Feature #2484 Enabled move folders for students into his/her shared folder

main/document/document.inc.php

@@ -556,8 +556,8 @@ function is_any_user_shared_folder($path, $current_session_id) {
  */
 function is_my_shared_folder($user_id, $path, $current_session_id) {
 	$clean_path = Security::remove_XSS($path).'/';	
-	$main_user_shared_folder = '/shared_folder\/sf_user_'.$user_id.'\//';
-	$main_user_shared_folder_session='/shared_folder_session_'.$current_session_id.'\/sf_user_'.$user_id.'\//';
+	$main_user_shared_folder = '/shared_folder\/sf_user_'.$user_id.'\//';//for security does not remove the last slash
+	$main_user_shared_folder_session='/shared_folder_session_'.$current_session_id.'\/sf_user_'.$user_id.'\//';//for security does not remove the last slash
 	
 	if(preg_match($main_user_shared_folder, $clean_path)){
 		return true;

main/document/document.php

@@ -442,7 +442,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'copytomyfiles' && api_get_sett
 
 	/*	MOVE FILE OR DIRECTORY */
 	//Only teacher and all users into their group
-	if($is_allowed_to_edit || $group_member_with_upload_rights){	
+	if($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder($_user['user_id'], $curdirpath, $current_session_id) || is_my_shared_folder($_user['user_id'], Security::remove_XSS($_POST['move_to']), $current_session_id)){	
 		$my_get_move = Security::remove_XSS($_GET['move']);
 		if (isset($_GET['move']) && $_GET['move'] != '') {
 			
@@ -459,13 +459,29 @@ if (isset($_GET['action']) && $_GET['action'] == 'copytomyfiles' && api_get_sett
 			}
 	
 			if (DocumentManager::get_document_id($_course, $my_get_move)) {
-				$folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights);				
+				$folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights);
 				
-				echo '<div class="row"><div class="form_header">'.get_lang('Move').'</div></div>';
-				echo build_move_to_selector($folders, Security::remove_XSS($_GET['curdirpath']), $my_get_move, $group_properties['directory']);
+				//filter if is my shared folder. TODO: move this code to build_move_to_selector function
+				if(is_my_shared_folder($_user['user_id'], $curdirpath, $current_session_id) && !$is_allowed_to_edit){
+					$main_user_shared_folder_sub  = '/shared_folder\/sf_user_'.api_get_user_id().'\//';//all subfolders			
+					$main_user_shared_folder_main = '/shared_folder\/sf_user_'.api_get_user_id().'$/';//only main user shared folder
+					$user_shared_folders=array();
+					
+					foreach($folders as $fold){
+						if(preg_match($main_user_shared_folder_main, $fold) || preg_match($main_user_shared_folder_sub, $fold)){
+							$user_shared_folders[]=$fold;
+						}
+					}						
+					echo '<div class="row"><div class="form_header">'.get_lang('Move').'</div></div>';
+					echo build_move_to_selector($user_shared_folders, Security::remove_XSS($_GET['curdirpath']), $my_get_move, $group_properties['directory']);
+				}
+				else{
+					echo '<div class="row"><div class="form_header">'.get_lang('Move').'</div></div>';
+					echo build_move_to_selector($folders, Security::remove_XSS($_GET['curdirpath']), $my_get_move, $group_properties['directory']);			
+				}
 			}
 		}
-	
+		
 		if (isset($_POST['move_to']) && isset($_POST['move_file'])) {
 			if (!$is_allowed_to_edit) {
 				if (DocumentManager::check_readonly($_course, $_user['user_id'], $my_get_move)) {
@@ -484,7 +500,6 @@ if (isset($_GET['action']) && $_GET['action'] == 'copytomyfiles' && api_get_sett
 			// This is needed for the update_db_info function
 			//$dbTable = $_course['dbNameGlu'].'document';
 			$dbTable = Database::get_course_table(TABLE_DOCUMENT);
-	
 			// Security fix: make sure they can't move files that are not in the document table
 			if (DocumentManager::get_document_id($_course, $_POST['move_file'])) {
 				if (move($base_work_dir.$_POST['move_file'], $base_work_dir.$_POST['move_to'])) {