Issues in auth.lib.php (1.11.x) - Issues in 1.11.x - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2160)

main/inc/lib/auth.lib.php (2 issues)

Labels

Severity

Minor 2

<?php

/* For licensing terms, see /license.txt */

/**
 * Class Auth
 * Auth can be used to instantiate objects or as a library to manage courses
 * This file contains a class used like library provides functions for auth tool.
 * It's also used like model to courses_controller (MVC pattern).
 *
 * @author Christian Fasanando <[email protected]>
 */
class Auth
{
    /**
     * Constructor.
     */
    public function __construct()
    {
    }

    /**
     * This function get all the courses in the particular user category.
     *
     * @param bool $hidePrivate
     *
     * @return array
     */
    public function getCoursesInCategory($hidePrivate = true)
    {
        $user_id = api_get_user_id();

        $TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
        $TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
        $avoidCoursesCondition = CoursesAndSessionsCatalog::getAvoidCourseCondition();
        $showCoursesCondition = CoursesAndSessionsCatalog::getCoursesToShowInCatalogueCondition();
        $visibilityCondition = CourseManager::getCourseVisibilitySQLCondition('course', true, $hidePrivate);

        $sql = "SELECT
                    course.id as real_id,
                    course.code, course.visual_code, course.subscribe subscr, course.unsubscribe unsubscr,
                    course.title title, course.tutor_name tutor, course.directory, course_rel_user.status status,
                    course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
                FROM $TABLECOURS course,
                $TABLECOURSUSER  course_rel_user
                WHERE
                    course.id = course_rel_user.c_id AND
                    course_rel_user.user_id = '".$user_id."' AND
                    course_rel_user.relation_type <> ".COURSE_RELATION_TYPE_RRHH."
                    $avoidCoursesCondition
                    $showCoursesCondition
                    $visibilityCondition
                ORDER BY course_rel_user.user_course_cat, course_rel_user.sort ASC";
        $result = Database::query($sql);
        $data = [];
        while ($course = Database::fetch_array($result)) {
            $data[$course['user_course_cat']][] = $course;
        }

        return $data;
    }

    /**
     * stores  the changes in a course category
     * (moving a course to a different course category).
     *
     * @param int $courseId
     * @param int       Category id
     *
     * @return bool True if it success
     */
    public function updateCourseCategory($courseId, $newcategory)
    {
        $courseId = (int) $courseId;
        $newcategory = (int) $newcategory;
        $current_user = api_get_user_id();

        $table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
        $max_sort_value = api_max_sort_value($newcategory, $current_user);
        $sql = "UPDATE $table SET
                    user_course_cat='".$newcategory."',
                    sort='".($max_sort_value + 1)."'
                WHERE
                    c_id ='".$courseId."' AND
                    user_id='".$current_user."' AND
                    relation_type<>".COURSE_RELATION_TYPE_RRHH;
        $resultQuery = Database::query($sql);

        $result = false;
        if (Database::affected_rows($resultQuery)) {
            $result = true;
        }

        return $result;
    }

    /**
     * moves the course one place up or down.
     *
     * @param string    Direction (up/down)
     * @param string    Course code
     * @param int       Category id
     *
     * @return bool True if it success
     */
    public function move_course($direction, $course2move, $category)
    {
        $table = Database::get_main_table(TABLE_MAIN_COURSE_USER);

        $current_user_id = api_get_user_id();
        $all_user_courses = CourseManager::getCoursesByUserCourseCategory($current_user_id);

        // we need only the courses of the category we are moving in
        $user_courses = [];
        foreach ($all_user_courses as $key => $course) {
            if ($course['user_course_category'] == $category) {
                $user_courses[] = $course;
            }
        }

        $target_course = [];
        foreach ($user_courses as $count => $course) {
            if ($course2move == $course['code']) {
                // source_course is the course where we clicked the up or down icon
                $source_course = $course;
                // target_course is the course before/after the source_course (depending on the up/down icon)
                if ('up' == $direction) {
                    $target_course = $user_courses[$count - 1];
                } else {
                    $target_course = $user_courses[$count + 1];
                }
                break;
            }
        }

        $result = false;
        if (count($target_course) > 0 && count($source_course) > 0) {

            $courseInfo = api_get_course_info($source_course['code']);
            $courseId = $courseInfo['real_id'];

            $targetCourseInfo = api_get_course_info($target_course['code']);
            $targetCourseId = $targetCourseInfo['real_id'];

            $sql = "UPDATE $table
                    SET sort='".$target_course['sort']."'
                    WHERE
                        c_id = '".$courseId."' AND
                        user_id = '".$current_user_id."' AND
                        relation_type<>".COURSE_RELATION_TYPE_RRHH;

            $result1 = Database::query($sql);

            $sql = "UPDATE $table SET sort='".$source_course['sort']."'
                    WHERE
                        c_id ='".$targetCourseId."' AND
                        user_id='".$current_user_id."' AND
                        relation_type<>".COURSE_RELATION_TYPE_RRHH;

            $result2 = Database::query($sql);

            if (Database::affected_rows($result1) && Database::affected_rows($result2)) {
                $result = true;
            }
        }

        return $result;
    }

    /**
     * Moves the course one place up or down.
     *
     * @param string $direction     Direction up/down
     * @param string $category2move Category id
     *
     * @return bool True If it success
     */
    public function move_category($direction, $category2move)
    {
        $userId = api_get_user_id();
        $userCategories = CourseManager::get_user_course_categories($userId);
        $categories = array_values($userCategories);

        $previous = null;
        $target_category = [];
        foreach ($categories as $key => $category) {
            $category_id = $category['id'];
            if ($category2move == $category_id) {
                // source_course is the course where we clicked the up or down icon
                $source_category = $userCategories[$category2move];
                // target_course is the course before/after the source_course (depending on the up/down icon)
                if ('up' == $direction) {
                    if (isset($categories[$key - 1])) {
                        $target_category = $userCategories[$categories[$key - 1]['id']];
                    }
                } else {
                    if (isset($categories[$key + 1])) {
                        $target_category = $userCategories[$categories[$key + 1]['id']];
                    }
                }
            }
        }

        $result = false;
        if (count($target_category) > 0 && count($source_category) > 0) {

            $table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
            $sql = "UPDATE $table SET
                    sort = '".Database::escape_string($target_category['sort'])."'
                    WHERE id='".intval($source_category['id'])."' AND user_id='".$userId."'";
            $resultFirst = Database::query($sql);
            $sql = "UPDATE $table SET
                    sort = '".Database::escape_string($source_category['sort'])."'
                    WHERE id='".intval($target_category['id'])."' AND user_id='".$userId."'";
            $resultSecond = Database::query($sql);
            if (Database::affected_rows($resultFirst) && Database::affected_rows($resultSecond)) {
                $result = true;
            }
        }

        return $result;
    }

    /**
     * Updates the user course category in the chamilo_user database.
     *
     * @param string  Category title
     * @param int     Category id
     *
     * @return bool True if it success
     */
    public function store_edit_course_category($title, $category_id)
    {
        $title = Database::escape_string($title);
        $category_id = (int) $category_id;
        $result = false;
        $table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
        $sql = "UPDATE $table
                SET title = '".api_htmlentities($title, ENT_QUOTES, api_get_system_encoding())."'
                WHERE id = ".$category_id." AND user_id = ".api_get_user_id();
        $resultQuery = Database::query($sql);
        if (Database::affected_rows($resultQuery)) {
            $result = true;
        }

        return $result;
    }

    /**
     * deletes a course category and moves all the courses that were in this category to main category.
     *
     * @param int     Category id
     *
     * @return bool True if it success
     */
    public function delete_course_category($category_id)
    {
        $current_user_id = api_get_user_id();
        $tucc = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
        $TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
        $category_id = (int) $category_id;
        $result = false;
        $sql = "DELETE FROM $tucc
                WHERE
                    id='".$category_id."' AND
                    user_id='".$current_user_id."'";
        $resultQuery = Database::query($sql);
        if (Database::affected_rows($resultQuery)) {
            $result = true;
        }
        $sql = "UPDATE $TABLECOURSUSER
                SET user_course_cat='0'
                WHERE
                    user_course_cat='".$category_id."' AND
                    user_id='".$current_user_id."' AND
                    relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
        Database::query($sql);

        return $result;
    }

    /**
     * @param int $categoryId
     *
     * @return array|mixed
     */
    public function getUserCourseCategory($categoryId)
    {
        $userId = api_get_user_id();
        $tucc = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
        $categoryId = (int) $categoryId;

        $sql = "SELECT * FROM $tucc
                WHERE
                    id= $categoryId AND
                    user_id= $userId";
        $resultQuery = Database::query($sql);

        return Database::fetch_array($resultQuery, 'ASSOC');
    }

    /**
     * unsubscribe the user from a given course.
     *
     * @param string $course_code
     *
     * @return bool True if it success
     */
    public function remove_user_from_course($course_code, $sessionId = 0)
    {
        $tbl_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);

        // protect variables
        $current_user_id = api_get_user_id();
        $course_code = Database::escape_string($course_code);

        $courseInfo = api_get_course_info($course_code);

        if (empty($courseInfo) || empty($current_user_id)) {
            return false;
        }

        // Check if course can be unsubscribe.
        if ('1' !== $courseInfo['unsubscribe']) {
            return false;
        }

        $courseId = $courseInfo['real_id'];

        // we check (once again) if the user is not course administrator
        // because the course administrator cannot unsubscribe himself
        // (s)he can only delete the course
        $sql = "SELECT * FROM $tbl_course_user
                WHERE
                    user_id='".$current_user_id."' AND
                    c_id ='".$courseId."' AND
                    status='1' ";
        $result_check = Database::query($sql);
        $number_of_rows = Database::num_rows($result_check);

        $result = true;
        if ($number_of_rows > 0) {
            $result = false;
        }

        if ($result) {
            CourseManager::unsubscribe_user($current_user_id, $course_code, $sessionId);
        }

        return $result;
    }

    /**
     * stores the user course category in the chamilo_user database.
     *
     * @param string  Category title
     *
     * @return bool True if it success
     */
    public function store_course_category($category_title)
    {
        $table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);

        // protect data
        $current_user_id = api_get_user_id();
        $category_title = Database::escape_string($category_title);

        // step 1: we determine the max value of the user defined course categories
        $sql = "SELECT sort FROM $table
                WHERE user_id='".$current_user_id."'
                ORDER BY sort DESC";
        $rs_sort = Database::query($sql);
        $maxsort = Database::fetch_array($rs_sort);
        $nextsort = $maxsort['sort'] + 1;

        // step 2: we check if there is already a category with this name,
        // if not we store it, else we give an error.
        $sql = "SELECT * FROM $table
                WHERE
                    user_id='".$current_user_id."' AND
                    title='".$category_title."'
                ORDER BY sort DESC";
        $rs = Database::query($sql);

        $result = false;
        if (0 == Database::num_rows($rs)) {
            $sql = "INSERT INTO $table (user_id, title,sort)
                    VALUES ('".$current_user_id."', '".api_htmlentities(
                    $category_title,
                    ENT_QUOTES,
                    api_get_system_encoding()
                )."', '".$nextsort."')";
            $resultQuery = Database::query($sql);
            if (Database::affected_rows($resultQuery)) {
                $result = true;
            }
        }

        return $result;
    }
}


1			<?php
2
3			/* For licensing terms, see /license.txt */
4
5			/**
6			* Class Auth
7			* Auth can be used to instantiate objects or as a library to manage courses
8			* This file contains a class used like library provides functions for auth tool.
9			* It's also used like model to courses_controller (MVC pattern).
10			*
11			* @author Christian Fasanando <[email protected]>
12			*/
13			class Auth
14			{
15			/**
16			* Constructor.
17			*/
18			public function __construct()
19			{
20			}
21
22			/**
23			* This function get all the courses in the particular user category.
24			*
25			* @param bool $hidePrivate
26			*
27			* @return array
28			*/
29			public function getCoursesInCategory($hidePrivate = true)
30			{
31			$user_id = api_get_user_id();
32
33			$TABLECOURS = Database::get_main_table(TABLE_MAIN_COURSE);
34			$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
35			$avoidCoursesCondition = CoursesAndSessionsCatalog::getAvoidCourseCondition();
36			$showCoursesCondition = CoursesAndSessionsCatalog::getCoursesToShowInCatalogueCondition();
37			$visibilityCondition = CourseManager::getCourseVisibilitySQLCondition('course', true, $hidePrivate);
38
39			$sql = "SELECT
40			course.id as real_id,
41			course.code, course.visual_code, course.subscribe subscr, course.unsubscribe unsubscr,
42			course.title title, course.tutor_name tutor, course.directory, course_rel_user.status status,
43			course_rel_user.sort sort, course_rel_user.user_course_cat user_course_cat
44			FROM $TABLECOURS course,
45			$TABLECOURSUSER course_rel_user
46			WHERE
47			course.id = course_rel_user.c_id AND
48			course_rel_user.user_id = '".$user_id."' AND
49			course_rel_user.relation_type <> ".COURSE_RELATION_TYPE_RRHH."
50			$avoidCoursesCondition
51			$showCoursesCondition
52			$visibilityCondition
53			ORDER BY course_rel_user.user_course_cat, course_rel_user.sort ASC";
54			$result = Database::query($sql);
55			$data = [];
56			while ($course = Database::fetch_array($result)) {
57			$data[$course['user_course_cat']][] = $course;
58			}
59
60			return $data;
61			}
62
63			/**
64			* stores the changes in a course category
65			* (moving a course to a different course category).
66			*
67			* @param int $courseId
68			* @param int Category id
69			*
70			* @return bool True if it success
71			*/
72			public function updateCourseCategory($courseId, $newcategory)
73			{
74			$courseId = (int) $courseId;
75			$newcategory = (int) $newcategory;
76			$current_user = api_get_user_id();
77
78			$table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
79			$max_sort_value = api_max_sort_value($newcategory, $current_user);
80			$sql = "UPDATE $table SET
81			user_course_cat='".$newcategory."',
82			sort='".($max_sort_value + 1)."'
83			WHERE
84			c_id ='".$courseId."' AND
85			user_id='".$current_user."' AND
86			relation_type<>".COURSE_RELATION_TYPE_RRHH;
87			$resultQuery = Database::query($sql);
88
89			$result = false;
90			if (Database::affected_rows($resultQuery)) {
91			$result = true;
92			}
93
94			return $result;
95			}
96
97			/**
98			* moves the course one place up or down.
99			*
100			* @param string Direction (up/down)
101			* @param string Course code
102			* @param int Category id
103			*
104			* @return bool True if it success
105			*/
106			public function move_course($direction, $course2move, $category)
107			{
108			$table = Database::get_main_table(TABLE_MAIN_COURSE_USER);
109
110			$current_user_id = api_get_user_id();
111			$all_user_courses = CourseManager::getCoursesByUserCourseCategory($current_user_id);
112
113			// we need only the courses of the category we are moving in
114			$user_courses = [];
115			foreach ($all_user_courses as $key => $course) {
116			if ($course['user_course_category'] == $category) {
117			$user_courses[] = $course;
118			}
119			}
120
121			$target_course = [];
122			foreach ($user_courses as $count => $course) {
123			if ($course2move == $course['code']) {
124			// source_course is the course where we clicked the up or down icon
125			$source_course = $course;
126			// target_course is the course before/after the source_course (depending on the up/down icon)
127			if ('up' == $direction) {
128			$target_course = $user_courses[$count - 1];
129			} else {
130			$target_course = $user_courses[$count + 1];
131			}
132			break;
133			}
134			}
135
136			$result = false;
137			if (count($target_course) > 0 && count($source_course) > 0) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$source_course` does not seem to be defined for all execution paths leading up to this point. Loading history...
138			$courseInfo = api_get_course_info($source_course['code']);
139			$courseId = $courseInfo['real_id'];
140
141			$targetCourseInfo = api_get_course_info($target_course['code']);
142			$targetCourseId = $targetCourseInfo['real_id'];
143
144			$sql = "UPDATE $table
145			SET sort='".$target_course['sort']."'
146			WHERE
147			c_id = '".$courseId."' AND
148			user_id = '".$current_user_id."' AND
149			relation_type<>".COURSE_RELATION_TYPE_RRHH;
150
151			$result1 = Database::query($sql);
152
153			$sql = "UPDATE $table SET sort='".$source_course['sort']."'
154			WHERE
155			c_id ='".$targetCourseId."' AND
156			user_id='".$current_user_id."' AND
157			relation_type<>".COURSE_RELATION_TYPE_RRHH;
158
159			$result2 = Database::query($sql);
160
161			if (Database::affected_rows($result1) && Database::affected_rows($result2)) {
162			$result = true;
163			}
164			}
165
166			return $result;
167			}
168
169			/**
170			* Moves the course one place up or down.
171			*
172			* @param string $direction Direction up/down
173			* @param string $category2move Category id
174			*
175			* @return bool True If it success
176			*/
177			public function move_category($direction, $category2move)
178			{
179			$userId = api_get_user_id();
180			$userCategories = CourseManager::get_user_course_categories($userId);
181			$categories = array_values($userCategories);
182
183			$previous = null;
184			$target_category = [];
185			foreach ($categories as $key => $category) {
186			$category_id = $category['id'];
187			if ($category2move == $category_id) {
188			// source_course is the course where we clicked the up or down icon
189			$source_category = $userCategories[$category2move];
190			// target_course is the course before/after the source_course (depending on the up/down icon)
191			if ('up' == $direction) {
192			if (isset($categories[$key - 1])) {
193			$target_category = $userCategories[$categories[$key - 1]['id']];
194			}
195			} else {
196			if (isset($categories[$key + 1])) {
197			$target_category = $userCategories[$categories[$key + 1]['id']];
198			}
199			}
200			}
201			}
202
203			$result = false;
204			if (count($target_category) > 0 && count($source_category) > 0) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$source_category` does not seem to be defined for all execution paths leading up to this point. Loading history...
205			$table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
206			$sql = "UPDATE $table SET
207			sort = '".Database::escape_string($target_category['sort'])."'
208			WHERE id='".intval($source_category['id'])."' AND user_id='".$userId."'";
209			$resultFirst = Database::query($sql);
210			$sql = "UPDATE $table SET
211			sort = '".Database::escape_string($source_category['sort'])."'
212			WHERE id='".intval($target_category['id'])."' AND user_id='".$userId."'";
213			$resultSecond = Database::query($sql);
214			if (Database::affected_rows($resultFirst) && Database::affected_rows($resultSecond)) {
215			$result = true;
216			}
217			}
218
219			return $result;
220			}
221
222			/**
223			* Updates the user course category in the chamilo_user database.
224			*
225			* @param string Category title
226			* @param int Category id
227			*
228			* @return bool True if it success
229			*/
230			public function store_edit_course_category($title, $category_id)
231			{
232			$title = Database::escape_string($title);
233			$category_id = (int) $category_id;
234			$result = false;
235			$table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
236			$sql = "UPDATE $table
237			SET title = '".api_htmlentities($title, ENT_QUOTES, api_get_system_encoding())."'
238			WHERE id = ".$category_id." AND user_id = ".api_get_user_id();
239			$resultQuery = Database::query($sql);
240			if (Database::affected_rows($resultQuery)) {
241			$result = true;
242			}
243
244			return $result;
245			}
246
247			/**
248			* deletes a course category and moves all the courses that were in this category to main category.
249			*
250			* @param int Category id
251			*
252			* @return bool True if it success
253			*/
254			public function delete_course_category($category_id)
255			{
256			$current_user_id = api_get_user_id();
257			$tucc = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
258			$TABLECOURSUSER = Database::get_main_table(TABLE_MAIN_COURSE_USER);
259			$category_id = (int) $category_id;
260			$result = false;
261			$sql = "DELETE FROM $tucc
262			WHERE
263			id='".$category_id."' AND
264			user_id='".$current_user_id."'";
265			$resultQuery = Database::query($sql);
266			if (Database::affected_rows($resultQuery)) {
267			$result = true;
268			}
269			$sql = "UPDATE $TABLECOURSUSER
270			SET user_course_cat='0'
271			WHERE
272			user_course_cat='".$category_id."' AND
273			user_id='".$current_user_id."' AND
274			relation_type<>".COURSE_RELATION_TYPE_RRHH." ";
275			Database::query($sql);
276
277			return $result;
278			}
279
280			/**
281			* @param int $categoryId
282			*
283			* @return array\|mixed
284			*/
285			public function getUserCourseCategory($categoryId)
286			{
287			$userId = api_get_user_id();
288			$tucc = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
289			$categoryId = (int) $categoryId;
290
291			$sql = "SELECT * FROM $tucc
292			WHERE
293			id= $categoryId AND
294			user_id= $userId";
295			$resultQuery = Database::query($sql);
296
297			return Database::fetch_array($resultQuery, 'ASSOC');
298			}
299
300			/**
301			* unsubscribe the user from a given course.
302			*
303			* @param string $course_code
304			*
305			* @return bool True if it success
306			*/
307			public function remove_user_from_course($course_code, $sessionId = 0)
308			{
309			$tbl_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
310
311			// protect variables
312			$current_user_id = api_get_user_id();
313			$course_code = Database::escape_string($course_code);
314
315			$courseInfo = api_get_course_info($course_code);
316
317			if (empty($courseInfo) \|\| empty($current_user_id)) {
318			return false;
319			}
320
321			// Check if course can be unsubscribe.
322			if ('1' !== $courseInfo['unsubscribe']) {
323			return false;
324			}
325
326			$courseId = $courseInfo['real_id'];
327
328			// we check (once again) if the user is not course administrator
329			// because the course administrator cannot unsubscribe himself
330			// (s)he can only delete the course
331			$sql = "SELECT * FROM $tbl_course_user
332			WHERE
333			user_id='".$current_user_id."' AND
334			c_id ='".$courseId."' AND
335			status='1' ";
336			$result_check = Database::query($sql);
337			$number_of_rows = Database::num_rows($result_check);
338
339			$result = true;
340			if ($number_of_rows > 0) {
341			$result = false;
342			}
343
344			if ($result) {
345			CourseManager::unsubscribe_user($current_user_id, $course_code, $sessionId);
346			}
347
348			return $result;
349			}
350
351			/**
352			* stores the user course category in the chamilo_user database.
353			*
354			* @param string Category title
355			*
356			* @return bool True if it success
357			*/
358			public function store_course_category($category_title)
359			{
360			$table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
361
362			// protect data
363			$current_user_id = api_get_user_id();
364			$category_title = Database::escape_string($category_title);
365
366			// step 1: we determine the max value of the user defined course categories
367			$sql = "SELECT sort FROM $table
368			WHERE user_id='".$current_user_id."'
369			ORDER BY sort DESC";
370			$rs_sort = Database::query($sql);
371			$maxsort = Database::fetch_array($rs_sort);
372			$nextsort = $maxsort['sort'] + 1;
373
374			// step 2: we check if there is already a category with this name,
375			// if not we store it, else we give an error.
376			$sql = "SELECT * FROM $table
377			WHERE
378			user_id='".$current_user_id."' AND
379			title='".$category_title."'
380			ORDER BY sort DESC";
381			$rs = Database::query($sql);
382
383			$result = false;
384			if (0 == Database::num_rows($rs)) {
385			$sql = "INSERT INTO $table (user_id, title,sort)
386			VALUES ('".$current_user_id."', '".api_htmlentities(
387			$category_title,
388			ENT_QUOTES,
389			api_get_system_encoding()
390			)."', '".$nextsort."')";
391			$resultQuery = Database::query($sql);
392			if (Database::affected_rows($resultQuery)) {
393			$result = true;
394			}
395			}
396
397			return $result;
398			}
399			}
400

chamilo / chamilo-lms

Issues (2160)

main/inc/lib/auth.lib.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like