Learnpath: Enable drag-and-drop reordering for categories - refs BT#22963

Author: christianbeeznest

main/lp/lp_controller.php

@@ -1242,52 +1242,48 @@ function(reponse) {
         if (!api_is_allowed_to_edit(null, true)) {
             api_not_allowed(true);
         }
-        $courseId = api_get_course_int_id();
-        $sessionId = api_get_session_id();
-        $catOrder = isset($_POST['order']) ? (array) $_POST['order'] : [];
+        $courseId      = api_get_course_int_id();
         $tableCategory = Database::get_course_table(TABLE_LP_CATEGORY);
 
-        Database::query('START TRANSACTION');
+        $catOrder = isset($_POST['order']) ? (array) $_POST['order'] : [];
+
         $pos = 1;
-        foreach ($catOrder as $catId) {
-            $catId = (int)$catId;
-            if ($catId > 0) {
-                $catSessionId = (int) learnpath::getCategorySessionId($catId);
-                if ($catSessionId !== 0 && $catSessionId !== $sessionId) {
-                    continue;
-                }
+        foreach ($catOrder as $catIid) {
+            $catIid = (int) $catIid;
+            if ($catIid <= 0) {
+                continue;
             }
-            $sql = "UPDATE $tableCategory SET position = $pos WHERE c_id = $courseId AND id = $catId";
+
+            $sql = "UPDATE $tableCategory
+                   SET position = $pos
+                 WHERE c_id = $courseId
+                   AND iid = $catIid";
             Database::query($sql);
             $pos++;
         }
-        Database::query('COMMIT');
+
         header('Content-Type: application/json');
         echo json_encode(['ok' => true]);
         exit;
-        break;
-
     case 'reorder_lps':
         if (!api_is_allowed_to_edit(null, true)) {
             api_not_allowed(true);
         }
         $courseId = api_get_course_int_id();
         $sessionId = api_get_session_id();
-        $tableLp = Database::get_course_table(TABLE_LP_MAIN);
+        $tableLp  = Database::get_course_table(TABLE_LP_MAIN);
 
         $lists = isset($_POST['lists']) ? (array) $_POST['lists'] : [];
 
-        if (!empty($sessionId)) {
-            api_not_allowed(true);
-        }
-
-        Database::query('START TRANSACTION');
-
         foreach ($lists as $categoryIdStr => $lpIds) {
-            $categoryId = (int)$categoryIdStr;
+            $categoryId = (int) $categoryIdStr;
             $pos = 1;
-            foreach ((array)$lpIds as $lpId) {
-                $lpId = (int)$lpId;
+
+            foreach ((array) $lpIds as $lpId) {
+                $lpId = (int) $lpId;
+                if ($lpId <= 0) {
+                    continue;
+                }
                 $sql = "UPDATE $tableLp
                     SET category_id = ".($categoryId ?: 0).", display_order = $pos
                     WHERE c_id = $courseId AND id = $lpId";
@@ -1296,11 +1292,9 @@ function(reponse) {
             }
         }
 
-        Database::query('COMMIT');
         header('Content-Type: application/json');
         echo json_encode(['ok' => true]);
         exit;
-        break;
     case 'edit':
         if (!$is_allowed_to_edit) {
             api_not_allowed(true);

main/lp/lp_list.php

@@ -1050,6 +1050,7 @@ function confirmation(name) {
 $template->assign('filtered_category', $filteredCategoryId);
 $template->assign('allow_min_time', $allowMinTime);
 $template->assign('allow_dates_for_student', $allowDatesForStudent);
+$template->assign('sec_token', $token);
 
 $templateName = $template->get_template('learnpath/list.tpl');
 $content = $template->fetch($templateName);