mods/merlot/add_to_links.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2006 by Greg Gay & Joel Kronenberg        */
   6 /* Adaptive Technology Resource Centre / University of Toronto  */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13 // $Id: merlot.php 6614 2006-09-27 19:32:29Z greg $
  14
  15 define('AT_INCLUDE_PATH', '../../include/');
  16 require (AT_INCLUDE_PATH.'vitals.inc.php');
  17
  18 //$_custom_css = $_base_path . 'mods/merlot/module.css'; // use a custom stylesheet
  19
  20 $add_to_links = intval($_GET['add_to_links']);
  21 $title = stripslashes(htmlspecialchars($_GET['title']));
  22 $description = stripslashes(htmlspecialchars($_GET['desc']));
  23 $url = stripslashes(htmlspecialchars($_GET['url']));
  24
  25 require (AT_INCLUDE_PATH.'lib/links.inc.php');
  26
  27 if (isset($_POST['cancel'])) {
  28         $msg->addFeedback('CANCELLED');
  29         header('Location: '.$_base_href.'mods/merlot/index.php');
  30         exit;
  31 }else if (isset($_POST['add_link']) && isset($_POST['submit'])) {
  32         $missing_fields = array();
  33         if ($_POST['cat'] == 0 || $_POST['cat'] == '') {
  34                 $missing_fields[] = _AT('category');
  35         }
  36         if (trim($_POST['title']) == '') {
  37                 $missing_fields[] = _AT('title');
  38         }
  39         if (trim($_POST['url']) == '' || $_POST['url'] == 'http://') {
  40                 $missing_fields[] = _AT('url');
  41         }
  42         if (trim($_POST['description']) == '') {
  43                 $missing_fields[] = _AT('description');
  44         }
  45
  46         if ($missing_fields) {
  47                 $missing_fields = implode(', ', $missing_fields);
  48                 $msg->addError(array('EMPTY_FIELDS', $missing_fields));
  49         }
  50
  51         if (!$msg->containsErrors() && isset($_POST['submit'])) {
  52
  53                 $_POST['cat'] = intval($_POST['cat']);
  54                 $_POST['title']  = $addslashes($_POST['title']);
  55                 $_POST['url'] == $addslashes($_POST['url']);
  56                 $_POST['description']  = $addslashes($_POST['description']);
  57
  58                 $name = get_display_name($_SESSION['member_id']);
  59                 $email = '';
  60
  61                 // approve link if submitter is a group member or instructor
  62                 $sql = "SELECT * from ".TABLE_PREFIX."links_categories WHERE  cat_id='$_POST[cat]' AND owner_type='2' ";
  63                 $result = mysql_query($sql, $db);
  64
  65                 while($row = mysql_fetch_assoc($result)){
  66                         $sql2 = "SELECT * from ".TABLE_PREFIX."groups_members WHERE member_id= '$_SESSION[member_id]' AND group_id = '$row[owner_id]' ";
  67
  68                         if($result2 = mysql_query($sql2, $db)){
  69                                 $group_member = true;
  70                         }
  71                 }
  72
  73                 if($_SESSION['is_admin']){
  74                         $approved = 1;          //approved for instructor submissions
  75                 }else if($group_member){
  76                         $approved = 1;                  //approved for group member submissions to group links
  77                 }else if(authenticate(AT_PRIV_LINKS, true)){
  78                         $approved = 1;                  //approved for privileged user submissions
  79                 }else{
  80                         $approved = 0;          //not approved for student submissions to course links
  81                 }
  82                 /////
  83                 $sql    = "INSERT INTO ".TABLE_PREFIX."links VALUES (NULL, $_POST[cat], '$_POST[url]', '$_POST[title]', '$_POST[description]', $approved, '$name', '$email', NOW(), 0)";
  84                 mysql_query($sql, $db);
  85
  86                 $msg->addFeedback('LINK_ADDED');
  87                 header('Location: '.$_base_href.'mods/merlot/index.php');
  88                 exit;
  89         } else {
  90                 $_POST['title']  = stripslashes($_POST['title']);
  91                 $_POST['url'] == stripslashes($_POST['url']);
  92                 $_POST['description']  = stripslashes($_POST['description']);
  93         }
  94 }
  95
  96 $onload = 'document.form.title.focus();';
  97 $categories = get_link_categories();
  98
  99 require(AT_INCLUDE_PATH.'header.inc.php');
 100
 101 ?>
 102 <div>
 103 <h3><?php echo _AT('merlot_add_link'); ?></h3>
 104
 105 </div>
 106 <form action="<?php echo $_SERVER['PHP_SELF']; ?>#search_results" method="post" name="form">
 107                 <div class="input-form" style="width: 60%;padding:5px;">
 108                         <div>
 109                         <?php echo _AT('merlot_add_to_link_howto'); ?>
 110                         </div>
 111                         <div class="row">
 112                                 <input type="hidden" name="add_link" value="true" />
 113                                 <label for="title"><?php echo _AT('merlot_title'); ?></label><br />
 114                                 <input type="text" id="title" name="title"  size="70" value="<?php  echo $title; ?>" /><br />
 115
 116                                 <label for="description"><?php echo _AT('merlot_description'); ?></label><br />
 117                                 <textarea id="description" name="description" rows="4" cols="60"><?php  echo $description; ?></textarea><br />
 118                                 <label for="url"><?php echo _AT('merlot_url'); ?></label>       <br />
 119                                 <input type="text" id="url" name="url" size="70" value="<?php echo $url;  ?>" /><br />
 120                                 <label for="cat"><?php echo _AT('merlot_category'); ?></label><br />
 121                                 <select name="cat" id="cat"><?php
 122                                         if ($pcat_id) {
 123                                                 $current_cat_id = $pcat_id;
 124                                                 $exclude = false; /* don't exclude the children */
 125                                         } else {
 126                                                 $current_cat_id = $cat_id;
 127                                                 $exclude = true; /* exclude the children */
 128                                         }
 129                                         select_link_categories($categories, 0, $_POST['cat'], FALSE);
 130                                         ?>
 131                                 </select>
 132                         </div>
 133
 134         <div class="row buttons">
 135                 <input type="submit" name="submit" value="<?php echo _AT('merlot_submit'); ?>" accesskey="s" />
 136                 <input type="submit" name="cancel" value="<?php echo _AT('merlot_cancel'); ?> " />
 137         </div>
 138                 </div>
 139         </form>
 140
 141
 142 <br />
 143
 144 <?php
 145
 146 require(AT_INCLUDE_PATH.'footer.inc.php');
 147
 148 ?>