Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chamilo-lms/main/newscorm/scorm_admin.php

329 lines
15 KiB

<?php
/* For licensing terms, see /license.txt */
// This file is probably deprecated - 2009-05-14 - ywarnier
// No calls found in Chamilo file is deprecated. Adding an exit - 2011-06 jmontoya
/**
* This script handles SCO administration features
* @package chamilo.learnpath.scorm
* @author Denes Nagy, principal author
* @author Isthvan Mandak, several new features
* @author Roan Embrechts, code improvements and refactoring
* @author Yannick Warnier, complete refactoring <ywarnier@beeznest.org>
*/
/**
* Code (exit)
*/
exit;
// Flag to allow for anonymous user - needs to be set before global.inc.php.
$use_anonymous = true;
// Name of the language file that needs to be included.
$language_file = 'scormdocument';
$uncompress = 1; // TODO: This variable shouldn't be found here (find its usage before removal).
require_once 'back_compat.inc.php';
include 'learnpath_functions.inc.php';
include_once 'scorm.lib.php';
$is_allowedToEdit = api_is_allowed_to_edit();
/* Variables */
// Escapable integers.
if ($_REQUEST['id'] != strval(intval($_REQUEST['id']))) { $id = $_REQUEST['id']; } else { $id = null; }
// Imported strings.
$path = (!empty($_REQUEST['path']) ? $_REQUEST['path'] : null);
$Submit = (!empty($_POST['Submit']) ? $_POST['Submit'] : null);
$submitImage = (!empty($_POST['submitImage']) ? $_POST['submitImage'] : null);
$cancelSubmitImage = (!empty($_POST['cancelSubmitImage']) ? $_POST['cancelSubmitImage'] : null);
$action = (!empty($_REQUEST['action']) ? $_REQUEST['action'] : null);
$delete = (!empty($_REQUEST['delete']) ? $_REQUEST['delete'] : null);
$createDir = (!empty($_REQUEST['createDir']) ? $_REQUEST['createDir'] : null);
$make_directory_visible = (!empty($_REQUEST['make_directory_visible']) ? $_REQUEST['make_directory_visible'] : '');
$make_directory_invisible = (!empty($_REQUEST['make_directory_invisible']) ? $_REQUEST['make_directory_invisible'] : '');
// Values from POST form to add directory.
$newDirPath = (!empty($_POST['newDirPath']) ? $_POST['newDirPath'] : null);
$newDirName = (!empty($_POST['newDirName']) ? $_POST['newDirName'] : null);
// Initialising internal variables.
$dialogbox = '';
$course_id = api_get_course_int_id();
api_protect_course_script();
//if (! $is_allowed_in_course) api_not_allowed();
$is_allowedToUnzip = $is_courseAdmin;
/* Main code */
switch ($action) {
case 'exportpath':
if (!empty($id)) {
$export = exportpath($id);
$dialogBox .= "This LP has been exported to the Document folder "
."of your course.";
}
break;
case 'exportscorm':
exportSCORM($path);
break;
case 'deletepath':
/*
DELETE A DOKEOS LEARNPATH
and all the items in it
*/
if (!empty($id)){
$l="learnpath/learnpath_handler.php?learnpath_id=$id";
$sql="DELETE FROM $tbl_tool where (link='$l' AND image='scormbuilder.gif')";
$result=Database::query($sql);
$sql="SELECT * FROM $tbl_learnpath_chapter where learnpath_id=$id";
$result=Database::query($sql);
while ($row=Database::fetch_array($result))
{
$c=$row['id'];
$sql2="DELETE FROM $tbl_learnpath_item where chapter_id=$c";
$result2=Database::query($sql2);
}
$sql="DELETE FROM $tbl_learnpath_chapter where learnpath_id=$id";
$result=Database::query($sql);
deletepath($id);
$dialogBox=get_lang('_learnpath_deleted');
}
break;
case 'publishpath':
/* PUBLISHING (SHOWING) A DOKEOS LEARNPATH */
if (!empty($id)){
$sql = "SELECT * FROM $tbl_learnpath_main where learnpath_id=$id";
$result = Database::query($sql);
$row = Database::fetch_array($result);
$name = domesticate($row['learnpath_name']);
if ($set_visibility == 'i') {
$s = $name.' '.get_lang('_no_published');
$dialogBox = $s;
$v = 0;
}
if ($set_visibility == 'v') {
$s=$name.' '.get_lang('_published');
$dialogBox = $s;
$v = 1;
}
$sql = "SELECT * FROM $tbl_tool where (name='$name' and image='scormbuilder.gif')";
$result = Database::query($sql);
$row2 = Database::fetch_array($result);
$num = Database::num_rows($result);
if (($set_visibility == 'i') && ($num > 0)) {
// It is visible or hidden but once was published.
if (($row2['visibility']) == 1) {
$sql = "DELETE FROM $tbl_tool WHERE (name='$name' and image='scormbuilder.gif' AND c_id = $course_id )";
} else {
$sql = "UPDATE $tbl_tool set visibility=1 WHERE (name='$name' and image='scormbuilder.gif' AND c_id = $course_id)";
}
} elseif (($set_visibility == 'v') && ($num == 0)) {
$sql ="INSERT INTO $tbl_tool (c_id, id, name, link, image, visibility, admin, address, added_tool) VALUES
($course_id, '$theid','$name','learnpath/learnpath_handler.php?learnpath_id=$id','scormbuilder.gif','$v','0','pastillegris.gif',0)";
} else {
// Parameter and database incompatible, do nothing.
}
$result = Database::query($sql);
}
break;
case 'editpath':
/* EDITING A DOKEOS NEW LEARNPATH */
if (!empty($Submit)) {
$l = "learnpath/learnpath_handler.php?learnpath_id=$id";
$sql = "UPDATE $tbl_tool set name='".domesticate($learnpath_name)."' where (link='$l' and image='scormbuilder.gif')";
$result = Database::query($sql);
$sql = "UPDATE $tbl_learnpath_main SET learnpath_name='".domesticate($learnpath_name)."', learnpath_description='".domesticate($learnpath_description)."' WHERE learnpath_id=$id";
$result = Database::query($sql);
$dialogBox = get_lang('_learnpath_edited');
}
break;
case 'add':
/* ADDING A NEW LEARNPATH : treating the form */
if (!empty($Submit)) {
$sql = "INSERT INTO $tbl_learnpath_main (c_id, learnpath_name, learnpath_description) VALUES ($course_id , '".domesticate($learnpath_name)."','".domesticate($learnpath_description)."')";
Database::query($sql);
$my_lp_id = Database::insert_id();
$sql = "INSERT INTO $tbl_tool (c_id, name, link, image, visibility, admin, address, added_tool) VALUES ($course_id , '".domesticate($learnpath_name)."','learnpath/learnpath_handler.php?learnpath_id=$my_lp_id','scormbuilder.gif','1','0','pastillegris.gif',0)";
Database::query($sql);
// Instead of displaying this info text, get the user directly to the learnpath edit page.
//$dialogBox = get_lang('_learnpath_added');
header('location:../learnpath/learnpath_handler.php?'.api_get_cidreq().'&learnpath_id='.$my_lp_id);
exit();
}
break;
case 'editscorm':
/* EDITING A SCORM PACKAGE */
if (!empty($Submit)) {
$sql = "UPDATE $tbl_document SET comment='".domesticate($learnpath_description)."', name='".domesticate($learnpath_name)."' WHERE path='$path' AND c_id = $course_id ";
$result = Database::query($sql);
$dialogBox = get_lang('_learnpath_edited');
}
break;
default:
break;
}
if ($is_allowedToEdit) { // TEACHER ONLY
/* UPLOAD SCORM */
/*
* Check the request method instead of a variable from POST
* because if the file size exceeds the maximum file upload
* size set in php.ini, all variables from POST are cleared !
*/
if ($_SERVER['REQUEST_METHOD'] == 'POST' && count($_FILES) > 0 && empty($submitImage) && empty($cancelSubmitImage) && empty($action)) {
// A SCORM upload has been detected, now deal with the file...
// Directory creation.
$s = $_FILES['userFile']['name'];
$pathInfo = pathinfo($s);
// Check the filename has at least several letters in it :-)
// This is a very loose check as later on we might accept other formats of packages.
// Sent than just "zip".
if (preg_match('/[\w-_]+/', $pathInfo['basename'])) {
// get the basename without extension.
$newDirName = substr($pathInfo['basename'], 0, strlen($pathInfo['basename']) - (strlen($pathInfo['extension']) + 1));
$newDirName = replace_dangerous_char(trim($newDirName), 'strict');
if (check_name_exist($baseWorkDir.$newDirPath.$openDir.'/'.$newDirName)) {
/** @todo change this output. Inaccurate at least in french. In this case, the
* file might not exist or the transfer might have been wrong (no $_FILES at all)
* but we still get the error message
*/
$dialogBox = get_lang('FileExists');
$createDir = $newDirPath; unset($newDirPath); // Return to step 1.
} else {
if (mkdir($baseWorkDir.$newDirPath.$openDir.'/'.$newDirName, api_get_permissions_for_new_directories())) {
FileManager::set_default_settings($newDirPath.$openDir, $newDirName, 'folder', $tbl_document);
// RH: was: set_default_settings($newDirPath.$openDir, $newDirName, 'folder');
$dialogBox = get_lang('DirCr');
} else {
//Display msg "could not create dir..."
//exit();
}
// Directory creation end.
$uploadPath = $openDir.'/'.$newDirName;
if (!$_FILES['userFile']['size']) {
$dialogBox .= get_lang('FileError').'<br />'.get_lang('Notice').' : '.get_lang('MaxFileSize').' '.ini_get('upload_max_filesize');
} else { // The file size is alright, we can assume the file is OK too.
if ($uncompress == 1 && $is_allowedToUnzip) {
$unzip = 'unzip';
} else {
$unzip = '';
}
if (treat_uploaded_file($_FILES['userFile'], $baseWorkDir, $uploadPath, $maxFilledSpace, $unzip)) {
if ($uncompress == 1) {
//$dialogBox .= get_lang('DownloadAndZipEnd');
// Modified by darkden : I omitted this part, so the user can see
// the scorm content message at once.
} else {
$dialogBox = get_lang('DownloadEnd');
}
// "WHAT'S NEW" notification: update table last_tooledit.
//update_last_tooledit($_course, $nameTools, $id, get_lang('_new_document'), $_user['user_id']);
item_property_update($_course, TOOL_LEARNPATH, $id, "LearnpathAdded", $_user['user_id']);
} else {
if (api_failure::get_last_failure() == 'not_enough_space') {
$dialogBox = get_lang('NoSpace');
} elseif (api_failure::get_last_failure() == 'php_file_in_zip_file') {
$dialogBox = get_lang('ZipNoPhp');
} elseif (api_failure::get_last_failure() == 'not_scorm_content') {
$dialogBox = get_lang('NotScormContent');
}
}
}
$uploadPath = '';
if (api_failure::get_last_failure()) {
rmdir($baseWorkDir.$newDirPath.$openDir.'/'.$newDirName);
}
}
} else { // The filename doesn't contain any alphanum chars (empty filename?)
// Get a more detailed message?
$dialogBox .= get_lang('FileError').'<br />';
}
/* DELETE FILE OR DIRECTORY */
if (isset($delete)) {
if ( scorm_delete($baseWorkDir.$delete)) {
//$tbl_document = substr($tbl_document, 1, strlen($tbl_document) - 2); // RH...
update_db_info('delete', $delete);
$dialogBox = get_lang('DocDeleted');
}
}
/* CREATE DIRECTORY */
/*
* The code begin with STEP 2 so it allows to return to STEP 1 if STEP 2 unsucceds.
*/
/* STEP 2 */
if (isset($newDirPath) && isset($newDirName)) {
// echo $newDirPath . $newDirName;
$newDirName = replace_dangerous_char(trim(stripslashes($newDirName)), 'strict');
if (check_name_exist($baseWorkDir.$newDirPath.'/'.$newDirName)) {
$dialogBox = get_lang('FileExists');
$createDir = $newDirPath; unset($newDirPath);// return to step 1
} else {
if (mkdir($baseWorkDir.$newDirPath.'/'.$newDirName, api_get_permissions_for_new_directories()))
FileManager::set_default_settings($newDirPath, $newDirName, 'folder', $tbl_document);
// RH: was: set_default_settings($newDirPath, $newDirName, 'folder');
$dialogBox = get_lang('DirCr');
}
}
/* STEP 1 */
if (isset($createDir)) {
$dialogBox .= "<!-- create dir -->\n"
."<form name='createdir' action='' method='POST'>\n"
."<input type=\"hidden\" name=\"newDirPath\" value=\"$createDir\" />\n"
.get_lang('NameDir')." : \n"
."<input type=\"text\" name=\"newDirName\" />\n"
."<input type=\"submit\" value=\"".get_lang('Ok')."\" />\n"
."</form>\n";
}
/* VISIBILITY COMMANDS */
if (!empty($make_directory_visible) || !empty($make_directory_invisible)) {
$visibilityPath = $make_directory_visible.$make_directory_invisible;
// At least one of these variables are empty. So it's okay to proceed this way
/* Check if there is yet a record for this file in the DB */
$result = Database::query ("SELECT * FROM $tbl_document WHERE path LIKE '".$visibilityPath."' ");
while($row = Database::fetch_array($result, 'ASSOC')) {
$attribute['path' ] = $row['path' ];
$attribute['visibility'] = $row['visibility'];
$attribute['comment' ] = $row['comment' ];
}
if ($make_directory_visible) {
$newVisibilityStatus = 'v';
} elseif ($make_directory_invisible) {
$newVisibilityStatus = 'i';
}
$query = "UPDATE $tbl_document SET visibility='$newVisibilityStatus' WHERE path=\"".$visibilityPath."\" AND c_id = $course_id "; // Added by Toon.
Database::query($query);
if (Database::affected_rows() == 0) { // Extra check added by Toon, normally not necessary anymore because all files are in the db.
Database::query("INSERT INTO $tbl_document SET
c_id = $course_id,
path=\"".$visibilityPath."\",
visibility=\"".$newVisibilityStatus."\"");
}
unset($attribute);
$dialogBox = get_lang('ViMod');
}
} // END is Allowed to edit;.
}