generateRedirectUrlAfterSubscription() - Code Metrics - Inspection of "Merge pull request #4232 from AngelFQC/BT19827" - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 1.11.x ( a5874c...fde968 )

by Angel Fernando Quiroz

created 2022-03-31 21:46 UTC

generateRedirectUrlAfterSubscription() A

↳ Parent: Project

Complexity

Conditions	5
Paths	4

Size

Total Lines	15
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	5
eloc	7
c	0
b	0
f	0
nc	4
nop	2
dl	0
loc	15
rs	9.6111

<?php

/* For licensing terms, see /license.txt */

use Chamilo\CoreBundle\Entity\SequenceResource;

// Delete the globals['_cid'], we don't need it here.
$cidReset = true;

require_once __DIR__.'/../inc/global.inc.php';

// Section for the tabs.
$this_section = SECTION_CATALOG;

if ('true' !== api_get_setting('course_catalog_published')) {
    // Access rights: anonymous users can't do anything useful here.
    api_block_anonymous_users();
}

$userCanViewPage = CoursesAndSessionsCatalog::userCanView();

$defaultAction = CoursesAndSessionsCatalog::is(CATALOG_SESSIONS) ? 'display_sessions' : 'display_courses';
$action = isset($_REQUEST['action']) ? Security::remove_XSS($_REQUEST['action']) : $defaultAction;
$categoryCode = isset($_REQUEST['category_code']) ? Security::remove_XSS($_REQUEST['category_code']) : '';
$searchTerm = isset($_REQUEST['search_term']) ? Security::remove_XSS($_REQUEST['search_term']) : '';

$nameTools = CourseCategory::getCourseCatalogNameTools($action);
if (empty($nameTools)) {
    $nameTools = get_lang('CourseManagement');
} else {
    if (!in_array(
        $action,
        ['display_random_courses', 'display_courses', 'subscribe']
    )) {
        $interbreadcrumb[] = [
            'url' => api_get_path(WEB_CODE_PATH).'auth/courses.php',
            'name' => get_lang('CourseManagement'),
        ];
    }
    $interbreadcrumb[] = ['url' => '#', 'name' => $nameTools];
}

switch ($action) {
    case 'unsubscribe':
        // We are unsubscribing from a course (=Unsubscribe from course).
        $ctok = Security::get_existing_token();

        if (!empty($_GET['sec_token']) && $ctok == $_GET['sec_token']) {
            $auth = new Auth();
            $result = $auth->remove_user_from_course($_GET['unsubscribe']);
            if ($result) {
                Display::addFlash(
                    Display::return_message(get_lang('YouAreNowUnsubscribed'), 'success')
                );
            }
        }

        $currentUrl = api_get_path(WEB_CODE_PATH).'auth/courses.php?category_code='.$categoryCode.'&search_term='.$searchTerm;

        header('Location: '.$currentUrl);
        exit;
    case 'subscribe_course':
        $courseCodeToSubscribe = isset($_GET['course_code']) ? Security::remove_XSS($_GET['course_code']) : '';
        if (api_is_anonymous()) {
            header('Location: '.api_get_path(WEB_CODE_PATH).'auth/inscription.php?c='.$courseCodeToSubscribe);
            exit;
        }
        if (Security::check_token('get')) {
            $courseInfo = api_get_course_info($courseCodeToSubscribe);
            CourseManager::autoSubscribeToCourse($courseCodeToSubscribe);
            $redirectionTarget = CoursesAndSessionsCatalog::generateRedirectUrlAfterSubscription(
                $courseInfo['course_public_url']
            );

            header("Location: $redirectionTarget");
            exit;
        }
        break;
    case 'subscribe_course_validation':
        $toolTitle = get_lang('Subscribe');
        $courseCodeToSubscribe = isset($_GET['course_code']) ? Security::remove_XSS($_GET['course_code']) : '';
        $courseInfo = api_get_course_info($courseCodeToSubscribe);
        if (empty($courseInfo)) {
            header('Location: '.api_get_self());
            exit;
        }
        $message = get_lang('CourseRequiresPassword').' ';
        $message .= $courseInfo['title'].' ('.$courseInfo['visual_code'].') ';

        $action = api_get_self().'?action=subscribe_course_validation&sec_token='.
            Security::getTokenFromSession().'&course_code='.$courseInfo['code'];
        $form = new FormValidator(
            'subscribe_user_with_password',
            'post',
            $action
        );
        $form->addHeader($message);
        $form->addElement('hidden', 'sec_token', Security::getTokenFromSession());
        $form->addElement('hidden', 'subscribe_user_with_password', $courseInfo['code']);
        $form->addElement('text', 'course_registration_code');
        $form->addButtonSave(get_lang('SubmitRegistrationCode'));
        $content = $form->returnForm();

        if ($form->validate()) {
            if (sha1($_POST['course_registration_code']) === $courseInfo['registration_code']) {
                CourseManager::autoSubscribeToCourse($_POST['subscribe_user_with_password']);

                $redirectionTarget = CoursesAndSessionsCatalog::generateRedirectUrlAfterSubscription(
                    $courseInfo['course_public_url']
                );

                header("Location: $redirectionTarget");
            } else {
                Display::addFlash(Display::return_message(get_lang('CourseRegistrationCodeIncorrect'), 'warning'));
                header('Location: '.$action);
            }
            exit;
        }

        $template = new Template($toolTitle, true, true, false, false, false);
        $template->assign('content', $content);
        $template->display_one_col_template();
        break;
    case 'subscribe':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }
        header('Location: '.api_get_self());
        exit;
    case 'display_random_courses':
    case 'display_courses':
    case 'search_course':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }

        CoursesAndSessionsCatalog::displayCoursesList($action, $searchTerm, $categoryCode);
        exit;
    case 'display_sessions':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }

        CoursesAndSessionsCatalog::sessionList();
        exit;
    case 'subscribe_to_session':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }

        $userId = api_get_user_id();
        $confirmed = isset($_GET['confirm']);
        $sessionId = (int) $_GET['session_id'];

        if (empty($userId)) {
            api_not_allowed();
            exit;
        }

        if (!$confirmed) {
            $template = new Template(null, false, false, false, false, false);
            $template->assign('session_id', $sessionId);
            $layout = $template->get_template('auth/confirm_session_subscription.tpl');
            echo $template->fetch($layout);
            exit;
        }

        $registrationAllowed = api_get_setting('catalog_allow_session_auto_subscription');
        if ('true' === $registrationAllowed) {
            $entityManager = Database::getManager();
            $repository = $entityManager->getRepository('ChamiloCoreBundle:SequenceResource');
            $sequences = $repository->getRequirements(
                $sessionId,
                SequenceResource::SESSION_TYPE
            );

            if (count($sequences) > 0) {
                $requirementsData = $repository->checkRequirementsForUser(
                    $sequences,
                    SequenceResource::SESSION_TYPE,
                    $userId,
                    $sessionId
                );

                $continueWithSubscription = $repository->checkSequenceAreCompleted($requirementsData);

                if (!$continueWithSubscription) {
                    header('Location: '.api_get_path(WEB_CODE_PATH).'auth/courses.php');
                    exit;
                }
            }

            SessionManager::subscribeUsersToSession(
                $sessionId,
                [$userId],
                SESSION_VISIBLE_READ_ONLY,
                false
            );

            $coursesList = SessionManager::get_course_list_by_session_id($sessionId);
            $count = count($coursesList);
            $url = '';

            if ($count <= 0) {
                // no course in session -> return to catalog
                $url = api_get_path(WEB_CODE_PATH).'auth/courses.php';
            } elseif (1 == $count) {
                // only one course, so redirect directly to this course
                foreach ($coursesList as $course) {
                    $url = api_get_path(WEB_COURSE_PATH).$course['directory'].'/index.php?id_session='.$sessionId;
                }
            } else {
                $url = api_get_path(WEB_CODE_PATH).'session/index.php?session_id='.$sessionId;
            }
            header('Location: '.$url);
            exit;
        }
        break;
    case 'search_tag':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }

        CoursesAndSessionsCatalog::sessionsListByCoursesTag();
        exit;
    case 'search_session_title':
        if (!$userCanViewPage) {
            api_not_allowed(true);
        }

        CoursesAndSessionsCatalog::sessionsListByName();
        exit;
}


1			<?php
2
3			/* For licensing terms, see /license.txt */
4
5			use Chamilo\CoreBundle\Entity\SequenceResource;
6
7			// Delete the globals['_cid'], we don't need it here.
8			$cidReset = true;
9
10			require_once __DIR__.'/../inc/global.inc.php';
11
12			// Section for the tabs.
13			$this_section = SECTION_CATALOG;
14
15			if ('true' !== api_get_setting('course_catalog_published')) {
16			// Access rights: anonymous users can't do anything useful here.
17			api_block_anonymous_users();
18			}
19
20			$userCanViewPage = CoursesAndSessionsCatalog::userCanView();
21
22			$defaultAction = CoursesAndSessionsCatalog::is(CATALOG_SESSIONS) ? 'display_sessions' : 'display_courses';
23			$action = isset($_REQUEST['action']) ? Security::remove_XSS($_REQUEST['action']) : $defaultAction;
24			$categoryCode = isset($_REQUEST['category_code']) ? Security::remove_XSS($_REQUEST['category_code']) : '';
25			$searchTerm = isset($_REQUEST['search_term']) ? Security::remove_XSS($_REQUEST['search_term']) : '';
26
27			$nameTools = CourseCategory::getCourseCatalogNameTools($action);
28			if (empty($nameTools)) {
29			$nameTools = get_lang('CourseManagement');
30			} else {
31			if (!in_array(
32			$action,
33			['display_random_courses', 'display_courses', 'subscribe']
34			)) {
35			$interbreadcrumb[] = [
36			'url' => api_get_path(WEB_CODE_PATH).'auth/courses.php',
37			'name' => get_lang('CourseManagement'),
38			];
39			}
40			$interbreadcrumb[] = ['url' => '#', 'name' => $nameTools];
41			}
42
43			switch ($action) {
44			case 'unsubscribe':
45			// We are unsubscribing from a course (=Unsubscribe from course).
46			$ctok = Security::get_existing_token();
47
48			if (!empty($_GET['sec_token']) && $ctok == $_GET['sec_token']) {
49			$auth = new Auth();
50			$result = $auth->remove_user_from_course($_GET['unsubscribe']);
51			if ($result) {
52			Display::addFlash(
53			Display::return_message(get_lang('YouAreNowUnsubscribed'), 'success')
54			);
55			}
56			}
57
58			$currentUrl = api_get_path(WEB_CODE_PATH).'auth/courses.php?category_code='.$categoryCode.'&search_term='.$searchTerm;
59
60			header('Location: '.$currentUrl);
61			exit;
62			case 'subscribe_course':
63			$courseCodeToSubscribe = isset($_GET['course_code']) ? Security::remove_XSS($_GET['course_code']) : '';
64			if (api_is_anonymous()) {
65			header('Location: '.api_get_path(WEB_CODE_PATH).'auth/inscription.php?c='.$courseCodeToSubscribe);
66			exit;
67			}
68			if (Security::check_token('get')) {
69			$courseInfo = api_get_course_info($courseCodeToSubscribe);
70			CourseManager::autoSubscribeToCourse($courseCodeToSubscribe);
71			$redirectionTarget = CoursesAndSessionsCatalog::generateRedirectUrlAfterSubscription(
72			$courseInfo['course_public_url']
73			);
74
75			header("Location: $redirectionTarget");
76			exit;
77			}
78			break;
79			case 'subscribe_course_validation':
80			$toolTitle = get_lang('Subscribe');
81			$courseCodeToSubscribe = isset($_GET['course_code']) ? Security::remove_XSS($_GET['course_code']) : '';
82			$courseInfo = api_get_course_info($courseCodeToSubscribe);
83			if (empty($courseInfo)) {
84			header('Location: '.api_get_self());
85			exit;
86			}
87			$message = get_lang('CourseRequiresPassword').' ';
88			$message .= $courseInfo['title'].' ('.$courseInfo['visual_code'].') ';
89
90			$action = api_get_self().'?action=subscribe_course_validation&sec_token='.
91			Security::getTokenFromSession().'&course_code='.$courseInfo['code'];
92			$form = new FormValidator(
93			'subscribe_user_with_password',
94			'post',
95			$action
96			);
97			$form->addHeader($message);
98			$form->addElement('hidden', 'sec_token', Security::getTokenFromSession());
99			$form->addElement('hidden', 'subscribe_user_with_password', $courseInfo['code']);
100			$form->addElement('text', 'course_registration_code');
101			$form->addButtonSave(get_lang('SubmitRegistrationCode'));
102			$content = $form->returnForm();
103
104			if ($form->validate()) {
105			if (sha1($_POST['course_registration_code']) === $courseInfo['registration_code']) {
106			CourseManager::autoSubscribeToCourse($_POST['subscribe_user_with_password']);
107
108			$redirectionTarget = CoursesAndSessionsCatalog::generateRedirectUrlAfterSubscription(
109			$courseInfo['course_public_url']
110			);
111
112			header("Location: $redirectionTarget");
113			} else {
114			Display::addFlash(Display::return_message(get_lang('CourseRegistrationCodeIncorrect'), 'warning'));
115			header('Location: '.$action);
116			}
117			exit;
118			}
119
120			$template = new Template($toolTitle, true, true, false, false, false);
121			$template->assign('content', $content);
122			$template->display_one_col_template();
123			break;
124			case 'subscribe':
125			if (!$userCanViewPage) {
126			api_not_allowed(true);
127			}
128			header('Location: '.api_get_self());
129			exit;
130			case 'display_random_courses':
131			case 'display_courses':
132			case 'search_course':
133			if (!$userCanViewPage) {
134			api_not_allowed(true);
135			}
136
137			CoursesAndSessionsCatalog::displayCoursesList($action, $searchTerm, $categoryCode);
138			exit;
139			case 'display_sessions':
140			if (!$userCanViewPage) {
141			api_not_allowed(true);
142			}
143
144			CoursesAndSessionsCatalog::sessionList();
145			exit;
146			case 'subscribe_to_session':
147			if (!$userCanViewPage) {
148			api_not_allowed(true);
149			}
150
151			$userId = api_get_user_id();
152			$confirmed = isset($_GET['confirm']);
153			$sessionId = (int) $_GET['session_id'];
154
155			if (empty($userId)) {
156			api_not_allowed();
157			exit;
158			}
159
160			if (!$confirmed) {
161			$template = new Template(null, false, false, false, false, false);
162			$template->assign('session_id', $sessionId);
163			$layout = $template->get_template('auth/confirm_session_subscription.tpl');
164			echo $template->fetch($layout);
165			exit;
166			}
167
168			$registrationAllowed = api_get_setting('catalog_allow_session_auto_subscription');
169			if ('true' === $registrationAllowed) {
170			$entityManager = Database::getManager();
171			$repository = $entityManager->getRepository('ChamiloCoreBundle:SequenceResource');
172			$sequences = $repository->getRequirements(
173			$sessionId,
174			SequenceResource::SESSION_TYPE
175			);
176
177			if (count($sequences) > 0) {
178			$requirementsData = $repository->checkRequirementsForUser(
179			$sequences,
180			SequenceResource::SESSION_TYPE,
181			$userId,
182			$sessionId
183			);
184
185			$continueWithSubscription = $repository->checkSequenceAreCompleted($requirementsData);
186
187			if (!$continueWithSubscription) {
188			header('Location: '.api_get_path(WEB_CODE_PATH).'auth/courses.php');
189			exit;
190			}
191			}
192
193			SessionManager::subscribeUsersToSession(
194			$sessionId,
195			[$userId],
196			SESSION_VISIBLE_READ_ONLY,
197			false
198			);
199
200			$coursesList = SessionManager::get_course_list_by_session_id($sessionId);
201			$count = count($coursesList);
202			$url = '';
203
204			if ($count <= 0) {
205			// no course in session -> return to catalog
206			$url = api_get_path(WEB_CODE_PATH).'auth/courses.php';
207			} elseif (1 == $count) {
208			// only one course, so redirect directly to this course
209			foreach ($coursesList as $course) {
210			$url = api_get_path(WEB_COURSE_PATH).$course['directory'].'/index.php?id_session='.$sessionId;
211			}
212			} else {
213			$url = api_get_path(WEB_CODE_PATH).'session/index.php?session_id='.$sessionId;
214			}
215			header('Location: '.$url);
216			exit;
217			}
218			break;
219			case 'search_tag':
220			if (!$userCanViewPage) {
221			api_not_allowed(true);
222			}
223
224			CoursesAndSessionsCatalog::sessionsListByCoursesTag();
225			exit;
226			case 'search_session_title':
227			if (!$userCanViewPage) {
228			api_not_allowed(true);
229			}
230
231			CoursesAndSessionsCatalog::sessionsListByName();
232			exit;
233			}
234

chamilo / chamilo-lms

Push — 1.11.x ( a5874c...fde968 )

generateRedirectUrlAfterSubscription() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like