chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #272 - The Dropbox tool code - cosmetic changes before abandonning it.

Browse Source
skala
Ivan Tcholakov 16 years ago
parent 2ba6154ecc
commit 7b8738101a
8 changed files with 1300 additions and 1788 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 141
      main/dropbox/dropbox_class.inc.php
  2. 48
      main/dropbox/dropbox_config.inc.php
  3. 222
      main/dropbox/dropbox_download.php
  4. 648
      main/dropbox/dropbox_functions.inc.php
  5. 145
      main/dropbox/dropbox_init.inc.php
  6. 552
      main/dropbox/dropbox_submit.php
  7. 7
      main/dropbox/dropbox_zipdownload.inc.php
  8. 187
      main/dropbox/index.php

141
main/dropbox/dropbox_class.inc.php
Unescape View File

@ -1,11 +1,11 @@
<?php //$id: $ <?php
/* For licensing terms, see /license.txt */ /* For licensing terms, see /license.txt */
/** /**
* Dropbox module for Dokeos * Dropbox module for Chamilo
* Classes for the dropbox module. * Classes for the dropbox module.
* *
* 3 classes are defined: * 3 classes have been defined:
* - Dropbox_Work: * - Dropbox_Work:
* . id * . id
* . uploader_id => who sent it // RH: Mailing: or mailing pseudo_id * . uploader_id => who sent it // RH: Mailing: or mailing pseudo_id
@ -105,23 +105,23 @@ class Dropbox_Work {
$this->title = $title; $this->title = $title;
$this->description = $description; $this->description = $description;
$this->author = api_get_person_name($_user['firstName'], $_user['lastName']); $this->author = api_get_person_name($_user['firstName'], $_user['lastName']);
$this->last_upload_date = date("Y-m-d H:i:s",time()); $this->last_upload_date = date('Y-m-d H:i:s', time());
// Check if object exists already. If it does, the old object is used // Check if object exists already. If it does, the old object is used
// with updated information (authors, descriptio, upload_date) // with updated information (authors, descriptio, upload_date)
$this->isOldWork = FALSE; $this->isOldWork = false;
$sql = "SELECT id, upload_date $sql = "SELECT id, upload_date
FROM ".$dropbox_cnf["tbl_file"]." FROM ".$dropbox_cnf['tbl_file']."
WHERE filename = '".Database::escape_string($this->filename)."'"; WHERE filename = '".Database::escape_string($this->filename)."'";
$result = Database::query($sql); $result = Database::query($sql);
$res = Database::fetch_array($result); $res = Database::fetch_array($result);
if ($res != FALSE) { if ($res != false) {
$this->isOldWork = TRUE; $this->isOldWork = true;
} }
// insert or update the dropbox_file table and set the id property // Insert or update the dropbox_file table and set the id property
if ($this->isOldWork) { if ($this->isOldWork) {
$this->id = $res["id"]; $this->id = $res['id'];
$this->upload_date = $res["upload_date"]; $this->upload_date = $res['upload_date'];
$sql = "UPDATE ".$dropbox_cnf["tbl_file"]." $sql = "UPDATE ".$dropbox_cnf["tbl_file"]."
SET filesize = '".Database::escape_string($this->filesize)."' SET filesize = '".Database::escape_string($this->filesize)."'
, title = '".Database::escape_string($this->title)."' , title = '".Database::escape_string($this->title)."'
@ -132,7 +132,7 @@ class Dropbox_Work {
$result = Database::query($sql); $result = Database::query($sql);
} else { } else {
$this->upload_date = $this->last_upload_date; $this->upload_date = $this->last_upload_date;
$sql="INSERT INTO ".$dropbox_cnf["tbl_file"]." $sql = "INSERT INTO ".$dropbox_cnf['tbl_file']."
(uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, session_id) (uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, session_id)
VALUES ('".Database::escape_string($this->uploader_id)."' VALUES ('".Database::escape_string($this->uploader_id)."'
, '".Database::escape_string($this->filename)."' , '".Database::escape_string($this->filename)."'
@ -149,8 +149,8 @@ class Dropbox_Work {
$this->id = Database::insert_id(); //get automatically inserted id $this->id = Database::insert_id(); //get automatically inserted id
} }
// insert entries into person table // Insert entries into person table
$sql="INSERT INTO ".$dropbox_cnf["tbl_person"]." $sql = "INSERT INTO ".$dropbox_cnf['tbl_person']."
(file_id, user_id) (file_id, user_id)
VALUES ('".Database::escape_string($this->id)."' VALUES ('".Database::escape_string($this->id)."'
, '".Database::escape_string($this->uploader_id)."' , '".Database::escape_string($this->uploader_id)."'
@ -172,15 +172,15 @@ class Dropbox_Work {
// get the data from DB // get the data from DB
$sql = "SELECT uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, cat_id $sql = "SELECT uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, cat_id
FROM ".$dropbox_cnf["tbl_file"]." FROM ".$dropbox_cnf['tbl_file']."
WHERE id='".Database::escape_string($id)."'"; WHERE id='".Database::escape_string($id)."'";
$result = Database::query($sql); $result = Database::query($sql);
$res = Database::fetch_array($result, 'ASSOC'); $res = Database::fetch_array($result, 'ASSOC');
// Check if uploader is still in Dokeos system // Check if uploader is still in Dokeos system
$uploader_id = stripslashes($res["uploader_id"]); $uploader_id = stripslashes($res['uploader_id']);
$uploaderName = getUserNameFromId($uploader_id); $uploaderName = getUserNameFromId($uploader_id);
if ($uploaderName == FALSE) { if (!$uploaderName) {
//deleted user //deleted user
$this->uploader_id = -1; $this->uploader_id = -1;
$this->uploaderName = get_lang('Unknown', ''); $this->uploaderName = get_lang('Unknown', '');
@ -191,19 +191,19 @@ class Dropbox_Work {
// Fill in properties // Fill in properties
$this->id = $id; $this->id = $id;
$this->filename = stripslashes($res["filename"]); $this->filename = stripslashes($res['filename']);
$this->filesize = stripslashes($res["filesize"]); $this->filesize = stripslashes($res['filesize']);
$this->title = stripslashes($res["title"]); $this->title = stripslashes($res['title']);
$this->description = stripslashes($res["description"]); $this->description = stripslashes($res['description']);
$this->author = stripslashes($res["author"]); $this->author = stripslashes($res['author']);
$this->upload_date = stripslashes($res["upload_date"]); $this->upload_date = stripslashes($res['upload_date']);
$this->last_upload_date = stripslashes($res["last_upload_date"]); $this->last_upload_date = stripslashes($res['last_upload_date']);
$this->category = $res['cat_id']; $this->category = $res['cat_id'];
// Getting the feedback on the work. // Getting the feedback on the work.
if ($_GET['action'] == 'viewfeedback' AND $this->id == $_GET['id']) { if ($_GET['action'] == 'viewfeedback' AND $this->id == $_GET['id']) {
$feedback2 = array(); $feedback2 = array();
$sql_feedback = "SELECT * FROM ".$dropbox_cnf["tbl_feedback"]." WHERE file_id='".$id."' ORDER BY feedback_id ASC"; $sql_feedback = "SELECT * FROM ".$dropbox_cnf['tbl_feedback']." WHERE file_id='".$id."' ORDER BY feedback_id ASC";
$result = Database::query($sql_feedback); $result = Database::query($sql_feedback);
while ($row_feedback = Database::fetch_array($result)) { while ($row_feedback = Database::fetch_array($result)) {
$row_feedback['feedback'] = Security::remove_XSS($row_feedback['feedback']); $row_feedback['feedback'] = Security::remove_XSS($row_feedback['feedback']);
@ -214,12 +214,11 @@ class Dropbox_Work {
/* /*
// RH: Feedback // RH: Feedback
$result = Database::query("SELECT feedback_date, feedback, cat_id FROM ". $result = Database::query("SELECT feedback_date, feedback, cat_id FROM ".
dropbox_cnf("tbl_post")." WHERE dest_user_id='".$_user['user_id']. dropbox_cnf('tbl_post')." WHERE dest_user_id='".$_user['user_id'].
"' AND file_id='".$id."'"); "' AND file_id='".$id."'");
if ($res = Database::fetch_array($result)) if ($res = Database::fetch_array($result)) {
{ $this->feedback_date = $res['feedback_date'];
$this->feedback_date = $res["feedback_date"]; $this->feedback = $res['feedback'];
$this->feedback = $res["feedback"];
$this->category = $res['cat_id']; $this->category = $res['cat_id'];
} // do not fail if there is no recipient = current user...*/ } // do not fail if there is no recipient = current user...*/
} }
@ -227,7 +226,7 @@ class Dropbox_Work {
class Dropbox_SentWork extends Dropbox_Work class Dropbox_SentWork extends Dropbox_Work
{ {
public $recipients; //array of ["id"]["name"] arrays public $recipients; //array of ['id']['name'] arrays
/** /**
* Constructor calls private functions to create a new work or retreive an existing work from DB * Constructor calls private functions to create a new work or retreive an existing work from DB
@ -270,11 +269,13 @@ class Dropbox_SentWork extends Dropbox_Work
// The sanity check for ex-coursemembers is already done in base constructor // The sanity check for ex-coursemembers is already done in base constructor
settype($uploader_id, 'integer') or die(get_lang('GeneralError').' (code 208)'); //set $uploader_id to correct type settype($uploader_id, 'integer') or die(get_lang('GeneralError').' (code 208)'); //set $uploader_id to correct type
$justSubmit = FALSE; // RH: mailing zip-file or just upload $justSubmit = false; // RH: mailing zip-file or just upload
if ( is_int($recipient_ids)) { if ( is_int($recipient_ids)) {
$justSubmit = TRUE; $recipient_ids = array($recipient_ids + $this->id); $justSubmit = true;
$recipient_ids = array($recipient_ids + $this->id);
} elseif ( count($recipient_ids) == 0) { // RH: Just Upload } elseif ( count($recipient_ids) == 0) { // RH: Just Upload
$justSubmit = TRUE; $recipient_ids = array($uploader_id); $justSubmit = true;
$recipient_ids = array($uploader_id);
} }
if (! is_array($recipient_ids) || count($recipient_ids) == 0) { if (! is_array($recipient_ids) || count($recipient_ids) == 0) {
die(get_lang('GeneralError').' (code 209)'); die(get_lang('GeneralError').' (code 209)');
@ -283,37 +284,37 @@ class Dropbox_SentWork extends Dropbox_Work
if (empty($rec)) die(get_lang('GeneralError').' (code 210)'); if (empty($rec)) die(get_lang('GeneralError').' (code 210)');
//if (!isCourseMember($rec)) die(); //cannot sent document to someone outside of course //if (!isCourseMember($rec)) die(); //cannot sent document to someone outside of course
//this check is done when validating submitted data //this check is done when validating submitted data
$this->recipients[] = array("id"=>$rec, "name"=>getUserNameFromId($rec)); $this->recipients[] = array('id' => $rec, 'name' => getUserNameFromId($rec));
} }
// insert data in dropbox_post and dropbox_person table for each recipient // Insert data in dropbox_post and dropbox_person table for each recipient
foreach ($this->recipients as $rec) { foreach ($this->recipients as $rec) {
$sql="INSERT INTO ".$dropbox_cnf["tbl_post"]." $sql = "INSERT INTO ".$dropbox_cnf['tbl_post']."
(file_id, dest_user_id, session_id) (file_id, dest_user_id, session_id)
VALUES ('".Database::escape_string($this->id)."', '".Database::escape_string($rec["id"])."', ".intval($_SESSION['id_session']).")"; VALUES ('".Database::escape_string($this->id)."', '".Database::escape_string($rec['id'])."', ".intval($_SESSION['id_session']).")";
$result = Database::query($sql); //if work already exists no error is generated $result = Database::query($sql); //if work already exists no error is generated
//insert entries into person table // Insert entries into person table
$sql="INSERT INTO ".$dropbox_cnf["tbl_person"]." $sql = "INSERT INTO ".$dropbox_cnf['tbl_person']."
(file_id, user_id) (file_id, user_id)
VALUES ('".Database::escape_string($this->id)."' VALUES ('".Database::escape_string($this->id)."'
, '".Database::escape_string($rec["id"])."' , '".Database::escape_string($rec['id'])."'
)"; )";
// RH: do not add recipient in person table if mailing zip or just upload // RH: do not add recipient in person table if mailing zip or just upload
if (!$justSubmit) { if (!$justSubmit) {
$result = Database::query($sql); //if work already exists no error is generated $result = Database::query($sql); //if work already exists no error is generated
} }
//update item_property (previously last_tooledit) table for each recipient // Update item_property (previously last_tooledit) table for each recipient
global $_course, $dropbox_cnf; global $_course, $dropbox_cnf;
if (($ownerid = $this->uploader_id) > $dropbox_cnf["mailingIdBase"]) { if (($ownerid = $this->uploader_id) > $dropbox_cnf['mailingIdBase']) {
$ownerid = getUserOwningThisMailing($ownerid); $ownerid = getUserOwningThisMailing($ownerid);
} }
if (($recipid = $rec["id"]) > $dropbox_cnf["mailingIdBase"]) { if (($recipid = $rec["id"]) > $dropbox_cnf['mailingIdBase']) {
$recipid = $ownerid; // mailing file recipient = mailing id, not a person $recipid = $ownerid; // mailing file recipient = mailing id, not a person
} }
api_item_property_update($_course, TOOL_DROPBOX, $this->id, "DropboxFileAdded", $ownerid, NULL, $recipid) ; api_item_property_update($_course, TOOL_DROPBOX, $this->id, 'DropboxFileAdded', $ownerid, null, $recipid) ;
} }
} }
@ -333,19 +334,19 @@ class Dropbox_SentWork extends Dropbox_Work
// Fill in recipients array/ // Fill in recipients array/
$this->recipients = array(); // RH: Feedback: added to SELECT $this->recipients = array(); // RH: Feedback: added to SELECT
$sql = "SELECT dest_user_id, feedback_date, feedback $sql = "SELECT dest_user_id, feedback_date, feedback
FROM ".$dropbox_cnf["tbl_post"]." FROM ".$dropbox_cnf['tbl_post']."
WHERE file_id='".Database::escape_string($id)."'"; WHERE file_id='".Database::escape_string($id)."'";
$result = Database::query($sql); $result = Database::query($sql);
while ($res = Database::fetch_array($result)) { while ($res = Database::fetch_array($result)) {
// check for deleted users // check for deleted users
$dest_user_id = $res["dest_user_id"]; $dest_user_id = $res['dest_user_id'];
$recipientName = getUserNameFromId($dest_user_id); $recipientName = getUserNameFromId($dest_user_id);
//$this->category = $res['cat_id']; //$this->category = $res['cat_id'];
if ($recipientName == FALSE) { if (!$recipientName) {
$this->recipients[] = array("id"=>-1, "name"=> get_lang('Unknown', '')); $this->recipients[] = array('id' => -1, 'name' => get_lang('Unknown', ''));
} else { } else {
$this->recipients[] = array("id"=>$dest_user_id, "name"=>$recipientName, "user_id"=>$dest_user_id, $this->recipients[] = array('id' => $dest_user_id, 'name' => $recipientName, 'user_id' => $dest_user_id,
"feedback_date"=>$res["feedback_date"], "feedback"=>$res["feedback"]); // RH: Feedback 'feedback_date' => $res['feedback_date'], 'feedback' => $res['feedback']); // RH: Feedback
} }
} }
} }
@ -356,8 +357,8 @@ class Dropbox_Person
public $receivedWork; //array of Dropbox_Work objects public $receivedWork; //array of Dropbox_Work objects
public $sentWork; //array of Dropbox_SentWork objects public $sentWork; //array of Dropbox_SentWork objects
public $userId = 0; public $userId = 0;
public $isCourseAdmin = FALSE; public $isCourseAdmin = false;
public $isCourseTutor = FALSE; public $isCourseTutor = false;
public $_orderBy = ''; //private property that determines by which field public $_orderBy = ''; //private property that determines by which field
//the receivedWork and the sentWork arrays are sorted //the receivedWork and the sentWork arrays are sorted
@ -396,7 +397,7 @@ class Dropbox_Person
$result = Database::query($sql); $result = Database::query($sql);
while ($res = Database::fetch_array($result)) { while ($res = Database::fetch_array($result)) {
$temp = new Dropbox_Work($res["file_id"]); $temp = new Dropbox_Work($res['file_id']);
$temp -> category = $res['cat_id']; $temp -> category = $res['cat_id'];
$this->receivedWork[] = $temp; $this->receivedWork[] = $temp;
} }
@ -412,7 +413,7 @@ class Dropbox_Person
$result = Database::query($sql); $result = Database::query($sql);
while ($res = Database::fetch_array($result)) { while ($res = Database::fetch_array($result)) {
$this->sentWork[] = new Dropbox_SentWork($res["id"]); $this->sentWork[] = new Dropbox_SentWork($res['id']);
} }
} }
@ -476,7 +477,7 @@ class Dropbox_Person
$this->_orderBy = 'last_upload_date'; $this->_orderBy = 'last_upload_date';
} // switch } // switch
usort($this->sentWork, array($this,"_cmpWork")); //this calls the _cmpWork method usort($this->sentWork, array($this, '_cmpWork')); //this calls the _cmpWork method
} }
/** /**
@ -508,7 +509,7 @@ class Dropbox_Person
$this->_orderBy = 'last_upload_date'; $this->_orderBy = 'last_upload_date';
} // switch } // switch
usort($this->receivedWork, array($this,"_cmpWork")); //this calls the _cmpWork method usort($this->receivedWork, array($this, '_cmpWork')); //this calls the _cmpWork method
} }
/** /**
@ -519,7 +520,7 @@ class Dropbox_Person
global $dropbox_cnf; global $dropbox_cnf;
//delete entries in person table concerning received works //delete entries in person table concerning received works
foreach ($this->receivedWork as $w) { foreach ($this->receivedWork as $w) {
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'"); Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
} }
removeUnusedFiles(); //check for unused files removeUnusedFiles(); //check for unused files
@ -532,14 +533,15 @@ class Dropbox_Person
global $dropbox_cnf; global $dropbox_cnf;
$id = intval($id); $id = intval($id);
$sql = "DELETE FROM ".$dropbox_cnf["tbl_file"]." where cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_file']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf["tbl_category"]." where cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_category']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf["tbl_post"]." where cat_id = '".$id."' "; $sql = "DELETE FROM ".$dropbox_cnf['tbl_post']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false; if (!Database::query($sql)) return false;
return true; return true;
} }
/** /**
* Deletes a received dropbox file of this person with id=$id * Deletes a received dropbox file of this person with id=$id
* *
@ -562,7 +564,7 @@ class Dropbox_Person
} }
} }
//delete entries in person table concerning received works //delete entries in person table concerning received works
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$id."'"); Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
removeUnusedFiles(); //check for unused files removeUnusedFiles(); //check for unused files
} }
@ -573,7 +575,7 @@ class Dropbox_Person
global $dropbox_cnf; global $dropbox_cnf;
//delete entries in person table concerning sent works //delete entries in person table concerning sent works
foreach ($this->sentWork as $w) { foreach ($this->sentWork as $w) {
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'"); Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
removeMoreIfMailing($w->id); // RH: Mailing: see init1 removeMoreIfMailing($w->id); // RH: Mailing: see init1
} }
removeUnusedFiles(); //check for unused files removeUnusedFiles(); //check for unused files
@ -603,7 +605,7 @@ class Dropbox_Person
} }
//$file_id = $this->sentWork[$index]->id; // RH: Mailing //$file_id = $this->sentWork[$index]->id; // RH: Mailing
//delete entries in person table concerning sent works //delete entries in person table concerning sent works
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$id."'"); Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
removeMoreIfMailing($id); // RH: Mailing: see init1 removeMoreIfMailing($id); // RH: Mailing: see init1
removeUnusedFiles(); //check for unused files removeUnusedFiles(); //check for unused files
} }
@ -631,22 +633,23 @@ class Dropbox_Person
die(get_lang('GeneralError').' (code 221)'); die(get_lang('GeneralError').' (code 221)');
} }
$feedback_date = date("Y-m-d H:i:s",time()); $feedback_date = date('Y-m-d H:i:s', time());
$this->receivedWork[$wi]->feedback_date = $feedback_date; $this->receivedWork[$wi]->feedback_date = $feedback_date;
$this->receivedWork[$wi]->feedback = $text; $this->receivedWork[$wi]->feedback = $text;
Database::query("UPDATE ".$dropbox_cnf["tbl_post"]." SET feedback_date='". Database::query("UPDATE ".$dropbox_cnf['tbl_post']." SET feedback_date='".
Database::escape_string($feedback_date)."', feedback='".Database::escape_string($text). Database::escape_string($feedback_date)."', feedback='".Database::escape_string($text).
"' WHERE dest_user_id='".$this->userId."' AND file_id='".$id."'"); "' WHERE dest_user_id='".$this->userId."' AND file_id='".$id."'");
//update item_property (previously last_tooledit) table //update item_property (previously last_tooledit) table
if (($ownerid = $this->receivedWork[$wi]->uploader_id) > $dropbox_cnf["mailingIdBase"]) { if (($ownerid = $this->receivedWork[$wi]->uploader_id) > $dropbox_cnf['mailingIdBase']) {
$ownerid = getUserOwningThisMailing($ownerid); $ownerid = getUserOwningThisMailing($ownerid);
} }
api_item_property_update($_course, TOOL_DROPBOX, $this->receivedWork[$wi]->id, "DropboxFileUpdated", $this->userId, NULL, $ownerid) ; api_item_property_update($_course, TOOL_DROPBOX, $this->receivedWork[$wi]->id, 'DropboxFileUpdated', $this->userId, null, $ownerid) ;
} }
/** /**
* Filter the received work * Filter the received work
* @param string $type * @param string $type
@ -660,7 +663,7 @@ class Dropbox_Person
switch ($type) { switch ($type) {
case 'uploader_id': case 'uploader_id':
if ($work->uploader_id == $value || if ($work->uploader_id == $value ||
($work->uploader_id > $dropbox_cnf["mailingIdBase"] && ($work->uploader_id > $dropbox_cnf['mailingIdBase'] &&
getUserOwningThisMailing($work->uploader_id) == $value)) { getUserOwningThisMailing($work->uploader_id) == $value)) {
$new_received_work[] = $work; $new_received_work[] = $work;
} }

48
main/dropbox/dropbox_config.inc.php
Unescape View File

@ -1,17 +1,13 @@
<?php //$id: $ <?php
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /license.txt */
/** /**
* --------------------------------------
* DEBUGGING VARS * DEBUGGING VARS
* --------------------------------------
*/ */
$DEBUG = TRUE; $DEBUG = false;
/** /**
* --------------------------------------
* DATABASE TABLE VARIABLES * DATABASE TABLE VARIABLES
* --------------------------------------
*/ */
$dropbox_cnf['tbl_post'] = Database::get_course_table(TABLE_DROPBOX_POST); $dropbox_cnf['tbl_post'] = Database::get_course_table(TABLE_DROPBOX_POST);
$dropbox_cnf['tbl_file'] = Database::get_course_table(TABLE_DROPBOX_FILE); $dropbox_cnf['tbl_file'] = Database::get_course_table(TABLE_DROPBOX_FILE);
@ -23,33 +19,29 @@ $dropbox_cnf['tbl_category'] = Database::get_course_table(TABLE_DROPBOX_CATEGOR
$dropbox_cnf['tbl_feedback'] = Database::get_course_table(TABLE_DROPBOX_FEEDBACK); $dropbox_cnf['tbl_feedback'] = Database::get_course_table(TABLE_DROPBOX_FEEDBACK);
/** /**
* --------------------------------------
* INITIALISE OTHER VARIABLES & CONSTANTS * INITIALISE OTHER VARIABLES & CONSTANTS
* --------------------------------------
*/ */
$dropbox_cnf["courseId"] = $_cid; $dropbox_cnf['courseId'] = $_cid;
$dropbox_cnf["sysPath"] = api_get_path('SYS_COURSE_PATH') . $_course["path"] . "/dropbox"; //path to dropbox subdir in course containing the uploaded files $dropbox_cnf['sysPath'] = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/dropbox'; //path to dropbox subdir in course containing the uploaded files
$dropbox_cnf["webPath"] = api_get_path('WEB_COURSE_PATH') . $_course["path"] . "/dropbox"; $dropbox_cnf['webPath'] = api_get_path('WEB_COURSE_PATH') . $_course['path'] . '/dropbox';
$dropbox_cnf["maxFilesize"] = api_get_setting("dropbox_max_filesize"); //file size limit as imposed by the platform admin (see Dokeos Config Settings on the platform administration section) $dropbox_cnf['maxFilesize'] = api_get_setting('dropbox_max_filesize'); //file size limit as imposed by the platform admin (see Dokeos Config Settings on the platform administration section)
//$dropbox_cnf["version"] = "1.4"; //$dropbox_cnf['version'] = '1.4';
$dropbox_cnf["allowOverwrite"] = string_2_boolean(api_get_setting("dropbox_allow_overwrite")); $dropbox_cnf['allowOverwrite'] = string_2_boolean(api_get_setting('dropbox_allow_overwrite'));
$dropbox_cnf["allowJustUpload"] = string_2_boolean(api_get_setting("dropbox_allow_just_upload")); $dropbox_cnf['allowJustUpload'] = string_2_boolean(api_get_setting('dropbox_allow_just_upload'));
$dropbox_cnf["allowStudentToStudent"] = string_2_boolean(api_get_setting("dropbox_allow_student_to_student")); $dropbox_cnf['allowStudentToStudent'] = string_2_boolean(api_get_setting('dropbox_allow_student_to_student'));
$dropbox_cnf["allowGroup"] = string_2_boolean(api_get_setting("dropbox_allow_group")); $dropbox_cnf['allowGroup'] = string_2_boolean(api_get_setting('dropbox_allow_group'));
/** /**
* --------------------------------------
* RH: INITIALISE MAILING VARIABLES * RH: INITIALISE MAILING VARIABLES
* --------------------------------------
*/ */
$dropbox_cnf["allowMailing"] = string_2_boolean(api_get_setting("dropbox_allow_mailing")); // false = no mailing functionality $dropbox_cnf['allowMailing'] = string_2_boolean(api_get_setting('dropbox_allow_mailing')); // false = no mailing functionality
$dropbox_cnf["mailingIdBase"] = 10000000; // bigger than any user_id, $dropbox_cnf['mailingIdBase'] = 10000000; // bigger than any user_id,
// allowing enough space for pseudo_ids as uploader_id, dest_user_id, user_id: // allowing enough space for pseudo_ids as uploader_id, dest_user_id, user_id:
// mailing pseudo_id = dropbox_cnf("mailingIdBase") + mailing id // mailing pseudo_id = dropbox_cnf('mailingIdBase') + mailing id
$dropbox_cnf["mailingZipRegexp"] = '/^(.*)(STUDENTID|USERID|LOGINNAME)(.*)\.ZIP$/i'; $dropbox_cnf['mailingZipRegexp'] = '/^(.*)(STUDENTID|USERID|LOGINNAME)(.*)\.ZIP$/i';
$dropbox_cnf["mailingWhereSTUDENTID"] = "official_code"; $dropbox_cnf['mailingWhereSTUDENTID'] = 'official_code';
$dropbox_cnf["mailingWhereUSERID"] = "username"; $dropbox_cnf['mailingWhereUSERID'] = 'username';
$dropbox_cnf["mailingWhereLOGINNAME"] = "username"; $dropbox_cnf['mailingWhereLOGINNAME'] = 'username';
$dropbox_cnf["mailingFileRegexp"] = '/^(.+)\.\w{1,4}$/'; $dropbox_cnf['mailingFileRegexp'] = '/^(.+)\.\w{1,4}$/';
$dropbox_cnf['sent_received_tabs'] = true; $dropbox_cnf['sent_received_tabs'] = true;

222
main/dropbox/dropbox_download.php
Unescape View File

@ -1,14 +1,12 @@
<?php //$id: $ <?php
/* For licensing terms, see /license.txt */ /* For licensing terms, see /license.txt */
/* /*
==============================================================================
INIT SECTION INIT SECTION
==============================================================================
*/ */
// we cannot use dropbox_init.inc.php because this one already outputs data. // We cannot use dropbox_init.inc.php because this one already outputs data.
//name of langfile
// name of the language file that needs to be included $language_file = 'dropbox';
$language_file = "dropbox";
// including the basic Dokeos initialisation file // including the basic Dokeos initialisation file
require_once '../inc/global.inc.php'; require_once '../inc/global.inc.php';
@ -22,35 +20,29 @@ require_once 'dropbox_functions.inc.php';
// the dropbox class // the dropbox class
require_once 'dropbox_class.inc.php'; require_once 'dropbox_class.inc.php';
//
require_once api_get_path(LIBRARY_PATH).'/document.lib.php'; require_once api_get_path(LIBRARY_PATH).'/document.lib.php';
/* /*
==============================================================================
DOWNLOAD A FOLDER DOWNLOAD A FOLDER
==============================================================================
*/ */
if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=='downloadcategory' AND isset($_GET['sent_received']) ) if (isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action'] == 'downloadcategory' AND isset($_GET['sent_received'])) {
{
// step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table // step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table
// dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored // dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored
// in dropbox_person (which stores the link file-person) // in dropbox_person (which stores the link file-person)
// Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a // Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a
// received category) // received category)
if ($_GET['sent_received']=='sent') if ($_GET['sent_received'] == 'sent') {
{
// here we also incorporate the person table to make sure that deleted sent documents are not included. // here we also incorporate the person table to make sure that deleted sent documents are not included.
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf["tbl_file"]." file, ".$dropbox_cnf["tbl_person"]." person $sql = "SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf['tbl_file']." file, ".$dropbox_cnf['tbl_person']." person
WHERE file.uploader_id='".Database::escape_string($_user['user_id'])."' WHERE file.uploader_id='".Database::escape_string($_user['user_id'])."'
AND file.cat_id='".Database::escape_string($_GET['cat_id'])."' AND file.cat_id='".Database::escape_string($_GET['cat_id'])."'
AND person.user_id='".Database::escape_string($_user['user_id'])."' AND person.user_id='".Database::escape_string($_user['user_id'])."'
AND person.file_id=file.id AND person.file_id=file.id
" ; " ;
} }
if ($_GET['sent_received']=='received') if ($_GET['sent_received'] == 'received') {
{ $sql = "SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf['tbl_file']." file, ".$dropbox_cnf['tbl_person']." person, ".$dropbox_cnf['tbl_post']." post
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf["tbl_file"]." file, ".$dropbox_cnf["tbl_person"]." person, ".$dropbox_cnf["tbl_post"]." post
WHERE post.cat_id='".Database::escape_string($_GET['cat_id'])."' WHERE post.cat_id='".Database::escape_string($_GET['cat_id'])."'
AND person.user_id='".Database::escape_string($_user['user_id'])."' AND person.user_id='".Database::escape_string($_user['user_id'])."'
AND person.file_id=file.id AND person.file_id=file.id
@ -58,13 +50,11 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
" ; " ;
} }
$result = Database::query($sql); $result = Database::query($sql);
while ($row=Database::fetch_array($result)) while ($row = Database::fetch_array($result)) {
{
$files_to_download[] = $row['id']; $files_to_download[] = $row['id'];
} }
if (!is_array($files_to_download) OR empty($files_to_download)) if (!is_array($files_to_download) OR empty($files_to_download)) {
{ header('location: index.php?view='.Security::remove_XSS($_GET['sent_received']).'&error=ErrorNoFilesInFolder');
header ("location: index.php?view=".Security::remove_XSS($_GET['sent_received'])."&error=ErrorNoFilesInFolder");
exit; exit;
} }
zip_download($files_to_download); zip_download($files_to_download);
@ -72,21 +62,15 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
} }
/* /*
==============================================================================
DOWNLOAD A FILE DOWNLOAD A FILE
==============================================================================
*/ */
/* /*
------------------------------------------------------------------------------
AUTHORIZATION AUTHORIZATION
------------------------------------------------------------------------------
*/ */
// Check if the id makes sense // Check if the id makes sense
if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id'])) if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
{ Display::display_header($nameTools, 'Dropbox');
Display::display_header($nameTools,"Dropbox");
Display :: display_error_message(get_lang('Error')); Display :: display_error_message(get_lang('Error'));
Display::display_footer(); Display::display_footer();
exit; exit;
@ -96,58 +80,46 @@ if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id']))
$allowed_to_download = false; $allowed_to_download = false;
// Check if the user has sent or received the file. // Check if the user has sent or received the file.
$sql="SELECT * FROM ".$dropbox_cnf["tbl_person"]." WHERE file_id='".Database::escape_string($_GET['id'])."' AND user_id='".Database::escape_string($_user['user_id'])."'"; $sql = "SELECT * FROM ".$dropbox_cnf['tbl_person']." WHERE file_id='".Database::escape_string($_GET['id'])."' AND user_id='".Database::escape_string($_user['user_id'])."'";
$result = Database::query($sql); $result = Database::query($sql);
if (Database::num_rows($result)>0) if (Database::num_rows($result) > 0) {
{
$allowed_to_download = true; $allowed_to_download = true;
} }
/* /*
------------------------------------------------------------------------------
ERROR IF NOT ALLOWED TO DOWNLOAD ERROR IF NOT ALLOWED TO DOWNLOAD
------------------------------------------------------------------------------
*/ */
if (!$allowed_to_download) if (!$allowed_to_download) {
{ Display::display_header($nameTools, 'Dropbox');
Display::display_header($nameTools,"Dropbox");
Display :: display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile')); Display :: display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile'));
Display::display_footer(); Display::display_footer();
exit; exit;
} }
/* /*
------------------------------------------------------------------------------
DOWNLOAD THE FILE DOWNLOAD THE FILE
------------------------------------------------------------------------------
*/ */
// the user is allowed to download the file // the user is allowed to download the file
else else {
{
$_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][] = intval($_GET['id']); $_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][] = intval($_GET['id']);
$work = new Dropbox_work($_GET['id']); $work = new Dropbox_work($_GET['id']);
$path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server $path = dropbox_cnf('sysPath') . '/' . $work -> filename; //path to file as stored on server
$file = $work->title; $file = $work->title;
require_once api_get_path(LIBRARY_PATH) . '/document.lib.php'; require_once api_get_path(LIBRARY_PATH) . '/document.lib.php';
$mimetype = DocumentManager::file_get_mime_type(TRUE); $mimetype = DocumentManager::file_get_mime_type(true);
$fileparts = explode('.', $file); $fileparts = explode('.', $file);
$filepartscount = count($fileparts); $filepartscount = count($fileparts);
if ( ( $filepartscount > 1) && isset( $mimetype[$fileparts [$filepartscount - 1]]) && $_GET['action']<>'download') if (($filepartscount > 1) && isset($mimetype[$fileparts[$filepartscount - 1]]) && $_GET['action'] != 'download') {
{
// give hint to browser about filetype // give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n"); header( 'Content-type: ' . $mimetype[$fileparts[$filepartscount - 1]] . "\n");
} } else {
else
{
//no information about filetype: force a download dialog window in browser //no information about filetype: force a download dialog window in browser
header( "Content-type: application/octet-stream\n"); header( "Content-type: application/octet-stream\n");
} }
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc','xls','ppt','pps','sxw','sxc','sxi'))) if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc', 'xls', 'ppt', 'pps', 'sxw', 'sxc', 'sxi'))) {
{
header('Content-Disposition: inline; filename='.$file); // bugs with open office header('Content-Disposition: inline; filename='.$file); // bugs with open office
} } else {
else
{
header('Content-Disposition: attachment; filename='.$file); header('Content-Disposition: attachment; filename='.$file);
} }
@ -164,13 +136,12 @@ else
header("Cache-Control: public\n"); // IE cannot download from sessions without a cache header("Cache-Control: public\n"); // IE cannot download from sessions without a cache
/*if ( isset( $_SERVER["HTTPS"])) /*if (isset($_SERVER['HTTPS'])) {
{
/** /**
* We need to set the following headers to make downloads work using IE in HTTPS mode. * We need to set the following headers to make downloads work using IE in HTTPS mode.
* *
//header( "Pragma: "); //header('Pragma: ');
//header( "Cache-Control: "); //header('Cache-Control: ');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n");
header("Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n"); header("Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n");
header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1 header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
@ -179,30 +150,19 @@ else
header( "Content-Description: " . trim( htmlentities( $file)) . "\n"); header('Content-Description: ' . trim(htmlentities($file)) . "\n");
header("Content-Transfer-Encoding: binary\n"); header("Content-Transfer-Encoding: binary\n");
header("Content-Length: " . filesize($path)."\n" ); header("Content-Length: " . filesize($path)."\n" );
$fp = fopen( $path, "rb"); $fp = fopen( $path, 'rb');
fpassthru($fp); fpassthru($fp);
exit(); exit();
} }
/** /**
============================================================================== * Dropbox module for Chamilo
* Dropbox module for Claroline
* handles downloads of files. Direct downloading is prevented because of an .htaccess file in the * handles downloads of files. Direct downloading is prevented because of an .htaccess file in the
* dropbox directory. So everything goes through this script. * dropbox directory. So everything goes through this script.
* *
@ -218,67 +178,67 @@ else
* After searching the only explanation I could find is a problem with the headers: * After searching the only explanation I could find is a problem with the headers:
* *
* HEADERS SENT WITH PHP4.3: * HEADERS SENT WITH PHP4.3:
* HTTP/1.1<EFBFBD>200<EFBFBD>OK(CR) * HTTP/1.1 200 OK(CR)
* (LF) * (LF)
* Date:<EFBFBD>Fri,<EFBFBD>12<EFBFBD>Sep<EFBFBD>2003<EFBFBD>19:07:33<EFBFBD>GMT(CR) * Date: Fri, 12 Sep 2003 19:07:33 GMT(CR)
* (LF) * (LF)
* Server:<EFBFBD>Apache/2.0.47<EFBFBD>(Win32)<EFBFBD>PHP/4.3.3(CR) * Server: Apache/2.0.47 (Win32) PHP/4.3.3(CR)
* (LF) * (LF)
* X-Powered-By:<EFBFBD>PHP/4.3.3(CR) * X-Powered-By: PHP/4.3.3(CR)
* (LF) * (LF)
* Set-Cookie:<EFBFBD>PHPSESSID=06880edcc8363be3f60929576fc1bc6e;<EFBFBD>path=/(CR) * Set-Cookie: PHPSESSID=06880edcc8363be3f60929576fc1bc6e; path=/(CR)
* (LF) * (LF)
* Expires:<EFBFBD>Thu,<EFBFBD>19<EFBFBD>Nov<EFBFBD>1981<EFBFBD>08:52:00<EFBFBD>GMT(CR) * Expires: Thu, 19 Nov 1981 08:52:00 GMT(CR)
* (LF) * (LF)
* Cache-Control:<EFBFBD>public(CR) * Cache-Control: public(CR)
* (LF) * (LF)
* Pragma:<EFBFBD>(CR) * Pragma: (CR)
* (LF) * (LF)
* Content-Transfer-Encoding:<EFBFBD>binary(CR) * Content-Transfer-Encoding: binary(CR)
* (LF) * (LF)
* Content-Disposition:<EFBFBD>attachment;<EFBFBD>filename=SV-262E4.png(CR) * Content-Disposition: attachment; filename=SV-262E4.png(CR)
* (LF) * (LF)
* Content-Length:<EFBFBD>92178(CR) * Content-Length: 92178(CR)
* (LF) * (LF)
* Connection:<EFBFBD>close(CR) * Connection: close(CR)
* (LF) * (LF)
* Content-Type:<EFBFBD>application/octet-stream(CR) * Content-Type: application/octet-stream(CR)
* (LF) * (LF)
* (CR) * (CR)
* (LF) * (LF)
* *
* HEADERS SENT WITH PHP4.0.4: * HEADERS SENT WITH PHP4.0.4:
* HTTP/1.1<EFBFBD>200<EFBFBD>OK(CR) * HTTP/1.1 200 OK(CR)
* (LF) * (LF)
* Date:<EFBFBD>Fri,<EFBFBD>12<EFBFBD>Sep<EFBFBD>2003<EFBFBD>18:28:21<EFBFBD>GMT(CR) * Date: Fri, 12 Sep 2003 18:28:21 GMT(CR)
* (LF) * (LF)
* Server:<EFBFBD>Apache/2.0.47<EFBFBD>(Win32)(CR) * Server: Apache/2.0.47 (Win32)(CR)
* (LF) * (LF)
* X-Powered-By:<EFBFBD>PHP/4.0.4(CR) * X-Powered-By: PHP/4.0.4(CR)
* (LF) * (LF)
* Expires:<EFBFBD>Thu,<EFBFBD>19<EFBFBD>Nov<EFBFBD>1981<EFBFBD>08:52:00<EFBFBD>GMT(CR) * Expires: Thu, 19 Nov 1981 08:52:00 GMT(CR)
* (LF) * (LF)
* Cache-Control:<EFBFBD>no-store,<EFBFBD>no-cache,<EFBFBD>must-revalidate,<EFBFBD>post-check=0,<EFBFBD>pre-check=0,<EFBFBD>,<EFBFBD>public(CR) * Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, , public(CR)
* (LF) * (LF)
* Pragma:<EFBFBD>no-cache,<EFBFBD>(CR) * Pragma: no-cache, (CR)
* (LF) * (LF)
* Content-Disposition:<EFBFBD>attachment;<EFBFBD>filename=SV-262E4.png(CR) * Content-Disposition: attachment; filename=SV-262E4.png(CR)
* (LF) * (LF)
* Content-Transfer-Encoding:<EFBFBD>binary(CR) * Content-Transfer-Encoding: binary(CR)
* (LF) * (LF)
* Set-Cookie:<EFBFBD>PHPSESSID=0a5b1c1b9d5e3b474fef359ee55e82d0;<EFBFBD>path=/(CR) * Set-Cookie: PHPSESSID=0a5b1c1b9d5e3b474fef359ee55e82d0; path=/(CR)
* (LF) * (LF)
* Content-Length:<EFBFBD>92178(CR) * Content-Length: 92178(CR)
* (LF) * (LF)
* Connection:<EFBFBD>close(CR) * Connection: close(CR)
* (LF) * (LF)
* Content-Type:<EFBFBD>application/octet-stream(CR) * Content-Type: application/octet-stream(CR)
* (LF) * (LF)
* (CR) * (CR)
* (LF) * (LF)
* *
* As you can see the there is a difference in the Cache-Control directive. I suspect that this * As you can see the there is a difference in the Cache-Control directive. I suspect that this
* explains the problem. Also take a look at http://bugs.php.net/bug.php?id=16458. * explains the problem. Also have a look at http://bugs.php.net/bug.php?id=16458.
* *
* @version 1.21 * @version 1.21
* @copyright 2004-2005 * @copyright 2004-2005
@ -286,26 +246,20 @@ else
* @author René Haentjens <rene.haentjens@UGent.be>, several contributions (see RH) * @author René Haentjens <rene.haentjens@UGent.be>, several contributions (see RH)
* @author Roan Embrechts, virtual course support * @author Roan Embrechts, virtual course support
* *
* @package dokeos.dropbox * @package chamilo.dropbox
==============================================================================
*/ */
/* /*
==============================================================================
INITIALISING VARIABLES INITIALISING VARIABLES
==============================================================================
*/ */
require_once( "dropbox_init.inc.php"); //only call init1 because init2 outputs data require_once 'dropbox_init.inc.php'; //only call init1 because init2 outputs data
require_once( "dropbox_class.inc.php"); require_once 'dropbox_class.inc.php';
/* /*
==============================================================================
AUTHORISATION SECTION AUTHORISATION SECTION
==============================================================================
*/ */
if ( !isset( $_user['user_id']) || !$is_course_member ) if (!isset($_user['user_id']) || !$is_course_member) {
{
exit(); exit();
} }
@ -313,52 +267,41 @@ if ($_GET['mailing']) // RH: Mailing detail window call
getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '500'); // RH or die getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '500'); // RH or die
/* /*
==============================================================================
SANITY CHECKS OF GET DATA & FILE SANITY CHECKS OF GET DATA & FILE
==============================================================================
*/ */
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) die(get_lang('GeneralError').' (code 501)'); if (!isset($_GET['id']) || !is_numeric($_GET['id'])) die(get_lang('GeneralError').' (code 501)');
$work = new Dropbox_work($_GET['id']); $work = new Dropbox_work($_GET['id']);
$path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server $path = dropbox_cnf('sysPath') . '/' . $work -> filename; //path to file as stored on server
$file = $work->title; $file = $work->title;
// check that this file exists and that it doesn't include any special characters // check that this file exists and that it doesn't include any special characters
//if (!is_file($path) || ! eregi('^[A-Z0-9_\-][A-Z0-9._\-]*$', $file)) //if (!is_file($path) || ! eregi('^[A-Z0-9_\-][A-Z0-9._\-]*$', $file))
if ( !is_file( $path)) if (!is_file($path)) {
{
die(get_lang('GeneralError').' (code 504)'); die(get_lang('GeneralError').' (code 504)');
} }
/* /*
==============================================================================
SEND HEADERS SEND HEADERS
==============================================================================
*/ */
require_once api_get_path(LIBRARY_PATH) . '/document.lib.php'; require_once api_get_path(LIBRARY_PATH) . '/document.lib.php';
$mimetype = DocumentManager::file_get_mime_type(TRUE); $mimetype = DocumentManager::file_get_mime_type(true);
$fileparts = explode('.', $file); $fileparts = explode('.', $file);
$filepartscount = count($fileparts); $filepartscount = count($fileparts);
if ( ( $filepartscount > 1) && isset( $mimetype[$fileparts [$filepartscount - 1]])) if (($filepartscount > 1) && isset($mimetype[$fileparts[$filepartscount - 1]])) {
{
// give hint to browser about filetype // give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n"); header('Content-type: ' . $mimetype[$fileparts[$filepartscount - 1]] . "\n");
} } else {
else
{
//no information about filetype: force a download dialog window in browser //no information about filetype: force a download dialog window in browser
header("Content-type: application/octet-stream\n"); header("Content-type: application/octet-stream\n");
} }
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc','xls','ppt','pps','sxw','sxc','sxi'))) if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc', 'xls', 'ppt', 'pps', 'sxw', 'sxc', 'sxi'))) {
{
header('Content-Disposition: inline; filename='.$file); // bugs with open office header('Content-Disposition: inline; filename='.$file); // bugs with open office
} } else {
else
{
header('Content-Disposition: attachment; filename='.$file); header('Content-Disposition: attachment; filename='.$file);
} }
@ -375,31 +318,27 @@ header( "Cache-Control: \n");
header( "Cache-Control: public\n"); // IE cannot download from sessions without a cache header( "Cache-Control: public\n"); // IE cannot download from sessions without a cache
/*if ( isset( $_SERVER["HTTPS"])) /*if (isset($_SERVER['HTTPS'])) {
{
/** /**
* We need to set the following headers to make downloads work using IE in HTTPS mode. * We need to set the following headers to make downloads work using IE in HTTPS mode.
* *
//header( "Pragma: "); //header('Pragma: ');
//header( "Cache-Control: "); //header('Cache-Control: ');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n");
header( "Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n"); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . " GMT\n");
header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1 header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
header("Cache-Control: post-check=0, pre-check=0\n", false); header("Cache-Control: post-check=0, pre-check=0\n", false);
}*/ }*/
header('Content-Description: ' . trim(htmlentities($file)) . "\n");
header( "Content-Description: " . trim( htmlentities( $file)) . "\n");
header("Content-Transfer-Encoding: binary\n"); header("Content-Transfer-Encoding: binary\n");
header( "Content-Length: " . filesize( $path)."\n" ); header('Content-Length: ' . filesize($path)."\n" );
/* /*
==============================================================================
SEND FILE SEND FILE
==============================================================================
*/ */
$fp = fopen( $path, "rb"); $fp = fopen( $path, 'rb');
fpassthru($fp); fpassthru($fp);
exit(); exit();
@ -409,4 +348,3 @@ exit( );
* Solution: Make sure your download script/section is off in its own directory. and add the following to your .htaccess file for that directory: * Solution: Make sure your download script/section is off in its own directory. and add the following to your .htaccess file for that directory:
* php_flag zlib.output_compression off * php_flag zlib.output_compression off
*/ */
?>

648
main/dropbox/dropbox_functions.inc.php
View File

File diff suppressed because it is too large Load Diff

145
main/dropbox/dropbox_init.inc.php
Unescape View File

@ -1,8 +1,7 @@
<?php //$id: $ <?php
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /license.txt */
/** /**
==============================================================================
* First initialisation file with initialisation of variables and * First initialisation file with initialisation of variables and
* without outputting anything to browser. * without outputting anything to browser.
* 1. Calls global.inc.php and lang file * 1. Calls global.inc.php and lang file
@ -15,75 +14,67 @@
* @author René Haentjens, severalcontributions <rene.haentjens@UGent.be> (see RH) * @author René Haentjens, severalcontributions <rene.haentjens@UGent.be> (see RH)
* @author Roan Embrechts, virtual course support * @author Roan Embrechts, virtual course support
* @author Patrick Cool <patrick.cool@UGent.be> * @author Patrick Cool <patrick.cool@UGent.be>
Dokeos Config Settings (AWACS) Chamilo Config Settings (AWACS)
Refactoring Refactoring
tool introduction tool introduction
folders folders
download file / folder (download icon) download file / folder (download icon)
same action on multiple documents same action on multiple documents
extended feedback extended feedback
* @package dokeos.dropbox * @package chamilo.dropbox
==============================================================================
*/ */
/* /*
==============================================================================
INIT SECTION INIT SECTION
==============================================================================
*/ */
// name of the language file that needs to be included
$language_file = "dropbox";
//this var disables the link in the breadcrumbs on top of the page $language_file = 'dropbox';
//$noPHP_SELF = TRUE;
// including the basic Dokeos initialisation file // This var disables the link in the breadcrumbs on top of the page
require("../inc/global.inc.php"); //$noPHP_SELF = true;
require_once(api_get_path(LIBRARY_PATH) . "security.lib.php");
// including the basic Chamilo initialisation file
require '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH) . 'security.lib.php';
// the dropbox configuration parameters // the dropbox configuration parameters
require_once('dropbox_config.inc.php'); require_once 'dropbox_config.inc.php';
// the dropbox sanity files (adds a new table and some new fields) // the dropbox sanity files (adds a new table and some new fields)
//require_once('dropbox_sanity.inc.php'); //require_once 'dropbox_sanity.inc.php';
// the dropbox file that contains additional functions // the dropbox file that contains additional functions
require_once('dropbox_functions.inc.php'); require_once 'dropbox_functions.inc.php';
include_once(api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php'); require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
include_once(api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php'); require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
// protecting the script // protecting the script
api_protect_course_script(); api_protect_course_script();
/* /*
-----------------------------------------------------------
Libraries Libraries
-----------------------------------------------------------
*/ */
require_once(api_get_path(LIBRARY_PATH)."/debug.lib.inc.php"); require_once api_get_path(LIBRARY_PATH) . 'debug.lib.inc.php';
require_once(api_get_path(LIBRARY_PATH) . "/course.lib.php"); require_once api_get_path(LIBRARY_PATH) . 'course.lib.php';
require_once(api_get_path(LIBRARY_PATH) . "/groupmanager.lib.php"); require_once api_get_path(LIBRARY_PATH) . 'groupmanager.lib.php';
// including the library for the sortable table // including the library for the sortable table
require_once(api_get_path(LIBRARY_PATH).'/tablesort.lib.php'); require_once api_get_path(LIBRARY_PATH) . 'tablesort.lib.php';
// including the library for the dropbox // including the library for the dropbox
require_once( "dropbox_class.inc.php"); require_once 'dropbox_class.inc.php';
// including some libraries that are also used in the documents tool // including some libraries that are also used in the documents tool
require_once('../document/document.inc.php'); // we use a function build_document_icon_tag require_once api_get_path(SYS_CODE_PATH) . 'document/document.inc.php'; // we use a function build_document_icon_tag
require_once(api_get_path(LIBRARY_PATH).'/fileDisplay.lib.php'); // the function choose_image is used require_once api_get_path(LIBRARY_PATH) . 'fileDisplay.lib.php'; // the function choose_image is used
require_once(api_get_path(LIBRARY_PATH).'/document.lib.php'); require_once api_get_path(LIBRARY_PATH) . 'document.lib.php';
/* /*
-----------------------------------------------------------
Virtual course support Virtual course support
-----------------------------------------------------------
*/ */
$user_id = api_get_user_id(); $user_id = api_get_user_id();
$course_code = $_course['sysCode']; $course_code = $_course['sysCode'];
@ -94,24 +85,19 @@ $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($
/* /*
-----------------------------------------------------------
Object Initialisation Object Initialisation
-----------------------------------------------------------
*/ */
// we need this here because the javascript to re-upload the file needs an array // we need this here because the javascript to re-upload the file needs an array
// off all the documents that have already been sent. // off all the documents that have already been sent.
// @todo consider moving the javascripts in a function that displays the javascripts // @todo consider moving the javascripts in a function that displays the javascripts
// only when it is needed. // only when it is needed.
if ($_GET['action']=='add') if ($_GET['action'] == 'add') {
{
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
} }
/* /*
-----------------------------------------------------------
create javascript and htmlHeaders create javascript and htmlHeaders
// RH: Mailing: new function confirmsend // RH: Mailing: new function confirmsend
-----------------------------------------------------------
*/ */
$javascript = "<script type=\"text/javascript\"> $javascript = "<script type=\"text/javascript\">
@ -149,16 +135,13 @@ $javascript = "<script type=\"text/javascript\">
} }
"; ";
if (dropbox_cnf("allowOverwrite")) if (dropbox_cnf('allowOverwrite')) {
{
$javascript .= " $javascript .= "
var sentArray = new Array("; //sentArray keeps list of all files still available in the sent files list var sentArray = new Array("; //sentArray keeps list of all files still available in the sent files list
//of the user. //of the user.
//This is used to show or hide the overwrite file-radio button of the upload form //This is used to show or hide the overwrite file-radio button of the upload form
for($i=0; $i<count($dropbox_person->sentWork); $i++) for ($i = 0; $i < count($dropbox_person->sentWork); $i++) {
{ if ($i > 0) {
if ($i > 0)
{
$javascript .= ", "; $javascript .= ", ";
} }
$javascript .= "'".$dropbox_person->sentWork[$i]->title."'"; $javascript .= "'".$dropbox_person->sentWork[$i]->title."'";
@ -231,45 +214,31 @@ $htmlHeadXtra[] = '<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="pragma" content="no-cache"> <meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">'; <meta http-equiv="expires" content="-1">';
$checked_files = false; $checked_files = false;
if (!$_GET['view'] OR $_GET['view']=='received') if (!$_GET['view'] OR $_GET['view'] == 'received') {
{
$part = 'received'; $part = 'received';
} } elseif ($_GET['view'] = 'sent') {
elseif ($_GET['view']='sent')
{
$part = 'sent'; $part = 'sent';
} } else {
else
{
header ('location: index.php?view='.$_GET['view'].'&error=Error'); header ('location: index.php?view='.$_GET['view'].'&error=Error');
} }
if (($_POST['action']=='download_received' || $_POST['action']=='download_sent') and !$_POST['store_feedback'])
{ if (($_POST['action'] == 'download_received' || $_POST['action'] == 'download_sent') and !$_POST['store_feedback']) {
{
$checked_file_ids = $_POST['id']; $checked_file_ids = $_POST['id'];
if (!is_array($checked_file_ids) || count($checked_file_ids)==0) if (!is_array($checked_file_ids) || count($checked_file_ids) == 0) {
{
header ('location: index.php?view='.$_GET['view'].'&error=CheckAtLeastOneFile'); header ('location: index.php?view='.$_GET['view'].'&error=CheckAtLeastOneFile');
exit; } else {
}
else
handle_multiple_actions(); handle_multiple_actions();
exit;
} }
exit;
} }
/* /*
* ========================================
* AUTHORISATION SECTION * AUTHORISATION SECTION
* ========================================
* Prevents access of all users that are not course members * Prevents access of all users that are not course members
*/ */
if ((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(null, true)) { if ((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(null, true)) {
if ($origin != 'learnpath') { if ($origin != 'learnpath') {
api_not_allowed(true);//print headers/footers api_not_allowed(true);//print headers/footers
} else { } else {
@ -279,54 +248,42 @@ if((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(nul
} }
/* /*
==============================================================================
BREADCRUMBS BREADCRUMBS
==============================================================================
*/ */
if ($_GET['view']=='received') if ($_GET['view'] == 'received') {
{ $interbreadcrumb[] = array('url' => '../dropbox/index.php', 'name' => get_lang('Dropbox', ''));
$interbreadcrumb[] = array ("url" => "../dropbox/index.php", "name" => get_lang('Dropbox', ''));
$nameTools = get_lang('ReceivedFiles'); $nameTools = get_lang('ReceivedFiles');
if ($_GET['action'] == 'addreceivedcategory') if ($_GET['action'] == 'addreceivedcategory') {
{ $interbreadcrumb[] = array('url' => '../dropbox/index.php?view=received', 'name' => get_lang('ReceivedFiles'));
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=received", "name" => get_lang("ReceivedFiles"));
$nameTools = get_lang('AddNewCategory'); $nameTools = get_lang('AddNewCategory');
} }
} }
if ($_GET['view']=='sent' OR empty($_GET['view']))
{ if ($_GET['view'] == 'sent' OR empty($_GET['view'])) {
$interbreadcrumb[] = array ("url" => "../dropbox/index.php", "name" => get_lang('Dropbox', '')); $interbreadcrumb[] = array('url' => '../dropbox/index.php', 'name' => get_lang('Dropbox', ''));
$nameTools = get_lang('SentFiles'); $nameTools = get_lang('SentFiles');
if ($_GET['action'] == 'addsentcategory') if ($_GET['action'] == 'addsentcategory') {
{ $interbreadcrumb[] = array('url' => '../dropbox/index.php?view=sent', 'name' => get_lang('SentFiles'));
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=sent", "name" => get_lang("SentFiles"));
$nameTools = get_lang('AddNewCategory'); $nameTools = get_lang('AddNewCategory');
} }
if ($_GET['action'] == 'add') if ($_GET['action'] == 'add') {
{ $interbreadcrumb[] = array ('url' => '../dropbox/index.php?view=sent', 'name' => get_lang('SentFiles'));
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=sent", "name" => get_lang("SentFiles"));
$nameTools = get_lang('UploadNewFile'); $nameTools = get_lang('UploadNewFile');
} }
} }
/* /*
==============================================================================
HEADER & TITLE HEADER & TITLE
==============================================================================
*/ */
if ($origin != 'learnpath') if ($origin != 'learnpath') {
{ Display::display_header($nameTools, 'Dropbox');
Display::display_header($nameTools,"Dropbox"); } else { // if we come from the learning path we have to include the stylesheet and the required javascripts manually.
}
else // if we come from the learning path we have to include the stylesheet and the required javascripts manually.
{
echo '<link rel="stylesheet" type="text/css" href="', api_get_path(WEB_CODE_PATH), 'css/default.css">'; echo '<link rel="stylesheet" type="text/css" href="', api_get_path(WEB_CODE_PATH), 'css/default.css">';
echo $javascript; echo $javascript;
} }
// api_display_tool_title($nameTools); // api_display_tool_title($nameTools);
?>

552
main/dropbox/dropbox_submit.php
Unescape View File

@ -1,226 +1,170 @@
<?php //$id: $ <?php
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /license.txt */
/* /*
* ========================================
* PREVENT RESUBMITING * PREVENT RESUBMITING
* ========================================
* This part checks if the $dropbox_unid var has the same ID * This part checks if the $dropbox_unid var has the same ID
* as the session var $dropbox_uniqueid that was registered as a session * as the session var $dropbox_uniqueid that was registered as a session
* var before. * var before.
* The resubmit prevention only works with GET requests, because it gives some annoying * The resubmit prevention only works with GET requests, because it gives some annoying
* behaviours with POST requests. * behaviours with POST requests.
*/ */
/* /*
if (isset($_POST["dropbox_unid"])) { if (isset($_POST['dropbox_unid'])) {
$dropbox_unid = $_POST["dropbox_unid"]; $dropbox_unid = $_POST['dropbox_unid'];
} elseif (isset($_GET["dropbox_unid"])) } elseif (isset($_GET['dropbox_unid'])) {
{ $dropbox_unid = $_GET['dropbox_unid'];
$dropbox_unid = $_GET["dropbox_unid"];
} else { } else {
die(get_lang('BadFormData').' (code 400)'); die(get_lang('BadFormData').' (code 400)');
} }
if (isset($_SESSION["dropbox_uniqueid"]) && isset($_GET["dropbox_unid"]) && $dropbox_unid == $_SESSION["dropbox_uniqueid"]) { if (isset($_SESSION['dropbox_uniqueid']) && isset($_GET['dropbox_unid']) && $dropbox_unid == $_SESSION['dropbox_uniqueid']) {
//resubmit : go to index.php //resubmit : go to index.php
// only prevent resending of data for GETS, not POSTS because this gives annoying results // only prevent resending of data for GETS, not POSTS because this gives annoying results
if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"]=="on") { if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
$mypath = "https"; $mypath = 'https';
} else { } else {
$mypath = "http"; $mypath = 'http';
} }
$mypath=$mypath."://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php"; $mypath = $mypath.'://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/index.php';
echo 'hier';
header("Location: $mypath"); header("Location: $mypath");
} }
$dropbox_uniqueid = $dropbox_unid; $dropbox_uniqueid = $dropbox_unid;
api_session_register("dropbox_uniqueid"); api_session_register('dropbox_uniqueid');
*/ */
/** /**
* ========================================
* FORM SUBMIT * FORM SUBMIT
* ========================================
* - VALIDATE POSTED DATA * - VALIDATE POSTED DATA
* - UPLOAD NEW FILE * - UPLOAD NEW FILE
*/ */
if ( isset( $_POST["submitWork"])) if (isset($_POST['submitWork'])) {
{
if (file_exists(api_get_path(INCLUDE_PATH) . "/fileUploadLib.inc.php"))
{
require_once(api_get_path(INCLUDE_PATH) . "/fileUploadLib.inc.php");
}
else
{
require_once(api_get_path(LIBRARY_PATH) . "/fileUpload.lib.php");
}
$error = FALSE; require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
$errormsg = '';
$error = false;
$errormsg = '';
/** /**
* --------------------------------------
* FORM SUBMIT : VALIDATE POSTED DATA * FORM SUBMIT : VALIDATE POSTED DATA
* --------------------------------------
*/ */
// the author or description field is empty
if ( !isset( $_POST['authors']) || !isset( $_POST['description']))
{
$error = TRUE;
// the author or description field is empty
if (!isset($_POST['authors']) || !isset( $_POST['description'])) {
$error = true;
$errormsg = get_lang('BadFormData'); $errormsg = get_lang('BadFormData');
} } elseif (!isset( $_POST['recipients']) || count( $_POST['recipients']) <= 0) {
elseif ( !isset( $_POST['recipients']) || count( $_POST['recipients']) <= 0) $error = true;
{
$error = TRUE;
$errormsg = get_lang('NoUserSelected'); $errormsg = get_lang('NoUserSelected');
} } else {
else $thisIsAMailing = false; // RH: Mailing selected as destination
{ $thisIsJustUpload = false; // RH
$thisIsAMailing = FALSE; // RH: Mailing selected as destination
$thisIsJustUpload = FALSE; // RH foreach ($_POST['recipients'] as $rec) {
if ($rec == 'mailing') {
foreach( $_POST['recipients'] as $rec) $thisIsAMailing = true;
{ } elseif ($rec == 'upload') {
if ( $rec == 'mailing') $thisIsJustUpload = true;
{ } elseif (strpos($rec, 'user_') === 0 && !isCourseMember(substr($rec, strlen('user_')))) {
$thisIsAMailing = TRUE;
}
elseif ( $rec == 'upload')
{
$thisIsJustUpload = TRUE;
}
elseif (strpos($rec, 'user_') === 0 && !isCourseMember(substr($rec, strlen('user_') ) ))
{
echo '401'; echo '401';
die(get_lang('BadFormData').' (code 401)'); die(get_lang('BadFormData').' (code 401)');
} } elseif (strpos($rec, 'group_') !== 0 && strpos($rec, 'user_') !== 0) {
elseif (strpos($rec, 'group_') !== 0 && strpos($rec, 'user_') !== 0)
{
echo '402'; echo '402';
die(get_lang('BadFormData').' (code 402)'); die(get_lang('BadFormData').' (code 402)');
} }
} }
// we are doing a mailing but an additional recipient is selected // we are doing a mailing but an additional recipient is selected
if ( $thisIsAMailing && ( count($_POST['recipients']) != 1)) if ($thisIsAMailing && ( count($_POST['recipients']) != 1)) {
{ $error = true;
$error = TRUE;
$errormsg = get_lang('MailingSelectNoOther'); $errormsg = get_lang('MailingSelectNoOther');
} }
// we are doing a just upload but an additional recipient is selected. // we are doing a just upload but an additional recipient is selected.
elseif ( $thisIsJustUpload && ( count($_POST['recipients']) != 1)) elseif ( $thisIsJustUpload && ( count($_POST['recipients']) != 1)) {
{ $error = true;
$error = TRUE; $errormsg = get_lang('MailingJustUploadSelectNoOther');
} elseif (empty($_FILES['file']['name'])) {
$errormsg = get_lang("MailingJustUploadSelectNoOther"); $error = true;
}
elseif ( empty( $_FILES['file']['name']))
{
$error = TRUE;
$errormsg = get_lang('NoFileSpecified'); $errormsg = get_lang('NoFileSpecified');
} }
} }
//check if $_POST['cb_overwrite'] is true or false //check if $_POST['cb_overwrite'] is true or false
$dropbox_overwrite = false; $dropbox_overwrite = false;
if ( isset($_POST['cb_overwrite']) && $_POST['cb_overwrite']==true) if (isset($_POST['cb_overwrite']) && $_POST['cb_overwrite']) {
{
$dropbox_overwrite = true; $dropbox_overwrite = true;
} }
/** /**
* --------------------------------------
* FORM SUBMIT : UPLOAD NEW FILE * FORM SUBMIT : UPLOAD NEW FILE
* --------------------------------------
*/ */
if ( !$error)
{
$dropbox_filename = $_FILES['file']['name'];
$dropbox_filesize = $_FILES['file']['size']; if (!$error) {
$dropbox_filename = $_FILES['file']['name'];
$dropbox_filesize = $_FILES['file']['size'];
$dropbox_filetype = $_FILES['file']['type']; $dropbox_filetype = $_FILES['file']['type'];
$dropbox_filetmpname = $_FILES['file']['tmp_name']; $dropbox_filetmpname = $_FILES['file']['tmp_name'];
if ( $dropbox_filesize <= 0 || $dropbox_filesize > dropbox_cnf("maxFilesize")) if ($dropbox_filesize <= 0 || $dropbox_filesize > dropbox_cnf('maxFilesize')) {
{ $errormsg = get_lang('TooBig'); // TODO: The "too big" message does not fit in the case of uploading zero-sized file.
$errormsg = get_lang('TooBig'); $error = true;
} elseif (!is_uploaded_file($dropbox_filetmpname)) { // check user fraud : no clean error msg.
$error = TRUE;
}elseif ( !is_uploaded_file( $dropbox_filetmpname)) // check user fraud : no clean error msg.
{
die(get_lang('BadFormData').' (code 403)'); die(get_lang('BadFormData').' (code 403)');
} }
if ( !$error) if (!$error) {
{
// Try to add an extension to the file if it hasn't got one // Try to add an extension to the file if it hasn't got one
$dropbox_filename = add_ext_on_mime($dropbox_filename, $dropbox_filetype); $dropbox_filename = add_ext_on_mime($dropbox_filename, $dropbox_filetype);
// Replace dangerous characters // Replace dangerous characters
$dropbox_filename = replace_dangerous_char($dropbox_filename); $dropbox_filename = replace_dangerous_char($dropbox_filename);
// Transform any .php file in .phps fo security // Transform any .php file in .phps fo security
$dropbox_filename = php2phps($dropbox_filename); $dropbox_filename = php2phps($dropbox_filename);
if(!filter_extension($dropbox_filename)) if (!filter_extension($dropbox_filename)) {
{
$error = true; $error = true;
$errormsg = get_lang('UplUnableToSaveFileFilteredExtension'); $errormsg = get_lang('UplUnableToSaveFileFilteredExtension');
} } else {
else
{
// set title // set title
$dropbox_title = $dropbox_filename; $dropbox_title = $dropbox_filename;
// set author // set author
if ( $_POST['authors'] == '') if ($_POST['authors'] == '') {
{
$_POST['authors'] = getUserNameFromId($_user['user_id']); $_POST['authors'] = getUserNameFromId($_user['user_id']);
} }
if ( $dropbox_overwrite) // RH: Mailing: adapted if ($dropbox_overwrite) { // RH: Mailing: adapted
{
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach($dropbox_person->sentWork as $w) foreach ($dropbox_person->sentWork as $w) {
{ if ($w->title == $dropbox_filename) {
if ($w->title == $dropbox_filename) if (($w->recipients[0]['id'] > dropbox_cnf('mailingIdBase')) xor $thisIsAMailing) {
{ $error = true;
if ( ($w->recipients[0]['id'] > dropbox_cnf("mailingIdBase")) xor $thisIsAMailing)
{
$error = TRUE;
$errormsg = get_lang('MailingNonMailingError'); $errormsg = get_lang('MailingNonMailingError');
} }
if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload) if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload) {
{ $error = true;
$error = TRUE; $errormsg = get_lang('MailingJustUploadSelectNoOther');
$errormsg = get_lang("MailingJustUploadSelectNoOther");
} }
$dropbox_filename = $w->filename; $found = true; $dropbox_filename = $w->filename;
$found = true;
break; break;
} }
} }
} } else {
else // rename file to login_filename_uniqueId format // rename file to login_filename_uniqueId format
{ $dropbox_filename = getLoginFromId( $_user['user_id']) . '_' . $dropbox_filename . '_'.uniqid('');
$dropbox_filename = getLoginFromId( $_user['user_id']) . "_" . $dropbox_filename . "_".uniqid('');
} }
if ( ( ! is_dir( dropbox_cnf("sysPath")))) if (!is_dir(dropbox_cnf('sysPath'))) {
{
//The dropbox subdir doesn't exist yet so make it and create the .htaccess file //The dropbox subdir doesn't exist yet so make it and create the .htaccess file
mkdir( dropbox_cnf("sysPath"), api_get_permissions_for_new_directories()) or die(get_lang('ErrorCreatingDir').' (code 404)'); mkdir(dropbox_cnf('sysPath'), api_get_permissions_for_new_directories()) or die(get_lang('ErrorCreatingDir').' (code 404)');
$fp = fopen( dropbox_cnf("sysPath")."/.htaccess", "w") or die(get_lang('ErrorCreatingDir').' (code 405)'); $fp = fopen(dropbox_cnf('sysPath').'/.htaccess', 'w') or die(get_lang('ErrorCreatingDir').' (code 405)');
fwrite($fp, "AuthName AllowLocalAccess fwrite($fp, "AuthName AllowLocalAccess
AuthType Basic AuthType Basic
@ -231,37 +175,25 @@ if ( isset( $_POST["submitWork"]))
} }
if ($error) {} if ($error) {}
elseif ( $thisIsAMailing) // RH: $newWorkRecipients is integer - see class elseif ($thisIsAMailing) { // RH: $newWorkRecipients is integer - see class
{ if (preg_match(dropbox_cnf('mailingZipRegexp'), $dropbox_title)) {
if ( preg_match( dropbox_cnf("mailingZipRegexp"), $dropbox_title)) $newWorkRecipients = dropbox_cnf('mailingIdBase');
{ } else {
$newWorkRecipients = dropbox_cnf("mailingIdBase"); $error = true;
}
else
{
$error = TRUE;
$errormsg = $dropbox_title . ': ' . get_lang('MailingWrongZipfile'); $errormsg = $dropbox_title . ': ' . get_lang('MailingWrongZipfile');
} }
} } elseif ( $thisIsJustUpload) { // RH: $newWorkRecipients is empty array
elseif ( $thisIsJustUpload) // RH: $newWorkRecipients is empty array
{
$newWorkRecipients = array(); $newWorkRecipients = array();
} } else {
else // creating the array that contains all the users who will receive the file
{ // creating the array that contains all the users who will receive the file
$newWorkRecipients = array(); $newWorkRecipients = array();
foreach ($_POST["recipients"] as $rec) foreach ($_POST['recipients'] as $rec) {
{
if (strpos($rec, 'user_') === 0) { if (strpos($rec, 'user_') === 0) {
$newWorkRecipients[] = substr($rec, strlen('user_')); $newWorkRecipients[] = substr($rec, strlen('user_'));
} } elseif (strpos($rec, 'group_') === 0) {
elseif (strpos($rec, 'group_') === 0 )
{
$userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_'))); $userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_')));
foreach ($userList as $usr) foreach ($userList as $usr) {
{ if (!in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id']) {
if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id'])
{
$newWorkRecipients[] = $usr['user_id']; $newWorkRecipients[] = $usr['user_id'];
} }
} }
@ -271,9 +203,8 @@ if ( isset( $_POST["submitWork"]))
// After uploading the file, create the db entries // After uploading the file, create the db entries
if ( !$error) if (!$error) {
{ @move_uploaded_file( $dropbox_filetmpname, dropbox_cnf('sysPath') . '/' . $dropbox_filename)
@move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename)
or die(get_lang('UploadError').' (code 407)'); or die(get_lang('UploadError').' (code 407)');
new Dropbox_SentWork($_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $newWorkRecipients); new Dropbox_SentWork($_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $newWorkRecipients);
} }
@ -283,43 +214,35 @@ if ( isset( $_POST["submitWork"]))
/** /**
* ========================================
* SUBMIT FORM RESULTMESSAGE * SUBMIT FORM RESULTMESSAGE
* ========================================
*/ */
if ( !$error)
{
$return_message=get_lang('FileUploadSucces');
}
else if (!$error) {
{ $return_message = get_lang('FileUploadSucces');
} else {
$return_message = $errormsg; $return_message = $errormsg;
} }
} // end if ( isset( $_POST["submitWork"])) } // end if ( isset( $_POST['submitWork']))
/** /**
* ========================================
* // RH: EXAMINE OR SEND MAILING (NEW) * // RH: EXAMINE OR SEND MAILING (NEW)
* ========================================
*/ */
if ( isset( $_GET['mailingIndex'])) // examine or send
{ if (isset($_GET['mailingIndex'])) { // examine or send
$dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
if ( isset($_SESSION["sentOrder"])) if (isset($_SESSION['sentOrder'])) {
{ $dropbox_person->orderSentWork($_SESSION['sentOrder']);
$dropbox_person->orderSentWork ($_SESSION["sentOrder"]);
} }
$i = $_GET['mailingIndex']; $mailing_item = $dropbox_person->sentWork[$i]; $i = $_GET['mailingIndex'];
$mailing_item = $dropbox_person->sentWork[$i];
$mailing_title = $mailing_item->title; $mailing_title = $mailing_item->title;
$mailing_file = dropbox_cnf("sysPath") . '/' . $mailing_item->filename; $mailing_file = dropbox_cnf('sysPath') . '/' . $mailing_item->filename;
$errormsg = '<b>' . $mailing_item->recipients[0]['name'] . ' (' $errormsg = '<b>' . $mailing_item->recipients[0]['name'] . ' ('
. "<a href='dropbox_download.php?origin=$origin&id=".urlencode($mailing_item->id)."'>" . "<a href='dropbox_download.php?origin=$origin&id=".urlencode($mailing_item->id)."'>"
. htmlspecialchars($mailing_title,ENT_QUOTES,$charset) . '</a>):</b><br /><br />'; . htmlspecialchars($mailing_title, ENT_QUOTES, api_get_system_encoding()) . '</a>):</b><br /><br />';
if ( preg_match( dropbox_cnf("mailingZipRegexp"), $mailing_title, $nameParts)) if (preg_match( dropbox_cnf('mailingZipRegexp'), $mailing_title, $nameParts)) {
{
$var = api_strtoupper($nameParts[2]); // the variable part of the name $var = api_strtoupper($nameParts[2]); // the variable part of the name
$course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); $course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sel = "SELECT u.user_id, u.lastname, u.firstname, cu.status $sel = "SELECT u.user_id, u.lastname, u.firstname, cu.status
@ -328,8 +251,7 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
ON cu.user_id = u.user_id AND cu.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND cu.course_code = '".$_course['sysCode']."'"; ON cu.user_id = u.user_id AND cu.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND cu.course_code = '".$_course['sysCode']."'";
$sel .= " WHERE u.".dropbox_cnf("mailingWhere".$var)." = '"; $sel .= " WHERE u.".dropbox_cnf("mailingWhere".$var)." = '";
function getUser($thisRecip) function getUser($thisRecip) {
{
// string result = error message, array result = [user_id, lastname, firstname] // string result = error message, array result = [user_id, lastname, firstname]
global $var, $sel; global $var, $sel;
@ -341,16 +263,11 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
while ( ($res = Database::fetch_array($result))) {$students[] = $res;} while ( ($res = Database::fetch_array($result))) {$students[] = $res;}
Database::free_result($result); Database::free_result($result);
if (count($students) == 1) if (count($students) == 1) {
{
return($students[0]); return($students[0]);
} } elseif (count($students) > 1) {
elseif (count($students) > 1)
{
return ' <'.get_lang('MailingFileRecipDup', '').$var."= $thisRecip>"; return ' <'.get_lang('MailingFileRecipDup', '').$var."= $thisRecip>";
} } else {
else
{
return ' <'.get_lang('MailingFileRecipNotFound', '').$var."= $thisRecip>"; return ' <'.get_lang('MailingFileRecipNotFound', '').$var."= $thisRecip>";
} }
} }
@ -358,117 +275,84 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
$preFix = $nameParts[1]; $postFix = $nameParts[3]; $preFix = $nameParts[1]; $postFix = $nameParts[3];
$preLen = api_strlen($preFix); $postLen = api_strlen($postFix); $preLen = api_strlen($preFix); $postLen = api_strlen($postFix);
function findRecipient($thisFile) function findRecipient($thisFile) {
{
// string result = error message, array result = [user_id, lastname, firstname, status] // string result = error message, array result = [user_id, lastname, firstname, status]
global $nameParts, $preFix, $preLen, $postFix, $postLen; global $nameParts, $preFix, $preLen, $postFix, $postLen;
if ( preg_match(dropbox_cnf("mailingFileRegexp"), $thisFile, $matches)) if (preg_match(dropbox_cnf('mailingFileRegexp'), $thisFile, $matches)) {
{
$thisName = $matches[1]; $thisName = $matches[1];
if ( api_substr($thisName, 0, $preLen) == $preFix) if (api_substr($thisName, 0, $preLen) == $preFix) {
{ if ($postLen == 0 || api_substr($thisName, -$postLen) == $postFix) {
if ( $postLen == 0 || api_substr($thisName, -$postLen) == $postFix)
{
$thisRecip = api_substr($thisName, $preLen, api_strlen($thisName) - $preLen - $postLen); $thisRecip = api_substr($thisName, $preLen, api_strlen($thisName) - $preLen - $postLen);
if ( $thisRecip) return getUser($thisRecip); if ($thisRecip) {
return ' <'.get_lang('MailingFileNoRecip', '').'>'; return getUser($thisRecip);
} }
else return ' <'.get_lang('MailingFileNoRecip', '').'>';
{ } else {
return ' <'.get_lang('MailingFileNoPostfix', '').$postFix.'>'; return ' <'.get_lang('MailingFileNoPostfix', '').$postFix.'>';
} }
} } else {
else
{
return ' <'.get_lang('MailingFileNoPrefix', '').$preFix.'>'; return ' <'.get_lang('MailingFileNoPrefix', '').$preFix.'>';
} }
} } else {
else
{
return ' <'.get_lang('MailingFileFunny', '').'>'; return ' <'.get_lang('MailingFileFunny', '').'>';
} }
} }
if (file_exists(api_get_path(INCLUDE_PATH) . "/pclzip/pclzip.lib.php")) require api_get_path(LIBRARY_PATH) . 'pclzip/pclzip.lib.php';
{
require(api_get_path(INCLUDE_PATH) . "/pclzip/pclzip.lib.php");
}
else
{
require(api_get_path(LIBRARY_PATH) . "/pclzip/pclzip.lib.php");
}
$zipFile = new pclZip($mailing_file); $goodFiles = array(); $zipFile = new pclZip($mailing_file);
$zipContent = $zipFile->listContent(); $ucaseFiles = array(); $goodFiles = array();
$zipContent = $zipFile->listContent();
$ucaseFiles = array();
if ( $zipContent) if ($zipContent) {
{ foreach( $zipFile->listContent() as $thisContent) {
foreach( $zipFile->listContent() as $thisContent)
{
$thisFile = substr(strrchr('/' . $thisContent['filename'], '/'), 1); $thisFile = substr(strrchr('/' . $thisContent['filename'], '/'), 1);
$thisFileUcase = strtoupper($thisFile); $thisFileUcase = strtoupper($thisFile);
if ( preg_match("~.(php.*|phtml)$~i", $thisFile) ) if (preg_match("~.(php.*|phtml)$~i", $thisFile)) {
{ $error = true;
$error = TRUE; $errormsg .= $thisFile . ': ' . get_lang('MailingZipPhp'); $errormsg .= $thisFile . ': ' . get_lang('MailingZipPhp');
break; break;
} } elseif (!$thisContent['folder']) {
elseif ( !$thisContent['folder']) if ($ucaseFiles[$thisFileUcase]) {
{ $error = true;
if ( $ucaseFiles[$thisFileUcase]) $errormsg .= $thisFile . ': ' . get_lang('MailingZipDups');
{
$error = TRUE; $errormsg .= $thisFile . ': ' . get_lang('MailingZipDups');
break; break;
} } else {
else
{
$goodFiles[$thisFile] = findRecipient($thisFile); $goodFiles[$thisFile] = findRecipient($thisFile);
$ucaseFiles[$thisFileUcase] = "yep"; $ucaseFiles[$thisFileUcase] = 'yep';
} }
} }
} }
} } else {
else $error = true;
{ $errormsg .= get_lang('MailingZipEmptyOrCorrupt');
$error = TRUE; $errormsg .= get_lang('MailingZipEmptyOrCorrupt');
} }
if ( !$error) if (!$error) {
{
$students = array(); // collect all recipients in this course $students = array(); // collect all recipients in this course
foreach( $goodFiles as $thisFile => $thisRecip) foreach ($goodFiles as $thisFile => $thisRecip) {
{ $errormsg .= htmlspecialchars($thisFile, ENT_QUOTES, api_get_system_encoding()) . ': ';
$errormsg .= htmlspecialchars($thisFile,ENT_QUOTES,$charset) . ': '; if (is_string($thisRecip)) { // see findRecipient
if ( is_string($thisRecip)) // see findRecipient
{
$errormsg .= '<font color="#FF0000">' $errormsg .= '<font color="#FF0000">'
. htmlspecialchars($thisRecip,ENT_QUOTES,$charset) . '</font><br>'; . htmlspecialchars($thisRecip, ENT_QUOTES, api_get_system_encoding()) . '</font><br />';
} } else {
else if ( isset( $_GET['mailingSend'])) {
{
if ( isset( $_GET['mailingSend']))
{
$errormsg .= get_lang('MailingFileSentTo'); $errormsg .= get_lang('MailingFileSentTo');
} } else {
else
{
$errormsg .= get_lang('MailingFileIsFor'); $errormsg .= get_lang('MailingFileIsFor');
} }
$errormsg .= htmlspecialchars(api_get_person_name($thisRecip[2], $thisRecip[1]), ENT_QUOTES, $charset); $errormsg .= htmlspecialchars(api_get_person_name($thisRecip[2], $thisRecip[1]), ENT_QUOTES, api_get_system_encoding());
if ( is_null($thisRecip[3])) if (is_null($thisRecip[3])) {
{
$errormsg .= get_lang('MailingFileNotRegistered'); $errormsg .= get_lang('MailingFileNotRegistered');
} } else {
else
{
$students[] = $thisRecip[0]; $students[] = $thisRecip[0];
} }
$errormsg .= '<br>'; $errormsg .= '<br />';
} }
} }
@ -483,87 +367,67 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
AND u.user_id NOT IN ('" . implode("', '" , $students) . "')"; AND u.user_id NOT IN ('" . implode("', '" , $students) . "')";
$result = Database::query($sql); $result = Database::query($sql);
if ( Database::num_rows($result) > 0) if (Database::num_rows($result) > 0) {
{
$remainingUsers = ''; $remainingUsers = '';
while ( ($res = Database::fetch_array($result))) while ($res = Database::fetch_array($result)) {
{ $remainingUsers .= ', ' . htmlspecialchars(api_get_person_name($res[1], $res[0]), ENT_QUOTES, api_get_system_encoding());
$remainingUsers .= ', ' . htmlspecialchars(api_get_person_name($res[1], $res[0]), ENT_QUOTES, $charset);
} }
$errormsg .= '<br />' . get_lang('MailingNothingFor') . api_substr($remainingUsers, 1) . '.<br />'; $errormsg .= '<br />' . get_lang('MailingNothingFor') . api_substr($remainingUsers, 1) . '.<br />';
} }
if ( isset( $_GET['mailingSend'])) if (isset($_GET['mailingSend'])) {
{ chdir(dropbox_cnf('sysPath'));
chdir(dropbox_cnf("sysPath"));
$zipFile->extract(PCLZIP_OPT_REMOVE_ALL_PATH); $zipFile->extract(PCLZIP_OPT_REMOVE_ALL_PATH);
$mailingPseudoId = dropbox_cnf("mailingIdBase") + $mailing_item->id; $mailingPseudoId = dropbox_cnf('mailingIdBase') + $mailing_item->id;
foreach( $goodFiles as $thisFile => $thisRecip) foreach ($goodFiles as $thisFile => $thisRecip) {
{ if (is_string($thisRecip)) { // remove problem file
if ( is_string($thisRecip)) // remove problem file @unlink(dropbox_cnf('sysPath') . '/' . $thisFile);
{ } else {
@unlink(dropbox_cnf("sysPath") . '/' . $thisFile); $newName = getLoginFromId( $_user['user_id']) . '_' . $thisFile . '_' . uniqid('');
} if (rename(dropbox_cnf('sysPath') . '/' . $thisFile, dropbox_cnf('sysPath') . '/' . $newName))
else
{
$newName = getLoginFromId( $_user['user_id']) . "_" . $thisFile . "_" . uniqid('');
if ( rename(dropbox_cnf("sysPath") . '/' . $thisFile, dropbox_cnf("sysPath") . '/' . $newName))
new Dropbox_SentWork($mailingPseudoId, $thisFile, $mailing_item->description, $mailing_item->author, $newName, $thisContent['size'], array($thisRecip[0])); new Dropbox_SentWork($mailingPseudoId, $thisFile, $mailing_item->description, $mailing_item->author, $newName, $thisContent['size'], array($thisRecip[0]));
} }
} }
$sendDT = addslashes(date("Y-m-d H:i:s",time())); $sendDT = addslashes(date('Y-m-d H:i:s', time()));
// set filesize to zero on send, to avoid 2nd send (see index.php) // set filesize to zero on send, to avoid 2nd send (see index.php)
$sql = "UPDATE ".dropbox_cnf("tbl_file")." $sql = "UPDATE ".dropbox_cnf("tbl_file")."
SET filesize = '0' SET filesize = '0'
, upload_date = '".$sendDT."', last_upload_date = '".$sendDT."' , upload_date = '".$sendDT."', last_upload_date = '".$sendDT."'
WHERE id='".addslashes($mailing_item->id)."'"; WHERE id='".addslashes($mailing_item->id)."'";
$result = Database::query($sql); $result = Database::query($sql);
} } elseif ($mailing_item->filesize != 0) {
elseif ($mailing_item->filesize != 0)
{
$errormsg .= '<br />' . get_lang('MailingNotYetSent') . '<br />'; $errormsg .= '<br />' . get_lang('MailingNotYetSent') . '<br />';
} }
} }
} } else {
else $error = true;
{ $errormsg .= get_lang('MailingWrongZipfile');
$error = TRUE; $errormsg .= get_lang('MailingWrongZipfile');
} }
/** /**
* ========================================
* EXAMINE OR SEND MAILING RESULTMESSAGE * EXAMINE OR SEND MAILING RESULTMESSAGE
* ========================================
*/ */
if ( $error)
{ if ($error) {
?> ?>
<b><font color="#FF0000"><?php echo $errormsg?></font></b><br><br> <b><font color="#FF0000"><?php echo $errormsg?></font></b><br /><br />
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br> <a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br />
<?php <?php
} } else {
else
{
?> ?>
<?php echo $errormsg?><br><br> <?php echo $errormsg?><br /><br />
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br> <a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br />
<?php <?php
} }
} }
/** /**
* =============================================
* DELETE RECEIVED OR SENT FILES - EDIT FEEDBACK // RH: Feedback * DELETE RECEIVED OR SENT FILES - EDIT FEEDBACK // RH: Feedback
* =============================================
* - DELETE ALL RECEIVED FILES * - DELETE ALL RECEIVED FILES
* - DELETE 1 RECEIVED FILE * - DELETE 1 RECEIVED FILE
* - DELETE ALL SENT FILES * - DELETE ALL SENT FILES
@ -571,27 +435,21 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
* - EDIT FEEDBACK // RH: Feedback * - EDIT FEEDBACK // RH: Feedback
*/ */
if (isset($_GET['deleteReceived']) || isset($_GET['deleteSent']) if (isset($_GET['deleteReceived']) || isset($_GET['deleteSent'])
|| isset( $_GET['showFeedback']) || isset( $_GET['editFeedback'])) // RH: Feedback || isset( $_GET['showFeedback']) || isset( $_GET['editFeedback'])) { // RH: Feedback
{ if ($_GET['mailing']) { // RH: Mailing
if ( $_GET['mailing']) // RH: Mailing
{
getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '408'); // RH or die getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '408'); // RH or die
$dropbox_person = new Dropbox_Person($_GET['mailing'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person($_GET['mailing'], $is_courseAdmin, $is_courseTutor);
} } else {
else
{
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
} }
// RH: these two are needed, I think // RH: these two are needed, I think
if ( isset($_SESSION["sentOrder"])) if (isset($_SESSION['sentOrder'])) {
{ $dropbox_person->orderSentWork($_SESSION['sentOrder']);
$dropbox_person->orderSentWork ($_SESSION["sentOrder"]);
} }
if ( isset($_SESSION["receivedOrder"])) if (isset($_SESSION['receivedOrder'])) {
{ $dropbox_person->orderReceivedWork($_SESSION['receivedOrder']);
$dropbox_person->orderReceivedWork ($_SESSION["receivedOrder"]);
} }
/*if (!$dropbox_person->isCourseAdmin || ! $dropbox_person->isCourseTutor) { /*if (!$dropbox_person->isCourseAdmin || ! $dropbox_person->isCourseTutor) {
@ -600,67 +458,52 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
$tellUser = get_lang('FileDeleted'); // RH: Feedback $tellUser = get_lang('FileDeleted'); // RH: Feedback
if ( isset( $_GET['deleteReceived'])) if (isset($_GET['deleteReceived'])) {
{ if ($_GET['deleteReceived'] == 'all') {
if ( $_GET["deleteReceived"] == "all")
{
$dropbox_person->deleteAllReceivedWork(); $dropbox_person->deleteAllReceivedWork();
}elseif ( is_numeric( $_GET["deleteReceived"])) } elseif (is_numeric($_GET['deleteReceived'])) {
{
$dropbox_person->deleteReceivedWork( $_GET['deleteReceived']); $dropbox_person->deleteReceivedWork( $_GET['deleteReceived']);
} } else {
else
{
die(get_lang('GeneralError').' (code 409)'); die(get_lang('GeneralError').' (code 409)');
} }
} } elseif (isset( $_GET['deleteSent'])) { // RH: Feedback
elseif ( isset( $_GET['deleteSent'])) // RH: Feedback if ($_GET['deleteSent'] == 'all') {
{
if ( $_GET["deleteSent"] == "all")
{
$dropbox_person->deleteAllSentWork( ); $dropbox_person->deleteAllSentWork( );
}elseif ( is_numeric( $_GET["deleteSent"])) } elseif (is_numeric($_GET['deleteSent'])) {
{
$dropbox_person->deleteSentWork($_GET['deleteSent']); $dropbox_person->deleteSentWork($_GET['deleteSent']);
} } else {
else
{
die(get_lang('GeneralError').' (code 410)'); die(get_lang('GeneralError').' (code 410)');
} }
} } elseif (isset($_GET['showFeedback'])) { // RH: Feedback
elseif ( isset( $_GET['showFeedback'])) // RH: Feedback
{
$w = new Dropbox_SentWork($id = $_GET['showFeedback']); $w = new Dropbox_SentWork($id = $_GET['showFeedback']);
if ($w->uploader_id != $_user['user_id']) if ($w->uploader_id != $_user['user_id']) {
getUserOwningThisMailing($w->uploader_id, $_user['user_id'], '411'); // RH or die getUserOwningThisMailing($w->uploader_id, $_user['user_id'], '411'); // RH or die
}
foreach( $w -> recipients as $r) if (($fb = $r["feedback"])) foreach ($w -> recipients as $r) {
{ if (($fb = $r['feedback'])) {
$fbarray [$r["feedback_date"].$r["name"]]= $fbarray[$r['feedback_date'].$r['name']] = $r['name'].' '.get_lang('SentOn', '').' '.$r['feedback_date'].":\n".$fb;
$r["name"] . ' ' . get_lang('SentOn', '') . }
' ' . $r["feedback_date"] . ":\n" . $fb;
} }
if ($fbarray) if ($fbarray) {
{
krsort($fbarray); krsort($fbarray);
echo '<textarea class="dropbox_feedbacks">', echo '<textarea class="dropbox_feedbacks">',
htmlspecialchars(implode("\n\n", $fbarray),ENT_QUOTES,$charset), '</textarea>', "\n"; htmlspecialchars(implode("\n\n", $fbarray), ENT_QUOTES, api_get_system_encoding()), '</textarea>', "\n";
} } else {
else
{
echo '<textarea class="dropbox_feedbacks">&nbsp;</textarea>', "\n"; echo '<textarea class="dropbox_feedbacks">&nbsp;</textarea>', "\n";
} }
$tellUser = get_lang('ShowFeedback'); $tellUser = get_lang('ShowFeedback');
}
else // if ( isset( $_GET['editFeedback'])) // RH: Feedback } else { // if ( isset( $_GET['editFeedback'])) { // RH: Feedback
{ $id = $_GET['editFeedback'];
$id = $_GET['editFeedback']; $found = false; $found = false;
foreach ($dropbox_person->receivedWork as $w) { foreach ($dropbox_person->receivedWork as $w) {
if ($w->id == $id) { if ($w->id == $id) {
$found = true; break; $found = true;
break;
} }
} }
if (!$found) die(get_lang('GeneralError').' (code 415)'); if (!$found) die(get_lang('GeneralError').' (code 415)');
@ -669,17 +512,14 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
'<input type="hidden" name="feedbackid" value="', '<input type="hidden" name="feedbackid" value="',
$id, '"/>', "\n", $id, '"/>', "\n",
'<textarea name="feedbacktext" class="dropbox_feedbacks">', '<textarea name="feedbacktext" class="dropbox_feedbacks">',
htmlspecialchars($w->feedback,ENT_QUOTES,$charset), '</textarea>', "<br>\n", htmlspecialchars($w->feedback, ENT_QUOTES, api_get_system_encoding()), '</textarea>', "<br />\n",
'<input type="submit" name="feedbacksubmit" value="', get_lang('Ok', ''), '"/>', "\n", '<input type="submit" name="feedbacksubmit" value="', get_lang('Ok', ''), '"/>', "\n",
'</form>', "\n"; '</form>', "\n";
$tellUser = get_lang('GiveFeedback'); $tellUser = get_lang('GiveFeedback');
} }
/** /**
* ==============================================
* RESULTMESSAGE FOR DELETE FILE OR EDIT FEEDBACK // RH: Feedback * RESULTMESSAGE FOR DELETE FILE OR EDIT FEEDBACK // RH: Feedback
* ==============================================
*/ */
$return_message = get_lang('BackList'); $return_message = get_lang('BackList');
} }
?>

7
main/dropbox/dropbox_zipdownload.inc.php
Unescape View File

@ -1,6 +1,5 @@
<?php //$id: $ <?php
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /license.txt */
// the file that contains all the initialisation stuff (and includes all the configuration stuff) // the file that contains all the initialisation stuff (and includes all the configuration stuff)
require_once( "dropbox_init.inc.php"); require_once 'dropbox_init.inc.php';
?>

187
main/dropbox/index.php
Unescape View File

@ -1,7 +1,7 @@
<?php //$id: $ <?php //$id: $
/* For licensing terms, see /dokeos_license.txt */ /* For licensing terms, see /license.txt */
/** /**
==============================================================================
* @desc The dropbox is a personal (peer to peer) file exchange module that allows * @desc The dropbox is a personal (peer to peer) file exchange module that allows
* you to send documents to a certain (group of) users. * you to send documents to a certain (group of) users.
* *
@ -20,13 +20,10 @@
* then for every individual document the feedback is retrieved * then for every individual document the feedback is retrieved
* @todo the implementation of the dropbox categories could (on the database level) have been done more elegantly by storing the category * @todo the implementation of the dropbox categories could (on the database level) have been done more elegantly by storing the category
* in the dropbox_person table because this table stores the relationship between the files (sent OR received) and the users * in the dropbox_person table because this table stores the relationship between the files (sent OR received) and the users
==============================================================================
*/ */
/** /**
==============================================================================
HISTORY HISTORY
==============================================================================
Version 1.1 Version 1.1
------------ ------------
- dropbox_init1.inc.php: changed include statements to require statements. This way if a file is not found, it stops the execution of a script instead of continuing with warnings. - dropbox_init1.inc.php: changed include statements to require statements. This way if a file is not found, it stops the execution of a script instead of continuing with warnings.
@ -90,16 +87,15 @@ Version 1.3 (Patrick Cool)
Version 1.4 (Yannick Warnier) Version 1.4 (Yannick Warnier)
----------------------------- -----------------------------
- removed all self-built database tables names - removed all self-built database tables names
==============================================================================
*/ */
/* /*
==============================================================================
INIT SECTION INIT SECTION
==============================================================================
*/ */
// the file that contains all the initialisation stuff (and includes all the configuration stuff) // the file that contains all the initialisation stuff (and includes all the configuration stuff)
require_once( "dropbox_init.inc.php"); require_once 'dropbox_init.inc.php';
// get the last time the user accessed the tool // get the last time the user accessed the tool
if ($_SESSION[$_course['id']]['last_access'][TOOL_DROPBOX] == '') { if ($_SESSION[$_course['id']]['last_access'][TOOL_DROPBOX] == '') {
$last_access = get_last_tool_access(TOOL_DROPBOX, $_course['code'], $_user['user_id']); $last_access = get_last_tool_access(TOOL_DROPBOX, $_course['code'], $_user['user_id']);
@ -115,23 +111,19 @@ event_access_tool(TOOL_DROPBOX);
$dropbox_unid = md5(uniqid(rand(), true)); $dropbox_unid = md5(uniqid(rand(), true));
/* /*
==============================================================================
DISPLAY SECTION DISPLAY SECTION
==============================================================================
*/ */
// Tool introduction // Tool introduction
Display::display_introduction_section(TOOL_DROPBOX); Display::display_introduction_section(TOOL_DROPBOX);
/* /*
-----------------------------------------------------------
ACTIONS: add a dropbox file, add a dropbox category. ACTIONS: add a dropbox file, add a dropbox category.
-----------------------------------------------------------
*/ */
// *** display the form for adding a new dropbox item. *** // *** display the form for adding a new dropbox item. ***
if ($_GET['action']=="add") { if ($_GET['action'] == 'add') {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
display_add_form(); display_add_form();
@ -146,48 +138,46 @@ if (isset($_POST['submitWork'])) {
} }
// *** display the form for adding a category *** // display the form for adding a category
if ($_GET['action']=="addreceivedcategory" or $_GET['action']=="addsentcategory") { if ($_GET['action'] == 'addreceivedcategory' or $_GET['action'] == 'addsentcategory') {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
display_addcategory_form($_POST['category_name'],'',$_GET['action']); display_addcategory_form($_POST['category_name'],'',$_GET['action']);
} }
// *** editing a category: displaying the form *** // editing a category: displaying the form
if ($_GET['action'] == 'editcategory' and isset($_GET['id'])) { if ($_GET['action'] == 'editcategory' and isset($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
if (!$_POST) { if (!$_POST) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
display_addcategory_form('', $_GET['id'], 'editcategory'); display_addcategory_form('', $_GET['id'], 'editcategory');
} }
} }
// *** storing a new or edited category *** // storing a new or edited category
if (isset($_POST['StoreCategory'])) { if (isset($_POST['StoreCategory'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
$return_information = store_addcategory(); $return_information = store_addcategory();
if( $return_information['type'] == 'confirmation') if ($return_information['type'] == 'confirmation') {
{
Display :: display_confirmation_message($return_information['message']); Display :: display_confirmation_message($return_information['message']);
} }
if( $return_information['type'] == 'error') if ($return_information['type'] == 'error') {
{
Display :: display_error_message(get_lang('FormHasErrorsPleaseComplete').'<br />'.$return_information['message']); Display :: display_error_message(get_lang('FormHasErrorsPleaseComplete').'<br />'.$return_information['message']);
display_addcategory_form($_POST['category_name'], $_POST['edit_id'], $_POST['action']); display_addcategory_form($_POST['category_name'], $_POST['edit_id'], $_POST['action']);
} }
} }
// *** Move a File *** // Move a File
if (($_GET['action'] == 'movesent' OR $_GET['action'] == 'movereceived') AND isset($_GET['move_id'])) { if (($_GET['action'] == 'movesent' OR $_GET['action'] == 'movereceived') AND isset($_GET['move_id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
display_move_form(str_replace('move', '', $_GET['action']), $_GET['move_id'], get_dropbox_categories(str_replace('move', '', $_GET['action']))); display_move_form(str_replace('move', '', $_GET['action']), $_GET['move_id'], get_dropbox_categories(str_replace('move', '', $_GET['action'])));
@ -196,9 +186,9 @@ if ($_POST['do_move']) {
Display :: display_confirmation_message(store_move($_POST['id'], $_POST['move_target'], $_POST['part'])); Display :: display_confirmation_message(store_move($_POST['id'], $_POST['move_target'], $_POST['part']));
} }
// *** Delete a file *** // Delete a file
if (($_GET['action'] == 'deletereceivedfile' OR $_GET['action'] == 'deletesentfile') AND isset($_GET['id']) AND is_numeric($_GET['id'])) { if (($_GET['action'] == 'deletereceivedfile' OR $_GET['action'] == 'deletesentfile') AND isset($_GET['id']) AND is_numeric($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
$dropboxfile = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor); $dropboxfile = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
@ -213,31 +203,31 @@ if (($_GET['action']=='deletereceivedfile' OR $_GET['action']=='deletesentfile')
Display :: display_confirmation_message($message); Display :: display_confirmation_message($message);
} }
// *** Delete a category *** // Delete a category
if (($_GET['action'] == 'deletereceivedcategory' OR $_GET['action'] == 'deletesentcategory') AND isset($_GET['id']) AND is_numeric($_GET['id'])) { if (($_GET['action'] == 'deletereceivedcategory' OR $_GET['action'] == 'deletesentcategory') AND isset($_GET['id']) AND is_numeric($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed(); api_not_allowed();
} }
$message = delete_category($_GET['action'], $_GET['id']); $message = delete_category($_GET['action'], $_GET['id']);
Display :: display_confirmation_message($message); Display :: display_confirmation_message($message);
} }
// *** Do an action on multiple files *** // Do an action on multiple files
// only the download has is handled separately in dropbox_init_inc.php because this has to be done before the headers are sent // only the download has is handled separately in dropbox_init_inc.php because this has to be done before the headers are sent
// (which also happens in dropbox_init.inc.php // (which also happens in dropbox_init.inc.php
if (!isset($_POST['feedback']) && (strstr($_POST['action'], 'move_received') OR if (!isset($_POST['feedback']) && (strstr($_POST['action'], 'move_received') OR
$_POST['action'] == 'delete_received' OR $_POST['action'] == 'download_received' OR $_POST['action'] == 'delete_received' OR $_POST['action'] == 'download_received' OR
$_POST['action'] == 'delete_sent' OR $_POST['action'] == 'download_sent')) $_POST['action'] == 'delete_sent' OR $_POST['action'] == 'download_sent')) {
{
$display_message = handle_multiple_actions(); $display_message = handle_multiple_actions();
Display :: display_normal_message($display_message); Display :: display_normal_message($display_message);
} }
// *** Store Feedback *** // Store Feedback
if ($_POST['feedback']) { if ($_POST['feedback']) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false,true)) {
api_not_allowed(); api_not_allowed();
} }
$check = Security::check_token(); $check = Security::check_token();
@ -248,14 +238,14 @@ if ($_POST['feedback']) {
} }
} }
// *** Error Message *** // Error Message
if (isset($_GET['error']) AND !empty($_GET['error'])) { if (isset($_GET['error']) AND !empty($_GET['error'])) {
Display :: display_normal_message(get_lang($_GET['error'])); Display :: display_normal_message(get_lang($_GET['error']));
} }
if ($_GET['action'] != 'add') {
if ($_GET['action']!="add") {
// getting all the categories in the dropbox for the given user // getting all the categories in the dropbox for the given user
$dropbox_categories = get_dropbox_categories(); $dropbox_categories = get_dropbox_categories();
// creating the arrays with the categories for the received files and for the sent files // creating the arrays with the categories for the received files and for the sent files
@ -270,7 +260,7 @@ foreach ($dropbox_categories as $category) {
// ACTIONS // ACTIONS
if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) { if ($_GET['view'] == 'received' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('ReceivedFiles').'</h3>'; //echo '<h3>'.get_lang('ReceivedFiles').'</h3>';
// This is for the categories // This is for the categories
@ -280,12 +270,11 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$view_dropbox_category_received = 0; $view_dropbox_category_received = 0;
} }
/* Menu Received */
/* *** Menu Received *** */
if (api_get_session_id() == 0) { if (api_get_session_id() == 0) {
echo '<div class="actions">'; echo '<div class="actions">';
if ($view_dropbox_category_received<>0 && api_is_allowed_to_session_edit(false,true)) { if ($view_dropbox_category_received != 0 && api_is_allowed_to_session_edit(false, true)) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> '; echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n"; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
$movelist[0] = 'Root'; // move_received selectbox content $movelist[0] = 'Root'; // move_received selectbox content
@ -296,7 +285,7 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
} else { } else {
if (api_is_allowed_to_session_edit(false, true)) { if (api_is_allowed_to_session_edit(false, true)) {
echo '<div class="actions">'; echo '<div class="actions">';
if ($view_dropbox_category_received<>0 && api_is_allowed_to_session_edit(false,true)) { if ($view_dropbox_category_received != 0 && api_is_allowed_to_session_edit(false, true)) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> '; echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n"; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
$movelist[0] = 'Root'; // move_received selectbox content $movelist[0] = 'Root'; // move_received selectbox content
@ -307,21 +296,22 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
} }
} }
} }
if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs']==false) {
if (!$_GET['view'] OR $_GET['view'] == 'sent' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('SentFiles').'</h3>'; //echo '<h3>'.get_lang('SentFiles').'</h3>';
// This is for the categories // This is for the categories
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category']<>'') { if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category'] != '') {
$view_dropbox_category_sent = $_GET['view_sent_category']; $view_dropbox_category_sent = $_GET['view_sent_category'];
} else { } else {
$view_dropbox_category_sent = 0; $view_dropbox_category_sent = 0;
} }
/* *** Menu Sent *** */ /* Menu Sent */
if (api_get_session_id() == 0) { if (api_get_session_id() == 0) {
echo '<div class="actions">'; echo '<div class="actions">';
if ($view_dropbox_category_sent<>0) { if ($view_dropbox_category_sent != 0) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> '; echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n"; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
} else { } else {
@ -334,7 +324,7 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
} else { } else {
if (api_is_allowed_to_session_edit(false, true)) { if (api_is_allowed_to_session_edit(false, true)) {
echo '<div class="actions">'; echo '<div class="actions">';
if ($view_dropbox_category_sent<>0) { if ($view_dropbox_category_sent != 0) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> '; echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n"; echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
} else { } else {
@ -346,14 +336,11 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
echo '</div>'; echo '</div>';
} }
} }
} }
/* /*
-----------------------------------------------------------
THE MENU TABS THE MENU TABS
-----------------------------------------------------------
*/ */
if ($dropbox_cnf['sent_received_tabs']) { if ($dropbox_cnf['sent_received_tabs']) {
?> ?>
@ -367,15 +354,13 @@ if ($dropbox_cnf['sent_received_tabs']) {
} }
/* /*
-----------------------------------------------------------
RECEIVED FILES RECEIVED FILES
-----------------------------------------------------------
*/ */
if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) { if ($_GET['view'] == 'received' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('ReceivedFiles').'</h3>'; //echo '<h3>'.get_lang('ReceivedFiles').'</h3>';
// This is for the categories // This is for the categories
if (isset($_GET['view_received_category']) AND $_GET['view_received_category']<>'') { if (isset($_GET['view_received_category']) AND $_GET['view_received_category'] != '') {
$view_dropbox_category_received = $_GET['view_received_category']; $view_dropbox_category_received = $_GET['view_received_category'];
} else { } else {
$view_dropbox_category_received = 0; $view_dropbox_category_received = 0;
@ -394,21 +379,20 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
// the headers of the sortable tables // the headers of the sortable tables
$column_header = array(); $column_header = array();
$column_header[] = array('', false, ''); $column_header[] = array('', false, '');
$column_header[] = array(get_lang('Type'),true,'style="width:40px"'); $column_header[] = array(get_lang('Type'), true, '', 'style="width:40px; text-align:center"');
$column_header[] = array(get_lang('ReceivedTitle'), TRUE, ''); $column_header[] = array(get_lang('ReceivedTitle'), true, '');
$column_header[] = array(get_lang('Size'), TRUE, ''); $column_header[] = array(get_lang('Size'), true, '');
$column_header[] = array(get_lang('Authors'), TRUE, ''); $column_header[] = array(get_lang('Authors'), true, '');
$column_header[] = array(get_lang('LastResent'), true); $column_header[] = array(get_lang('LastResent'), true);
if (api_get_session_id()==0) if (api_get_session_id() == 0) {
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"'); $column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
elseif (api_is_allowed_to_session_edit(false,true)){ } elseif (api_is_allowed_to_session_edit(false,true)) {
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"'); $column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
} }
$column_header[] = array('RealDate', true); $column_header[] = array('RealDate', true);
// An array with the setting of the columns -> 1: columns that we will show, 0:columns that will be hide // An array with the setting of the columns -> 1: columns that we will show, 0:columns that will be hide
$column_show[] = 1; $column_show[] = 1;
$column_show[] = 1; $column_show[] = 1;
@ -417,9 +401,9 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$column_show[] = 1; $column_show[] = 1;
$column_show[] = 1; $column_show[] = 1;
if (api_get_session_id()==0) if (api_get_session_id() == 0) {
$column_show[] = 1; $column_show[] = 1;
elseif (api_is_allowed_to_session_edit(false,true)){ } elseif (api_is_allowed_to_session_edit(false, true)) {
$column_show[] = 1; $column_show[] = 1;
} }
$column_show[] = 0; $column_show[] = 0;
@ -437,8 +421,6 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$column_order[] = 7; $column_order[] = 7;
$column_order[] = 8; $column_order[] = 8;
// the content of the sortable table = the received files // the content of the sortable table = the received files
foreach ($dropbox_person -> receivedWork as $dropbox_file) { foreach ($dropbox_person -> receivedWork as $dropbox_file) {
$dropbox_file_data = array(); $dropbox_file_data = array();
@ -455,30 +437,29 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$new_icon = '&nbsp;'.Display::return_icon('new.gif', get_lang('New')); $new_icon = '&nbsp;'.Display::return_icon('new.gif', get_lang('New'));
} }
$dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title); $dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title);
$dropbox_file_data[]='<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Download'), array('style'=>'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a>'.$new_icon.'<br>'.$dropbox_file->description; $dropbox_file_data[] = '<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Download'), array('style' => 'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a>'.$new_icon.'<br />'.$dropbox_file->description;
$dropbox_file_data[] = ceil(($dropbox_file->filesize) / 1024).' '.get_lang('kB'); $dropbox_file_data[] = ceil(($dropbox_file->filesize) / 1024).' '.get_lang('kB');
$dropbox_file_data[] = $dropbox_file->author; $dropbox_file_data[] = $dropbox_file->author;
//$dropbox_file_data[] = $dropbox_file->description; //$dropbox_file_data[] = $dropbox_file->description;
$dropbox_file_data[]=date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>'; $dropbox_file_data[] = date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br /><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
$action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').' $action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').'
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a> <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a> <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>'; <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
//$action_icons=' <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer.gif',get_lang('Move')).'</a> //$action_icons=' <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer.gif',get_lang('Move')).'</a>
// <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>'; // <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
// this is a hack to have an additional row in a sortable table // this is a hack to have an additional row in a sortable table
if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id == $_GET['id']) { if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id == $_GET['id']) {
$action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table $action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table
$action_icons .= '<tr><td colspan="2"><a href="index.php?"'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n"; $action_icons .= '<tr><td colspan="2"><a href="index.php?"'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n";
} }
if (api_get_session_id()==0) if (api_get_session_id() == 0) {
$dropbox_file_data[] = $action_icons; $dropbox_file_data[] = $action_icons;
elseif (api_is_allowed_to_session_edit(false,true)){ } elseif (api_is_allowed_to_session_edit(false, true)) {
$dropbox_file_data[] = $action_icons; $dropbox_file_data[] = $action_icons;
} }
$action_icons = ''; $action_icons = '';
@ -489,8 +470,6 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
} }
} }
// the content of the sortable table = the categories (if we are not in the root) // the content of the sortable table = the categories (if we are not in the root)
if ($view_dropbox_category_received == 0) { if ($view_dropbox_category_received == 0) {
foreach ($dropbox_categories as $category) { // note: this can probably be shortened since the categories for the received files are already in the $dropbox_received_category array; foreach ($dropbox_categories as $category) { // note: this can probably be shortened since the categories for the received files are already in the $dropbox_received_category array;
@ -505,7 +484,7 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$dropbox_category_data[] = ''; $dropbox_category_data[] = '';
$dropbox_category_data[] = ''; $dropbox_category_data[] = '';
$dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&amp;id='.$category['cat_id'].'">'.Display::return_icon('edit.gif',get_lang('Edit')).'</a> $dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&amp;id='.$category['cat_id'].'">'.Display::return_icon('edit.gif',get_lang('Edit')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedcategory&amp;id='.$category['cat_id'].'" onclick="return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>'; <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedcategory&amp;id='.$category['cat_id'].'" onclick="javascript: return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
} }
if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) { if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) {
$dropbox_data_recieved[] = $dropbox_category_data; $dropbox_data_recieved[] = $dropbox_category_data;
@ -521,24 +500,22 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
} }
} }
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
$selectlist = array(); $selectlist = array();
} }
Display::display_sortable_config_table($column_header, $dropbox_data_recieved, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist); Display::display_sortable_config_table($column_header, $dropbox_data_recieved, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist);
} }
/* /*
-----------------------------------------------------------
SENT FILES SENT FILES
-----------------------------------------------------------
*/ */
if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs']==false) {
if (!$_GET['view'] OR $_GET['view'] == 'sent' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('SentFiles').'</h3>'; //echo '<h3>'.get_lang('SentFiles').'</h3>';
// This is for the categories // This is for the categories
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category']<>'') { if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category'] != '') {
$view_dropbox_category_sent = $_GET['view_sent_category']; $view_dropbox_category_sent = $_GET['view_sent_category'];
} else { } else {
$view_dropbox_category_sent = 0; $view_dropbox_category_sent = 0;
@ -558,20 +535,19 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$column_header = array(); $column_header = array();
$column_header[] = array('', false, ''); $column_header[] = array('', false, '');
$column_header[] = array(get_lang('Type'),true,'style="width:40px"','style="text-align:center"'); $column_header[] = array(get_lang('Type'), true, '', 'style="width:40px; text-align:center"');
$column_header[] = array(get_lang('SentTitle'), TRUE, ''); $column_header[] = array(get_lang('SentTitle'), true, '');
$column_header[] = array(get_lang('Size'), TRUE, ''); $column_header[] = array(get_lang('Size'), true, '');
$column_header[] = array(get_lang('SentTo'), TRUE, ''); $column_header[] = array(get_lang('SentTo'), true, '');
$column_header[] = array(get_lang('LastResent'), TRUE, ''); $column_header[] = array(get_lang('LastResent'), true, '');
if (api_get_session_id()==0) if (api_get_session_id() == 0) {
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"'); $column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
elseif (api_is_allowed_to_session_edit(false,true)){ } elseif (api_is_allowed_to_session_edit(false, true)) {
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"'); $column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
} }
$column_header[] = array('RealDate', false);
$column_header[] = array('RealDate', FALSE);
$column_show = array(); $column_show = array();
$column_order = array(); $column_order = array();
@ -583,9 +559,9 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$column_show[] = 1; $column_show[] = 1;
$column_show[] = 1; $column_show[] = 1;
$column_show[] = 1; $column_show[] = 1;
if (api_get_session_id()==0) if (api_get_session_id() == 0) {
$column_show[] = 1; $column_show[] = 1;
elseif (api_is_allowed_to_session_edit(false,true)){ } elseif (api_is_allowed_to_session_edit(false, true)) {
$column_show[] = 1; $column_show[] = 1;
} }
$column_show[] = 0; $column_show[] = 0;
@ -610,26 +586,25 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
if ($view_dropbox_category_sent == $dropbox_file->category) { if ($view_dropbox_category_sent == $dropbox_file->category) {
$dropbox_file_data[] = $dropbox_file->id; $dropbox_file_data[] = $dropbox_file->id;
$dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title); $dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title);
$dropbox_file_data[]='<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif',get_lang('Save'), array('style'=>'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a><br>'.$dropbox_file->description; $dropbox_file_data[] = '<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Save'), array('style' => 'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a><br />'.$dropbox_file->description;
$dropbox_file_data[] = ceil(($dropbox_file->filesize)/1024).' '.get_lang('kB'); $dropbox_file_data[] = ceil(($dropbox_file->filesize)/1024).' '.get_lang('kB');
foreach ($dropbox_file->recipients as $recipient) { foreach ($dropbox_file->recipients as $recipient) {
$receivers_celldata = display_user_link_work($recipient['user_id'], $recipient['name']).', '.$receivers_celldata; $receivers_celldata = display_user_link_work($recipient['user_id'], $recipient['name']).', '.$receivers_celldata;
} }
$receivers_celldata = trim(trim($receivers_celldata), ','); // Removing the trailing comma. $receivers_celldata = trim(trim($receivers_celldata), ','); // Removing the trailing comma.
$dropbox_file_data[] = $receivers_celldata; $dropbox_file_data[] = $receivers_celldata;
$dropbox_file_data[]=date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>'; $dropbox_file_data[] = date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br /><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
//$dropbox_file_data[] = $dropbox_file->author; //$dropbox_file_data[] = $dropbox_file->author;
$receivers_celldata = ''; $receivers_celldata = '';
$action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').' $action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').'
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a> <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movesent&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a> <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movesent&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>'; <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
// this is a hack to have an additional row in a sortable table // this is a hack to have an additional row in a sortable table
if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id==$_GET['id']) { if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id==$_GET['id']) {
$action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table $action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table
$action_icons .= "<tr>\n\t<td colspan=\"2\"><a href=\"index.php?".api_get_cidreq()."&view_received_category=".Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n"; $action_icons .= "<tr>\n\t<td colspan=\"2\"><a href=\"index.php?".api_get_cidreq()."&view_received_category=".Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n";
} }
$dropbox_file_data[] = $action_icons; $dropbox_file_data[] = $action_icons;
$dropbox_file_data[] = $dropbox_file->last_upload_date; $dropbox_file_data[] = $dropbox_file->last_upload_date;
@ -652,7 +627,7 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$dropbox_category_data[] = ''; $dropbox_category_data[] = '';
$dropbox_category_data[] = ''; $dropbox_category_data[] = '';
$dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&id='.$category['cat_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a> $dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&id='.$category['cat_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentcategory&amp;id='.$category['cat_id'].'" onclick="return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>'; <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentcategory&amp;id='.$category['cat_id'].'" onclick="javascript: return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
} }
if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) { if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) {
$dropbox_data_sent[] = $dropbox_category_data; $dropbox_data_sent[] = $dropbox_category_data;
@ -662,10 +637,12 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
// Displaying the table // Displaying the table
$additional_get_parameters = array('view' => Security::remove_XSS($_GET['view']), 'view_received_category' => Security::remove_XSS($_GET['view_received_category']), 'view_sent_category' => Security::remove_XSS($_GET['view_sent_category'])); $additional_get_parameters = array('view' => Security::remove_XSS($_GET['view']), 'view_received_category' => Security::remove_XSS($_GET['view_received_category']), 'view_sent_category' => Security::remove_XSS($_GET['view_sent_category']));
$selectlist = array('delete_received' => get_lang('Delete'), 'download_received' => get_lang('Download')); $selectlist = array('delete_received' => get_lang('Delete'), 'download_received' => get_lang('Download'));
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
$selectlist = array('download_received' => get_lang('Download')); $selectlist = array('download_received' => get_lang('Download'));
} }
Display::display_sortable_config_table($column_header, $dropbox_data_sent, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist); Display::display_sortable_config_table($column_header, $dropbox_data_sent, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist);
} }
} }
Display::display_footer(); Display::display_footer();

Write Preview
Loading…
Cancel
Save