chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #2712 Integrate external services Pixlr. Second step

Browse Source
skala
Juan Carlos Raña 14 years ago
parent 59eccf2e1b
commit 15abeaff72
4 changed files with 468 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 158
      main/document/create_paint.php
  2. 143
      main/document/edit_paint.php
  3. 26
      main/document/exit_pixlr.php
  4. 141
      main/document/save_pixlr.php

158
main/document/create_paint.php
Unescape View File

@ -0,0 +1,158 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This file allows creating audio files from a text.
*
* @package chamilo.document
*
* @author Juan Carlos Raña Trabado
* @since 30/January/2011
* TODO:clean all file
*/
/* INIT SECTION */
$language_file = array('document');
require_once '../inc/global.inc.php';
$_SESSION['whereami'] = 'document/createpaint';
$this_section = SECTION_COURSES;
require_once 'document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
$nameTools = get_lang('Paint');
api_protect_course_script();
api_block_anonymous_users();
if (api_get_setting('enabled_support_paint') == 'false'){
api_not_allowed(true);
}
if (!isset($_GET['dir'])){
api_not_allowed(true);
}
$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
//path for pixlr save
$_SESSION['paint_dir']=Security::remove_XSS($_GET['dir']);
if($_SESSION['paint_dir']=='/'){
$_SESSION['paint_dir']='';
}
$_SESSION['paint_file']=get_lang('NewImage');
// Please, do not modify this dirname formatting
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/'.$dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir;
if (!is_dir($filepath)) {
$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/';
$dir = '/';
}
//groups //TODO: clean
if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
$req_gid = '&amp;gidReq='.$_SESSION['_gid'];
$interbreadcrumb[] = array ("url" => "../group/group_space.php?gidReq=".$_SESSION['_gid'], "name" => get_lang('GroupSpace'));
$noPHP_SELF = true;
$to_group_id = $_SESSION['_gid'];
$group = GroupManager :: get_group_properties($to_group_id);
$path = explode('/', $dir);
if ('/'.$path[1] != $group['directory']) {
api_not_allowed(true);
}
}
$interbreadcrumb[] = array ("url" => "./document.php?curdirpath=".urlencode($_GET['dir']).$req_gid, "name" => get_lang('Documents'));
if (!$is_allowed_in_course) {
api_not_allowed(true);
}
if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder($_user['user_id'], Security::remove_XSS($_GET['dir']),api_get_session_id()))) {
api_not_allowed(true);
}
/* Header */
event_access_tool(TOOL_DOCUMENT);
$display_dir = $dir;
if (isset ($group)) {
$display_dir = explode('/', $dir);
unset ($display_dir[0]);
unset ($display_dir[1]);
$display_dir = implode('/', $display_dir);
}
// Interbreadcrumb for the current directory root path
// Copied from document.php
$dir_array = explode('/', $dir);
$array_len = count($dir_array);
$dir_acum = '';
for ($i = 0; $i < $array_len; $i++) {
$url_dir = 'document.php?&curdirpath='.$dir_acum.$dir_array[$i];
//Max char 80
$url_to_who = cut($dir_array[$i],80);
if ($is_certificate_mode) {
$interbreadcrumb[] = array('url' => $url_dir.'&selectcat='.Security::remove_XSS($_GET['selectcat']), 'name' => $url_to_who);
} else {
$interbreadcrumb[] = array('url' => $url_dir, 'name' => $url_to_who);
}
$dir_acum .= $dir_array[$i].'/';
}
//
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['dir']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview')).get_lang('BackTo').' '.get_lang('DocumentsOverview').'</a>';
echo '</div>';
///pixlr
// max size 1 Mb
$title=urlencode(utf8_encode(get_lang('NewImage')));//TODO:check
//
$image=api_get_path(WEB_IMG_PATH).'canvas1024x768.png';
//
$pixlr_code_translation_table = array('' => 'en', 'pt' => 'pt-Pt', 'sr' => 'sr_latn');
$langpixlr = api_get_language_isocode();
$langpixlr = isset($pixlr_code_translation_table[$langpixlr]) ? $pixlredit_code_translation_table[$langpixlr] : $langpixlr;
$loc=$langpixlr;// deprecated ?? TODO:check pixlr read user browser
$exit_path=api_get_path(WEB_CODE_PATH).'document/exit_pixlr.php';
$_SESSION['exit_pixlr']= Security::remove_XSS($_GET['dir']);
$exit=$exit_path;
$referrer="Chamilo";
$target_path=api_get_path(WEB_CODE_PATH).'document/save_pixlr.php';
$target=$target_path;
$locktarget="true";
$locktitle="false";
echo '<iframe style=\'height: 600px; width: 100%;\' scrolling=\'no\' frameborder=\'0\' src=\'http://pixlr.com/editor/?title='.$title.'&amp;image='.$image.'&amp;loc='.$loc.'&amp;referrer='.$referrer.'&amp;target='.$target.'&amp;exit='.$exit.'&amp;locktarget='.$locktarget.'&amp;locktitle='.$locktitle.'\'>';
echo '</iframe>';
?>

143
main/document/edit_paint.php
Unescape View File

@ -0,0 +1,143 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This file allows creating new svg and png documents with an online editor.
*
* @package chamilo.document
*
* @author Juan Carlos Raña Trabado
* @since 30/january/2011
*/
/* INIT SECTION */
$language_file = array('document');
require_once '../inc/global.inc.php';
$_SESSION['whereami'] = 'document/editpaint';
$this_section = SECTION_COURSES;
require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
//
api_protect_course_script();
api_block_anonymous_users();
if (!isset($_GET['curdirpath']) || !isset($_GET['file'])){
api_not_allowed(true);
}
/* Constants & Variables */
$current_session_id=api_get_session_id();
//path for pixlr save
$_SESSION['paint_dir']=Security::remove_XSS($_GET['curdirpath']);
if($_SESSION['paint_dir']=='/'){
$_SESSION['paint_dir']='';
}
$_SESSION['paint_file']=basename(Security::remove_XSS($_GET['file']));
//
$get_file = Security::remove_XSS($_GET['file']);
$file = basename($get_file);
$temp_file = explode(".",$file);
$filename=$temp_file[0];
$nameTools = get_lang('EditDocument') . ': '.$filename;
$dir = Security::remove_XSS($_GET['curdirpath']);
$courseDir = $_course['path'].'/document';
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
/* Other initialization code */
/* Please, do not modify this dirname formatting */
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/'.$dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir;
if (!is_dir($filepath)) {
$filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/';
$dir = '/';
}
//groups //TODO:clean
if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
$req_gid = '&amp;gidReq='.$_SESSION['_gid'];
$interbreadcrumb[] = array ('url' => '../group/group_space.php?gidReq='.$_SESSION['_gid'], 'name' => get_lang('GroupSpace'));
$group_document = true;
$noPHP_SELF = true;
}
$my_cur_dir_path = Security::remove_XSS($_GET['curdirpath']);
if (!$is_certificate_mode)
$interbreadcrumb[]=array("url"=>"./document.php?curdirpath=".urlencode($my_cur_dir_path).$req_gid, "name"=> get_lang('Documents'));
else
$interbreadcrumb[]= array ( 'url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
$is_allowedToEdit = is_allowed_to_edit() || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder($_user['user_id'], $my_cur_dir_path, $current_session_id);
if (!$is_allowedToEdit) {
api_not_allowed(true);
}
event_access_tool(TOOL_DOCUMENT);
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['curdirpath']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview')).get_lang('BackTo').' '.get_lang('DocumentsOverview').'</a>';
echo '<a href="edit_document.php?'.api_get_cidreq().'&curdirpath='.Security::remove_XSS($_GET['curdirpath']).'&amp;file='.urlencode($dir.$file).$req_gid.'&amp;origin=editpaint">'.Display::return_icon('edit.gif',get_lang('Rename')).get_lang('Rename').', '.get_lang('Comment').'</a>';
echo '</div>';
///pixlr
// max size 1 Mb
$title=$file;//disk name. No sql name because pixlr return this when save
$image=urlencode(api_get_path(WEB_COURSE_PATH).$courseDir.$dir.$file);//TODO: only work with public courses
//
$pixlr_code_translation_table = array('' => 'en', 'pt' => 'pt-Pt', 'sr' => 'sr_latn');
$langpixlr = api_get_language_isocode();
$langpixlr = isset($pixlr_code_translation_table[$langpixlr]) ? $pixlredit_code_translation_table[$langpixlr] : $langpixlr;
$loc=$langpixlr;// deprecated ?? TODO:check pixlr read user browser
$exit_path=api_get_path(WEB_CODE_PATH).'document/exit_pixlr.php';
$_SESSION['exit_pixlr']= Security::remove_XSS($_GET['curdirpath']);
$exit=$exit_path;
$referrer="Chamilo";
$target_path=api_get_path(WEB_CODE_PATH).'document/save_pixlr.php';
$target=$target_path;
$locktarget="true";
$locktitle="false";
echo '<iframe style=\'height: 600px; width: 100%;\' scrolling=\'no\' frameborder=\'0\' src=\'http://pixlr.com/editor/?title='.$title.'&amp;image='.$image.'&amp;loc='.$loc.'&amp;referrer='.$referrer.'&amp;target='.$target.'&amp;exit='.$exit.'&amp;locktarget='.$locktarget.'&amp;locktitle='.$locktitle.'\'>';
echo '</iframe>';
Display::display_footer();
?>

26
main/document/exit_pixlr.php
Unescape View File

@ -0,0 +1,26 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This file allows creating new svg and png documents with an online editor.
*
* @package chamilo.document
*
* @author Juan Carlos Raña Trabado
* @since 30/january/2011
*/
require_once '../inc/global.inc.php';
api_protect_course_script();
api_block_anonymous_users();
if (!isset($_SESSION['exit_pixlr'])){
$location=api_get_path(WEB_CODE_PATH).'document/document.php';
echo '<script>top.location.href="'.$location.'"</script>';
api_not_allowed(true);
}
else{
$location=api_get_path(WEB_CODE_PATH).'document/document.php?curdirpath='.Security::remove_XSS($_SESSION['exit_pixlr']);
echo '<script>top.location.href="'.$location.'"</script>';
unset($_SESSION['exit_pixlr']);
}
?>

141
main/document/save_pixlr.php
Unescape View File

@ -0,0 +1,141 @@
<?php
/* For licensing terms, see /license.txt */
/**
* This file allows creating new svg and png documents with an online editor.
*
* @package chamilo.document
*
* @author Juan Carlos Raña Trabado
* @since 30/january/2011
*/
require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
require_once api_get_path(LIBRARY_PATH).'document.lib.php';
api_protect_course_script();
api_block_anonymous_users();
if(!isset($_GET['title']) && !isset($_GET['type']) && !isset($_GET['image'])) {
api_not_allowed();
die();
}
if(!isset($_SESSION['paint_dir']) || !isset($_SESSION['whereami']) ){
api_not_allowed();//
die();
}
//pixlr return
$filename=Security::remove_XSS($_GET['title']);//The user preferred file name of the image.
$extension=Security::remove_XSS($_GET['type']);//The image type, "pdx", "jpg", "bmp" or "png".
$urlcontents=Security::remove_XSS($_GET['image']);//A URL to the image on Pixlr.com server or the raw file post of the saved image.
//make variables
$title = Database::escape_string(str_replace('_',' ',$filename));
$current_session_id = api_get_session_id();
$groupId=$_SESSION['_gid'];
$relativeUrlPath=$_SESSION['paint_dir'];
$currentTool=$_SESSION['whereami'];
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
$saveDir=$dirBaseDocuments.$_SESSION['paint_dir'];
$contents = file_get_contents($urlcontents);
//Verify that the URL is pointing to a file @ pixlr.com
if (strpos($urlcontents, "pixlr.com") == 0){
echo "Invalid referrer";
exit;
}
//Verify that the file is an image
$headers = get_headers($urlcontents, 1);
$content_type = explode("/", $headers['Content-Type']);
if ($content_type[0] != "image"){
echo "Invalid file type";
exit;
}
//a bit title security
$filename = addslashes(trim($filename));
$filename = Security::remove_XSS($filename);
$filename = replace_dangerous_char($filename, 'strict');
$filename = disable_dangerous_file($filename);
// a bit extension security
if($extension!= 'jpg' && $extension!= 'png' && $extension!= 'bmp' && $extension!= 'pxd'){
die();
}
//TODO: a bit mime security
//path, file and title
$paintFileName = $filename.'.'.$extension;
$title = $title.'.'.$extension;
if($currentTool=='document/createpaint'){
//check save as and prevent rewrite an older file with same name
if (0 != $groupId){
$group_properties = GroupManager :: get_group_properties($groupId);
$groupPath = $group_properties['directory'];
}
else{
$groupPath ='';
}
if (file_exists($saveDir.'/'.$filename.'.'.$extension)){
$i = 1;
while (file_exists($saveDir.'/'.$filename.'_'.$i.'.'.$extension)) $i++;
$paintFileName = $filename . '_' . $i . '.'.$extension;
$title = $filename . '_' . $i . '.'.$extension;
}
//
$documentPath = $saveDir.'/'.$paintFileName;
//add new document to disk
file_put_contents( $documentPath, $contents );
//add document to database
$doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id);
}elseif($currentTool=='document/editpaint'){
$documentPath = $saveDir.'/'.$paintFileName;
//add new document to disk
file_put_contents( $documentPath, $contents );
//check path
if(!isset($_SESSION['paint_file'])){
api_not_allowed();
die();
}
if($_SESSION['paint_file']==$paintFileName){
$document_id = DocumentManager::get_document_id($_course, $relativeUrlPath.'/'.$paintFileName);
update_existing_document($_course, $document_id, filesize($documentPath), null);
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_user['user_id'], $groupId, null, null, null, $current_session_id);
}else{
//add a new document
$doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id);
}
}
//Clean sessions and return to Chamilo file list
unset($_SESSION['paint_dir']);
unset($_SESSION['paint_file']);
unset($_SESSION['whereami']);
if (!isset($_SESSION['exit_pixlr'])){
$location=api_get_path(WEB_CODE_PATH).'document/document.php';
echo '<script>top.location.href="'.$location.'"</script>';
api_not_allowed(true);
}
else{
$location=api_get_path(WEB_CODE_PATH).'document/document.php?curdirpath='.Security::remove_XSS($_SESSION['exit_pixlr']);
echo '<script>top.location.href="'.$location.'"</script>';
unset($_SESSION['exit_pixlr']);
}
?>
Write Preview
Loading…
Cancel
Save