diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000000..7f01103444 --- /dev/null +++ b/.htaccess @@ -0,0 +1,31 @@ +# Check that your Apache virtualhost have this settings: + +# +# AllowOverride All +# Order allow,deny +# Allow from all +# + +RewriteEngine on +RewriteCond %{QUERY_STRING} ^id=(.*)$ + +# http://my.chamilo.net/certificates/?id=123 to http://my.chamilo.net/certificates/index.php?id=123 +RewriteRule ^certificates/$ certificates/index.php?id=%1 [L] + +# http://my.chamilo.net/jdoe to http://my.chamilo.net/user.php?jdoe +RewriteRule ^([^/.]+)/?$ user.php?$1 [L] + +# Course redirection +RewriteCond %{QUERY_STRING} ^id_session=(.*)$ +RewriteRule ^courses/([^/]+)/index.php$ main/course_home/course_home.php?cidReq=$1&id_session=%1 [L] +RewriteRule ^courses/([^/]+)/$ main/course_home/course_home.php?cidReq=$1&id_session=%1 [L] +RewriteRule ^courses/([^/]+)/index.php$ main/course_home/course_home.php?cidReq=$1 [L] + +# Rewrite everything in the scorm folder of a course to the download script +RewriteRule ^courses/([^/]+)/scorm/(.*)$ main/document/download_scorm.php?doc_url=/$2&cDir=$1 [QSA,L] + +# Rewrite everything in the document folder of a course to the download script +RewriteRule ^courses/([^/]+)/document/(.*)$ main/document/download.php?doc_url=/$2&cDir=$1 [QSA,L] + +# Rewrite everything in the work folder +RewriteRule ^courses/([^/]+)/work/(.*)$ main/work/download.php?file=work/$2&cDir=$1 [QSA,L] diff --git a/htaccess b/htaccess deleted file mode 100755 index 2911886af3..0000000000 --- a/htaccess +++ /dev/null @@ -1,20 +0,0 @@ -# Check that your Apache virtualhost have this settings: - -# -# AllowOverride All -# Order allow,deny -# Allow from all -# - - - -RewriteEngine on -RewriteCond %{QUERY_STRING} ^id=(.*)$ -RewriteRule ^certificates/$ certificates/index.php?id=%1 [L] -RewriteRule ^([^/.]+)/?$ user.php?$1 [L] - - - -# This will transform -# http://my.chamilo.net/certificates/?id=123 to http://my.chamilo.net/certificates/index.php?id=123 -# http://my.chamilo.net/juliomontoya to http://my.chamilo.net/user.php?juliomontoya \ No newline at end of file diff --git a/main/course_home/course_home.php b/main/course_home/course_home.php index 87a047dae7..34b0678419 100755 --- a/main/course_home/course_home.php +++ b/main/course_home/course_home.php @@ -28,11 +28,10 @@ * @package chamilo.course_home */ -use \ChamiloSession as Session; +use ChamiloSession as Session; $use_anonymous = true; -// Inlcuding the global initialization file. require_once dirname(__FILE__).'/../inc/global.inc.php'; // Delete LP sessions - commented out after seeing that normal @@ -136,6 +135,7 @@ $course_code = api_get_course_id(); $sessionId = api_get_session_id(); $show_message = ''; + if (api_is_invitee()) { $isInASession = $sessionId > 0; $isSubscribed = CourseManager::is_user_subscribed_in_course( diff --git a/main/cron/import_csv.php b/main/cron/import_csv.php index 8006fb36ac..e2b92bc2a8 100755 --- a/main/cron/import_csv.php +++ b/main/cron/import_csv.php @@ -1483,7 +1483,7 @@ if (isset($_configuration['import_csv_fix_permissions']) && echo "Executing: ".$command.PHP_EOL; system($command); - $command = "sudo find ".api_get_path(SYS_APP_PATH)."upload/users -type d -exec chmod 777 {} \;"; + $command = "sudo find ".api_get_path(SYS_UPLOAD_PATH)."users -type d -exec chmod 777 {} \;"; echo "Executing: ".$command.PHP_EOL; system($command); } diff --git a/main/cron/user_import/client.php b/main/cron/user_import/client.php index 69031e36c3..41a3b0c117 100755 --- a/main/cron/user_import/client.php +++ b/main/cron/user_import/client.php @@ -26,7 +26,7 @@ $client = new nusoap_client(api_get_path(WEB_CODE_PATH).'cron/user_import/servic $response = $client->call( 'import_users', array( - 'filepath' => api_get_path(SYS_APP_PATH)."upload/users_import.csv", + 'filepath' => api_get_path(SYS_UPLOAD_PATH)."users_import.csv", 'security_key' => $_configuration['security_key'], ) ); diff --git a/main/inc/lib/add_course.lib.inc.php b/main/inc/lib/add_course.lib.inc.php index 7ead6f7fc8..77d3f4bed3 100755 --- a/main/inc/lib/add_course.lib.inc.php +++ b/main/inc/lib/add_course.lib.inc.php @@ -169,7 +169,7 @@ class AddCourse fclose($fp); // Build index.php of the course. - $fd = fopen($cp . '/index.php', 'w'); + /*$fd = fopen($cp . '/index.php', 'w'); // str_replace() removes \r that cause squares to appear at the end of each line //@todo fix the harcoded include @@ -184,7 +184,7 @@ class AddCourse ?>" ); fwrite($fd, $string); - @chmod($cp . '/index.php', $perm_file); + @chmod($cp . '/index.php', $perm_file);*/ return 0; } diff --git a/main/inc/lib/api.lib.php b/main/inc/lib/api.lib.php index b7b05709b3..a3d00e6d94 100644 --- a/main/inc/lib/api.lib.php +++ b/main/inc/lib/api.lib.php @@ -273,6 +273,7 @@ define('VALID_WEB_SERVER_BASE', '/https?:\/\/[^\/]*/i'); // $new_path define('WEB_PATH', 'WEB_PATH'); define('SYS_PATH', 'SYS_PATH'); define('SYS_APP_PATH', 'SYS_APP_PATH'); +define('SYS_UPLOAD_PATH', 'SYS_UPLOAD_PATH'); define('REL_PATH', 'REL_PATH'); define('WEB_SERVER_ROOT_PATH', 'WEB_SERVER_ROOT_PATH'); define('SYS_SERVER_ROOT_PATH', 'SYS_SERVER_ROOT_PATH'); @@ -577,7 +578,8 @@ require_once __DIR__.'/internationalization.lib.php'; * api_get_path(REL_CODE_PATH) /chamilo/main/ * api_get_path(SYS_SERVER_ROOT_PATH) /var/www/ - This is the physical folder where the system Chamilo has been placed. It is not always equal to $_SERVER['DOCUMENT_ROOT']. * api_get_path(SYS_PATH) /var/www/chamilo/ - * api_get_path(SYS_APP_PATH) /var/www/chamilo/app + * api_get_path(SYS_APP_PATH) /var/www/chamilo/app/ + * api_get_path(SYS_UPLOAD_PATH) /var/www/chamilo/app/upload/ * * api_get_path(SYS_ARCHIVE_PATH) /var/www/chamilo/app/cache * api_get_path(SYS_COURSE_PATH) /var/www/chamilo/app/courses/ @@ -594,7 +596,7 @@ require_once __DIR__.'/internationalization.lib.php'; * * api_get_path(WEB_SERVER_ROOT_PATH) http://www.mychamilo.org/ * api_get_path(WEB_PATH) http://www.mychamilo.org/chamilo/ - * api_get_path(WEB_COURSE_PATH) http://www.mychamilo.org/chamilo/app/courses/ + * api_get_path(WEB_COURSE_PATH) http://www.mychamilo.org/chamilo/courses/ * api_get_path(WEB_CODE_PATH) http://www.mychamilo.org/chamilo/main/ * api_get_path(WEB_DATA_PATH) http://www.mychamilo.org/chamilo/data/ * api_get_path(WEB_PLUGIN_PATH) http://www.mychamilo.org/chamilo/plugin/ @@ -646,6 +648,7 @@ function api_get_path($path_type, $path = null) SYS_ARCHIVE_PATH => 'app/cache/', WEB_ARCHIVE_PATH => 'app/cache/', SYS_APP_PATH => 'app/', + SYS_UPLOAD_PATH => 'app/upload/', INCLUDE_PATH => 'inc/', LIBRARY_PATH => 'inc/lib/', CONFIGURATION_PATH => 'app/config/', @@ -750,7 +753,7 @@ function api_get_path($path_type, $path = null) $paths[WEB_SERVER_ROOT_PATH] = $server_base_web.'/'; $paths[SYS_SERVER_ROOT_PATH] = $server_base_sys.'/'; - $paths[WEB_COURSE_PATH] = $root_web.'app/'.$course_folder; + $paths[WEB_COURSE_PATH] = $root_web.$course_folder; $paths[REL_COURSE_PATH] = $root_rel.$course_folder; $paths[REL_CODE_PATH] = $root_rel.$code_folder; @@ -762,11 +765,12 @@ function api_get_path($path_type, $path = null) $paths[WEB_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[WEB_CODE_PATH].'default_course_document/'; $paths[REL_DEFAULT_COURSE_DOCUMENT_PATH] = $paths[REL_PATH].'main/default_course_document/'; - // Now we can switch into api_get_path() "terminology". $paths[SYS_LANG_PATH] = $paths[SYS_CODE_PATH].$paths[SYS_LANG_PATH]; $paths[SYS_APP_PATH] = $paths[SYS_PATH].$paths[SYS_APP_PATH]; + $paths[SYS_UPLOAD_PATH] = $paths[SYS_PATH].$paths[SYS_UPLOAD_PATH]; + $paths[SYS_PLUGIN_PATH] = $paths[SYS_PATH].$paths[SYS_PLUGIN_PATH]; $paths[SYS_ARCHIVE_PATH] = $paths[SYS_PATH].$paths[SYS_ARCHIVE_PATH]; $paths[SYS_TEST_PATH] = $paths[SYS_PATH].$paths[SYS_TEST_PATH]; @@ -5580,20 +5584,19 @@ function api_is_element_in_the_session($tool, $element_id, $session_id = null) { return false; } + /** * Replaces "forbidden" characters in a filename string. * - * @author Hugues Peeters - * @author René Haentjens, UGent (RH) - * @author Ivan Tcholakov, JUN-2009. Transliteration functionality has been added. - * @param string $filename The filename string. - * @param string $strict (optional) When it is 'strict', all non-ASCII charaters will be replaced. Additional ASCII replacemets will be done too. - * @return string The cleaned filename. + * @param string $filename + * @param int $length + * @param bool $file_name + * @return string */ - -function api_replace_dangerous_char($filename, $strict = 'loose') +function api_replace_dangerous_char($filename) { - return URLify::filter($filename, 250); + return URLify::filter($filename, 250, '', true); + /* // Safe replacements for some non-letter characters. static $search = array(',', "\0", ' ', "\t", "\n", "\r", "\x0B", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%'); diff --git a/main/inc/lib/diagnoser.lib.php b/main/inc/lib/diagnoser.lib.php index a0794ef286..dca6e8d66c 100755 --- a/main/inc/lib/diagnoser.lib.php +++ b/main/inc/lib/diagnoser.lib.php @@ -72,7 +72,7 @@ class Diagnoser $array = array(); $writable_folders = array( api_get_path(SYS_APP_PATH) .'cache', - api_get_path(SYS_APP_PATH) .'courses', + api_get_path(SYS_COURSE_PATH), api_get_path(SYS_APP_PATH) .'home', api_get_path(SYS_APP_PATH) .'upload/users/', api_get_path(SYS_PATH) .'main/default_course_document/images/', diff --git a/main/inc/lib/extra_field_value.lib.php b/main/inc/lib/extra_field_value.lib.php index 1d174f2798..5748e21337 100755 --- a/main/inc/lib/extra_field_value.lib.php +++ b/main/inc/lib/extra_field_value.lib.php @@ -166,10 +166,10 @@ class ExtraFieldValue extends Model switch ($this->type) { case 'course': - $fileDir = api_get_path(SYS_APP_PATH)."upload/courses/"; + $fileDir = api_get_path(SYS_UPLOAD_PATH)."courses/"; break; case 'session': - $fileDir = api_get_path(SYS_APP_PATH)."upload/sessions/"; + $fileDir = api_get_path(SYS_UPLOAD_PATH)."sessions/"; break; case 'user': $fileDir = UserManager::getUserPathById($this->handler_id, 'system'); @@ -204,10 +204,10 @@ class ExtraFieldValue extends Model switch ($this->type) { case 'course': - $fileDir = api_get_path(SYS_APP_PATH)."upload/courses/"; + $fileDir = api_get_path(SYS_UPLOAD_PATH)."courses/"; break; case 'session': - $fileDir = api_get_path(SYS_APP_PATH)."upload/sessions/"; + $fileDir = api_get_path(SYS_UPLOAD_PATH)."sessions/"; break; case 'user': $fileDir = UserManager::getUserPathById($this->handler_id, 'system'); diff --git a/main/inc/lib/group_portal_manager.lib.php b/main/inc/lib/group_portal_manager.lib.php index 8dd70bc8d2..806283b96c 100755 --- a/main/inc/lib/group_portal_manager.lib.php +++ b/main/inc/lib/group_portal_manager.lib.php @@ -956,11 +956,11 @@ class GroupPortalManager { switch ($type) { case 'system': // Base: absolute system path. - $base = api_get_path(SYS_APP_PATH); + $base = api_get_path(SYS_UPLOAD_PATH); break; case 'web': // Base: absolute web path. default: - $base = api_get_path(WEB_PATH).'app/'; + $base = api_get_path(WEB_PATH).'app/uploads/'; break; } @@ -985,14 +985,14 @@ class GroupPortalManager if (api_get_setting('split_users_upload_directory') === 'true') { if (!empty($picture_filename)) { - $dir = $base.'upload/groups/'.substr($picture_filename, 0, 1).'/'.$id.'/'; + $dir = $base.'groups/'.substr($picture_filename, 0, 1).'/'.$id.'/'; } elseif ($preview) { - $dir = $base.'upload/groups/'.substr((string) $id, 0, 1).'/'.$id.'/'; + $dir = $base.'groups/'.substr((string) $id, 0, 1).'/'.$id.'/'; } else { - $dir = $base.'upload/groups/'.$id.'/'; + $dir = $base.'groups/'.$id.'/'; } } else { - $dir = $base.'upload/groups/'.$id.'/'; + $dir = $base.'groups/'.$id.'/'; } if (empty($picture_filename) && $anonymous) { diff --git a/main/inc/lib/usermanager.lib.php b/main/inc/lib/usermanager.lib.php index 1d04f3b21b..9ab234ab48 100755 --- a/main/inc/lib/usermanager.lib.php +++ b/main/inc/lib/usermanager.lib.php @@ -413,7 +413,8 @@ class UserManager a user has 4 different sized photos to be deleted. */ $user_info = api_get_user_info($user_id); if (strlen($user_info['picture_uri']) > 0) { - $img_path = api_get_path(SYS_APP_PATH).'upload/users/'.$user_id.'/'.$user_info['picture_uri']; + $path = self::getUserPathById($user_id); + $img_path = $path.$user_info['picture_uri']; if (file_exists($img_path)) unlink($img_path); } @@ -1242,7 +1243,7 @@ class UserManager 'email' => '', ); - if ((empty($id) || empty($type))) { + if (empty($id) || empty($type)) { return $anonymousPath; } @@ -1277,7 +1278,7 @@ class UserManager * The return format is a complete path to a folder ending with "/" * @param integer $id User ID * @param string $type Type of path to return (can be 'system', 'web') - * @return string User folder path (i.e. /var/www/chamilo/main/upload/users/1/1/) + * @return string User folder path (i.e. /var/www/chamilo/app/upload/users/1/1/) */ public static function getUserPathById($id, $type) { @@ -1286,17 +1287,16 @@ class UserManager return null; } - $userPath = "upload/users/$id/"; + $userPath = "users/$id/"; if (api_get_setting('split_users_upload_directory') === 'true') { - $userPath = 'upload/users/'.substr((string) $id, 0, 1).'/'.$id.'/'; + $userPath = 'users/'.substr((string) $id, 0, 1).'/'.$id.'/'; } - switch ($type) { case 'system': // Base: absolute system path. - $userPath = api_get_path(SYS_APP_PATH).$userPath; + $userPath = api_get_path(SYS_UPLOAD_PATH).$userPath; break; case 'web': // Base: absolute web path. - $userPath = api_get_path(WEB_PATH).'app/'.$userPath; + $userPath = api_get_path(WEB_PATH).'app/upload/'.$userPath; break; } @@ -1306,7 +1306,7 @@ class UserManager /** * Gets the current user image * @param string $user_id - * @param string $size it can be USER_IMAGE_SIZE_SMALL, + * @param int $size it can be USER_IMAGE_SIZE_SMALL, * USER_IMAGE_SIZE_MEDIUM, USER_IMAGE_SIZE_BIG or USER_IMAGE_SIZE_ORIGINAL * @param bool $addRandomId * @param array $userInfo to avoid query the DB @@ -1323,6 +1323,10 @@ class UserManager $pictureWebFile = $imageWebPath['file']; $pictureWebDir = $imageWebPath['dir']; + $pictureAnonymous = 'unknown.jpg'; + $gravatarSize = 22; + $realSizeName = 'small_'; + switch ($size) { case USER_IMAGE_SIZE_SMALL: $pictureAnonymous = 'unknown_22.jpg'; @@ -1360,9 +1364,10 @@ class UserManager } return $file; } + $anonymousPath = api_get_path(WEB_CODE_PATH).'img/'.$pictureAnonymous; - if ($pictureWebFile == 'unknown.jpg') { + if ($pictureWebFile == 'unknown.jpg' || empty($pictureWebFile)) { return $anonymousPath; } diff --git a/main/install/install.lib.php b/main/install/install.lib.php index 982ed93358..4ee895c7a1 100755 --- a/main/install/install.lib.php +++ b/main/install/install.lib.php @@ -899,16 +899,16 @@ function display_requirements( '.check_writable(api_get_path(CONFIGURATION_PATH)).' - '.api_get_path(SYS_APP_PATH).'upload/users/ - '.check_writable(api_get_path(SYS_APP_PATH).'upload/users/').' + '.api_get_path(SYS_UPLOAD_PATH).'users/ + '.check_writable(api_get_path(SYS_UPLOAD_PATH).'users/').' - '.api_get_path(SYS_APP_PATH).'upload/sessions/ - '.check_writable(api_get_path(SYS_APP_PATH).'upload/sessions/').' + '.api_get_path(SYS_UPLOAD_PATH).'sessions/ + '.check_writable(api_get_path(SYS_UPLOAD_PATH).'sessions/').' - '.api_get_path(SYS_APP_PATH).'upload/courses/ - '.check_writable(api_get_path(SYS_APP_PATH).'upload/courses/').' + '.api_get_path(SYS_UPLOAD_PATH).'courses/ + '.check_writable(api_get_path(SYS_UPLOAD_PATH).'courses/').' '.api_get_path(SYS_CODE_PATH).'default_course_document/images/ @@ -1007,19 +1007,19 @@ function display_requirements( @chmod($checked_writable, $perm); } - $checked_writable = api_get_path(SYS_APP_PATH).'upload/users/'; + $checked_writable = api_get_path(SYS_UPLOAD_PATH).'users/'; if (!is_writable($checked_writable)) { $notWritable[] = $checked_writable; @chmod($checked_writable, $perm); } - $checkedWritable = api_get_path(SYS_APP_PATH).'upload/sessions/'; + $checkedWritable = api_get_path(SYS_UPLOAD_PATH).'sessions/'; if (!is_writable($checkedWritable)) { $notWritable[] = $checkedWritable; @chmod($checkedWritable, $perm); } - $checkedWritable = api_get_path(SYS_APP_PATH).'upload/courses/'; + $checkedWritable = api_get_path(SYS_UPLOAD_PATH).'courses/'; if (!is_writable($checkedWritable)) { $notWritable[] = $checkedWritable; @chmod($checkedWritable, $perm); diff --git a/tests/wipe-out.php b/tests/wipe-out.php index 8cc6e3b620..205e6bac24 100755 --- a/tests/wipe-out.php +++ b/tests/wipe-out.php @@ -52,7 +52,7 @@ $homepath = api_get_path(SYS_PATH).'home'; $clean_dirs = array( api_get_path(SYS_COURSE_PATH), //courses api_get_path(SYS_APP_PATH).'config/', - api_get_path(SYS_APP_PATH).'upload/users/', + api_get_path(SYS_UPLOAD_PATH).'users/', api_get_path(SYS_ARCHIVE_PATH) );