chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Put .htaccess in the root. Don't add index.php inside courses.

Browse Source
1.10.x
Julio Montoya 10 years ago
parent 6747a0374f
commit 101ad73eb0
13 changed files with 89 additions and 70 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 31
      .htaccess
  2. 20
      htaccess
  3. 4
      main/course_home/course_home.php
  4. 2
      main/cron/import_csv.php
  5. 2
      main/cron/user_import/client.php
  6. 4
      main/inc/lib/add_course.lib.inc.php
  7. 29
      main/inc/lib/api.lib.php
  8. 2
      main/inc/lib/diagnoser.lib.php
  9. 8
      main/inc/lib/extra_field_value.lib.php
  10. 12
      main/inc/lib/group_portal_manager.lib.php
  11. 25
      main/inc/lib/usermanager.lib.php
  12. 18
      main/install/install.lib.php
  13. 2
      tests/wipe-out.php

31
.htaccess
Unescape View File

@ -0,0 +1,31 @@
# Check that your Apache virtualhost have this settings:
#<Directory "/var/www/chamilo-classic">
# AllowOverride All
# Order allow,deny
# Allow from all
#</Directory>
RewriteEngine on
RewriteCond %{QUERY_STRING} ^id=(.*)$
# http://my.chamilo.net/certificates/?id=123 to http://my.chamilo.net/certificates/index.php?id=123
RewriteRule ^certificates/$ certificates/index.php?id=%1 [L]
# http://my.chamilo.net/jdoe to http://my.chamilo.net/user.php?jdoe
RewriteRule ^([^/.]+)/?$ user.php?$1 [L]
# Course redirection
RewriteCond %{QUERY_STRING} ^id_session=(.*)$
RewriteRule ^courses/([^/]+)/index.php$ main/course_home/course_home.php?cidReq=$1&id_session=%1 [L]
RewriteRule ^courses/([^/]+)/$ main/course_home/course_home.php?cidReq=$1&id_session=%1 [L]
RewriteRule ^courses/([^/]+)/index.php$ main/course_home/course_home.php?cidReq=$1 [L]
# Rewrite everything in the scorm folder of a course to the download script
RewriteRule ^courses/([^/]+)/scorm/(.*)$ main/document/download_scorm.php?doc_url=/$2&cDir=$1 [QSA,L]
# Rewrite everything in the document folder of a course to the download script
RewriteRule ^courses/([^/]+)/document/(.*)$ main/document/download.php?doc_url=/$2&cDir=$1 [QSA,L]
# Rewrite everything in the work folder
RewriteRule ^courses/([^/]+)/work/(.*)$ main/work/download.php?file=work/$2&cDir=$1 [QSA,L]

20
htaccess
Unescape View File

@ -1,20 +0,0 @@
# Check that your Apache virtualhost have this settings:
#<Directory "/var/www/chamilo-classic">
# AllowOverride All
# Order allow,deny
# Allow from all
#</Directory>
RewriteEngine on
RewriteCond %{QUERY_STRING} ^id=(.*)$
RewriteRule ^certificates/$ certificates/index.php?id=%1 [L]
RewriteRule ^([^/.]+)/?$ user.php?$1 [L]
# This will transform
# http://my.chamilo.net/certificates/?id=123 to http://my.chamilo.net/certificates/index.php?id=123
# http://my.chamilo.net/juliomontoya to http://my.chamilo.net/user.php?juliomontoya

4
main/course_home/course_home.php
Unescape View File

@ -28,11 +28,10 @@
* @package chamilo.course_home
*/
use \ChamiloSession as Session;
use ChamiloSession as Session;
$use_anonymous = true;
// Inlcuding the global initialization file.
require_once dirname(__FILE__).'/../inc/global.inc.php';
// Delete LP sessions - commented out after seeing that normal
@ -136,6 +135,7 @@ $course_code = api_get_course_id();
$sessionId = api_get_session_id();
$show_message = '';
if (api_is_invitee()) {
$isInASession = $sessionId > 0;
$isSubscribed = CourseManager::is_user_subscribed_in_course(

2
main/cron/import_csv.php
Unescape View File

@ -1483,7 +1483,7 @@ if (isset($_configuration['import_csv_fix_permissions']) &&
echo "Executing: ".$command.PHP_EOL;
system($command);
$command = "sudo find ".api_get_path(SYS_APP_PATH)."upload/users -type d -exec chmod 777 {} \;";
$command = "sudo find ".api_get_path(SYS_UPLOAD_PATH)."users -type d -exec chmod 777 {} \;";
echo "Executing: ".$command.PHP_EOL;
system($command);
}

2
main/cron/user_import/client.php
Unescape View File

@ -26,7 +26,7 @@ $client = new nusoap_client(api_get_path(WEB_CODE_PATH).'cron/user_import/servic
$response = $client->call(
'import_users',
array(
'filepath' => api_get_path(SYS_APP_PATH)."upload/users_import.csv",
'filepath' => api_get_path(SYS_UPLOAD_PATH)."users_import.csv",
'security_key' => $_configuration['security_key'],
)
);

4
main/inc/lib/add_course.lib.inc.php
Unescape View File

@ -169,7 +169,7 @@ class AddCourse
fclose($fp);
// Build index.php of the course.
$fd = fopen($cp . '/index.php', 'w');
/*$fd = fopen($cp . '/index.php', 'w');
// str_replace() removes \r that cause squares to appear at the end of each line
//@todo fix the harcoded include
@ -184,7 +184,7 @@ class AddCourse
?>"
);
fwrite($fd, $string);
@chmod($cp . '/index.php', $perm_file);
@chmod($cp . '/index.php', $perm_file);*/
return 0;
}

29
main/inc/lib/api.lib.php
Unescape View File

@ -273,6 +273,7 @@ define('VALID_WEB_SERVER_BASE', '/https?:\/\/[^\/]*/i'); // $new_path
define('WEB_PATH', 'WEB_PATH');
define('SYS_PATH', 'SYS_PATH');
define('SYS_APP_PATH', 'SYS_APP_PATH');
define('SYS_UPLOAD_PATH', 'SYS_UPLOAD_PATH');
define('REL_PATH', 'REL_PATH');
define('WEB_SERVER_ROOT_PATH', 'WEB_SERVER_ROOT_PATH');
define('SYS_SERVER_ROOT_PATH', 'SYS_SERVER_ROOT_PATH');
@ -577,7 +578,8 @@ require_once __DIR__.'/internationalization.lib.php';
* api_get_path(REL_CODE_PATH) /chamilo/main/
* api_get_path(SYS_SERVER_ROOT_PATH) /var/www/ - This is the physical folder where the system Chamilo has been placed. It is not always equal to $_SERVER['DOCUMENT_ROOT'].
* api_get_path(SYS_PATH) /var/www/chamilo/
* api_get_path(SYS_APP_PATH) /var/www/chamilo/app
* api_get_path(SYS_APP_PATH) /var/www/chamilo/app/
* api_get_path(SYS_UPLOAD_PATH) /var/www/chamilo/app/upload/
*
* api_get_path(SYS_ARCHIVE_PATH) /var/www/chamilo/app/cache
* api_get_path(SYS_COURSE_PATH) /var/www/chamilo/app/courses/
@ -594,7 +596,7 @@ require_once __DIR__.'/internationalization.lib.php';
*
* api_get_path(WEB_SERVER_ROOT_PATH) http://www.mychamilo.org/
* api_get_path(WEB_PATH) http://www.mychamilo.org/chamilo/
* api_get_path(WEB_COURSE_PATH) http://www.mychamilo.org/chamilo/app/courses/
* api_get_path(WEB_COURSE_PATH) http://www.mychamilo.org/chamilo/courses/
* api_get_path(WEB_CODE_PATH) http://www.mychamilo.org/chamilo/main/
* api_get_path(WEB_DATA_PATH) http://www.mychamilo.org/chamilo/data/
* api_get_path(WEB_PLUGIN_PATH) http://www.mychamilo.org/chamilo/plugin/
@ -646,6 +648,7 @@ function api_get_path($path_type, $path = null)
SYS_ARCHIVE_PATH => 'app/cache/',
WEB_ARCHIVE_PATH => 'app/cache/',
SYS_APP_PATH => 'app/',
SYS_UPLOAD_PATH => 'app/upload/',
INCLUDE_PATH => 'inc/',
LIBRARY_PATH => 'inc/lib/',
CONFIGURATION_PATH => 'app/config/',
@ -750,7 +753,7 @@ function api_get_path($path_type, $path = null)
$paths[WEB_SERVER_ROOT_PATH] = $server_base_web.'/';
$paths[SYS_SERVER_ROOT_PATH] = $server_base_sys.'/';
$paths[WEB_COURSE_PATH] = $root_web.'app/'.$course_folder;
$paths[WEB_COURSE_PATH] = $root_web.$course_folder;
$paths[REL_COURSE_PATH] = $root_rel.$course_folder;
$paths[REL_CODE_PATH] = $root_rel.$code_folder;
@ -762,11 +765,12 @@ function api_get_path($path_type, $path = null)
$paths[WEB_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[WEB_CODE_PATH].'default_course_document/';
$paths[REL_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[REL_PATH].'main/default_course_document/';
// Now we can switch into api_get_path() "terminology".
$paths[SYS_LANG_PATH] = $paths[SYS_CODE_PATH].$paths[SYS_LANG_PATH];
$paths[SYS_APP_PATH] = $paths[SYS_PATH].$paths[SYS_APP_PATH];
$paths[SYS_UPLOAD_PATH] = $paths[SYS_PATH].$paths[SYS_UPLOAD_PATH];
$paths[SYS_PLUGIN_PATH] = $paths[SYS_PATH].$paths[SYS_PLUGIN_PATH];
$paths[SYS_ARCHIVE_PATH] = $paths[SYS_PATH].$paths[SYS_ARCHIVE_PATH];
$paths[SYS_TEST_PATH] = $paths[SYS_PATH].$paths[SYS_TEST_PATH];
@ -5580,20 +5584,19 @@ function api_is_element_in_the_session($tool, $element_id, $session_id = null) {
return false;
}
/**
* Replaces "forbidden" characters in a filename string.
*
* @author Hugues Peeters <peeters@ipm.ucl.ac.be>
* @author René Haentjens, UGent (RH)
* @author Ivan Tcholakov, JUN-2009. Transliteration functionality has been added.
* @param string $filename The filename string.
* @param string $strict (optional) When it is 'strict', all non-ASCII charaters will be replaced. Additional ASCII replacemets will be done too.
* @return string The cleaned filename.
* @param string $filename
* @param int $length
* @param bool $file_name
* @return string
*/
function api_replace_dangerous_char($filename, $strict = 'loose')
function api_replace_dangerous_char($filename)
{
return URLify::filter($filename, 250);
return URLify::filter($filename, 250, '', true);
/*
// Safe replacements for some non-letter characters.
static $search = array(',', "\0", ' ', "\t", "\n", "\r", "\x0B", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%');

2
main/inc/lib/diagnoser.lib.php
Unescape View File

@ -72,7 +72,7 @@ class Diagnoser
$array = array();
$writable_folders = array(
api_get_path(SYS_APP_PATH) .'cache',
api_get_path(SYS_APP_PATH) .'courses',
api_get_path(SYS_COURSE_PATH),
api_get_path(SYS_APP_PATH) .'home',
api_get_path(SYS_APP_PATH) .'upload/users/',
api_get_path(SYS_PATH) .'main/default_course_document/images/',

8
main/inc/lib/extra_field_value.lib.php
Unescape View File

@ -166,10 +166,10 @@ class ExtraFieldValue extends Model
switch ($this->type) {
case 'course':
$fileDir = api_get_path(SYS_APP_PATH)."upload/courses/";
$fileDir = api_get_path(SYS_UPLOAD_PATH)."courses/";
break;
case 'session':
$fileDir = api_get_path(SYS_APP_PATH)."upload/sessions/";
$fileDir = api_get_path(SYS_UPLOAD_PATH)."sessions/";
break;
case 'user':
$fileDir = UserManager::getUserPathById($this->handler_id, 'system');
@ -204,10 +204,10 @@ class ExtraFieldValue extends Model
switch ($this->type) {
case 'course':
$fileDir = api_get_path(SYS_APP_PATH)."upload/courses/";
$fileDir = api_get_path(SYS_UPLOAD_PATH)."courses/";
break;
case 'session':
$fileDir = api_get_path(SYS_APP_PATH)."upload/sessions/";
$fileDir = api_get_path(SYS_UPLOAD_PATH)."sessions/";
break;
case 'user':
$fileDir = UserManager::getUserPathById($this->handler_id, 'system');

12
main/inc/lib/group_portal_manager.lib.php
Unescape View File

@ -956,11 +956,11 @@ class GroupPortalManager
{
switch ($type) {
case 'system': // Base: absolute system path.
$base = api_get_path(SYS_APP_PATH);
$base = api_get_path(SYS_UPLOAD_PATH);
break;
case 'web': // Base: absolute web path.
default:
$base = api_get_path(WEB_PATH).'app/';
$base = api_get_path(WEB_PATH).'app/uploads/';
break;
}
@ -985,14 +985,14 @@ class GroupPortalManager
if (api_get_setting('split_users_upload_directory') === 'true') {
if (!empty($picture_filename)) {
$dir = $base.'upload/groups/'.substr($picture_filename, 0, 1).'/'.$id.'/';
$dir = $base.'groups/'.substr($picture_filename, 0, 1).'/'.$id.'/';
} elseif ($preview) {
$dir = $base.'upload/groups/'.substr((string) $id, 0, 1).'/'.$id.'/';
$dir = $base.'groups/'.substr((string) $id, 0, 1).'/'.$id.'/';
} else {
$dir = $base.'upload/groups/'.$id.'/';
$dir = $base.'groups/'.$id.'/';
}
} else {
$dir = $base.'upload/groups/'.$id.'/';
$dir = $base.'groups/'.$id.'/';
}
if (empty($picture_filename) && $anonymous) {

25
main/inc/lib/usermanager.lib.php
Unescape View File

@ -413,7 +413,8 @@ class UserManager
a user has 4 different sized photos to be deleted. */
$user_info = api_get_user_info($user_id);
if (strlen($user_info['picture_uri']) > 0) {
$img_path = api_get_path(SYS_APP_PATH).'upload/users/'.$user_id.'/'.$user_info['picture_uri'];
$path = self::getUserPathById($user_id);
$img_path = $path.$user_info['picture_uri'];
if (file_exists($img_path))
unlink($img_path);
}
@ -1242,7 +1243,7 @@ class UserManager
'email' => '',
);
if ((empty($id) || empty($type))) {
if (empty($id) || empty($type)) {
return $anonymousPath;
}
@ -1277,7 +1278,7 @@ class UserManager
* The return format is a complete path to a folder ending with "/"
* @param integer $id User ID
* @param string $type Type of path to return (can be 'system', 'web')
* @return string User folder path (i.e. /var/www/chamilo/main/upload/users/1/1/)
* @return string User folder path (i.e. /var/www/chamilo/app/upload/users/1/1/)
*/
public static function getUserPathById($id, $type)
{
@ -1286,17 +1287,16 @@ class UserManager
return null;
}
$userPath = "upload/users/$id/";
$userPath = "users/$id/";
if (api_get_setting('split_users_upload_directory') === 'true') {
$userPath = 'upload/users/'.substr((string) $id, 0, 1).'/'.$id.'/';
$userPath = 'users/'.substr((string) $id, 0, 1).'/'.$id.'/';
}
switch ($type) {
case 'system': // Base: absolute system path.
$userPath = api_get_path(SYS_APP_PATH).$userPath;
$userPath = api_get_path(SYS_UPLOAD_PATH).$userPath;
break;
case 'web': // Base: absolute web path.
$userPath = api_get_path(WEB_PATH).'app/'.$userPath;
$userPath = api_get_path(WEB_PATH).'app/upload/'.$userPath;
break;
}
@ -1306,7 +1306,7 @@ class UserManager
/**
* Gets the current user image
* @param string $user_id
* @param string $size it can be USER_IMAGE_SIZE_SMALL,
* @param int $size it can be USER_IMAGE_SIZE_SMALL,
* USER_IMAGE_SIZE_MEDIUM, USER_IMAGE_SIZE_BIG or USER_IMAGE_SIZE_ORIGINAL
* @param bool $addRandomId
* @param array $userInfo to avoid query the DB
@ -1323,6 +1323,10 @@ class UserManager
$pictureWebFile = $imageWebPath['file'];
$pictureWebDir = $imageWebPath['dir'];
$pictureAnonymous = 'unknown.jpg';
$gravatarSize = 22;
$realSizeName = 'small_';
switch ($size) {
case USER_IMAGE_SIZE_SMALL:
$pictureAnonymous = 'unknown_22.jpg';
@ -1360,9 +1364,10 @@ class UserManager
}
return $file;
}
$anonymousPath = api_get_path(WEB_CODE_PATH).'img/'.$pictureAnonymous;
if ($pictureWebFile == 'unknown.jpg') {
if ($pictureWebFile == 'unknown.jpg' || empty($pictureWebFile)) {
return $anonymousPath;
}

18
main/install/install.lib.php
Unescape View File

@ -899,16 +899,16 @@ function display_requirements(
<td class="requirements-value">'.check_writable(api_get_path(CONFIGURATION_PATH)).'</td>
</tr>
<tr>
<td class="requirements-item">'.api_get_path(SYS_APP_PATH).'upload/users/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_APP_PATH).'upload/users/').'</td>
<td class="requirements-item">'.api_get_path(SYS_UPLOAD_PATH).'users/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_UPLOAD_PATH).'users/').'</td>
</tr>
<tr>
<td class="requirements-item">'.api_get_path(SYS_APP_PATH).'upload/sessions/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_APP_PATH).'upload/sessions/').'</td>
<td class="requirements-item">'.api_get_path(SYS_UPLOAD_PATH).'sessions/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_UPLOAD_PATH).'sessions/').'</td>
</tr>
<tr>
<td class="requirements-item">'.api_get_path(SYS_APP_PATH).'upload/courses/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_APP_PATH).'upload/courses/').'</td>
<td class="requirements-item">'.api_get_path(SYS_UPLOAD_PATH).'courses/</td>
<td class="requirements-value">'.check_writable(api_get_path(SYS_UPLOAD_PATH).'courses/').'</td>
</tr>
<tr>
<td class="requirements-item">'.api_get_path(SYS_CODE_PATH).'default_course_document/images/</td>
@ -1007,19 +1007,19 @@ function display_requirements(
@chmod($checked_writable, $perm);
}
$checked_writable = api_get_path(SYS_APP_PATH).'upload/users/';
$checked_writable = api_get_path(SYS_UPLOAD_PATH).'users/';
if (!is_writable($checked_writable)) {
$notWritable[] = $checked_writable;
@chmod($checked_writable, $perm);
}
$checkedWritable = api_get_path(SYS_APP_PATH).'upload/sessions/';
$checkedWritable = api_get_path(SYS_UPLOAD_PATH).'sessions/';
if (!is_writable($checkedWritable)) {
$notWritable[] = $checkedWritable;
@chmod($checkedWritable, $perm);
}
$checkedWritable = api_get_path(SYS_APP_PATH).'upload/courses/';
$checkedWritable = api_get_path(SYS_UPLOAD_PATH).'courses/';
if (!is_writable($checkedWritable)) {
$notWritable[] = $checkedWritable;
@chmod($checkedWritable, $perm);

2
tests/wipe-out.php
Unescape View File

@ -52,7 +52,7 @@ $homepath = api_get_path(SYS_PATH).'home';
$clean_dirs = array(
api_get_path(SYS_COURSE_PATH), //courses
api_get_path(SYS_APP_PATH).'config/',
api_get_path(SYS_APP_PATH).'upload/users/',
api_get_path(SYS_UPLOAD_PATH).'users/',
api_get_path(SYS_ARCHIVE_PATH)
);

Write Preview
Loading…
Cancel
Save