Added move_uploaded_file validations when you uploading a work or correction - Refs #8262

9 years ago · 389f117469
parent e24ceaedd1
commit 389f117469
5 changed files with 37 additions and 9 deletions
--- a/main/inc/ajax/work.ajax.php
+++ b/main/inc/ajax/work.ajax.php
@ -95,7 +95,10 @@ switch ($action) {
            $workInfo = get_work_data_by_id($itemId);
            $workInfoParent = get_work_data_by_id($workInfo['parent_id']);
            $resultUpload = uploadWork($workInfoParent, $courseInfo, true, $workInfo);
-
+            if (!$resultUpload) {
+                echo false;
+                break;
+            }
            $work_table = Database:: get_course_table(
                TABLE_STUDENT_PUBLICATION
            );
--- a/main/inc/lib/formvalidator/FormValidator.class.php
+++ b/main/inc/lib/formvalidator/FormValidator.class.php
@ -1453,7 +1453,7 @@ EOT;
                });
            }).on('fileuploadfail', function (e, data) {
                $.each(data.files, function (index) {
-                    var error = $('<span class=\"text-danger\"/>').text('".get_lang('Failed')."');
+                    var error = $('<span class=\"text-danger\"/>').text('".get_lang('UploadError')."');
                    $(data.context.children()[index])
                        .append('<br>')
                        .append(error);
--- a/main/work/upload.php
+++ b/main/work/upload.php
@ -1,6 +1,8 @@
 <?php
 /* For licensing terms, see /license.txt */

+use ChamiloSession as Session;
+
 require_once '../inc/global.inc.php';
 $current_course_tool  = TOOL_STUDENTPUBLICATION;

@ -92,7 +94,7 @@ if ($form->validate()) {
    if ($student_can_edit_in_session && $check) {
        $values = $form->getSubmitValues();
        // Process work
-        processWorkForm(
+        $result = processWorkForm(
            $workInfo,
            $values,
            $course_info,
@ -104,8 +106,21 @@ if ($form->validate()) {
        if ($is_allowed_to_edit) {
            $script = 'work_list_all.php';
        }
-        header('Location: '.api_get_path(WEB_CODE_PATH).'work/'.$script.'?'.api_get_cidreq().'&id='.$work_id);
-        exit;
+        if (!$result) {
+            Session::write(
+                'message',
+                Display::return_message(get_lang('UploadError'), 'error')
+            );
+            header('Location: '.api_get_path(WEB_CODE_PATH).'work/'.$script.'?'.api_get_cidreq().'&id='.$work_id);
+            exit;
+        } else {
+            Session::write(
+                'message',
+                Display::return_message(get_lang('UplUploadSucceeded'), 'success')
+            );
+            header('Location: '.api_get_path(WEB_CODE_PATH).'work/'.$script.'?'.api_get_cidreq().'&id='.$work_id);
+            exit;
+        }
    } else {
        // Bad token or can't add works
        Display::addFlash(
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@ -2023,6 +2023,8 @@ function get_work_user_list(
                    }
                    $loadingText = get_lang('Loading');
                    $uploadedText = get_lang('Uploaded');
+                    $failsUploadText = get_lang('UplNoFileUploaded');
+                    $failsUploadIcon = Display::return_icon('closed-circle.png', '', [], ICON_SIZE_TINY);
                    $correction = '
                        <form
                        id="file_upload_'.$item_id.'"
@ -2048,8 +2050,11 @@ function get_work_user_list(
                                data.submit();
                            },
                            done: function (e, data) {
-                                data.context.text('Upload finished.');
-                                $('#progress_$item_id').html('$uploadedText '+data._response.result.result+'<br />'+data._response.result.name);
+                                if (data._response.result.name) {
+                                    $('#progress_$item_id').html('$uploadedText '+data._response.result.result+'<br />'+data._response.result.name);
+                                } else {
+                                    $('#progress_$item_id').html('$failsUploadText $failsUploadIcon');
+                                }
                            }
                        });
                    });
@ -3368,7 +3373,6 @@ function uploadWork($my_folder_data, $_course, $isCorrection = false, $workInfo
    }

    $curdirpath = basename($my_folder_data['url']);
-
    // If we come from the group tools the groupid will be saved in $work_table
    if (is_dir($updir.$curdirpath) || empty($curdirpath)) {
        $result = move_uploaded_file(
@ -3387,6 +3391,8 @@ function uploadWork($my_folder_data, $_course, $isCorrection = false, $workInfo
    $url = null;
    if ($result) {
        $url = 'work/'.$curdirpath.'/'.$new_file_name;
+    } else {
+        return false;
    }

    return array(
@ -3523,6 +3529,9 @@ function processWorkForm($workInfo, $values, $courseInfo, $sessionId, $groupId,

    if ($values['contains_file']) {
        $result = uploadWork($workInfo, $courseInfo, false, [], $file);
+        if (!$result) {
+            return false;
+        }
        if (isset($result['error'])) {
            $message = $result['error'];
            $saveWork = false;
--- a/main/work/work_list.php
+++ b/main/work/work_list.php
@ -69,7 +69,8 @@ echo Display::toolbarAction('toolbar-work', array(0 => $actionsLeft . $actionsRi
 if (!empty($my_folder_data['title'])) {
    echo Display::page_subheader($my_folder_data['title']);
 }
-
+echo Session::read('message');
+Session::erase('message');
 if (!empty($my_folder_data['description'])) {
    $contentWork = Security::remove_XSS($my_folder_data['description']);
    $html = '';