2 define('AT_INCLUDE_PATH', '../../../../include/');
3 require(AT_INCLUDE_PATH.'vitals.inc.php');
4 authenticate(AT_PRIV_BASICLTI);
6 require_once('forms.php');
9 // Filter all GET data //
10 $_POST['framed'] = intval($_POST['framed']);
11 $_POST['popup'] = intval($_POST['popup']);
12 $_POST['cid'] = intval($_POST['cid']);
14 // Filter all POST data //
15 $_POST['toolid'] = $addslashes($_POST['toolid']);
16 $_POST['cid'] = intval($_POST['cid']);
17 $_POST['preferheight'] = intval($_POST['preferheight']);
18 $_POST['launchinpopup'] = intval($_POST['launchinpopup']);
19 $_POST['debuglaunch'] = intval($_POST['debuglaunch']);
20 $_POST['sendname'] = intval($_POST['sendname']);
21 $_POST['sendemailaddr'] = intval($_POST['sendemailaddr']);
22 $_POST['allowroster'] = intval($_POST['allowroster']);
23 $_POST['allowsetting'] = intval($_POST['allowsetting']);
24 $_POST['customparameters'] = $addslashes($_POST['customparameters']);
26 if ( !is_int($_SESSION['course_id']) || $_SESSION['course_id'] < 1 ) {
27 $msg->addFeedback('NEED_COURSE_ID');
31 // Add/Update The Tool
32 if ( isset($_POST['toolid']) && at_form_validate($blti_content_edit_form, $msg)) {
33 $toolid = $_POST['toolid']; // Escaping is done in the at_form_util code
34 $sql = "SELECT * FROM ".TABLE_PREFIX."basiclti_content
35 WHERE content_id=".$_POST[cid]." AND course_id=".$_SESSION[course_id];
38 $result = mysql_query($sql, $db);
39 if ( $toolid == '--none--' ) {
40 $sql = "DELETE FROM ". TABLE_PREFIX . "basiclti_content
41 WHERE content_id=".$_POST[cid]." AND
42 course_id=".$_SESSION[course_id];
43 $result = mysql_query($sql, $db);
44 if ($result===false) {
45 $msg->addError('MYSQL_FAILED');
47 $msg->addFeedback('BASICLTI_DELETED');
49 } else if ( mysql_num_rows($result) == 0 ) {
50 $sql = "INSERT INTO ". TABLE_PREFIX . "basiclti_content
51 SET toolid='".$toolid."', content_id=".$_POST[cid].",
52 course_id=".$_SESSION[course_id];
54 $result = mysql_query($sql, $db);
55 if ($result===false) {
56 $msg->addError('MYSQL_FAILED');
58 $msg->addFeedback('BASICLTI_SAVED');
61 } else if ( $result !== false ) {
63 $gradebook_test_id = 0;
64 $basiclti_content_row = mysql_fetch_assoc($result);
65 $placementsecret = $basiclti_content_row['placementsecret'];
66 $gradebook_check = intval($_POST['gradebook_test_id']);
67 if ( isset($_POST['gradebook_test_id']) && $gradebook_check > 0 ) {
68 $gradebook_test_id = $gradebook_check;
69 $sql = "SELECT g.gradebook_test_id AS id, g.title AS title
70 FROM ".TABLE_PREFIX."gradebook_tests AS g
71 WHERE g.course_id = ".$_SESSION[course_id]."
72 AND g.type = 'External' and g.grade_scale_id = 0
73 AND gradebook_test_id = ".$gradebook_test_id;
74 $result = mysql_query($sql, $db);
75 if ( $result === false ) {
76 $gradebook_test_id = 0;
78 if ( strlen($placementsecret) < 1 ) {
79 $placementsecret = uniqid("bl",true);
83 // Override these fields (don't take from form)
84 $fields = array('toolid' => $toolid, 'gradebook_test_id' => $gradebook_test_id,
85 'placementsecret' => $placementsecret);
86 $sql = at_form_update($_POST, $blti_content_edit_form, $fields);
87 $sql = "UPDATE ". TABLE_PREFIX . "basiclti_content
88 SET ".$sql." WHERE content_id=".$_POST[cid]." AND
89 course_id=".$_SESSION[course_id];
90 $result = mysql_query($sql, $db);
91 if ($result===false) {
92 $msg->addError('MYSQL_FAILED');
94 $msg->addFeedback('BASICLTI_SAVED');
99 // echo("<hr>$sql<hr>\n");
101 $cid = intval($_REQUEST['cid']);
103 global $framed, $popup;
105 if ((isset($_REQUEST['popup']) && $_REQUEST['popup']) &&
106 (!isset($_REQUEST['framed']) || !$_REQUEST['framed'])) {
109 } elseif (isset($_REQUEST['framed']) && $_REQUEST['framed'] && isset($_REQUEST['popup']) && $_REQUEST['popup']) {
118 require(AT_INCLUDE_PATH.'header.inc.php');
120 /* get a list of all the tools, we have */
121 $sql = "SELECT * FROM ".TABLE_PREFIX."basiclti_tools WHERE course_id = 0".
122 " OR course_id=".$_SESSION[course_id]." ORDER BY course_id,title";
124 $toolresult = mysql_query($sql, $db);
125 $num_tools = mysql_num_rows($toolresult);
127 //If there are no Tools, don't display anything except a message
128 if ($num_tools == 0){
129 $msg->addInfo('NO_PROXY_TOOLS');
135 <div class="input-form">
137 <form name="datagrid" action="" method="POST">
139 <fieldset class="group_form">
140 <legend class="group_form"><?php echo _AT('bl_content_title'); ?></legend>
142 <?php echo _AT('basiclti_comment');?>
144 <?php echo $msg->printFeedbacks();
146 // Get the current content item
147 $sql = "SELECT * FROM ".TABLE_PREFIX."basiclti_content
148 WHERE content_id=$cid";
149 $contentresult = mysql_query($sql, $db);
150 $basiclti_content_row = mysql_fetch_assoc($contentresult);
151 // if ( $basiclti_content_row ) echo("FOUND"); else echo("NOT");
154 <?php echo _AT('bl_choose_tool'); ?><br/>
155 <select id="toolid" name="toolid" onchange="datagrid.submit();">
156 <option value="--none--"> </option><?php
157 $basiclti_tool_row = false;
158 $found = false; // Only the first one
159 while ( $tool = mysql_fetch_assoc($toolresult) ) {
161 if ( ! $found && $tool['toolid'] == $basiclti_content_row['toolid'] ) {
162 $selected = ' selected="yes"';
163 $basiclti_tool_row = $tool;
166 echo '<option value="'.$tool['toolid'].'"'.$selected.'>'.$tool['title']."</option>\n";
171 if ( $basiclti_tool_row != false && $basiclti_tool_row['acceptgrades'] == 1 ) {
172 $sql = "SELECT g.gradebook_test_id AS id, g.title AS title
173 FROM ".TABLE_PREFIX."gradebook_tests AS g
174 WHERE g.course_id = ".$_SESSION[course_id]."
175 AND g.type = 'External' and g.grade_scale_id = 0";
176 $graderesult = mysql_query($sql, $db);
177 if ( $graderesult !== false && mysql_num_rows($graderesult) > 0) { ?>
179 <?php echo _AT('bl_choose_gradbook_entry'); ?><br/>
180 <select id="gradebook_test_id" name="gradebook_test_id">
181 <option value="--none--"> </option><?php
182 while ( $gradeitem = mysql_fetch_assoc($graderesult) ) {
183 echo($gradeitem['title']);
185 if ( $gradeitem['id'] == $basiclti_content_row['gradebook_test_id'] ) {
186 $selected = ' selected="yes"';
188 echo '<option value="'.$gradeitem['id'].'"'.$selected.'>'.$gradeitem['title']."</option>\n";
195 <input type="hidden" name="cid" value="<?php echo($cid);?>" />
197 if ( $basiclti_tool_row !== false ) {
198 $blti_content_edit_form = filterForm($basiclti_tool_row, $blti_content_edit_form);
199 at_form_generate($basiclti_content_row, $blti_content_edit_form);
200 echo('<input type="submit" name="save" value="Save" class="button" />'."\n");
208 if($basiclti_tool_row){
209 echo '<h3>'.$basiclti_tool_row['title'].' '._AT('bl_settings').'</h3>';
210 echo '<ul style="list-style-type:none;">';
211 foreach($basiclti_tool_row as $title=>$setting){
212 if($title == "password" || $title == "resourcekey" && $basiclti_tool_row['course_id'] == 0){
213 // Hide the tool password if its not an instructor created tool //
214 // Don't print out the key or password id its an admin added tool
218 echo '<li>'.$title.' = '.$setting.'</li>';
223 //echo("<hr><pre>\n");print_r($basiclti_tool_row); echo("\n</pre>\n");
225 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>