2 define('AT_INCLUDE_PATH', '../../../../include/');
3 require(AT_INCLUDE_PATH.'vitals.inc.php');
4 authenticate(AT_PRIV_BASICLTI);
6 if ( !is_int($_SESSION['course_id']) || $_SESSION['course_id'] < 1 ) {
7 $msg->addFeedback('NEED_COURSE_ID');
11 require_once('forms.php');
13 // Filter all POST data //
15 $_POST['form_basiclti'] = $addslashes($_POST['form_basiclti']);
16 $_POST['title'] = $addslashes($_POST['title']);
17 $_POST['toolid'] = $addslashes($_POST['toolid']);
18 $_POST['description'] = $addslashes($_POST['description']);
19 $_POST['toolurl'] = $addslashes($_POST['toolurl']);
20 $_POST['resourcekey'] = $addslashes($_POST['resourcekey']);
21 $_POST['password'] = $addslashes($_POST['password']);
22 $_POST['preferheight'] = intval($_POST['preferheight']);
23 $_POST['allowpreferheight'] = intval($_POST['allowpreferheight']);
24 $_POST['launchinpopup'] = intval($_POST['launchinpopup']);
25 $_POST['debuglaunch'] = intval($_POST['debuglaunch']);
26 $_POST['sendname'] = intval($_POST['sendname']);
27 $_POST['sendemailaddr'] = intval($_POST['sendemailaddr']);
28 $_POST['acceptgrades'] = intval($_POST['acceptgrades']);
29 $_POST['allowroster'] = intval($_POST['allowroster']);
30 $_POST['allowsetting'] = intval($_POST['allowsetting']);
31 $_POST['allowcustomparameters'] = intval($_POST['allowcustomparameters']);
32 // this param won't take $addslashes. Some other form of filter is needed here before V1.0 goes out.
33 //$_POST['customparameters'] = $addslashes($_POST['customparameters']);
34 $_POST['submit'] = $addslashes($_POST['submit']);
37 $tool = intval($_REQUEST['id']);
39 if (isset($_POST['cancel'])) {
40 $msg->addFeedback('CANCELLED');
41 header('Location: '.AT_BASE_HREF.'mods/_standard/basiclti/index_instructor.php');
43 } else if (isset($_POST['form_basiclti'], $tool)) {
45 if ( at_form_validate($blti_instructor_form, $msg) ) {
46 $sql = "SELECT count(*) cnt FROM ".TABLE_PREFIX."basiclti_tools WHERE toolid = '".
47 mysql_real_escape_string($_POST['toolid'])."' AND id != $tool".
48 " AND course_id = ". $_SESSION['course_id'];
49 $result = mysql_query($sql, $db) or die(mysql_error());
50 $row = mysql_fetch_assoc($result);
52 if ($row["cnt"] != 0) {
53 $msg->addFeedback('NEED_UNIQUE_TOOLID');
55 $fields = array('course_id' => $_SESSION['course_id']);
56 $sql = at_form_update($_POST, $blti_instructor_form, $fields);
57 $sql = 'UPDATE '.TABLE_PREFIX."basiclti_tools SET ".$sql." WHERE id = $tool".
58 " AND course_id = ". $_SESSION['course_id'];
59 $result = mysql_query($sql, $db) or die(mysql_error());
60 write_to_log(AT_ADMIN_LOG_INSERT, 'basiclti_create', mysql_affected_rows($db), $sql);
61 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
62 header('Location: '.AT_BASE_HREF.'mods/_standard/basiclti/index_instructor.php');
68 $sql = "SELECT * FROM ".TABLE_PREFIX."basiclti_tools WHERE id = ".$tool.
69 " AND course_id = ". $_SESSION['course_id'];
70 $result = mysql_query($sql, $db) or die(mysql_error());
71 $toolrow = mysql_fetch_assoc($result);
72 if ( $toolrow['id'] != $tool ) {
73 $msg->addFeedback('COULD_NOT_LOAD_TOOL');
74 header('Location: '.AT_BASE_HREF.'mods/_standard/basiclti/index_instructor.php');
78 include(AT_INCLUDE_PATH.'header.inc.php');
83 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="basiclti_form" enctype="multipart/form-data">
84 <input type="hidden" name="form_basiclti" value="true" />
85 <input type="hidden" name="id" value="<?php echo $tool; ?>" />
86 <div class="input-form">
87 <fieldset class="group_form"><legend class="group_form"><?php echo _AT('properties'); ?></legend>
88 <?php at_form_generate($toolrow, $blti_instructor_form); ?>
90 <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />
91 <input type="submit" name="cancel" value="<?php echo _AT('cancel');?>" />
98 require(AT_INCLUDE_PATH.'footer.inc.php');
projects / atutor.git / blob