Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chamilo-lms/main/newscorm/scorm_admin.php

415 lines
16 KiB

<?php //$id: $
//This file is probably deprecated - 2009-05-14 - ywarnier
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2004 Dokeos S.A.
Copyright (c) 2004 Denes Nagy
Copyright (c) 2003 Ghent University (UGent)
Copyright (c) 2001 Universite catholique de Louvain (UCL)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact: Dokeos, 181 rue Royale, B-1000 Brussels, Belgium, info@dokeos.com
==============================================================================
*/
/**
==============================================================================
* This script handles SCO administration features
* @package dokeos.learnpath.scorm
* @author Denes Nagy, principal author
* @author Isthvan Mandak, several new features
* @author Roan Embrechts, code improvements and refactoring
* @author Yannick Warnier, complete refactoring <ywarnier@beeznest.org>
==============================================================================
*/
/**
* Script init
*/
//flag to allow for anonymous user - needs to be set before global.inc.php
$use_anonymous = true;
// name of the language file that needs to be included
$language_file = "scormdocument";
$uncompress=1; //this variable shouldn't be found here (find its usage before removal)
require_once('back_compat.inc.php');
include('learnpath_functions.inc.php');
include_once('scorm.lib.php');
$is_allowedToEdit = api_is_allowed_to_edit();
/**
* Variables
*/
//escapable integers
if($_REQUEST['id'] != strval(intval($_REQUEST['id']))){$id = $_REQUEST['id'];}else{$id=null;}
//imported strings
$path = (!empty($_REQUEST['path'])?$_REQUEST['path']:null);
$Submit = (!empty($_POST['Submit'])?$_POST['Submit']:null);
$submitImage = (!empty($_POST['submitImage'])?$_POST['submitImage']:null);
$cancelSubmitImage = (!empty($_POST['cancelSubmitImage'])?$_POST['cancelSubmitImage']:null);
$action = (!empty($_REQUEST['action'])?$_REQUEST['action']:null);
$delete = (!empty($_REQUEST['delete'])?$_REQUEST['delete']:null);
$createDir = (!empty($_REQUEST['createDir'])?$_REQUEST['createDir']:null);
$make_directory_visible = (!empty($_REQUEST['make_directory_visible'])?$_REQUEST['make_directory_visible']:'');
$make_directory_invisible = (!empty($_REQUEST['make_directory_invisible'])?$_REQUEST['make_directory_invisible']:'');
//values from POST form to add directory
$newDirPath = (!empty($_POST['newDirPath'])?$_POST['newDirPath']:null);
$newDirName = (!empty($_POST['newDirName'])?$_POST['newDirName']:null);
//initialising internal variables
$dialogbox = '';
if (! $is_allowed_in_course) api_not_allowed();
$is_allowedToUnzip = $is_courseAdmin;
/**
* Main code
*/
switch($action){
case 'exportpath':
if(!empty($id)){
$export = exportpath($id);
$dialogBox .= "This LP has been exported to the Document folder "
."of your course.";
}
break;
case 'exportscorm':
exportSCORM($path);
break;
case 'deletepath':
/*==================================================
DELETE A DOKEOS LEARNPATH
and all the items in it
==================================================*/
if(!empty($id)){
$l="learnpath/learnpath_handler.php?learnpath_id=$id";
$sql="DELETE FROM $tbl_tool where (link='$l' AND image='scormbuilder.gif')";
$result=api_sql_query($sql,__FILE__,__LINE__);
$sql="SELECT * FROM $tbl_learnpath_chapter where learnpath_id=$id";
$result=api_sql_query($sql,__FILE__,__LINE__);
while ($row=mysql_fetch_array($result))
{
$c=$row['id'];
$sql2="DELETE FROM $tbl_learnpath_item where chapter_id=$c";
$result2=api_sql_query($sql2,__FILE__,__LINE__);
}
$sql="DELETE FROM $tbl_learnpath_chapter where learnpath_id=$id";
$result=api_sql_query($sql,__FILE__,__LINE__);
deletepath($id);
$dialogBox=get_lang('_learnpath_deleted');
}
break;
case 'publishpath':
/*==================================================================
PUBLISHING (SHOWING) A DOKEOS LEARNPATH
==================================================================*/
if(!empty($id)){
$sql="SELECT * FROM $tbl_learnpath_main where learnpath_id=$id";
$result=api_sql_query($sql,__FILE__,__LINE__);
$row=mysql_fetch_array($result);
$name=domesticate($row['learnpath_name']);
if ($set_visibility == 'i') {
$s=$name." ".get_lang('_no_published');
$dialogBox=$s;
$v=0;
}
if ($set_visibility == 'v') {
$s=$name." ".get_lang('_published');
$dialogBox=$s;
$v=1;
}
$sql="SELECT * FROM $tbl_tool where (name='$name' and image='scormbuilder.gif')";
$result=api_sql_query($sql,__FILE__,__LINE__);
$row2=mysql_fetch_array($result);
$num=mysql_num_rows($result);
if (($set_visibility == 'i') && ($num>0))
{
//it is visible or hidden but once was published
if (($row2['visibility'])==1)
{
$sql ="DELETE FROM $tbl_tool WHERE (name='$name' and image='scormbuilder.gif')";
}
else
{
$sql ="UPDATE $tbl_tool set visibility=1 WHERE (name='$name' and image='scormbuilder.gif')";
}
}
elseif (($set_visibility == 'v') && ($num==0))
{
$sql ="INSERT INTO $tbl_tool (id, name, link, image, visibility, admin, address, added_tool) VALUES ('$theid','$name','learnpath/learnpath_handler.php?learnpath_id=$id','scormbuilder.gif','$v','0','pastillegris.gif',0)";
}
else
{
//parameter and database incompatible, do nothing
}
$result=api_sql_query($sql,__FILE__,__LINE__);
}
break;
case 'editpath':
/*==================================================================
EDITING A DOKEOS NEW LEARNPATH
==================================================================*/
if(!empty($Submit))
{
$l="learnpath/learnpath_handler.php?learnpath_id=$id";
$sql="UPDATE $tbl_tool set name='".domesticate($learnpath_name)."' where (link='$l' and image='scormbuilder.gif')";
$result=api_sql_query($sql,__FILE__,__LINE__);
$sql ="UPDATE $tbl_learnpath_main SET learnpath_name='".domesticate($learnpath_name)."', learnpath_description='".domesticate($learnpath_description)."' WHERE learnpath_id=$id";
$result=api_sql_query($sql,__FILE__,__LINE__);
$dialogBox=get_lang('_learnpath_edited');
}
break;
case 'add':
/*==================================================================
ADDING A NEW LEARNPATH : treating the form
==================================================================*/
if (!empty($Submit))
{
$sql ="INSERT INTO $tbl_learnpath_main (learnpath_name, learnpath_description) VALUES ('".domesticate($learnpath_name)."','".domesticate($learnpath_description)."')";
api_sql_query($sql,__FILE__,__LINE__);
$my_lp_id = Database::get_last_insert_id();
$sql ="INSERT INTO $tbl_tool (name, link, image, visibility, admin, address, added_tool) VALUES ('".domesticate($learnpath_name)."','learnpath/learnpath_handler.php?learnpath_id=$my_lp_id','scormbuilder.gif','1','0','pastillegris.gif',0)";
api_sql_query($sql,__FILE__,__LINE__);
//instead of displaying this info text, get the user directly to the learnpath edit page
//$dialogBox=get_lang('_learnpath_added');
header('location:../learnpath/learnpath_handler.php?'.api_get_cidreq().'&learnpath_id='.$my_lp_id);
exit();
}
break;
case 'editscorm':
/*==================================================================
EDITING A SCORM PACKAGE
==================================================================*/
if (!empty($Submit))
{
$sql ="UPDATE $tbl_document SET comment='".domesticate($learnpath_description)."', name='".domesticate($learnpath_name)."' WHERE path='$path'";
$result=api_sql_query($sql,__FILE__,__LINE__);
$dialogBox=get_lang('_learnpath_edited');
}
break;
default:
break;
}
/*============================================================================*/
if($is_allowedToEdit) // TEACHER ONLY
{
/*======================================
UPLOAD SCORM
======================================*/
/*
* Check the request method instead of a variable from POST
* because if the file size exceeds the maximum file upload
* size set in php.ini, all variables from POST are cleared !
*/
if ($_SERVER['REQUEST_METHOD'] == 'POST'
&& count($_FILES)>0
&& empty($submitImage)
&& empty($cancelSubmitImage)
&& empty($action))
{
// A SCORM upload has been detected, now deal with the file...
//directory creation
$s=$_FILES['userFile']['name'];
$pathInfo = pathinfo($s);
//Check the filename has at least several letters in it :-)
//This is a very loose check as later on we might accept other formats of packages
//sent than just "zip"
if(preg_match('/[\w-_]+/',$pathInfo['basename'])){
//get the basename without extension
$newDirName=substr(
$pathInfo['basename'],
0,
strlen($pathInfo['basename'])-(strlen($pathInfo['extension'])+1));
$newDirName = replace_dangerous_char(trim($newDirName),'strict');
if( check_name_exist($baseWorkDir.$newDirPath.$openDir."/".$newDirName) )
{
/** @todo change this output. Inaccurate at least in french. In this case, the
* file might not exist or the transfer might have been wrong (no $_FILES at all)
* but we still get the error message
*/
$dialogBox = get_lang('FileExists');
$createDir = $newDirPath; unset($newDirPath);// return to step 1
}
else
{
if(mkdir($baseWorkDir.$newDirPath.$openDir."/".$newDirName, 0700)){
FileManager::set_default_settings($newDirPath.$openDir, $newDirName, "folder", $tbl_document);
// RH: was: set_default_settings($newDirPath.$openDir,$newDirName,"folder");
$dialogBox = get_lang('DirCr');
}else{
//Display msg "could not create dir..."
//exit();
}
//directory creation end
$uploadPath=$openDir.'/'.$newDirName;
if(!$_FILES['userFile']['size'])
{
$dialogBox .= get_lang('FileError').'<br />'.get_lang('Notice').' : '.get_lang('MaxFileSize').' '.ini_get('upload_max_filesize');
}
else //the file size is alright, we can assume the file is OK too
{
if($uncompress == 1 && $is_allowedToUnzip)
{
$unzip = 'unzip';
}
else
{
$unzip = '';
}
if (treat_uploaded_file($_FILES['userFile'], $baseWorkDir,
$uploadPath, $maxFilledSpace, $unzip))
{
if ($uncompress == 1)
{
//$dialogBox .= get_lang('DownloadAndZipEnd');
//modified by darkden : I omitted this part, so the user can see
//the scorm content message at once
}
else
{
$dialogBox = get_lang('DownloadEnd');
}
// "WHAT'S NEW" notification: update table last_tooledit
//update_last_tooledit($_course, $nameTools, $id, get_lang('_new_document'), $_user['user_id']);
item_property_update($_course, TOOL_LEARNPATH, $id, "LearnpathAdded", $_user['user_id']);
}
else
{
if(api_failure::get_last_failure() == 'not_enough_space')
{
$dialogBox = get_lang('NoSpace');
}
elseif (api_failure::get_last_failure() == 'php_file_in_zip_file')
{
$dialogBox = get_lang('ZipNoPhp');
}
elseif(api_failure::get_last_failure() == 'not_scorm_content')
{
$dialogBox = get_lang('NotScormContent');
}
}
}
$uploadPath='';
if (api_failure::get_last_failure())
{
rmdir($baseWorkDir.$newDirPath.$openDir."/".$newDirName);
}
}
}//
else
{//the filename doesn't contain any alphanum chars (empty filename?)
//get a more detailed message?
$dialogBox .= get_lang('FileError').'<br />';
}
/*======================================
DELETE FILE OR DIRECTORY
======================================*/
if ( isset($delete) )
{
if ( scorm_delete($baseWorkDir.$delete))
{
//$tbl_document = substr($tbl_document, 1, strlen($tbl_document) - 2); // RH...
update_db_info("delete", $delete);
$dialogBox = get_lang('DocDeleted');
}
}
/*======================================
CREATE DIRECTORY
======================================*/
/*
* The code begin with STEP 2 so it allows to return to STEP 1
* if STEP 2 unsucceds
*/
/*-------------------------------------
STEP 2
--------------------------------------*/
if (isset($newDirPath) && isset($newDirName))
{
// echo $newDirPath . $newDirName;
$newDirName = replace_dangerous_char(trim(stripslashes($newDirName)),'strict');
if( check_name_exist($baseWorkDir.$newDirPath."/".$newDirName) )
{
$dialogBox = get_lang('FileExists');
$createDir = $newDirPath; unset($newDirPath);// return to step 1
}
else
{
if(mkdir($baseWorkDir.$newDirPath."/".$newDirName, 0700))
FileManager::set_default_settings($newDirPath, $newDirName, "folder", $tbl_document);
// RH: was: set_default_settings($newDirPath,$newDirName,"folder");
$dialogBox = get_lang('DirCr');
}
}
/*-------------------------------------
STEP 1
--------------------------------------*/
if (isset($createDir))
{
$dialogBox .= "<!-- create dir -->\n"
."<form name='createdir' action='' method='POST'>\n"
."<input type=\"hidden\" name=\"newDirPath\" value=\"$createDir\" />\n"
.get_lang('NameDir')." : \n"
."<input type=\"text\" name=\"newDirName\" />\n"
."<input type=\"submit\" value=\"".get_lang('Ok')."\" />\n"
."</form>\n";
}
/*======================================
VISIBILITY COMMANDS
======================================*/
if (!empty($make_directory_visible) || !empty($make_directory_invisible))
{
$visibilityPath = $make_directory_visible.$make_directory_invisible;
// At least one of these variables are empty. So it's okay to proceed this way
/* Check if there is yet a record for this file in the DB */
$result = mysql_query ("SELECT * FROM $tbl_document WHERE path LIKE '".$visibilityPath."'");
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$attribute['path' ] = $row['path' ];
$attribute['visibility'] = $row['visibility'];
$attribute['comment' ] = $row['comment' ];
}
if ($make_directory_visible)
{
$newVisibilityStatus = "v";
}
elseif ($make_directory_invisible)
{
$newVisibilityStatus = "i";
}
$query = "UPDATE $tbl_document SET visibility='$newVisibilityStatus' WHERE path=\"".$visibilityPath."\""; //added by Toon
api_sql_query($query,__FILE__,__LINE__);
if (mysql_affected_rows() == 0) // extra check added by Toon, normally not necessary anymore because all files are in the db
{
api_sql_query("INSERT INTO $tbl_document SET path=\"".$visibilityPath."\", visibility=\"".$newVisibilityStatus."\"",__FILE__,__LINE__);
}
unset($attribute);
$dialogBox = get_lang('ViMod');
}
} // END is Allowed to Edit;
}
?>