PageRenderTime 73ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/community/www/administrator.php

https://github.com/svn2github/efront-lms
PHP | 408 lines | 276 code | 37 blank | 95 comment | 103 complexity | 669856dd3003b0052e844e3d2c7b832c MD5 | raw file
Possible License(s): BSD-3-Clause, MPL-2.0-no-copyleft-exception, LGPL-3.0 
    

  1. <?php
    2. 

  2. /**
    3. 

    4. 

  4.  * Administrator main page
    5. 

    6. 

  6.  *
    7. 

    8. 

  8.  * This page performs all administrative functions.
    9. 

    10. 

  10.  * @package eFront
    11. 

    12. 

  12.  * @version 3.6.0
    13. 

    14. 

  14.  */
    15. 

  15. session_cache_limiter('none'); //Initialize session
    16. 

  16. session_start();
    17. 

  17. $path = "../libraries/"; //Define default path
    18. 

  18. /** The configuration file.*/
    19. 

  19. require_once $path."configuration.php";
    20. 

  20. $benchmark = new EfrontBenchmark($debug_TimeStart);
    21. 

  21. $benchmark -> set('init');
    22. 

  22. //Set headers in order to eliminate browser cache (especially IE's)
    23. 

  23. header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
    24. 

  24. header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
    25. 

  25. //pr($_SESSION);
    26. 

  26. //If the page is shown as a popup, make sure it remains in such mode
    27. 

  27. if (!isset($_GET['reset_popup']) && (isset($_GET['popup']) || isset($_POST['popup']) || (isset($_SERVER['HTTP_REFERER']) && strpos(strtolower($_SERVER['HTTP_REFERER']), 'popup') !== false && strpos(strtolower($_SERVER['HTTP_REFERER']), 'reset_popup') === false && !strpos(strtolower($_SERVER['HTTP_REFERER']), 'evaluation')))) {
    28. 

  28.     output_add_rewrite_var('popup', 1);
    29. 

  29.     $smarty -> assign("T_POPUP_MODE", true);
    30. 

  30.     $popup = 1;
    31. 

  31. }
    32. 

  32. $message = $message_type = $search_message = '' ; //Initialize messages, because if register_globals is turned on, some messages will be displayed twice
    33. 

  33. $load_editor = false;
    34. 

  34. $loadScripts = array();
    35. 

  35. try {
    36. 

  36.  $currentUser = EfrontUser :: checkUserAccess('administrator');
    37. 

  37.  $smarty -> assign("T_CURRENT_USER", $currentUser);
    38. 

  38. } catch (Exception $e) {
    39. 

  39.  if ($e -> getCode() == EfrontUserException :: USER_NOT_LOGGED_IN && !isset($_GET['ajax'])) {
    40. 

  40.   setcookie('c_request', htmlspecialchars_decode(basename($_SERVER['REQUEST_URI'])), time() + 300, false, false, false, true);
    41. 

  41.  }
    42. 

  42.  eF_redirect("index.php?ctg=expired");
    43. 

  43.  exit;
    44. 

  44. }
    45. 

  45. if (isset($_SESSION['s_index_comply'])) {
    46. 

  46.  eF_redirect("index.php?ctg=".$_SESSION['s_index_comply']);
    47. 

  47.  exit;
    48. 

  48. }
    49. 

  49. 

  50. 

  51. if (!isset($_GET['ajax']) && !isset($_GET['postAjaxRequest']) && !isset($popup) && !isset($_GET['tabberajax'])) {
    52. 

  52.  $_SESSION['previousMainUrl'] = $_SERVER['REQUEST_URI'];
    53. 

  53. }
    54. 

  54. 

  55. if (isset($_COOKIE['c_request']) && $_COOKIE['c_request']) {
    56. 

  56.  setcookie('c_request', '', time() - 86400);
    57. 

  57.     if (mb_strpos($_COOKIE['c_request'], '.php') !== false) {
    58. 

  58.      $urlParts = parse_url($_COOKIE['c_request']);
    59. 

  59.      if (basename($urlParts['path']) == 'administrator.php') {
    60. 

  60.          eF_redirect($_COOKIE['c_request']);
    61. 

  61.      }
    62. 

  62.     } else {
    63. 

  63.         eF_redirect($_SESSION['s_type'].'.php?'.$_COOKIE['c_request']);
    64. 

  64.     }
    65. 

  65. }
    66. 

  66. 

  67. 

  68. $smarty->assign("T_HOME_LINK", "administrator.php"); //leave here for modules to know
    69. 

  69. 

  70. try {
    71. 

  71.  $loadedModules = $currentUser -> getModules();
    72. 

  72.  $module_css_array = array();
    73. 

  73.  $module_js_array = array();
    74. 

  74. 

  75.  // Include module languages
    76. 

  76.  foreach ($loadedModules as $module) {
    77. 

  77.   // The $setLanguage variable is defined in globals.php
    78. 

  78.   $mod_lang_file = $module -> getLanguageFile($setLanguage);
    79. 

  79.   if (is_file ($mod_lang_file)) {
    80. 

  80.    require_once $mod_lang_file;
    81. 

  81.   }
    82. 

  82. 

  83.   // Get module css
    84. 

  84.   if($mod_css_file = $module -> getModuleCSS()) {
    85. 

  85.    if (is_file ($mod_css_file)) {
    86. 

  86. 

  87.     // Get the relative path
    88. 

  88.     if ($position = strpos($mod_css_file, "modules")) {
    89. 

  89.      $mod_css_file = substr($mod_css_file, $position);
    90. 

  90.     }
    91. 

  91.     $module_css_array[] = $mod_css_file;
    92. 

  92.    }
    93. 

  93.   }
    94. 

  94. 

  95.   // Get module js
    96. 

  96.   if($mod_js_file = $module -> getModuleJS()) {
    97. 

  97.    if (is_file($mod_js_file)) {
    98. 

  98.     // Get the relative path
    99. 

  99.     if ($position = strpos($mod_js_file, "modules")) {
    100. 

  100.      $mod_js_file = substr($mod_js_file, $position);
    101. 

  101.     }
    102. 

  102. 

  103.     $module_js_array[] = $mod_js_file;
    104. 

  104.    }
    105. 

  105.   }
    106. 

  106. 

  107.   // Run onNewPageLoad code of the module (if such is defined)
    108. 

  108.   $module -> onNewPageLoad();
    109. 

  109.  }
    110. 

  110. } catch (Exception $e) {
    111. 

  111.  handleNormalFlowExceptions($e);
    112. 

  112. }
    113. 

  113. /*Added Session variable for search results*/
    114. 

  114. $_SESSION['referer'] = $_SERVER['REQUEST_URI'];
    115. 

  115. 

  116. /*Horizontal menus*/
    117. 

  117. $onlineUsers = EfrontUser :: getUsersOnline($GLOBALS['configuration']['autologout_time'] * 60);
    118. 

  118. if ($GLOBALS['currentTheme'] -> options['sidebar_interface']) {
    119. 

  119.  $smarty -> assign("T_ONLINE_USERS_LIST", $onlineUsers);
    120. 

  120.  if ($accounts = unserialize($currentUser -> user['additional_accounts'])) {
    121. 

  121.   $result = eF_getTableData("users", "login, user_type", 'login in ("'.implode('","', array_values($accounts)).'")');
    122. 

  122.      $smarty -> assign("T_MAPPED_ACCOUNTS", $result);
    123. 

  123.  }
    124. 

  124. 

  125. }
    126. 

  126. refreshLogin();//Important: It must be called AFTER EfrontUser :: getUsersOnline
    127. 

  127. 

  128. 

  129. 

  130. !isset($_GET['ctg']) || !eF_checkParameter($_GET['ctg'], 'alnum_general') ? $ctg = "control_panel" : $ctg = $_GET['ctg'];
    131. 

  131. 

  132. $smarty -> assign("T_CTG", $ctg); //As soon as we derive the current ctg, assign it to smarty.
    133. 

  133. $smarty -> assign("T_OP", isset($_GET['op']) ? $_GET['op'] : false);
    134. 

  134. 

  135. //Create shorthands for user type, to avoid long variable names
    136. 

  136. $_student_ = $_professor_ = $_admin_ = 0;
    137. 

  137. if ((isset($_SESSION['s_lesson_user_type']) && $_SESSION['s_lesson_user_type'] == 'student') || (!isset($_SESSION['s_lesson_user_type']) && $_SESSION['s_type'] == 'student')) {
    138. 

  138.     $_student_ = 1;
    139. 

  139. } else if ((isset($_SESSION['s_lesson_user_type']) && $_SESSION['s_lesson_user_type'] == 'professor') || (!isset($_SESSION['s_lesson_user_type']) && $_SESSION['s_type'] == 'professor')) {
    140. 

  140.     $_professor_ = 1;
    141. 

  141. } else {
    142. 

  142.     $_admin_ = 1;
    143. 

  143. }
    144. 

  144. $smarty -> assign("_student_", $_student_);
    145. 

  145. $smarty -> assign("_professor_", $_professor_);
    146. 

  146. $smarty -> assign("_admin_", $_admin_);
    147. 

  147. 

  148. try {
    149. 

  149.  if ($ctg == 'control_panel') {
    150. 

  150.      /***/
    151. 

  151.      require_once ("control_panel.php");
    152. 

  152.  }
    153. 

  153.  elseif ($ctg == 'landing_page') {
    154. 

  154.      /***/
    155. 

  155.      require_once ("landing_page.php");
    156. 

  156.  }
    157. 

  157.  elseif ($ctg == 'social') {
    158. 

  158.      /***/
    159. 

  159.      require_once ("social.php");
    160. 

  160.  }
    161. 

  161.  elseif ($ctg == 'languages') {
    162. 

  162.      /***/
    163. 

  163.      require_once ("languages.php");
    164. 

  164.  }
    165. 

  165.  elseif ($ctg == 'forum') {
    166. 

  166.      /***/
    167. 

  167.      require_once("includes/forum.php");
    168. 

  168.  }
    169. 

  169.  elseif ($ctg == 'messages') {
    170. 

  170.      /***/
    171. 

  171.      require_once("includes/messages.php");
    172. 

  172.  }
    173. 

  173.  elseif ($ctg == 'backup') {
    174. 

  174.      /***/
    175. 

  175.      require_once ("backup.php");
    176. 

  176.  }
    177. 

  177.  elseif ($ctg == 'news') {
    178. 

  178.      /***/
    179. 

  179.      require_once ("news.php");
    180. 

  180.  }
    181. 

  181.  elseif ($ctg == 'user_profile') {
    182. 

  182.      /***/
    183. 

  183.      require_once ("user_profile.php");
    184. 

  184.  }
    185. 

  185.  elseif ($ctg == 'import_export') {
    186. 

  186.      /***/
    187. 

  187.      require_once ("import_export.php");
    188. 

  188.  }
    189. 

  189.  elseif ($ctg == 'system_config') {
    190. 

  190.      /***/
    191. 

  191.   require_once ("includes/system_config.php");
    192. 

  192.  }
    193. 

  193.  elseif ($ctg == 'personal') {
    194. 

  194.      /**This part is used to display the user's personal information*/
    195. 

  195.      include "includes/personal.php";
    196. 

  196.  }
    197. 

  197.  elseif ($ctg == 'maintenance') {
    198. 

  198.      /***/
    199. 

  199.      require_once ("maintenance.php");
    200. 

  200.  }
    201. 

  201.  elseif ($ctg == 'versionkey') {
    202. 

  202.      /***/
    203. 

  203.      require_once ("versionkey.php");
    204. 

  204.  }
    205. 

  205.  elseif ($ctg == 'curriculums') {
    206. 

  206.      /***/
    207. 

  207.      require_once ("curriculums.php");
    208. 

  208.  }
    209. 

  209.  elseif ($ctg == 'payments') {
    210. 

  210.      /***/
    211. 

  211.      require_once ("payments.php");
    212. 

  212.  }
    213. 

  213.  elseif ($ctg == 'modules') {
    214. 

  214.      /***/
    215. 

  215.      require_once ("includes/modules.php");
    216. 

  216.  }
    217. 

  217.  elseif ($ctg == 'users') {
    218. 

  218.      /***/
    219. 

  219.      require_once ("users.php");
    220. 

  220.  }
    221. 

  221.  elseif ($ctg == 'lessons') {
    222. 

  222.      /***/
    223. 

  223.      require_once ("lessons.php");
    224. 

  224.  }
    225. 

  225.  elseif ($ctg == 'directions') {
    226. 

  226.      /***/
    227. 

  227.      require_once "categories.php";
    228. 

  228.  }
    229. 

  229.  elseif ($ctg == 'archive') {
    230. 

  230.      /***/
    231. 

  231.      require_once "archive.php";
    232. 

  232.  }
    233. 

  233.  elseif ($ctg == 'courses') {
    234. 

  234.      /***/
    235. 

  235.      require_once "courses.php";
    236. 

  236.  }
    237. 

  237.  elseif ($ctg == "file_manager") {
    238. 

  238.      //This page has a file manager, so bring it on with the correct options
    239. 

  239.      $basedir = $currentUser -> getDirectory();
    240. 

  240.      //Default options for the file manager
    241. 

  241.      $options = array('share' => false,
    242. 

  242.                 'lessons_ID' => false,
    243. 

  243.                 'metadata' => 0);
    244. 

  244.         //Default url for the file manager
    245. 

  245.         $url = basename($_SERVER['PHP_SELF']).'?ctg=file_manager';
    246. 

  246.         $extraFileTools = array(array('image' => 'images/16x16/arrow_right.png', 'title' => _INSERTEDITOR, 'action' => 'insert_editor'));
    247. 

  247. 

  248.         include "file_manager.php";
    249. 

  249.  }
    250. 

  250.  elseif ($ctg == 'logout_user') {
    251. 

  251.      /**Online users list and log out functionality*/
    252. 

  252.      require_once 'logout_user.php';
    253. 

  253.  }
    254. 

  254.  elseif ($ctg == 'user_types') {
    255. 

  255.      /**Custom user types page*/
    256. 

  256.      require_once 'user_types.php';
    257. 

  257.  }
    258. 

  258.  elseif ($ctg == 'user_groups') {
    259. 

  259.      /**User groups page*/
    260. 

  260.      require_once 'includes/groups.php';
    261. 

  261.  }
    262. 

  262.  elseif ($ctg == 'calendar') {
    263. 

  263.      if ($currentUser -> coreAccess['calendar'] != 'hidden' && $GLOBALS['configuration']['disable_calendar'] != 1) {
    264. 

  264.       /***/
    265. 

  265.          require_once "calendar.php";
    266. 

  266.      } else {
    267. 

  267.          eF_redirect("".basename($_SERVER['PHP_SELF'])."?ctg=control_panel&message=".urlencode(_UNAUTHORIZEDACCESS)."&message_type=failure");
    268. 

  268.      }
    269. 

  269.  }
    270. 

  270.  elseif ($ctg == 'search_courses') {
    271. 

  271.   /**Search courses is used to find the course users that fulfill an arbitrary number of criteria */
    272. 

  272.      require_once "search_courses.php";
    273. 

  273.  }
    274. 

  274.  elseif ($ctg == 'search_users') {
    275. 

  275. 

  276. 

  277. 

  278.  }
    279. 

  279.  elseif ($ctg == 'digests') {
    280. 

  280.      /** Email digests feature */
    281. 

  281.      require_once "digests.php";
    282. 

  282.  }
    283. 

  283.  elseif ($ctg == 'statistics') {
    284. 

  284.      if (isset($currentUser -> coreAccess['statistics']) && $currentUser -> coreAccess['statistics'] == 'hidden') {
    285. 

  285.          eF_redirect("".basename($_SERVER['PHP_SELF'])."?ctg=control_panel&message=".urlencode(_UNAUTHORIZEDACCESS)."&message_type=failure");
    286. 

  286.      }
    287. 

  287.      /** Statistics is the page that calculates and displays the system statistics.*/
    288. 

  288.      require_once "statistics.php";
    289. 

  289.  }
    290. 

  290.  elseif ($ctg == 'module_hcd') {
    291. 

  291.      /***/
    292. 

  292.      require_once "module_hcd.php";
    293. 

  293.  }
    294. 

  294.  elseif ($ctg == 'themes') {
    295. 

  295.      /***/
    296. 

  296.      require_once "themes.php";
    297. 

  297.  }
    298. 

  298.  else if ($ctg == 'tests') {
    299. 

  299.      /***/
    300. 

  300.      require_once "module_tests.php";
    301. 

  301.      /**Ranking tests */
    302. 

  302.      require_once "tests.php";
    303. 

  303.  }
    304. 

  304.  else if ($ctg == 'facebook') {
    305. 

  305.      /***/
    306. 

  306.      require_once "module_facebook.php";
    307. 

  307.  }
    308. 

  308.  elseif ($ctg == 'module') {
    309. 

  309.      /***/
    310. 

  310.      require_once "module.php";
    311. 

  311.  }
    312. 

  312. 

  313. /*
    314. 

    315. 

  315.     $fields_log = array ('users_LOGIN' => $_SESSION['s_login'],                                 //This is the log entry array
    316. 

    317. 

  317.                      'timestamp'   => time(),
    318. 

    319. 

  319.                      'action'      => 'lastmove',
    320. 

    321. 

  321.                      'comments'    => 0,
    322. 

    323. 

  323.                      'session_ip'  => eF_encodeIP($_SERVER['REMOTE_ADDR']));
    324. 

    325. 

  325.     eF_deleteTableData("logs", "users_LOGIN='".$_SESSION['s_login']."' AND action='lastmove'"); //Only one lastmove action interests us, so delete any other
    326. 

    327. 

  327.     eF_insertTableData("logs", $fields_log);
    328. 

    329. 

  329. */
    330. 

  330. } catch (Exception $e) {
    331. 

  331.  handleNormalFlowExceptions($e);
    332. 

  332. }
    333. 

  333. if (detectBrowser() == 'mobile') {
    334. 

  334.  $load_editor = false;
    335. 

  335. }
    336. 

  336. $smarty -> assign("T_HEADER_EDITOR", $load_editor); //Specify whether we need to load the editor
    337. 

  337. if (isset($_GET['refresh']) || isset($_GET['refresh_side'])) {
    338. 

  338.     $smarty -> assign("T_REFRESH_SIDE","true");
    339. 

  339. }
    340. 

  340. /*
    341. 

    342. 

  342.  * Check if you should input the JS code to
    343. 

    344. 

  344.  * trigger sending the next notificatoin emails
    345. 

    346. 

  346.  * Since 3.6.0
    347. 

    348. 

  348.  */
    349. 

  349. if (EfrontNotification::shouldSendNextNotifications()) {
    350. 

  350.  $smarty -> assign("T_TRIGGER_NEXT_NOTIFICATIONS_SEND", 1);
    351. 

  351.  $_SESSION['send_next_notifications_now'] = 0; // the msg that triggered the immediate send should be sent now
    352. 

  352. }
    353. 

  353. 

  354. $smarty -> assign("T_MODULE_CSS", $module_css_array);
    355. 

  355. $smarty -> assign("T_MODULE_JS", $module_js_array);
    356. 

  356. foreach ($loadedModules as $module) {
    357. 

  357.     $loadScripts = array_merge($loadScripts, $module -> addScripts());
    358. 

  358. }
    359. 

  359. 

  360. //Main scripts, such as prototype
    361. 

  361. $mainScripts = getMainScripts();
    362. 

  362. $smarty -> assign("T_HEADER_MAIN_SCRIPTS", implode(",", $mainScripts));
    363. 

  363. 

  364. //Operation/file specific scripts
    365. 

  365. $loadScripts = array_diff($loadScripts, $mainScripts); //Clear out duplicates
    366. 

  366. $smarty -> assign("T_HEADER_LOAD_SCRIPTS", implode(",", array_unique($loadScripts))); //array_unique, so it doesn't send duplicate entries
    367. 

  367. 

  368. $smartyClosingFiles = array();
    369. 

  369. foreach ($loadedModules as $module) {
    370. 

  370.  if ($smartyClosingFile = $module -> onPageFinishLoadingSmartyTpl()) {
    371. 

  371.   $smartyClosingFiles[] = $smartyClosingFile;
    372. 

  372.  }
    373. 

  373. }
    374. 

  374. $smarty -> assign("T_PAGE_FINISH_MODULES", $smartyClosingFiles);
    375. 

  375. 

  376. 

  377. $smarty -> assign("T_CURRENT_CTG", $ctg);
    378. 

  378. $smarty -> assign("T_MENUCTG", $ctg);
    379. 

  379. //$smarty -> assign("T_MENU", eF_getMenu());
    380. 

  380. //$smarty -> assign("T_QUERIES", $numberOfQueries);
    381. 

  381. 

  382. if ($_SESSION['s_message']) {
    383. 

  383.  $message .= urldecode($_SESSION['s_message']);
    384. 

  384.  $message_type = $_SESSION['s_message_type'];
    385. 

  385.  unset($_SESSION['s_message']);
    386. 

  386.  unset($_SESSION['s_message_type']);
    387. 

  387. }
    388. 

  388. 

  389. $smarty -> assign("T_MESSAGE", $message);
    390. 

  390. $smarty -> assign("T_MESSAGE_TYPE", $message_type);
    391. 

  391. $smarty -> assign("T_SEARCH_MESSAGE", $search_message);
    392. 

  392. 

  393. $smarty -> assign("T_TEST_MESSAGE", 'Test Message');
    394. 

  394. if (!isset($_GET['edit_block'])) { // when updating a unit we must preserve the innerlink
    395. 

  395.  $smarty -> load_filter('output', 'eF_template_setEditorOffset');
    396. 

  396. }
    397. 

  397. 

  398. $benchmark -> set('script');
    399. 

  399. $smarty -> display('administrator.tpl');
    400. 

  400. $benchmark -> set('smarty');
    401. 

  401. $benchmark -> stop();
    402. 

  402. $output = $benchmark -> display();
    403. 

  403. if (G_DEBUG) {
    404. 

  404.  echo $output;
    405. 

  405. }
    406. 

  406. 

  407. 

  408. ?>
    409. 

  409.