chamilo-lms/main/document/create_draw.php

<?php
/* For licensing terms, see /license.txt */

/**
 *	This file allows creating new svg and png documents with an online editor.
 *
 *	@package chamilo.document
 *
 * @author Juan Carlos Raña Trabado
 * @since 25/september/2010
*/
/**
 * Code
 */

/*	INIT SECTION */

// Name of the language file that needs to be included
$language_file = array('document');

require_once '../inc/global.inc.php';

$_SESSION['whereami'] = 'document/createdraw';
$this_section = SECTION_COURSES;

require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';

$nameTools = get_lang('Draw');

api_protect_course_script();
api_block_anonymous_users();

$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
if (empty($document_data)) {
    if (api_is_in_group()) {
        $group_properties   = GroupManager::get_group_properties(api_get_group_id());        
        $document_id        = DocumentManager::get_document_id(api_get_course_info(), $group_properties['directory']);
        $document_data      = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
    }
}

$document_id   = $document_data['id'];
$dir           = $document_data['path'];

/*	Constants and variables */

//path for svg-edit save
$_SESSION['draw_dir'] = Security::remove_XSS($dir);
if ($_SESSION['draw_dir']=='/'){
    $_SESSION['draw_dir']='';
}

$dir = isset($dir) ? Security::remove_XSS($dir) : Security::remove_XSS($_POST['dir']);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);

// Please, do not modify this dirname formatting

if (strstr($dir, '..')) {
	$dir = '/';
}

if ($dir[0] == '.') {
	$dir = substr($dir, 1);
}

if ($dir[0] != '/') {
	$dir = '/'.$dir;
}

if ($dir[strlen($dir) - 1] != '/') {
	$dir .= '/';
}

$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir;

if (!is_dir($filepath)) {
	$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/';
	$dir = '/';
}

//groups //TODO: clean
if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
	$req_gid = '&amp;gidReq='.$_SESSION['_gid'];
	$interbreadcrumb[] = array ("url" => "../group/group_space.php?gidReq=".$_SESSION['_gid'], "name" => get_lang('GroupSpace'));
	$noPHP_SELF = true;
	$to_group_id = $_SESSION['_gid'];
	$group = GroupManager :: get_group_properties($to_group_id);
	$path = explode('/', $dir);
	if ('/'.$path[1] != $group['directory']) {
		api_not_allowed(true);
	}
}

$interbreadcrumb[] = array ("url" => "./document.php?id=".$parent_id.$req_gid, "name" => get_lang('Documents'));

if (!$is_allowed_in_course) {
	api_not_allowed(true);
}

if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($dir), api_get_session_id()))) {
	api_not_allowed(true);
}


/*	Header */
event_access_tool(TOOL_DOCUMENT);
$display_dir = $dir;
if (isset ($group)) {
	$display_dir = explode('/', $dir);
	unset ($display_dir[0]);
	unset ($display_dir[1]);
	$display_dir = implode('/', $display_dir);
}

// Interbreadcrumb for the current directory root path
	// Copied from document.php
	$dir_array = explode('/', $dir);
	$array_len = count($dir_array);
	
	/*
	TODO:check and delete this code
	if (!$is_certificate_mode) {
		if ($array_len > 1) {
			if (empty($_SESSION['_gid'])) {
				$url_dir = 'document.php?&curdirpath=/';
				$interbreadcrumb[] = array('url' => $url_dir, 'name' => get_lang('HomeDirectory'));
			}
		}
	}
	*/
	
	$dir_acum = '';
	for ($i = 0; $i < $array_len; $i++) {
		$url_dir = 'document.php?&curdirpath='.$dir_acum.$dir_array[$i];
		//Max char 80
		$url_to_who = cut($dir_array[$i],80);
		if ($is_certificate_mode) {
			$interbreadcrumb[] = array('url' => $url_dir.'&selectcat='.Security::remove_XSS($_GET['selectcat']), 'name' => $url_to_who);
		} else {
			$interbreadcrumb[] = array('url' => $url_dir, 'name' => $url_to_who);
		}
		$dir_acum .= $dir_array[$i].'/';
	}
Display :: display_header($nameTools, 'Doc');

echo '<div class="actions">';
		echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '</div>';

if (api_browser_support('svg')){
	
	//automatic loading the course language
	$svgedit_code_translation_table = array('' => 'en', 'pt' => 'pt-Pt', 'sr' => 'sr_latn');
	$langsvgedit  = api_get_language_isocode();
	$langsvgedit = isset($svgedit_code_translation_table[$langsvgedit]) ? $svgedit_code_translation_table[$langsvgedit] : $langsvgedit;
	$langsvgedit = file_exists(api_get_path(LIBRARY_PATH).'svg-edit/locale/lang.'.$langsvgedit.'.js') ? $langsvgedit : 'en';
	
	//editor
	echo '<iframe style=\'height: 550px; width: 100%;\' scrolling=\'no\' frameborder=\'0\' src=\''.api_get_path(WEB_LIBRARY_PATH).'svg-edit/svg-editor.php?lang='.$langsvgedit.'\'>';
	echo '</iframe>';
} else {	
	Display::display_error_message(get_lang('BrowserDontSupportsSVG'));
}

Display :: display_footer();
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`<?php`
			`/* For licensing terms, see /license.txt */`

			`/**`
			`* This file allows creating new svg and png documents with an online editor.`
			`*`
			`* @package chamilo.document`
			`*`
Minor - Adapting code comments to phpdoc 14 years ago			`* @author Juan Carlos Raña Trabado`
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`* @since 25/september/2010`
			`*/`
Minor - Adapting code comments to phpdoc 14 years ago			`/**`
			`* Code`
			`*/`
temporal disabled upload files, rename some files, adding index.html files 14 years ago
			`/* INIT SECTION */`

			`// Name of the language file that needs to be included`
			`$language_file = array('document');`

			`require_once '../inc/global.inc.php';`

Feature #2044 edit online a svg file 14 years ago			`$_SESSION['whereami'] = 'document/createdraw';`
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`$this_section = SECTION_COURSES;`
Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';`
			`require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';`
Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`$nameTools = get_lang('Draw');`

			`api_protect_course_script();`
			`api_block_anonymous_users();`

Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());`
Adding fixes when using documents in groups see #3312 14 years ago			`if (empty($document_data)) {`
			`if (api_is_in_group()) {`
			`$group_properties = GroupManager::get_group_properties(api_get_group_id());`
			`$document_id = DocumentManager::get_document_id(api_get_course_info(), $group_properties['directory']);`
			`$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());`
			`}`
			`}`

Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`$document_id = $document_data['id'];`
			`$dir = $document_data['path'];`

temporal disabled upload files, rename some files, adding index.html files 14 years ago			`/* Constants and variables */`

Feature #2044 rename api function support_svg by api_support_svg, add some messages error 14 years ago			`//path for svg-edit save`
Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`$_SESSION['draw_dir'] = Security::remove_XSS($dir);`
			`if ($_SESSION['draw_dir']=='/'){`
			`$_SESSION['draw_dir']='';`
Feature #2044 rename api function support_svg by api_support_svg, add some messages error 14 years ago			`}`

Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`$dir = isset($dir) ? Security::remove_XSS($dir) : Security::remove_XSS($_POST['dir']);`
Feature #2044 edit online a svg file 14 years ago			`$is_allowed_to_edit = api_is_allowed_to_edit(null, true);`
temporal disabled upload files, rename some files, adding index.html files 14 years ago
			`// Please, do not modify this dirname formatting`

			`if (strstr($dir, '..')) {`
			`$dir = '/';`
			`}`

			`if ($dir[0] == '.') {`
			`$dir = substr($dir, 1);`
			`}`

			`if ($dir[0] != '/') {`
			`$dir = '/'.$dir;`
			`}`

			`if ($dir[strlen($dir) - 1] != '/') {`
			`$dir .= '/';`
			`}`

Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir;`

			`if (!is_dir($filepath)) {`
			`$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/';`
			`$dir = '/';`
			`}`

Feature #2044 edit online a svg file 14 years ago			`//groups //TODO: clean`
			`if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {`
Corrections in edit_paint and edit_svg in order to adopt the document id (partial) see # 3261 14 years ago			`$req_gid = '&gidReq='.$_SESSION['_gid'];`
			`$interbreadcrumb[] = array ("url" => "../group/group_space.php?gidReq=".$_SESSION['_gid'], "name" => get_lang('GroupSpace'));`
			`$noPHP_SELF = true;`
			`$to_group_id = $_SESSION['_gid'];`
			`$group = GroupManager :: get_group_properties($to_group_id);`
			`$path = explode('/', $dir);`
			`if ('/'.$path[1] != $group['directory']) {`
			`api_not_allowed(true);`
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`}`
Corrections in edit_paint and edit_svg in order to adopt the document id (partial) see # 3261 14 years ago			`}`

Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`$interbreadcrumb[] = array ("url" => "./document.php?id=".$parent_id.$req_gid, "name" => get_lang('Documents'));`
temporal disabled upload files, rename some files, adding index.html files 14 years ago
Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`if (!$is_allowed_in_course) {`
			`api_not_allowed(true);`
			`}`
now student can create document (Feature #2076) and make drawings (parcial Feature #2044) into a course inside his shared folder 14 years ago
Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`if (!($is_allowed_to_edit \|\| $_SESSION['group_member_with_upload_rights'] \|\| is_my_shared_folder(api_get_user_id(), Security::remove_XSS($dir), api_get_session_id()))) {`
Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`api_not_allowed(true);`
			`}`
now student can create document (Feature #2076) and make drawings (parcial Feature #2044) into a course inside his shared folder 14 years ago

Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`/* Header */`
			`event_access_tool(TOOL_DOCUMENT);`
			`$display_dir = $dir;`
			`if (isset ($group)) {`
			`$display_dir = explode('/', $dir);`
			`unset ($display_dir[0]);`
			`unset ($display_dir[1]);`
			`$display_dir = implode('/', $display_dir);`
			`}`

			`// Interbreadcrumb for the current directory root path`
			`// Copied from document.php`
			`$dir_array = explode('/', $dir);`
			`$array_len = count($dir_array);`
improve document breadcrumb 14 years ago
			`/*`
			`TODO:check and delete this code`
Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`if (!$is_certificate_mode) {`
			`if ($array_len > 1) {`
			`if (empty($_SESSION['_gid'])) {`
			`$url_dir = 'document.php?&curdirpath=/';`
			`$interbreadcrumb[] = array('url' => $url_dir, 'name' => get_lang('HomeDirectory'));`
			`}`
			`}`
			`}`
improve document breadcrumb 14 years ago			`*/`

Feature #2044 saving files in current directory, implement groups, security and cleaning 14 years ago			`$dir_acum = '';`
			`for ($i = 0; $i < $array_len; $i++) {`
			`$url_dir = 'document.php?&curdirpath='.$dir_acum.$dir_array[$i];`
			`//Max char 80`
			`$url_to_who = cut($dir_array[$i],80);`
			`if ($is_certificate_mode) {`
			`$interbreadcrumb[] = array('url' => $url_dir.'&selectcat='.Security::remove_XSS($_GET['selectcat']), 'name' => $url_to_who);`
			`} else {`
			`$interbreadcrumb[] = array('url' => $url_dir, 'name' => $url_to_who);`
			`}`
			`$dir_acum .= $dir_array[$i].'/';`
			`}`
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`Display :: display_header($nameTools, 'Doc');`
Feature #2044 edit online a svg file 14 years ago
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`echo '<div class="actions">';`
Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261 14 years ago			`echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';`
temporal disabled upload files, rename some files, adding index.html files 14 years ago			`echo '</div>';`

improve api detect file format support by browser 14 years ago			`if (api_browser_support('svg')){`
Feature #2044 rename api function support_svg by api_support_svg, add some messages error 14 years ago
Feature #2044 automatic loading the course language 14 years ago			`//automatic loading the course language`
			`$svgedit_code_translation_table = array('' => 'en', 'pt' => 'pt-Pt', 'sr' => 'sr_latn');`
			`$langsvgedit = api_get_language_isocode();`
			`$langsvgedit = isset($svgedit_code_translation_table[$langsvgedit]) ? $svgedit_code_translation_table[$langsvgedit] : $langsvgedit;`
			`$langsvgedit = file_exists(api_get_path(LIBRARY_PATH).'svg-edit/locale/lang.'.$langsvgedit.'.js') ? $langsvgedit : 'en';`

			`//editor`
Feature #2044 height 550 is better 14 years ago			`echo '<iframe style=\'height: 550px; width: 100%;\' scrolling=\'no\' frameborder=\'0\' src=\''.api_get_path(WEB_LIBRARY_PATH).'svg-edit/svg-editor.php?lang='.$langsvgedit.'\'>';`
Feature #2044 rename api function support_svg by api_support_svg, add some messages error 14 years ago			`echo '</iframe>';`
Corrections in edit_paint and edit_svg in order to adopt the document id (partial) see # 3261 14 years ago			`} else {`
Feature #2044 rename api function support_svg by api_support_svg, add some messages error 14 years ago			`Display::display_error_message(get_lang('BrowserDontSupportsSVG'));`
			`}`
temporal disabled upload files, rename some files, adding index.html files 14 years ago
Minor - Adapting code comments to phpdoc 14 years ago			`Display :: display_footer();`