsRequired'), 'required');
    $form->addElement('advanced_settings', '<a href="javascript://" onclick="return advanced_parameters()">
    						  <span id="img_plus_and_minus">&nbsp;' . Display::return_icon('div_show.gif', get_lang('Show'), array('style' => 'vertical-align:middle')) . ' ' . get_lang('AdvancedParameters') . '</span></a>');
    $form->addElement('html', '<div id="id_qualify" style="display:none">');
    if ((api_is_course_admin() || api_is_course_coach() || api_is_course_tutor()) && !$my_thread) {
        // Thread qualify
        if (Gradebook::is_active()) {
            //Loading gradebook select
            load_gradebook_select_in_tool($form);
            $form->addElement('checkbox', 'thread_qualify_gradebook', '', get_lang('QualifyThreadGradebook'), 'onclick="javascript:if(this.checked==true){document.getElementById(\'options_field\').style.display = \'block\';}else{document.getElementById(\'options_field\').style.display = \'none\';}"');
        } else {
            $form->addElement('hidden', 'thread_qualify_gradebook', false);
        }
        $form->addElement('html', '<div id="options_field" style="display:none">');
        $form->addElement('text', 'numeric_calification', get_lang('QualificationNumeric'));
        $form->applyFilter('numeric_calification', 'html_filter');
        $form->addElement('text', 'calification_notebook_title', get_lang('TitleColumnGradebook'));
        $form->applyFilter('calification_notebook_title', 'html_filter');
        $form->addElement('text', 'weight_calification', get_lang('QualifyWeight'), 'value="0.00" Style="width:40px" onfocus="javascript: this.select();"');
        $form->applyFilter('weight_calification', 'html_filter');
        $form->addElement('html', '</div>');
    }
    if ($forum_setting['allow_post_notification'] && isset($_user['user_id'])) {
        $form->addElement('checkbox', 'post_notification', '', get_lang('NotifyByEmail') . ' (' . $_user['mail'] . ')');
    }
    if ($forum_setting['allow_sticky'] && api_is_allowed_to_edit(null, true) && $action == 'newthread') {
        $form->addElement('checkbox', 'thread_sticky', '', get_lang('StickyPost'));
    }
    if ($current_forum['allow_attachments'] == '1' || api_is_allowed_to_edit(null, true)) {
        $values = $form->exportValues();
    }
    // User upload
    $form->addElement('static', null, null, get_lang('AddAnAttachment'));
    $form->addElement('file', 'user_upload', get_lang('FileName'), '');
    $form->addElement('textarea', 'file_comment', get_lang('FileComment'), array('rows' => 4, 'cols' => 34));
    $form->applyFilter('file_comment', 'html_filter');
    $form->addElement('html', '</div>');
    $form->addElement('style_submit_button', 'SubmitPost', $text, 'class="' . $class . '"');
    $form->add_real_progress_bar('DocumentUpload', 'user_upload');
    if (!empty($form_values)) {
        $defaults['post_title'] = prepare4display($form_values['post_title']);
        $defaults['post_text'] = prepare4display($form_values['post_text']);
        $defaults['post_notification'] = strval(intval($form_values['post_notification']));
        $defaults['thread_sticky'] = strval(intval($form_values['thread_sticky']));
    }
    // If we are quoting a message we have to retrieve the information of the post we are quoting so that
    // we can add this as default to the textarea.
    if (($action == 'quote' || $action == 'replymessage') && isset($my_post)) {
        // We also need to put the parent_id of the post in a hidden form when we are quoting or replying to a message (<> reply to a thread !!!)
        $form->addElement('hidden', 'post_parent_id', strval(intval($my_post)));
        // Note: This has to be cleaned first.
        // If we are replying or are quoting then we display a default title.
        $values = get_post_information($my_post);
        // Note: This has to be cleaned first.
        $defaults['post_title'] = get_lang('ReplyShort') . api_html_entity_decode($values['post_title'], ENT_QUOTES);
        // When we are quoting a message then we have to put that message into the wysiwyg editor.
        // Note: The style has to be hardcoded here because using class="quote" didn't work.
        if ($action == 'quote') {
            $defaults['post_text'] = '<div>&nbsp;</div><div style="margin: 5px;"><div style="font-size: 90%; font-style: italic;">' . get_lang('Quoting') . ' ' . api_get_person_name($values['firstname'], $values['lastname']) . ':</div><div style="color: #006600; font-size: 90%;	font-style: italic; background-color: #FAFAFA; border: #D1D7DC 1px solid; padding: 3px;">' . prepare4display($values['post_text']) . '</div></div><div>&nbsp;</div><div>&nbsp;</div>';
        }
    }
    $form->setDefaults(isset($defaults) ? $defaults : null);
    // The course admin can make a thread sticky (=appears with special icon and always on top).
    $form->addRule('post_title', get_lang('ThisFieldIsRequired'), 'required');
    if ($current_forum['allow_anonymous'] == 1 && !isset($_user['user_id'])) {
        $form->addRule('poster_name', get_lang('ThisFieldIsRequired'), 'required');
    }
    // Validation or display
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            $values = $form->exportValues();
            if ($values['thread_qualify_gradebook'] == '1' && empty($values['weight_calification'])) {
                Display::display_error_message(get_lang('YouMustAssignWeightOfQualification') . '&nbsp;<a href="javascript:window.back()">' . get_lang('Back') . '</a>', false);
                return false;
            }
            Security::clear_token();
            return $values;
        }
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        $iframe = null;
        if ($forum_setting['show_thread_iframe_on_reply'] && $action != 'newthread') {
            $iframe = "<iframe style=\"border: 1px solid black\" src=\"iframe_thread.php?forum=" . Security::remove_XSS($my_forum) . "&amp;thread=" . Security::remove_XSS($my_thread) . "#" . Security::remove_XSS($my_post) . "\" width=\"100%\"></iframe>";
        }
        if (!empty($iframe)) {
            $form->addElement('label', get_lang('Thread'), $iframe);
        }
        $form->display();
    }
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:101,代码来源:forumfunction.inc.php

示例14: display_data

 function display_data($return = false)
 {
     $count = array($this, 'count');
     $data = array($this, 'get_data');
     $parameters = array();
     $parameters['sec_token'] = Security::get_token();
     $parameters['ceiling'] = $this->get_ceiling();
     $parameters['active_only'] = $this->get_active_only() ? 'true' : 'false';
     $additional_parameters = $this->get_additional_parameters();
     $parameters = array_merge($additional_parameters, $parameters);
     $table = new SortableTable('users', $count, $data, 1, 50);
     $table->set_additional_parameters($parameters);
     $col = 0;
     $table->set_header($col++, '', false);
     $table->set_header($col++, get_lang('Code'));
     $table->set_header($col++, get_lang('FirstName'));
     $table->set_header($col++, get_lang('LastName'));
     $table->set_header($col++, get_lang('LoginName'));
     $table->set_header($col++, get_lang('Email'));
     $table->set_header($col++, get_lang('Profile'));
     $table->set_header($col++, get_lang('AuthenticationSource'));
     $table->set_header($col++, get_lang('RegisteredDate'));
     $table->set_header($col++, get_lang('LastAccess'), false);
     $table->set_header($col++, get_lang('Active'), false);
     $table->set_column_filter(5, array($this, 'format_email'));
     $table->set_column_filter(6, array($this, 'format_status'));
     $table->set_column_filter(10, array($this, 'format_active'));
     $table->set_form_actions(array('activate' => get_lang('Activate'), 'deactivate' => get_lang('Deactivate'), 'delete' => get_lang('Delete')));
     if ($return) {
         return $table->return_table();
     } else {
         echo $table->return_table();
     }
 }
开发者ID:omaoibrahim,项目名称:chamilo-lms,代码行数:34,代码来源:zombie_report.class.php

示例15: add_edit_template


//.........这里部分代码省略.........
        $title = get_lang('AddTemplate');
    } else {
        $title = get_lang('EditTemplate');
    }
    $form->addElement('header', '', $title);
    // Setting the form elements: the title of the template.
    $form->addText('title', get_lang('Title'), false);
    // Setting the form elements: the content of the template (wysiwyg editor).
    $form->addHtmlEditor('template_text', get_lang('Text'), false, false, array('ToolbarSet' => 'AdminTemplates', 'Width' => '100%', 'Height' => '400'));
    // Setting the form elements: the form to upload an image to be used with the template.
    $form->addElement('file', 'template_image', get_lang('Image'), '');
    // Setting the form elements: a little bit information about the template image.
    $form->addElement('static', 'file_comment', '', get_lang('TemplateImageComment100x70'));
    // Getting all the information of the template when editing a template.
    if ($_GET['action'] == 'edit') {
        // Database table definition.
        $table_system_template = Database::get_main_table('system_template');
        $sql = "SELECT * FROM {$table_system_template} WHERE id = " . intval($_GET['id']) . "";
        $result = Database::query($sql);
        $row = Database::fetch_array($result);
        $defaults['template_id'] = intval($_GET['id']);
        $defaults['template_text'] = $row['content'];
        // Forcing get_lang().
        $defaults['title'] = get_lang($row['title']);
        // Adding an extra field: a hidden field with the id of the template we are editing.
        $form->addElement('hidden', 'template_id');
        // Adding an extra field: a preview of the image that is currently used.
        if (!empty($row['image'])) {
            $form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/' . $row['image'] . '" alt="' . get_lang('TemplatePreview') . '"/>');
        } else {
            $form->addElement('static', 'template_image_preview', '', '<img src="' . api_get_path(WEB_APP_PATH) . 'home/default_platform_document/template_thumb/noimage.gif" alt="' . get_lang('NoTemplatePreview') . '"/>');
        }
        // Setting the information of the template that we are editing.
        $form->setDefaults($defaults);
    }
    // Setting the form elements: the submit button.
    $form->addButtonSave(get_lang('Ok'), 'submit');
    // Setting the rules: the required fields.
    $form->addRule('template_image', get_lang('ThisFieldIsRequired'), 'required');
    $form->addRule('title', get_lang('ThisFieldIsRequired'), 'required');
    $form->addRule('template_text', get_lang('ThisFieldIsRequired'), 'required');
    // if the form validates (complies to all rules) we save the information, else we display the form again (with error message if needed)
    if ($form->validate()) {
        $check = Security::check_token('post');
        if ($check) {
            // Exporting the values.
            $values = $form->exportValues();
            // Upload the file.
            if (!empty($_FILES['template_image']['name'])) {
                $upload_ok = process_uploaded_file($_FILES['template_image']);
                if ($upload_ok) {
                    // Try to add an extension to the file if it hasn't one.
                    $new_file_name = add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']);
                    // The upload directory.
                    $upload_dir = api_get_path(SYS_APP_PATH) . 'home/default_platform_document/template_thumb/';
                    // Create the directory if it does not exist.
                    if (!is_dir($upload_dir)) {
                        mkdir($upload_dir, api_get_permissions_for_new_directories());
                    }
                    // Resize the preview image to max default and upload.
                    $temp = new Image($_FILES['template_image']['tmp_name']);
                    $picture_info = $temp->get_image_info();
                    $max_width_for_picture = 100;
                    if ($picture_info['width'] > $max_width_for_picture) {
                        $temp->resize($max_width_for_picture);
                    }
                    $temp->send_image($upload_dir . $new_file_name);
                }
            }
            // Store the information in the database (as insert or as update).
            $table_system_template = Database::get_main_table('system_template');
            if ($_GET['action'] == 'add') {
                $content_template = Security::remove_XSS($values['template_text'], COURSEMANAGERLOWSECURITY);
                $params = ['title' => $values['title'], 'content' => $content_template, 'image' => $new_file_name];
                Database::insert($table_system_template, $params);
                // Display a feedback message.
                Display::display_confirmation_message(get_lang('TemplateAdded'));
                echo '<a href="settings.php?category=Templates&action=add">' . Display::return_icon('new_template.png', get_lang('AddTemplate'), '', ICON_SIZE_MEDIUM) . '</a>';
            } else {
                $content_template = '<head>{CSS}<style type="text/css">.text{font-weight: normal;}</style></head><body>' . Database::escape_string($values['template_text']) . '</body>';
                $sql = "UPDATE {$table_system_template} set title = '" . Database::escape_string($values['title']) . "', content = '" . $content_template . "'";
                if (!empty($new_file_name)) {
                    $sql .= ", image = '" . Database::escape_string($new_file_name) . "'";
                }
                $sql .= " WHERE id = " . intval($_GET['id']) . "";
                Database::query($sql);
                // Display a feedback message.
                Display::display_confirmation_message(get_lang('TemplateEdited'));
            }
        }
        Security::clear_token();
        display_templates();
    } else {
        $token = Security::get_token();
        $form->addElement('hidden', 'sec_token');
        $form->setConstants(array('sec_token' => $token));
        // Display the form.
        $form->display();
    }
}
开发者ID:omaoibrahim,项目名称:chamilo-lms,代码行数:101,代码来源:settings.lib.php


注:本文中的Security::get_token方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。