chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #272 - The Dropbox tool code - cosmetic changes before abandonning it.

Browse Source
skala
Ivan Tcholakov 16 years ago
parent 2ba6154ecc
commit 7b8738101a
8 changed files with 1300 additions and 1788 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 141
      main/dropbox/dropbox_class.inc.php
  2. 48
      main/dropbox/dropbox_config.inc.php
  3. 222
      main/dropbox/dropbox_download.php
  4. 648
      main/dropbox/dropbox_functions.inc.php
  5. 145
      main/dropbox/dropbox_init.inc.php
  6. 552
      main/dropbox/dropbox_submit.php
  7. 7
      main/dropbox/dropbox_zipdownload.inc.php
  8. 187
      main/dropbox/index.php

141
main/dropbox/dropbox_class.inc.php
Unescape View File

@ -1,11 +1,11 @@
<?php //$id: $
<?php
/* For licensing terms, see /license.txt */
/**
* Dropbox module for Dokeos
* Dropbox module for Chamilo
* Classes for the dropbox module.
*
* 3 classes are defined:
* 3 classes have been defined:
* - Dropbox_Work:
* . id
* . uploader_id => who sent it // RH: Mailing: or mailing pseudo_id
@ -105,23 +105,23 @@ class Dropbox_Work {
$this->title = $title;
$this->description = $description;
$this->author = api_get_person_name($_user['firstName'], $_user['lastName']);
$this->last_upload_date = date("Y-m-d H:i:s",time());
$this->last_upload_date = date('Y-m-d H:i:s', time());
// Check if object exists already. If it does, the old object is used
// with updated information (authors, descriptio, upload_date)
$this->isOldWork = FALSE;
$this->isOldWork = false;
$sql = "SELECT id, upload_date
FROM ".$dropbox_cnf["tbl_file"]."
FROM ".$dropbox_cnf['tbl_file']."
WHERE filename = '".Database::escape_string($this->filename)."'";
$result = Database::query($sql);
$res = Database::fetch_array($result);
if ($res != FALSE) {
$this->isOldWork = TRUE;
if ($res != false) {
$this->isOldWork = true;
}
// insert or update the dropbox_file table and set the id property
// Insert or update the dropbox_file table and set the id property
if ($this->isOldWork) {
$this->id = $res["id"];
$this->upload_date = $res["upload_date"];
$this->id = $res['id'];
$this->upload_date = $res['upload_date'];
$sql = "UPDATE ".$dropbox_cnf["tbl_file"]."
SET filesize = '".Database::escape_string($this->filesize)."'
, title = '".Database::escape_string($this->title)."'
@ -132,7 +132,7 @@ class Dropbox_Work {
$result = Database::query($sql);
} else {
$this->upload_date = $this->last_upload_date;
$sql="INSERT INTO ".$dropbox_cnf["tbl_file"]."
$sql = "INSERT INTO ".$dropbox_cnf['tbl_file']."
(uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, session_id)
VALUES ('".Database::escape_string($this->uploader_id)."'
, '".Database::escape_string($this->filename)."'
@ -149,8 +149,8 @@ class Dropbox_Work {
$this->id = Database::insert_id(); //get automatically inserted id
}
// insert entries into person table
$sql="INSERT INTO ".$dropbox_cnf["tbl_person"]."
// Insert entries into person table
$sql = "INSERT INTO ".$dropbox_cnf['tbl_person']."
(file_id, user_id)
VALUES ('".Database::escape_string($this->id)."'
, '".Database::escape_string($this->uploader_id)."'
@ -172,15 +172,15 @@ class Dropbox_Work {
// get the data from DB
$sql = "SELECT uploader_id, filename, filesize, title, description, author, upload_date, last_upload_date, cat_id
FROM ".$dropbox_cnf["tbl_file"]."
FROM ".$dropbox_cnf['tbl_file']."
WHERE id='".Database::escape_string($id)."'";
$result = Database::query($sql);
$res = Database::fetch_array($result, 'ASSOC');
// Check if uploader is still in Dokeos system
$uploader_id = stripslashes($res["uploader_id"]);
$uploader_id = stripslashes($res['uploader_id']);
$uploaderName = getUserNameFromId($uploader_id);
if ($uploaderName == FALSE) {
if (!$uploaderName) {
//deleted user
$this->uploader_id = -1;
$this->uploaderName = get_lang('Unknown', '');
@ -191,19 +191,19 @@ class Dropbox_Work {
// Fill in properties
$this->id = $id;
$this->filename = stripslashes($res["filename"]);
$this->filesize = stripslashes($res["filesize"]);
$this->title = stripslashes($res["title"]);
$this->description = stripslashes($res["description"]);
$this->author = stripslashes($res["author"]);
$this->upload_date = stripslashes($res["upload_date"]);
$this->last_upload_date = stripslashes($res["last_upload_date"]);
$this->filename = stripslashes($res['filename']);
$this->filesize = stripslashes($res['filesize']);
$this->title = stripslashes($res['title']);
$this->description = stripslashes($res['description']);
$this->author = stripslashes($res['author']);
$this->upload_date = stripslashes($res['upload_date']);
$this->last_upload_date = stripslashes($res['last_upload_date']);
$this->category = $res['cat_id'];
// Getting the feedback on the work.
if ($_GET['action'] == 'viewfeedback' AND $this->id == $_GET['id']) {
$feedback2 = array();
$sql_feedback = "SELECT * FROM ".$dropbox_cnf["tbl_feedback"]." WHERE file_id='".$id."' ORDER BY feedback_id ASC";
$sql_feedback = "SELECT * FROM ".$dropbox_cnf['tbl_feedback']." WHERE file_id='".$id."' ORDER BY feedback_id ASC";
$result = Database::query($sql_feedback);
while ($row_feedback = Database::fetch_array($result)) {
$row_feedback['feedback'] = Security::remove_XSS($row_feedback['feedback']);
@ -214,12 +214,11 @@ class Dropbox_Work {
/*
// RH: Feedback
$result = Database::query("SELECT feedback_date, feedback, cat_id FROM ".
dropbox_cnf("tbl_post")." WHERE dest_user_id='".$_user['user_id'].
dropbox_cnf('tbl_post')." WHERE dest_user_id='".$_user['user_id'].
"' AND file_id='".$id."'");
if ($res = Database::fetch_array($result))
{
$this->feedback_date = $res["feedback_date"];
$this->feedback = $res["feedback"];
if ($res = Database::fetch_array($result)) {
$this->feedback_date = $res['feedback_date'];
$this->feedback = $res['feedback'];
$this->category = $res['cat_id'];
} // do not fail if there is no recipient = current user...*/
}
@ -227,7 +226,7 @@ class Dropbox_Work {
class Dropbox_SentWork extends Dropbox_Work
{
public $recipients; //array of ["id"]["name"] arrays
public $recipients; //array of ['id']['name'] arrays
/**
* Constructor calls private functions to create a new work or retreive an existing work from DB
@ -270,11 +269,13 @@ class Dropbox_SentWork extends Dropbox_Work
// The sanity check for ex-coursemembers is already done in base constructor
settype($uploader_id, 'integer') or die(get_lang('GeneralError').' (code 208)'); //set $uploader_id to correct type
$justSubmit = FALSE; // RH: mailing zip-file or just upload
$justSubmit = false; // RH: mailing zip-file or just upload
if ( is_int($recipient_ids)) {
$justSubmit = TRUE; $recipient_ids = array($recipient_ids + $this->id);
$justSubmit = true;
$recipient_ids = array($recipient_ids + $this->id);
} elseif ( count($recipient_ids) == 0) { // RH: Just Upload
$justSubmit = TRUE; $recipient_ids = array($uploader_id);
$justSubmit = true;
$recipient_ids = array($uploader_id);
}
if (! is_array($recipient_ids) || count($recipient_ids) == 0) {
die(get_lang('GeneralError').' (code 209)');
@ -283,37 +284,37 @@ class Dropbox_SentWork extends Dropbox_Work
if (empty($rec)) die(get_lang('GeneralError').' (code 210)');
//if (!isCourseMember($rec)) die(); //cannot sent document to someone outside of course
//this check is done when validating submitted data
$this->recipients[] = array("id"=>$rec, "name"=>getUserNameFromId($rec));
$this->recipients[] = array('id' => $rec, 'name' => getUserNameFromId($rec));
}
// insert data in dropbox_post and dropbox_person table for each recipient
// Insert data in dropbox_post and dropbox_person table for each recipient
foreach ($this->recipients as $rec) {
$sql="INSERT INTO ".$dropbox_cnf["tbl_post"]."
$sql = "INSERT INTO ".$dropbox_cnf['tbl_post']."
(file_id, dest_user_id, session_id)
VALUES ('".Database::escape_string($this->id)."', '".Database::escape_string($rec["id"])."', ".intval($_SESSION['id_session']).")";
VALUES ('".Database::escape_string($this->id)."', '".Database::escape_string($rec['id'])."', ".intval($_SESSION['id_session']).")";
$result = Database::query($sql); //if work already exists no error is generated
//insert entries into person table
$sql="INSERT INTO ".$dropbox_cnf["tbl_person"]."
// Insert entries into person table
$sql = "INSERT INTO ".$dropbox_cnf['tbl_person']."
(file_id, user_id)
VALUES ('".Database::escape_string($this->id)."'
, '".Database::escape_string($rec["id"])."'
, '".Database::escape_string($rec['id'])."'
)";
// RH: do not add recipient in person table if mailing zip or just upload
if (!$justSubmit) {
$result = Database::query($sql); //if work already exists no error is generated
}
//update item_property (previously last_tooledit) table for each recipient
// Update item_property (previously last_tooledit) table for each recipient
global $_course, $dropbox_cnf;
if (($ownerid = $this->uploader_id) > $dropbox_cnf["mailingIdBase"]) {
if (($ownerid = $this->uploader_id) > $dropbox_cnf['mailingIdBase']) {
$ownerid = getUserOwningThisMailing($ownerid);
}
if (($recipid = $rec["id"]) > $dropbox_cnf["mailingIdBase"]) {
if (($recipid = $rec["id"]) > $dropbox_cnf['mailingIdBase']) {
$recipid = $ownerid; // mailing file recipient = mailing id, not a person
}
api_item_property_update($_course, TOOL_DROPBOX, $this->id, "DropboxFileAdded", $ownerid, NULL, $recipid) ;
api_item_property_update($_course, TOOL_DROPBOX, $this->id, 'DropboxFileAdded', $ownerid, null, $recipid) ;
}
}
@ -333,19 +334,19 @@ class Dropbox_SentWork extends Dropbox_Work
// Fill in recipients array/
$this->recipients = array(); // RH: Feedback: added to SELECT
$sql = "SELECT dest_user_id, feedback_date, feedback
FROM ".$dropbox_cnf["tbl_post"]."
FROM ".$dropbox_cnf['tbl_post']."
WHERE file_id='".Database::escape_string($id)."'";
$result = Database::query($sql);
while ($res = Database::fetch_array($result)) {
// check for deleted users
$dest_user_id = $res["dest_user_id"];
$dest_user_id = $res['dest_user_id'];
$recipientName = getUserNameFromId($dest_user_id);
//$this->category = $res['cat_id'];
if ($recipientName == FALSE) {
$this->recipients[] = array("id"=>-1, "name"=> get_lang('Unknown', ''));
if (!$recipientName) {
$this->recipients[] = array('id' => -1, 'name' => get_lang('Unknown', ''));
} else {
$this->recipients[] = array("id"=>$dest_user_id, "name"=>$recipientName, "user_id"=>$dest_user_id,
"feedback_date"=>$res["feedback_date"], "feedback"=>$res["feedback"]); // RH: Feedback
$this->recipients[] = array('id' => $dest_user_id, 'name' => $recipientName, 'user_id' => $dest_user_id,
'feedback_date' => $res['feedback_date'], 'feedback' => $res['feedback']); // RH: Feedback
}
}
}
@ -356,8 +357,8 @@ class Dropbox_Person
public $receivedWork; //array of Dropbox_Work objects
public $sentWork; //array of Dropbox_SentWork objects
public $userId = 0;
public $isCourseAdmin = FALSE;
public $isCourseTutor = FALSE;
public $isCourseAdmin = false;
public $isCourseTutor = false;
public $_orderBy = ''; //private property that determines by which field
//the receivedWork and the sentWork arrays are sorted
@ -396,7 +397,7 @@ class Dropbox_Person
$result = Database::query($sql);
while ($res = Database::fetch_array($result)) {
$temp = new Dropbox_Work($res["file_id"]);
$temp = new Dropbox_Work($res['file_id']);
$temp -> category = $res['cat_id'];
$this->receivedWork[] = $temp;
}
@ -412,7 +413,7 @@ class Dropbox_Person
$result = Database::query($sql);
while ($res = Database::fetch_array($result)) {
$this->sentWork[] = new Dropbox_SentWork($res["id"]);
$this->sentWork[] = new Dropbox_SentWork($res['id']);
}
}
@ -476,7 +477,7 @@ class Dropbox_Person
$this->_orderBy = 'last_upload_date';
} // switch
usort($this->sentWork, array($this,"_cmpWork")); //this calls the _cmpWork method
usort($this->sentWork, array($this, '_cmpWork')); //this calls the _cmpWork method
}
/**
@ -508,7 +509,7 @@ class Dropbox_Person
$this->_orderBy = 'last_upload_date';
} // switch
usort($this->receivedWork, array($this,"_cmpWork")); //this calls the _cmpWork method
usort($this->receivedWork, array($this, '_cmpWork')); //this calls the _cmpWork method
}
/**
@ -519,7 +520,7 @@ class Dropbox_Person
global $dropbox_cnf;
//delete entries in person table concerning received works
foreach ($this->receivedWork as $w) {
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
}
removeUnusedFiles(); //check for unused files
@ -532,14 +533,15 @@ class Dropbox_Person
global $dropbox_cnf;
$id = intval($id);
$sql = "DELETE FROM ".$dropbox_cnf["tbl_file"]." where cat_id = '".$id."' ";
$sql = "DELETE FROM ".$dropbox_cnf['tbl_file']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf["tbl_category"]." where cat_id = '".$id."' ";
$sql = "DELETE FROM ".$dropbox_cnf['tbl_category']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false;
$sql = "DELETE FROM ".$dropbox_cnf["tbl_post"]." where cat_id = '".$id."' ";
$sql = "DELETE FROM ".$dropbox_cnf['tbl_post']." where cat_id = '".$id."' ";
if (!Database::query($sql)) return false;
return true;
}
/**
* Deletes a received dropbox file of this person with id=$id
*
@ -562,7 +564,7 @@ class Dropbox_Person
}
}
//delete entries in person table concerning received works
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
removeUnusedFiles(); //check for unused files
}
@ -573,7 +575,7 @@ class Dropbox_Person
global $dropbox_cnf;
//delete entries in person table concerning sent works
foreach ($this->sentWork as $w) {
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$w->id."'");
removeMoreIfMailing($w->id); // RH: Mailing: see init1
}
removeUnusedFiles(); //check for unused files
@ -603,7 +605,7 @@ class Dropbox_Person
}
//$file_id = $this->sentWork[$index]->id; // RH: Mailing
//delete entries in person table concerning sent works
Database::query("DELETE FROM ".$dropbox_cnf["tbl_person"]." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
Database::query("DELETE FROM ".$dropbox_cnf['tbl_person']." WHERE user_id='".$this->userId."' AND file_id='".$id."'");
removeMoreIfMailing($id); // RH: Mailing: see init1
removeUnusedFiles(); //check for unused files
}
@ -631,22 +633,23 @@ class Dropbox_Person
die(get_lang('GeneralError').' (code 221)');
}
$feedback_date = date("Y-m-d H:i:s",time());
$feedback_date = date('Y-m-d H:i:s', time());
$this->receivedWork[$wi]->feedback_date = $feedback_date;
$this->receivedWork[$wi]->feedback = $text;
Database::query("UPDATE ".$dropbox_cnf["tbl_post"]." SET feedback_date='".
Database::query("UPDATE ".$dropbox_cnf['tbl_post']." SET feedback_date='".
Database::escape_string($feedback_date)."', feedback='".Database::escape_string($text).
"' WHERE dest_user_id='".$this->userId."' AND file_id='".$id."'");
//update item_property (previously last_tooledit) table
if (($ownerid = $this->receivedWork[$wi]->uploader_id) > $dropbox_cnf["mailingIdBase"]) {
if (($ownerid = $this->receivedWork[$wi]->uploader_id) > $dropbox_cnf['mailingIdBase']) {
$ownerid = getUserOwningThisMailing($ownerid);
}
api_item_property_update($_course, TOOL_DROPBOX, $this->receivedWork[$wi]->id, "DropboxFileUpdated", $this->userId, NULL, $ownerid) ;
api_item_property_update($_course, TOOL_DROPBOX, $this->receivedWork[$wi]->id, 'DropboxFileUpdated', $this->userId, null, $ownerid) ;
}
/**
* Filter the received work
* @param string $type
@ -660,7 +663,7 @@ class Dropbox_Person
switch ($type) {
case 'uploader_id':
if ($work->uploader_id == $value ||
($work->uploader_id > $dropbox_cnf["mailingIdBase"] &&
($work->uploader_id > $dropbox_cnf['mailingIdBase'] &&
getUserOwningThisMailing($work->uploader_id) == $value)) {
$new_received_work[] = $work;
}

48
main/dropbox/dropbox_config.inc.php
Unescape View File

@ -1,17 +1,13 @@
<?php //$id: $
/* For licensing terms, see /dokeos_license.txt */
<?php
/* For licensing terms, see /license.txt */
/**
* --------------------------------------
* DEBUGGING VARS
* --------------------------------------
*/
$DEBUG = TRUE;
$DEBUG = false;
/**
* --------------------------------------
* DATABASE TABLE VARIABLES
* --------------------------------------
*/
$dropbox_cnf['tbl_post'] = Database::get_course_table(TABLE_DROPBOX_POST);
$dropbox_cnf['tbl_file'] = Database::get_course_table(TABLE_DROPBOX_FILE);
@ -23,33 +19,29 @@ $dropbox_cnf['tbl_category'] = Database::get_course_table(TABLE_DROPBOX_CATEGOR
$dropbox_cnf['tbl_feedback'] = Database::get_course_table(TABLE_DROPBOX_FEEDBACK);
/**
* --------------------------------------
* INITIALISE OTHER VARIABLES & CONSTANTS
* --------------------------------------
*/
$dropbox_cnf["courseId"] = $_cid;
$dropbox_cnf["sysPath"] = api_get_path('SYS_COURSE_PATH') . $_course["path"] . "/dropbox"; //path to dropbox subdir in course containing the uploaded files
$dropbox_cnf["webPath"] = api_get_path('WEB_COURSE_PATH') . $_course["path"] . "/dropbox";
$dropbox_cnf["maxFilesize"] = api_get_setting("dropbox_max_filesize"); //file size limit as imposed by the platform admin (see Dokeos Config Settings on the platform administration section)
//$dropbox_cnf["version"] = "1.4";
$dropbox_cnf["allowOverwrite"] = string_2_boolean(api_get_setting("dropbox_allow_overwrite"));
$dropbox_cnf["allowJustUpload"] = string_2_boolean(api_get_setting("dropbox_allow_just_upload"));
$dropbox_cnf["allowStudentToStudent"] = string_2_boolean(api_get_setting("dropbox_allow_student_to_student"));
$dropbox_cnf["allowGroup"] = string_2_boolean(api_get_setting("dropbox_allow_group"));
$dropbox_cnf['courseId'] = $_cid;
$dropbox_cnf['sysPath'] = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/dropbox'; //path to dropbox subdir in course containing the uploaded files
$dropbox_cnf['webPath'] = api_get_path('WEB_COURSE_PATH') . $_course['path'] . '/dropbox';
$dropbox_cnf['maxFilesize'] = api_get_setting('dropbox_max_filesize'); //file size limit as imposed by the platform admin (see Dokeos Config Settings on the platform administration section)
//$dropbox_cnf['version'] = '1.4';
$dropbox_cnf['allowOverwrite'] = string_2_boolean(api_get_setting('dropbox_allow_overwrite'));
$dropbox_cnf['allowJustUpload'] = string_2_boolean(api_get_setting('dropbox_allow_just_upload'));
$dropbox_cnf['allowStudentToStudent'] = string_2_boolean(api_get_setting('dropbox_allow_student_to_student'));
$dropbox_cnf['allowGroup'] = string_2_boolean(api_get_setting('dropbox_allow_group'));
/**
* --------------------------------------
* RH: INITIALISE MAILING VARIABLES
* --------------------------------------
*/
$dropbox_cnf["allowMailing"] = string_2_boolean(api_get_setting("dropbox_allow_mailing")); // false = no mailing functionality
$dropbox_cnf["mailingIdBase"] = 10000000; // bigger than any user_id,
$dropbox_cnf['allowMailing'] = string_2_boolean(api_get_setting('dropbox_allow_mailing')); // false = no mailing functionality
$dropbox_cnf['mailingIdBase'] = 10000000; // bigger than any user_id,
// allowing enough space for pseudo_ids as uploader_id, dest_user_id, user_id:
// mailing pseudo_id = dropbox_cnf("mailingIdBase") + mailing id
$dropbox_cnf["mailingZipRegexp"] = '/^(.*)(STUDENTID|USERID|LOGINNAME)(.*)\.ZIP$/i';
$dropbox_cnf["mailingWhereSTUDENTID"] = "official_code";
$dropbox_cnf["mailingWhereUSERID"] = "username";
$dropbox_cnf["mailingWhereLOGINNAME"] = "username";
$dropbox_cnf["mailingFileRegexp"] = '/^(.+)\.\w{1,4}$/';
// mailing pseudo_id = dropbox_cnf('mailingIdBase') + mailing id
$dropbox_cnf['mailingZipRegexp'] = '/^(.*)(STUDENTID|USERID|LOGINNAME)(.*)\.ZIP$/i';
$dropbox_cnf['mailingWhereSTUDENTID'] = 'official_code';
$dropbox_cnf['mailingWhereUSERID'] = 'username';
$dropbox_cnf['mailingWhereLOGINNAME'] = 'username';
$dropbox_cnf['mailingFileRegexp'] = '/^(.+)\.\w{1,4}$/';
$dropbox_cnf['sent_received_tabs'] = true;

222
main/dropbox/dropbox_download.php
Unescape View File

@ -1,14 +1,12 @@
<?php //$id: $
<?php
/* For licensing terms, see /license.txt */
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// we cannot use dropbox_init.inc.php because this one already outputs data.
//name of langfile
// name of the language file that needs to be included
$language_file = "dropbox";
// We cannot use dropbox_init.inc.php because this one already outputs data.
$language_file = 'dropbox';
// including the basic Dokeos initialisation file
require_once '../inc/global.inc.php';
@ -22,35 +20,29 @@ require_once 'dropbox_functions.inc.php';
// the dropbox class
require_once 'dropbox_class.inc.php';
//
require_once api_get_path(LIBRARY_PATH).'/document.lib.php';
/*
==============================================================================
DOWNLOAD A FOLDER
==============================================================================
*/
if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=='downloadcategory' AND isset($_GET['sent_received']) )
{
if (isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action'] == 'downloadcategory' AND isset($_GET['sent_received'])) {
// step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table
// dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored
// in dropbox_person (which stores the link file-person)
// Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a
// received category)
if ($_GET['sent_received']=='sent')
{
if ($_GET['sent_received'] == 'sent') {
// here we also incorporate the person table to make sure that deleted sent documents are not included.
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf["tbl_file"]." file, ".$dropbox_cnf["tbl_person"]." person
$sql = "SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf['tbl_file']." file, ".$dropbox_cnf['tbl_person']." person
WHERE file.uploader_id='".Database::escape_string($_user['user_id'])."'
AND file.cat_id='".Database::escape_string($_GET['cat_id'])."'
AND person.user_id='".Database::escape_string($_user['user_id'])."'
AND person.file_id=file.id
" ;
}
if ($_GET['sent_received']=='received')
{
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf["tbl_file"]." file, ".$dropbox_cnf["tbl_person"]." person, ".$dropbox_cnf["tbl_post"]." post
if ($_GET['sent_received'] == 'received') {
$sql = "SELECT DISTINCT file.id, file.filename, file.title FROM ".$dropbox_cnf['tbl_file']." file, ".$dropbox_cnf['tbl_person']." person, ".$dropbox_cnf['tbl_post']." post
WHERE post.cat_id='".Database::escape_string($_GET['cat_id'])."'
AND person.user_id='".Database::escape_string($_user['user_id'])."'
AND person.file_id=file.id
@ -58,13 +50,11 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
" ;
}
$result = Database::query($sql);
while ($row=Database::fetch_array($result))
{
while ($row = Database::fetch_array($result)) {
$files_to_download[] = $row['id'];
}
if (!is_array($files_to_download) OR empty($files_to_download))
{
header ("location: index.php?view=".Security::remove_XSS($_GET['sent_received'])."&error=ErrorNoFilesInFolder");
if (!is_array($files_to_download) OR empty($files_to_download)) {
header('location: index.php?view='.Security::remove_XSS($_GET['sent_received']).'&error=ErrorNoFilesInFolder');
exit;
}
zip_download($files_to_download);
@ -72,21 +62,15 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
}
/*
==============================================================================
DOWNLOAD A FILE
==============================================================================
*/
/*
------------------------------------------------------------------------------
AUTHORIZATION
------------------------------------------------------------------------------
*/
// Check if the id makes sense
if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id']))
{
Display::display_header($nameTools,"Dropbox");
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
Display::display_header($nameTools, 'Dropbox');
Display :: display_error_message(get_lang('Error'));
Display::display_footer();
exit;
@ -96,58 +80,46 @@ if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id']))
$allowed_to_download = false;
// Check if the user has sent or received the file.
$sql="SELECT * FROM ".$dropbox_cnf["tbl_person"]." WHERE file_id='".Database::escape_string($_GET['id'])."' AND user_id='".Database::escape_string($_user['user_id'])."'";
$sql = "SELECT * FROM ".$dropbox_cnf['tbl_person']." WHERE file_id='".Database::escape_string($_GET['id'])."' AND user_id='".Database::escape_string($_user['user_id'])."'";
$result = Database::query($sql);
if (Database::num_rows($result)>0)
{
if (Database::num_rows($result) > 0) {
$allowed_to_download = true;
}
/*
------------------------------------------------------------------------------
ERROR IF NOT ALLOWED TO DOWNLOAD
------------------------------------------------------------------------------
*/
if (!$allowed_to_download)
{
Display::display_header($nameTools,"Dropbox");
if (!$allowed_to_download) {
Display::display_header($nameTools, 'Dropbox');
Display :: display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile'));
Display::display_footer();
exit;
}
/*
------------------------------------------------------------------------------
DOWNLOAD THE FILE
------------------------------------------------------------------------------
*/
// the user is allowed to download the file
else
{
else {
$_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][] = intval($_GET['id']);
$work = new Dropbox_work($_GET['id']);
$path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server
$path = dropbox_cnf('sysPath') . '/' . $work -> filename; //path to file as stored on server
$file = $work->title;
require_once api_get_path(LIBRARY_PATH) . '/document.lib.php';
$mimetype = DocumentManager::file_get_mime_type(TRUE);
$mimetype = DocumentManager::file_get_mime_type(true);
$fileparts = explode('.', $file);
$filepartscount = count($fileparts);
if ( ( $filepartscount > 1) && isset( $mimetype[$fileparts [$filepartscount - 1]]) && $_GET['action']<>'download')
{
if (($filepartscount > 1) && isset($mimetype[$fileparts[$filepartscount - 1]]) && $_GET['action'] != 'download') {
// give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n");
}
else
{
header( 'Content-type: ' . $mimetype[$fileparts[$filepartscount - 1]] . "\n");
} else {
//no information about filetype: force a download dialog window in browser
header( "Content-type: application/octet-stream\n");
}
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc','xls','ppt','pps','sxw','sxc','sxi')))
{
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc', 'xls', 'ppt', 'pps', 'sxw', 'sxc', 'sxi'))) {
header('Content-Disposition: inline; filename='.$file); // bugs with open office
}
else
{
} else {
header('Content-Disposition: attachment; filename='.$file);
}
@ -164,13 +136,12 @@ else
header("Cache-Control: public\n"); // IE cannot download from sessions without a cache
/*if ( isset( $_SERVER["HTTPS"]))
{
/*if (isset($_SERVER['HTTPS'])) {
/**
* We need to set the following headers to make downloads work using IE in HTTPS mode.
*
//header( "Pragma: ");
//header( "Cache-Control: ");
//header('Pragma: ');
//header('Cache-Control: ');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n");
header("Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n");
header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
@ -179,30 +150,19 @@ else
header( "Content-Description: " . trim( htmlentities( $file)) . "\n");
header('Content-Description: ' . trim(htmlentities($file)) . "\n");
header("Content-Transfer-Encoding: binary\n");
header("Content-Length: " . filesize($path)."\n" );
$fp = fopen( $path, "rb");
$fp = fopen( $path, 'rb');
fpassthru($fp);
exit();
}
/**
==============================================================================
* Dropbox module for Claroline
* Dropbox module for Chamilo
* handles downloads of files. Direct downloading is prevented because of an .htaccess file in the
* dropbox directory. So everything goes through this script.
*
@ -218,67 +178,67 @@ else
* After searching the only explanation I could find is a problem with the headers:
*
* HEADERS SENT WITH PHP4.3:
* HTTP/1.1<EFBFBD>200<EFBFBD>OK(CR)
* HTTP/1.1 200 OK(CR)
* (LF)
* Date:<EFBFBD>Fri,<EFBFBD>12<EFBFBD>Sep<EFBFBD>2003<EFBFBD>19:07:33<EFBFBD>GMT(CR)
* Date: Fri, 12 Sep 2003 19:07:33 GMT(CR)
* (LF)
* Server:<EFBFBD>Apache/2.0.47<EFBFBD>(Win32)<EFBFBD>PHP/4.3.3(CR)
* Server: Apache/2.0.47 (Win32) PHP/4.3.3(CR)
* (LF)
* X-Powered-By:<EFBFBD>PHP/4.3.3(CR)
* X-Powered-By: PHP/4.3.3(CR)
* (LF)
* Set-Cookie:<EFBFBD>PHPSESSID=06880edcc8363be3f60929576fc1bc6e;<EFBFBD>path=/(CR)
* Set-Cookie: PHPSESSID=06880edcc8363be3f60929576fc1bc6e; path=/(CR)
* (LF)
* Expires:<EFBFBD>Thu,<EFBFBD>19<EFBFBD>Nov<EFBFBD>1981<EFBFBD>08:52:00<EFBFBD>GMT(CR)
* Expires: Thu, 19 Nov 1981 08:52:00 GMT(CR)
* (LF)
* Cache-Control:<EFBFBD>public(CR)
* Cache-Control: public(CR)
* (LF)
* Pragma:<EFBFBD>(CR)
* Pragma: (CR)
* (LF)
* Content-Transfer-Encoding:<EFBFBD>binary(CR)
* Content-Transfer-Encoding: binary(CR)
* (LF)
* Content-Disposition:<EFBFBD>attachment;<EFBFBD>filename=SV-262E4.png(CR)
* Content-Disposition: attachment; filename=SV-262E4.png(CR)
* (LF)
* Content-Length:<EFBFBD>92178(CR)
* Content-Length: 92178(CR)
* (LF)
* Connection:<EFBFBD>close(CR)
* Connection: close(CR)
* (LF)
* Content-Type:<EFBFBD>application/octet-stream(CR)
* Content-Type: application/octet-stream(CR)
* (LF)
* (CR)
* (LF)
*
* HEADERS SENT WITH PHP4.0.4:
* HTTP/1.1<EFBFBD>200<EFBFBD>OK(CR)
* HTTP/1.1 200 OK(CR)
* (LF)
* Date:<EFBFBD>Fri,<EFBFBD>12<EFBFBD>Sep<EFBFBD>2003<EFBFBD>18:28:21<EFBFBD>GMT(CR)
* Date: Fri, 12 Sep 2003 18:28:21 GMT(CR)
* (LF)
* Server:<EFBFBD>Apache/2.0.47<EFBFBD>(Win32)(CR)
* Server: Apache/2.0.47 (Win32)(CR)
* (LF)
* X-Powered-By:<EFBFBD>PHP/4.0.4(CR)
* X-Powered-By: PHP/4.0.4(CR)
* (LF)
* Expires:<EFBFBD>Thu,<EFBFBD>19<EFBFBD>Nov<EFBFBD>1981<EFBFBD>08:52:00<EFBFBD>GMT(CR)
* Expires: Thu, 19 Nov 1981 08:52:00 GMT(CR)
* (LF)
* Cache-Control:<EFBFBD>no-store,<EFBFBD>no-cache,<EFBFBD>must-revalidate,<EFBFBD>post-check=0,<EFBFBD>pre-check=0,<EFBFBD>,<EFBFBD>public(CR)
* Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, , public(CR)
* (LF)
* Pragma:<EFBFBD>no-cache,<EFBFBD>(CR)
* Pragma: no-cache, (CR)
* (LF)
* Content-Disposition:<EFBFBD>attachment;<EFBFBD>filename=SV-262E4.png(CR)
* Content-Disposition: attachment; filename=SV-262E4.png(CR)
* (LF)
* Content-Transfer-Encoding:<EFBFBD>binary(CR)
* Content-Transfer-Encoding: binary(CR)
* (LF)
* Set-Cookie:<EFBFBD>PHPSESSID=0a5b1c1b9d5e3b474fef359ee55e82d0;<EFBFBD>path=/(CR)
* Set-Cookie: PHPSESSID=0a5b1c1b9d5e3b474fef359ee55e82d0; path=/(CR)
* (LF)
* Content-Length:<EFBFBD>92178(CR)
* Content-Length: 92178(CR)
* (LF)
* Connection:<EFBFBD>close(CR)
* Connection: close(CR)
* (LF)
* Content-Type:<EFBFBD>application/octet-stream(CR)
* Content-Type: application/octet-stream(CR)
* (LF)
* (CR)
* (LF)
*
* As you can see the there is a difference in the Cache-Control directive. I suspect that this
* explains the problem. Also take a look at http://bugs.php.net/bug.php?id=16458.
* explains the problem. Also have a look at http://bugs.php.net/bug.php?id=16458.
*
* @version 1.21
* @copyright 2004-2005
@ -286,26 +246,20 @@ else
* @author René Haentjens <rene.haentjens@UGent.be>, several contributions (see RH)
* @author Roan Embrechts, virtual course support
*
* @package dokeos.dropbox
==============================================================================
* @package chamilo.dropbox
*/
/*
==============================================================================
INITIALISING VARIABLES
==============================================================================
*/
require_once( "dropbox_init.inc.php"); //only call init1 because init2 outputs data
require_once( "dropbox_class.inc.php");
require_once 'dropbox_init.inc.php'; //only call init1 because init2 outputs data
require_once 'dropbox_class.inc.php';
/*
==============================================================================
AUTHORISATION SECTION
==============================================================================
*/
if ( !isset( $_user['user_id']) || !$is_course_member )
{
if (!isset($_user['user_id']) || !$is_course_member) {
exit();
}
@ -313,52 +267,41 @@ if ($_GET['mailing']) // RH: Mailing detail window call
getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '500'); // RH or die
/*
==============================================================================
SANITY CHECKS OF GET DATA & FILE
==============================================================================
*/
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) die(get_lang('GeneralError').' (code 501)');
$work = new Dropbox_work($_GET['id']);
$path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server
$path = dropbox_cnf('sysPath') . '/' . $work -> filename; //path to file as stored on server
$file = $work->title;
// check that this file exists and that it doesn't include any special characters
//if (!is_file($path) || ! eregi('^[A-Z0-9_\-][A-Z0-9._\-]*$', $file))
if ( !is_file( $path))
{
if (!is_file($path)) {
die(get_lang('GeneralError').' (code 504)');
}
/*
==============================================================================
SEND HEADERS
==============================================================================
*/
require_once api_get_path(LIBRARY_PATH) . '/document.lib.php';
$mimetype = DocumentManager::file_get_mime_type(TRUE);
$mimetype = DocumentManager::file_get_mime_type(true);
$fileparts = explode('.', $file);
$filepartscount = count($fileparts);
if ( ( $filepartscount > 1) && isset( $mimetype[$fileparts [$filepartscount - 1]]))
{
if (($filepartscount > 1) && isset($mimetype[$fileparts[$filepartscount - 1]])) {
// give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n");
}
else
{
header('Content-type: ' . $mimetype[$fileparts[$filepartscount - 1]] . "\n");
} else {
//no information about filetype: force a download dialog window in browser
header("Content-type: application/octet-stream\n");
}
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc','xls','ppt','pps','sxw','sxc','sxi')))
{
if (!in_array(strtolower($fileparts [$filepartscount - 1]), array('doc', 'xls', 'ppt', 'pps', 'sxw', 'sxc', 'sxi'))) {
header('Content-Disposition: inline; filename='.$file); // bugs with open office
}
else
{
} else {
header('Content-Disposition: attachment; filename='.$file);
}
@ -375,31 +318,27 @@ header( "Cache-Control: \n");
header( "Cache-Control: public\n"); // IE cannot download from sessions without a cache
/*if ( isset( $_SERVER["HTTPS"]))
{
/*if (isset($_SERVER['HTTPS'])) {
/**
* We need to set the following headers to make downloads work using IE in HTTPS mode.
*
//header( "Pragma: ");
//header( "Cache-Control: ");
//header('Pragma: ');
//header('Cache-Control: ');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n");
header( "Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n");
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . " GMT\n");
header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
header("Cache-Control: post-check=0, pre-check=0\n", false);
}*/
header( "Content-Description: " . trim( htmlentities( $file)) . "\n");
header('Content-Description: ' . trim(htmlentities($file)) . "\n");
header("Content-Transfer-Encoding: binary\n");
header( "Content-Length: " . filesize( $path)."\n" );
header('Content-Length: ' . filesize($path)."\n" );
/*
==============================================================================
SEND FILE
==============================================================================
*/
$fp = fopen( $path, "rb");
$fp = fopen( $path, 'rb');
fpassthru($fp);
exit();
@ -409,4 +348,3 @@ exit( );
* Solution: Make sure your download script/section is off in its own directory. and add the following to your .htaccess file for that directory:
* php_flag zlib.output_compression off
*/
?>

648
main/dropbox/dropbox_functions.inc.php
View File

File diff suppressed because it is too large Load Diff

145
main/dropbox/dropbox_init.inc.php
Unescape View File

@ -1,8 +1,7 @@
<?php //$id: $
/* For licensing terms, see /dokeos_license.txt */
<?php
/* For licensing terms, see /license.txt */
/**
==============================================================================
* First initialisation file with initialisation of variables and
* without outputting anything to browser.
* 1. Calls global.inc.php and lang file
@ -15,75 +14,67 @@
* @author René Haentjens, severalcontributions <rene.haentjens@UGent.be> (see RH)
* @author Roan Embrechts, virtual course support
* @author Patrick Cool <patrick.cool@UGent.be>
Dokeos Config Settings (AWACS)
Chamilo Config Settings (AWACS)
Refactoring
tool introduction
folders
download file / folder (download icon)
same action on multiple documents
extended feedback
* @package dokeos.dropbox
==============================================================================
* @package chamilo.dropbox
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// name of the language file that needs to be included
$language_file = "dropbox";
//this var disables the link in the breadcrumbs on top of the page
//$noPHP_SELF = TRUE;
$language_file = 'dropbox';
// including the basic Dokeos initialisation file
require("../inc/global.inc.php");
require_once(api_get_path(LIBRARY_PATH) . "security.lib.php");
// This var disables the link in the breadcrumbs on top of the page
//$noPHP_SELF = true;
// including the basic Chamilo initialisation file
require '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH) . 'security.lib.php';
// the dropbox configuration parameters
require_once('dropbox_config.inc.php');
require_once 'dropbox_config.inc.php';
// the dropbox sanity files (adds a new table and some new fields)
//require_once('dropbox_sanity.inc.php');
//require_once 'dropbox_sanity.inc.php';
// the dropbox file that contains additional functions
require_once('dropbox_functions.inc.php');
require_once 'dropbox_functions.inc.php';
include_once(api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php');
include_once(api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php');
require_once api_get_path(LIBRARY_PATH) . 'mail.lib.inc.php';
require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
// protecting the script
api_protect_course_script();
/*
-----------------------------------------------------------
Libraries
-----------------------------------------------------------
*/
require_once(api_get_path(LIBRARY_PATH)."/debug.lib.inc.php");
require_once(api_get_path(LIBRARY_PATH) . "/course.lib.php");
require_once(api_get_path(LIBRARY_PATH) . "/groupmanager.lib.php");
require_once api_get_path(LIBRARY_PATH) . 'debug.lib.inc.php';
require_once api_get_path(LIBRARY_PATH) . 'course.lib.php';
require_once api_get_path(LIBRARY_PATH) . 'groupmanager.lib.php';
// including the library for the sortable table
require_once(api_get_path(LIBRARY_PATH).'/tablesort.lib.php');
require_once api_get_path(LIBRARY_PATH) . 'tablesort.lib.php';
// including the library for the dropbox
require_once( "dropbox_class.inc.php");
require_once 'dropbox_class.inc.php';
// including some libraries that are also used in the documents tool
require_once('../document/document.inc.php'); // we use a function build_document_icon_tag
require_once(api_get_path(LIBRARY_PATH).'/fileDisplay.lib.php'); // the function choose_image is used
require_once(api_get_path(LIBRARY_PATH).'/document.lib.php');
require_once api_get_path(SYS_CODE_PATH) . 'document/document.inc.php'; // we use a function build_document_icon_tag
require_once api_get_path(LIBRARY_PATH) . 'fileDisplay.lib.php'; // the function choose_image is used
require_once api_get_path(LIBRARY_PATH) . 'document.lib.php';
/*
-----------------------------------------------------------
Virtual course support
-----------------------------------------------------------
*/
$user_id = api_get_user_id();
$course_code = $_course['sysCode'];
@ -94,24 +85,19 @@ $is_course_member = CourseManager::is_user_subscribed_in_real_or_linked_course($
/*
-----------------------------------------------------------
Object Initialisation
-----------------------------------------------------------
*/
// we need this here because the javascript to re-upload the file needs an array
// off all the documents that have already been sent.
// @todo consider moving the javascripts in a function that displays the javascripts
// only when it is needed.
if ($_GET['action']=='add')
{
if ($_GET['action'] == 'add') {
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
}
/*
-----------------------------------------------------------
create javascript and htmlHeaders
// RH: Mailing: new function confirmsend
-----------------------------------------------------------
*/
$javascript = "<script type=\"text/javascript\">
@ -149,16 +135,13 @@ $javascript = "<script type=\"text/javascript\">
}
";
if (dropbox_cnf("allowOverwrite"))
{
if (dropbox_cnf('allowOverwrite')) {
$javascript .= "
var sentArray = new Array("; //sentArray keeps list of all files still available in the sent files list
//of the user.
//This is used to show or hide the overwrite file-radio button of the upload form
for($i=0; $i<count($dropbox_person->sentWork); $i++)
{
if ($i > 0)
{
for ($i = 0; $i < count($dropbox_person->sentWork); $i++) {
if ($i > 0) {
$javascript .= ", ";
}
$javascript .= "'".$dropbox_person->sentWork[$i]->title."'";
@ -231,45 +214,31 @@ $htmlHeadXtra[] = '<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">';
$checked_files = false;
if (!$_GET['view'] OR $_GET['view']=='received')
{
if (!$_GET['view'] OR $_GET['view'] == 'received') {
$part = 'received';
}
elseif ($_GET['view']='sent')
{
} elseif ($_GET['view'] = 'sent') {
$part = 'sent';
}
else
{
} else {
header ('location: index.php?view='.$_GET['view'].'&error=Error');
}
if (($_POST['action']=='download_received' || $_POST['action']=='download_sent') and !$_POST['store_feedback'])
{
{
if (($_POST['action'] == 'download_received' || $_POST['action'] == 'download_sent') and !$_POST['store_feedback']) {
$checked_file_ids = $_POST['id'];
if (!is_array($checked_file_ids) || count($checked_file_ids)==0)
{
if (!is_array($checked_file_ids) || count($checked_file_ids) == 0) {
header ('location: index.php?view='.$_GET['view'].'&error=CheckAtLeastOneFile');
exit;
}
else
} else {
handle_multiple_actions();
exit;
}
exit;
}
/*
* ========================================
* AUTHORISATION SECTION
* ========================================
* Prevents access of all users that are not course members
*/
if ((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(null, true)) {
if ($origin != 'learnpath') {
api_not_allowed(true);//print headers/footers
} else {
@ -279,54 +248,42 @@ if((!$is_allowed_in_course || !$is_course_member) && !api_is_allowed_to_edit(nul
}
/*
==============================================================================
BREADCRUMBS
==============================================================================
*/
if ($_GET['view']=='received')
{
$interbreadcrumb[] = array ("url" => "../dropbox/index.php", "name" => get_lang('Dropbox', ''));
if ($_GET['view'] == 'received') {
$interbreadcrumb[] = array('url' => '../dropbox/index.php', 'name' => get_lang('Dropbox', ''));
$nameTools = get_lang('ReceivedFiles');
if ($_GET['action'] == 'addreceivedcategory')
{
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=received", "name" => get_lang("ReceivedFiles"));
if ($_GET['action'] == 'addreceivedcategory') {
$interbreadcrumb[] = array('url' => '../dropbox/index.php?view=received', 'name' => get_lang('ReceivedFiles'));
$nameTools = get_lang('AddNewCategory');
}
}
if ($_GET['view']=='sent' OR empty($_GET['view']))
{
$interbreadcrumb[] = array ("url" => "../dropbox/index.php", "name" => get_lang('Dropbox', ''));
if ($_GET['view'] == 'sent' OR empty($_GET['view'])) {
$interbreadcrumb[] = array('url' => '../dropbox/index.php', 'name' => get_lang('Dropbox', ''));
$nameTools = get_lang('SentFiles');
if ($_GET['action'] == 'addsentcategory')
{
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=sent", "name" => get_lang("SentFiles"));
if ($_GET['action'] == 'addsentcategory') {
$interbreadcrumb[] = array('url' => '../dropbox/index.php?view=sent', 'name' => get_lang('SentFiles'));
$nameTools = get_lang('AddNewCategory');
}
if ($_GET['action'] == 'add')
{
$interbreadcrumb[] = array ("url" => "../dropbox/index.php?view=sent", "name" => get_lang("SentFiles"));
if ($_GET['action'] == 'add') {
$interbreadcrumb[] = array ('url' => '../dropbox/index.php?view=sent', 'name' => get_lang('SentFiles'));
$nameTools = get_lang('UploadNewFile');
}
}
/*
==============================================================================
HEADER & TITLE
==============================================================================
*/
if ($origin != 'learnpath')
{
Display::display_header($nameTools,"Dropbox");
}
else // if we come from the learning path we have to include the stylesheet and the required javascripts manually.
{
if ($origin != 'learnpath') {
Display::display_header($nameTools, 'Dropbox');
} else { // if we come from the learning path we have to include the stylesheet and the required javascripts manually.
echo '<link rel="stylesheet" type="text/css" href="', api_get_path(WEB_CODE_PATH), 'css/default.css">';
echo $javascript;
}
// api_display_tool_title($nameTools);
?>

552
main/dropbox/dropbox_submit.php
Unescape View File

@ -1,226 +1,170 @@
<?php //$id: $
/* For licensing terms, see /dokeos_license.txt */
<?php
/* For licensing terms, see /license.txt */
/*
* ========================================
* PREVENT RESUBMITING
* ========================================
* This part checks if the $dropbox_unid var has the same ID
* as the session var $dropbox_uniqueid that was registered as a session
* var before.
* The resubmit prevention only works with GET requests, because it gives some annoying
* behaviours with POST requests.
*/
/*
if (isset($_POST["dropbox_unid"])) {
$dropbox_unid = $_POST["dropbox_unid"];
} elseif (isset($_GET["dropbox_unid"]))
{
$dropbox_unid = $_GET["dropbox_unid"];
if (isset($_POST['dropbox_unid'])) {
$dropbox_unid = $_POST['dropbox_unid'];
} elseif (isset($_GET['dropbox_unid'])) {
$dropbox_unid = $_GET['dropbox_unid'];
} else {
die(get_lang('BadFormData').' (code 400)');
}
if (isset($_SESSION["dropbox_uniqueid"]) && isset($_GET["dropbox_unid"]) && $dropbox_unid == $_SESSION["dropbox_uniqueid"]) {
if (isset($_SESSION['dropbox_uniqueid']) && isset($_GET['dropbox_unid']) && $dropbox_unid == $_SESSION['dropbox_uniqueid']) {
//resubmit : go to index.php
// only prevent resending of data for GETS, not POSTS because this gives annoying results
if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"]=="on") {
$mypath = "https";
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
$mypath = 'https';
} else {
$mypath = "http";
$mypath = 'http';
}
$mypath=$mypath."://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php";
$mypath = $mypath.'://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/index.php';
echo 'hier';
header("Location: $mypath");
}
$dropbox_uniqueid = $dropbox_unid;
api_session_register("dropbox_uniqueid");
api_session_register('dropbox_uniqueid');
*/
/**
* ========================================
* FORM SUBMIT
* ========================================
* - VALIDATE POSTED DATA
* - UPLOAD NEW FILE
*/
if ( isset( $_POST["submitWork"]))
{
if (file_exists(api_get_path(INCLUDE_PATH) . "/fileUploadLib.inc.php"))
{
require_once(api_get_path(INCLUDE_PATH) . "/fileUploadLib.inc.php");
}
else
{
require_once(api_get_path(LIBRARY_PATH) . "/fileUpload.lib.php");
}
if (isset($_POST['submitWork'])) {
$error = FALSE;
$errormsg = '';
require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
$error = false;
$errormsg = '';
/**
* --------------------------------------
* FORM SUBMIT : VALIDATE POSTED DATA
* --------------------------------------
*/
// the author or description field is empty
if ( !isset( $_POST['authors']) || !isset( $_POST['description']))
{
$error = TRUE;
// the author or description field is empty
if (!isset($_POST['authors']) || !isset( $_POST['description'])) {
$error = true;
$errormsg = get_lang('BadFormData');
}
elseif ( !isset( $_POST['recipients']) || count( $_POST['recipients']) <= 0)
{
$error = TRUE;
} elseif (!isset( $_POST['recipients']) || count( $_POST['recipients']) <= 0) {
$error = true;
$errormsg = get_lang('NoUserSelected');
}
else
{
$thisIsAMailing = FALSE; // RH: Mailing selected as destination
$thisIsJustUpload = FALSE; // RH
foreach( $_POST['recipients'] as $rec)
{
if ( $rec == 'mailing')
{
$thisIsAMailing = TRUE;
}
elseif ( $rec == 'upload')
{
$thisIsJustUpload = TRUE;
}
elseif (strpos($rec, 'user_') === 0 && !isCourseMember(substr($rec, strlen('user_') ) ))
{
} else {
$thisIsAMailing = false; // RH: Mailing selected as destination
$thisIsJustUpload = false; // RH
foreach ($_POST['recipients'] as $rec) {
if ($rec == 'mailing') {
$thisIsAMailing = true;
} elseif ($rec == 'upload') {
$thisIsJustUpload = true;
} elseif (strpos($rec, 'user_') === 0 && !isCourseMember(substr($rec, strlen('user_')))) {
echo '401';
die(get_lang('BadFormData').' (code 401)');
}
elseif (strpos($rec, 'group_') !== 0 && strpos($rec, 'user_') !== 0)
{
} elseif (strpos($rec, 'group_') !== 0 && strpos($rec, 'user_') !== 0) {
echo '402';
die(get_lang('BadFormData').' (code 402)');
}
}
// we are doing a mailing but an additional recipient is selected
if ( $thisIsAMailing && ( count($_POST['recipients']) != 1))
{
$error = TRUE;
if ($thisIsAMailing && ( count($_POST['recipients']) != 1)) {
$error = true;
$errormsg = get_lang('MailingSelectNoOther');
}
// we are doing a just upload but an additional recipient is selected.
elseif ( $thisIsJustUpload && ( count($_POST['recipients']) != 1))
{
$error = TRUE;
$errormsg = get_lang("MailingJustUploadSelectNoOther");
}
elseif ( empty( $_FILES['file']['name']))
{
$error = TRUE;
elseif ( $thisIsJustUpload && ( count($_POST['recipients']) != 1)) {
$error = true;
$errormsg = get_lang('MailingJustUploadSelectNoOther');
} elseif (empty($_FILES['file']['name'])) {
$error = true;
$errormsg = get_lang('NoFileSpecified');
}
}
//check if $_POST['cb_overwrite'] is true or false
$dropbox_overwrite = false;
if ( isset($_POST['cb_overwrite']) && $_POST['cb_overwrite']==true)
{
if (isset($_POST['cb_overwrite']) && $_POST['cb_overwrite']) {
$dropbox_overwrite = true;
}
/**
* --------------------------------------
* FORM SUBMIT : UPLOAD NEW FILE
* --------------------------------------
*/
if ( !$error)
{
$dropbox_filename = $_FILES['file']['name'];
$dropbox_filesize = $_FILES['file']['size'];
if (!$error) {
$dropbox_filename = $_FILES['file']['name'];
$dropbox_filesize = $_FILES['file']['size'];
$dropbox_filetype = $_FILES['file']['type'];
$dropbox_filetmpname = $_FILES['file']['tmp_name'];
if ( $dropbox_filesize <= 0 || $dropbox_filesize > dropbox_cnf("maxFilesize"))
{
$errormsg = get_lang('TooBig');
$error = TRUE;
}elseif ( !is_uploaded_file( $dropbox_filetmpname)) // check user fraud : no clean error msg.
{
if ($dropbox_filesize <= 0 || $dropbox_filesize > dropbox_cnf('maxFilesize')) {
$errormsg = get_lang('TooBig'); // TODO: The "too big" message does not fit in the case of uploading zero-sized file.
$error = true;
} elseif (!is_uploaded_file($dropbox_filetmpname)) { // check user fraud : no clean error msg.
die(get_lang('BadFormData').' (code 403)');
}
if ( !$error)
{
if (!$error) {
// Try to add an extension to the file if it hasn't got one
$dropbox_filename = add_ext_on_mime($dropbox_filename, $dropbox_filetype);
// Replace dangerous characters
$dropbox_filename = replace_dangerous_char($dropbox_filename);
// Transform any .php file in .phps fo security
$dropbox_filename = php2phps($dropbox_filename);
if(!filter_extension($dropbox_filename))
{
if (!filter_extension($dropbox_filename)) {
$error = true;
$errormsg = get_lang('UplUnableToSaveFileFilteredExtension');
}
else
{
} else {
// set title
$dropbox_title = $dropbox_filename;
// set author
if ( $_POST['authors'] == '')
{
if ($_POST['authors'] == '') {
$_POST['authors'] = getUserNameFromId($_user['user_id']);
}
if ( $dropbox_overwrite) // RH: Mailing: adapted
{
if ($dropbox_overwrite) { // RH: Mailing: adapted
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
foreach($dropbox_person->sentWork as $w)
{
if ($w->title == $dropbox_filename)
{
if ( ($w->recipients[0]['id'] > dropbox_cnf("mailingIdBase")) xor $thisIsAMailing)
{
$error = TRUE;
foreach ($dropbox_person->sentWork as $w) {
if ($w->title == $dropbox_filename) {
if (($w->recipients[0]['id'] > dropbox_cnf('mailingIdBase')) xor $thisIsAMailing) {
$error = true;
$errormsg = get_lang('MailingNonMailingError');
}
if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload)
{
$error = TRUE;
$errormsg = get_lang("MailingJustUploadSelectNoOther");
if ( ($w->recipients[0]['id'] == $_user['user_id']) xor $thisIsJustUpload) {
$error = true;
$errormsg = get_lang('MailingJustUploadSelectNoOther');
}
$dropbox_filename = $w->filename; $found = true;
$dropbox_filename = $w->filename;
$found = true;
break;
}
}
}
else // rename file to login_filename_uniqueId format
{
$dropbox_filename = getLoginFromId( $_user['user_id']) . "_" . $dropbox_filename . "_".uniqid('');
} else {
// rename file to login_filename_uniqueId format
$dropbox_filename = getLoginFromId( $_user['user_id']) . '_' . $dropbox_filename . '_'.uniqid('');
}
if ( ( ! is_dir( dropbox_cnf("sysPath"))))
{
if (!is_dir(dropbox_cnf('sysPath'))) {
//The dropbox subdir doesn't exist yet so make it and create the .htaccess file
mkdir( dropbox_cnf("sysPath"), api_get_permissions_for_new_directories()) or die(get_lang('ErrorCreatingDir').' (code 404)');
$fp = fopen( dropbox_cnf("sysPath")."/.htaccess", "w") or die(get_lang('ErrorCreatingDir').' (code 405)');
mkdir(dropbox_cnf('sysPath'), api_get_permissions_for_new_directories()) or die(get_lang('ErrorCreatingDir').' (code 404)');
$fp = fopen(dropbox_cnf('sysPath').'/.htaccess', 'w') or die(get_lang('ErrorCreatingDir').' (code 405)');
fwrite($fp, "AuthName AllowLocalAccess
AuthType Basic
@ -231,37 +175,25 @@ if ( isset( $_POST["submitWork"]))
}
if ($error) {}
elseif ( $thisIsAMailing) // RH: $newWorkRecipients is integer - see class
{
if ( preg_match( dropbox_cnf("mailingZipRegexp"), $dropbox_title))
{
$newWorkRecipients = dropbox_cnf("mailingIdBase");
}
else
{
$error = TRUE;
elseif ($thisIsAMailing) { // RH: $newWorkRecipients is integer - see class
if (preg_match(dropbox_cnf('mailingZipRegexp'), $dropbox_title)) {
$newWorkRecipients = dropbox_cnf('mailingIdBase');
} else {
$error = true;
$errormsg = $dropbox_title . ': ' . get_lang('MailingWrongZipfile');
}
}
elseif ( $thisIsJustUpload) // RH: $newWorkRecipients is empty array
{
} elseif ( $thisIsJustUpload) { // RH: $newWorkRecipients is empty array
$newWorkRecipients = array();
}
else
{ // creating the array that contains all the users who will receive the file
} else {
// creating the array that contains all the users who will receive the file
$newWorkRecipients = array();
foreach ($_POST["recipients"] as $rec)
{
foreach ($_POST['recipients'] as $rec) {
if (strpos($rec, 'user_') === 0) {
$newWorkRecipients[] = substr($rec, strlen('user_'));
}
elseif (strpos($rec, 'group_') === 0 )
{
} elseif (strpos($rec, 'group_') === 0) {
$userList = GroupManager::get_subscribed_users(substr($rec, strlen('group_')));
foreach ($userList as $usr)
{
if (! in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id'])
{
foreach ($userList as $usr) {
if (!in_array($usr['user_id'], $newWorkRecipients) && $usr['user_id'] != $_user['user_id']) {
$newWorkRecipients[] = $usr['user_id'];
}
}
@ -271,9 +203,8 @@ if ( isset( $_POST["submitWork"]))
// After uploading the file, create the db entries
if ( !$error)
{
@move_uploaded_file( $dropbox_filetmpname, dropbox_cnf("sysPath") . '/' . $dropbox_filename)
if (!$error) {
@move_uploaded_file( $dropbox_filetmpname, dropbox_cnf('sysPath') . '/' . $dropbox_filename)
or die(get_lang('UploadError').' (code 407)');
new Dropbox_SentWork($_user['user_id'], $dropbox_title, $_POST['description'], strip_tags($_POST['authors']), $dropbox_filename, $dropbox_filesize, $newWorkRecipients);
}
@ -283,43 +214,35 @@ if ( isset( $_POST["submitWork"]))
/**
* ========================================
* SUBMIT FORM RESULTMESSAGE
* ========================================
*/
if ( !$error)
{
$return_message=get_lang('FileUploadSucces');
}
else
{
if (!$error) {
$return_message = get_lang('FileUploadSucces');
} else {
$return_message = $errormsg;
}
} // end if ( isset( $_POST["submitWork"]))
} // end if ( isset( $_POST['submitWork']))
/**
* ========================================
* // RH: EXAMINE OR SEND MAILING (NEW)
* ========================================
*/
if ( isset( $_GET['mailingIndex'])) // examine or send
{
if (isset($_GET['mailingIndex'])) { // examine or send
$dropbox_person = new Dropbox_Person( $_user['user_id'], $is_courseAdmin, $is_courseTutor);
if ( isset($_SESSION["sentOrder"]))
{
$dropbox_person->orderSentWork ($_SESSION["sentOrder"]);
if (isset($_SESSION['sentOrder'])) {
$dropbox_person->orderSentWork($_SESSION['sentOrder']);
}
$i = $_GET['mailingIndex']; $mailing_item = $dropbox_person->sentWork[$i];
$i = $_GET['mailingIndex'];
$mailing_item = $dropbox_person->sentWork[$i];
$mailing_title = $mailing_item->title;
$mailing_file = dropbox_cnf("sysPath") . '/' . $mailing_item->filename;
$mailing_file = dropbox_cnf('sysPath') . '/' . $mailing_item->filename;
$errormsg = '<b>' . $mailing_item->recipients[0]['name'] . ' ('
. "<a href='dropbox_download.php?origin=$origin&id=".urlencode($mailing_item->id)."'>"
. htmlspecialchars($mailing_title,ENT_QUOTES,$charset) . '</a>):</b><br /><br />';
. htmlspecialchars($mailing_title, ENT_QUOTES, api_get_system_encoding()) . '</a>):</b><br /><br />';
if ( preg_match( dropbox_cnf("mailingZipRegexp"), $mailing_title, $nameParts))
{
if (preg_match( dropbox_cnf('mailingZipRegexp'), $mailing_title, $nameParts)) {
$var = api_strtoupper($nameParts[2]); // the variable part of the name
$course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$sel = "SELECT u.user_id, u.lastname, u.firstname, cu.status
@ -328,8 +251,7 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
ON cu.user_id = u.user_id AND cu.relation_type<>".COURSE_RELATION_TYPE_RRHH." AND cu.course_code = '".$_course['sysCode']."'";
$sel .= " WHERE u.".dropbox_cnf("mailingWhere".$var)." = '";
function getUser($thisRecip)
{
function getUser($thisRecip) {
// string result = error message, array result = [user_id, lastname, firstname]
global $var, $sel;
@ -341,16 +263,11 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
while ( ($res = Database::fetch_array($result))) {$students[] = $res;}
Database::free_result($result);
if (count($students) == 1)
{
if (count($students) == 1) {
return($students[0]);
}
elseif (count($students) > 1)
{
} elseif (count($students) > 1) {
return ' <'.get_lang('MailingFileRecipDup', '').$var."= $thisRecip>";
}
else
{
} else {
return ' <'.get_lang('MailingFileRecipNotFound', '').$var."= $thisRecip>";
}
}
@ -358,117 +275,84 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
$preFix = $nameParts[1]; $postFix = $nameParts[3];
$preLen = api_strlen($preFix); $postLen = api_strlen($postFix);
function findRecipient($thisFile)
{
function findRecipient($thisFile) {
// string result = error message, array result = [user_id, lastname, firstname, status]
global $nameParts, $preFix, $preLen, $postFix, $postLen;
if ( preg_match(dropbox_cnf("mailingFileRegexp"), $thisFile, $matches))
{
if (preg_match(dropbox_cnf('mailingFileRegexp'), $thisFile, $matches)) {
$thisName = $matches[1];
if ( api_substr($thisName, 0, $preLen) == $preFix)
{
if ( $postLen == 0 || api_substr($thisName, -$postLen) == $postFix)
{
if (api_substr($thisName, 0, $preLen) == $preFix) {
if ($postLen == 0 || api_substr($thisName, -$postLen) == $postFix) {
$thisRecip = api_substr($thisName, $preLen, api_strlen($thisName) - $preLen - $postLen);
if ( $thisRecip) return getUser($thisRecip);
return ' <'.get_lang('MailingFileNoRecip', '').'>';
if ($thisRecip) {
return getUser($thisRecip);
}
else
{
return ' <'.get_lang('MailingFileNoRecip', '').'>';
} else {
return ' <'.get_lang('MailingFileNoPostfix', '').$postFix.'>';
}
}
else
{
} else {
return ' <'.get_lang('MailingFileNoPrefix', '').$preFix.'>';
}
}
else
{
} else {
return ' <'.get_lang('MailingFileFunny', '').'>';
}
}
if (file_exists(api_get_path(INCLUDE_PATH) . "/pclzip/pclzip.lib.php"))
{
require(api_get_path(INCLUDE_PATH) . "/pclzip/pclzip.lib.php");
}
else
{
require(api_get_path(LIBRARY_PATH) . "/pclzip/pclzip.lib.php");
}
require api_get_path(LIBRARY_PATH) . 'pclzip/pclzip.lib.php';
$zipFile = new pclZip($mailing_file); $goodFiles = array();
$zipContent = $zipFile->listContent(); $ucaseFiles = array();
$zipFile = new pclZip($mailing_file);
$goodFiles = array();
$zipContent = $zipFile->listContent();
$ucaseFiles = array();
if ( $zipContent)
{
foreach( $zipFile->listContent() as $thisContent)
{
if ($zipContent) {
foreach( $zipFile->listContent() as $thisContent) {
$thisFile = substr(strrchr('/' . $thisContent['filename'], '/'), 1);
$thisFileUcase = strtoupper($thisFile);
if ( preg_match("~.(php.*|phtml)$~i", $thisFile) )
{
$error = TRUE; $errormsg .= $thisFile . ': ' . get_lang('MailingZipPhp');
if (preg_match("~.(php.*|phtml)$~i", $thisFile)) {
$error = true;
$errormsg .= $thisFile . ': ' . get_lang('MailingZipPhp');
break;
}
elseif ( !$thisContent['folder'])
{
if ( $ucaseFiles[$thisFileUcase])
{
$error = TRUE; $errormsg .= $thisFile . ': ' . get_lang('MailingZipDups');
} elseif (!$thisContent['folder']) {
if ($ucaseFiles[$thisFileUcase]) {
$error = true;
$errormsg .= $thisFile . ': ' . get_lang('MailingZipDups');
break;
}
else
{
} else {
$goodFiles[$thisFile] = findRecipient($thisFile);
$ucaseFiles[$thisFileUcase] = "yep";
$ucaseFiles[$thisFileUcase] = 'yep';
}
}
}
}
else
{
$error = TRUE; $errormsg .= get_lang('MailingZipEmptyOrCorrupt');
} else {
$error = true;
$errormsg .= get_lang('MailingZipEmptyOrCorrupt');
}
if ( !$error)
{
if (!$error) {
$students = array(); // collect all recipients in this course
foreach( $goodFiles as $thisFile => $thisRecip)
{
$errormsg .= htmlspecialchars($thisFile,ENT_QUOTES,$charset) . ': ';
if ( is_string($thisRecip)) // see findRecipient
{
foreach ($goodFiles as $thisFile => $thisRecip) {
$errormsg .= htmlspecialchars($thisFile, ENT_QUOTES, api_get_system_encoding()) . ': ';
if (is_string($thisRecip)) { // see findRecipient
$errormsg .= '<font color="#FF0000">'
. htmlspecialchars($thisRecip,ENT_QUOTES,$charset) . '</font><br>';
}
else
{
if ( isset( $_GET['mailingSend']))
{
. htmlspecialchars($thisRecip, ENT_QUOTES, api_get_system_encoding()) . '</font><br />';
} else {
if ( isset( $_GET['mailingSend'])) {
$errormsg .= get_lang('MailingFileSentTo');
}
else
{
} else {
$errormsg .= get_lang('MailingFileIsFor');
}
$errormsg .= htmlspecialchars(api_get_person_name($thisRecip[2], $thisRecip[1]), ENT_QUOTES, $charset);
$errormsg .= htmlspecialchars(api_get_person_name($thisRecip[2], $thisRecip[1]), ENT_QUOTES, api_get_system_encoding());
if ( is_null($thisRecip[3]))
{
if (is_null($thisRecip[3])) {
$errormsg .= get_lang('MailingFileNotRegistered');
}
else
{
} else {
$students[] = $thisRecip[0];
}
$errormsg .= '<br>';
$errormsg .= '<br />';
}
}
@ -483,87 +367,67 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
AND u.user_id NOT IN ('" . implode("', '" , $students) . "')";
$result = Database::query($sql);
if ( Database::num_rows($result) > 0)
{
if (Database::num_rows($result) > 0) {
$remainingUsers = '';
while ( ($res = Database::fetch_array($result)))
{
$remainingUsers .= ', ' . htmlspecialchars(api_get_person_name($res[1], $res[0]), ENT_QUOTES, $charset);
while ($res = Database::fetch_array($result)) {
$remainingUsers .= ', ' . htmlspecialchars(api_get_person_name($res[1], $res[0]), ENT_QUOTES, api_get_system_encoding());
}
$errormsg .= '<br />' . get_lang('MailingNothingFor') . api_substr($remainingUsers, 1) . '.<br />';
}
if ( isset( $_GET['mailingSend']))
{
chdir(dropbox_cnf("sysPath"));
if (isset($_GET['mailingSend'])) {
chdir(dropbox_cnf('sysPath'));
$zipFile->extract(PCLZIP_OPT_REMOVE_ALL_PATH);
$mailingPseudoId = dropbox_cnf("mailingIdBase") + $mailing_item->id;
$mailingPseudoId = dropbox_cnf('mailingIdBase') + $mailing_item->id;
foreach( $goodFiles as $thisFile => $thisRecip)
{
if ( is_string($thisRecip)) // remove problem file
{
@unlink(dropbox_cnf("sysPath") . '/' . $thisFile);
}
else
{
$newName = getLoginFromId( $_user['user_id']) . "_" . $thisFile . "_" . uniqid('');
if ( rename(dropbox_cnf("sysPath") . '/' . $thisFile, dropbox_cnf("sysPath") . '/' . $newName))
foreach ($goodFiles as $thisFile => $thisRecip) {
if (is_string($thisRecip)) { // remove problem file
@unlink(dropbox_cnf('sysPath') . '/' . $thisFile);
} else {
$newName = getLoginFromId( $_user['user_id']) . '_' . $thisFile . '_' . uniqid('');
if (rename(dropbox_cnf('sysPath') . '/' . $thisFile, dropbox_cnf('sysPath') . '/' . $newName))
new Dropbox_SentWork($mailingPseudoId, $thisFile, $mailing_item->description, $mailing_item->author, $newName, $thisContent['size'], array($thisRecip[0]));
}
}
$sendDT = addslashes(date("Y-m-d H:i:s",time()));
$sendDT = addslashes(date('Y-m-d H:i:s', time()));
// set filesize to zero on send, to avoid 2nd send (see index.php)
$sql = "UPDATE ".dropbox_cnf("tbl_file")."
SET filesize = '0'
, upload_date = '".$sendDT."', last_upload_date = '".$sendDT."'
WHERE id='".addslashes($mailing_item->id)."'";
$result = Database::query($sql);
}
elseif ($mailing_item->filesize != 0)
{
} elseif ($mailing_item->filesize != 0) {
$errormsg .= '<br />' . get_lang('MailingNotYetSent') . '<br />';
}
}
}
else
{
$error = TRUE; $errormsg .= get_lang('MailingWrongZipfile');
} else {
$error = true;
$errormsg .= get_lang('MailingWrongZipfile');
}
/**
* ========================================
* EXAMINE OR SEND MAILING RESULTMESSAGE
* ========================================
*/
if ( $error)
{
if ($error) {
?>
<b><font color="#FF0000"><?php echo $errormsg?></font></b><br><br>
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br>
<b><font color="#FF0000"><?php echo $errormsg?></font></b><br /><br />
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br />
<?php
}
else
{
} else {
?>
<?php echo $errormsg?><br><br>
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br>
<?php echo $errormsg?><br /><br />
<a href="index.php<?php echo "?origin=$origin"; ?>"><?php echo get_lang('BackList'); ?></a><br />
<?php
}
}
/**
* =============================================
* DELETE RECEIVED OR SENT FILES - EDIT FEEDBACK // RH: Feedback
* =============================================
* - DELETE ALL RECEIVED FILES
* - DELETE 1 RECEIVED FILE
* - DELETE ALL SENT FILES
@ -571,27 +435,21 @@ if ( isset( $_GET['mailingIndex'])) // examine or send
* - EDIT FEEDBACK // RH: Feedback
*/
if (isset($_GET['deleteReceived']) || isset($_GET['deleteSent'])
|| isset( $_GET['showFeedback']) || isset( $_GET['editFeedback'])) // RH: Feedback
{
if ( $_GET['mailing']) // RH: Mailing
{
|| isset( $_GET['showFeedback']) || isset( $_GET['editFeedback'])) { // RH: Feedback
if ($_GET['mailing']) { // RH: Mailing
getUserOwningThisMailing($_GET['mailing'], $_user['user_id'], '408'); // RH or die
$dropbox_person = new Dropbox_Person($_GET['mailing'], $is_courseAdmin, $is_courseTutor);
}
else
{
} else {
$dropbox_person = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
}
// RH: these two are needed, I think
if ( isset($_SESSION["sentOrder"]))
{
$dropbox_person->orderSentWork ($_SESSION["sentOrder"]);
if (isset($_SESSION['sentOrder'])) {
$dropbox_person->orderSentWork($_SESSION['sentOrder']);
}
if ( isset($_SESSION["receivedOrder"]))
{
$dropbox_person->orderReceivedWork ($_SESSION["receivedOrder"]);
if (isset($_SESSION['receivedOrder'])) {
$dropbox_person->orderReceivedWork($_SESSION['receivedOrder']);
}
/*if (!$dropbox_person->isCourseAdmin || ! $dropbox_person->isCourseTutor) {
@ -600,67 +458,52 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
$tellUser = get_lang('FileDeleted'); // RH: Feedback
if ( isset( $_GET['deleteReceived']))
{
if ( $_GET["deleteReceived"] == "all")
{
if (isset($_GET['deleteReceived'])) {
if ($_GET['deleteReceived'] == 'all') {
$dropbox_person->deleteAllReceivedWork();
}elseif ( is_numeric( $_GET["deleteReceived"]))
{
} elseif (is_numeric($_GET['deleteReceived'])) {
$dropbox_person->deleteReceivedWork( $_GET['deleteReceived']);
}
else
{
} else {
die(get_lang('GeneralError').' (code 409)');
}
}
elseif ( isset( $_GET['deleteSent'])) // RH: Feedback
{
if ( $_GET["deleteSent"] == "all")
{
} elseif (isset( $_GET['deleteSent'])) { // RH: Feedback
if ($_GET['deleteSent'] == 'all') {
$dropbox_person->deleteAllSentWork( );
}elseif ( is_numeric( $_GET["deleteSent"]))
{
} elseif (is_numeric($_GET['deleteSent'])) {
$dropbox_person->deleteSentWork($_GET['deleteSent']);
}
else
{
} else {
die(get_lang('GeneralError').' (code 410)');
}
}
elseif ( isset( $_GET['showFeedback'])) // RH: Feedback
{
} elseif (isset($_GET['showFeedback'])) { // RH: Feedback
$w = new Dropbox_SentWork($id = $_GET['showFeedback']);
if ($w->uploader_id != $_user['user_id'])
if ($w->uploader_id != $_user['user_id']) {
getUserOwningThisMailing($w->uploader_id, $_user['user_id'], '411'); // RH or die
}
foreach( $w -> recipients as $r) if (($fb = $r["feedback"]))
{
$fbarray [$r["feedback_date"].$r["name"]]=
$r["name"] . ' ' . get_lang('SentOn', '') .
' ' . $r["feedback_date"] . ":\n" . $fb;
foreach ($w -> recipients as $r) {
if (($fb = $r['feedback'])) {
$fbarray[$r['feedback_date'].$r['name']] = $r['name'].' '.get_lang('SentOn', '').' '.$r['feedback_date'].":\n".$fb;
}
}
if ($fbarray)
{
if ($fbarray) {
krsort($fbarray);
echo '<textarea class="dropbox_feedbacks">',
htmlspecialchars(implode("\n\n", $fbarray),ENT_QUOTES,$charset), '</textarea>', "\n";
}
else
{
htmlspecialchars(implode("\n\n", $fbarray), ENT_QUOTES, api_get_system_encoding()), '</textarea>', "\n";
} else {
echo '<textarea class="dropbox_feedbacks">&nbsp;</textarea>', "\n";
}
$tellUser = get_lang('ShowFeedback');
}
else // if ( isset( $_GET['editFeedback'])) // RH: Feedback
{
$id = $_GET['editFeedback']; $found = false;
} else { // if ( isset( $_GET['editFeedback'])) { // RH: Feedback
$id = $_GET['editFeedback'];
$found = false;
foreach ($dropbox_person->receivedWork as $w) {
if ($w->id == $id) {
$found = true; break;
$found = true;
break;
}
}
if (!$found) die(get_lang('GeneralError').' (code 415)');
@ -669,17 +512,14 @@ if ( isset( $_GET['deleteReceived']) || isset( $_GET['deleteSent'])
'<input type="hidden" name="feedbackid" value="',
$id, '"/>', "\n",
'<textarea name="feedbacktext" class="dropbox_feedbacks">',
htmlspecialchars($w->feedback,ENT_QUOTES,$charset), '</textarea>', "<br>\n",
htmlspecialchars($w->feedback, ENT_QUOTES, api_get_system_encoding()), '</textarea>', "<br />\n",
'<input type="submit" name="feedbacksubmit" value="', get_lang('Ok', ''), '"/>', "\n",
'</form>', "\n";
$tellUser = get_lang('GiveFeedback');
}
/**
* ==============================================
* RESULTMESSAGE FOR DELETE FILE OR EDIT FEEDBACK // RH: Feedback
* ==============================================
*/
$return_message = get_lang('BackList');
}
?>

7
main/dropbox/dropbox_zipdownload.inc.php
Unescape View File

@ -1,6 +1,5 @@
<?php //$id: $
/* For licensing terms, see /dokeos_license.txt */
<?php
/* For licensing terms, see /license.txt */
// the file that contains all the initialisation stuff (and includes all the configuration stuff)
require_once( "dropbox_init.inc.php");
?>
require_once 'dropbox_init.inc.php';

187
main/dropbox/index.php
Unescape View File

@ -1,7 +1,7 @@
<?php //$id: $
/* For licensing terms, see /dokeos_license.txt */
/* For licensing terms, see /license.txt */
/**
==============================================================================
* @desc The dropbox is a personal (peer to peer) file exchange module that allows
* you to send documents to a certain (group of) users.
*
@ -20,13 +20,10 @@
* then for every individual document the feedback is retrieved
* @todo the implementation of the dropbox categories could (on the database level) have been done more elegantly by storing the category
* in the dropbox_person table because this table stores the relationship between the files (sent OR received) and the users
==============================================================================
*/
/**
==============================================================================
HISTORY
==============================================================================
Version 1.1
------------
- dropbox_init1.inc.php: changed include statements to require statements. This way if a file is not found, it stops the execution of a script instead of continuing with warnings.
@ -90,16 +87,15 @@ Version 1.3 (Patrick Cool)
Version 1.4 (Yannick Warnier)
-----------------------------
- removed all self-built database tables names
==============================================================================
*/
/*
==============================================================================
INIT SECTION
==============================================================================
*/
// the file that contains all the initialisation stuff (and includes all the configuration stuff)
require_once( "dropbox_init.inc.php");
require_once 'dropbox_init.inc.php';
// get the last time the user accessed the tool
if ($_SESSION[$_course['id']]['last_access'][TOOL_DROPBOX] == '') {
$last_access = get_last_tool_access(TOOL_DROPBOX, $_course['code'], $_user['user_id']);
@ -115,23 +111,19 @@ event_access_tool(TOOL_DROPBOX);
$dropbox_unid = md5(uniqid(rand(), true));
/*
==============================================================================
DISPLAY SECTION
==============================================================================
*/
// Tool introduction
Display::display_introduction_section(TOOL_DROPBOX);
/*
-----------------------------------------------------------
ACTIONS: add a dropbox file, add a dropbox category.
-----------------------------------------------------------
*/
// *** display the form for adding a new dropbox item. ***
if ($_GET['action']=="add") {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if ($_GET['action'] == 'add') {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
display_add_form();
@ -146,48 +138,46 @@ if (isset($_POST['submitWork'])) {
}
// *** display the form for adding a category ***
if ($_GET['action']=="addreceivedcategory" or $_GET['action']=="addsentcategory") {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
// display the form for adding a category
if ($_GET['action'] == 'addreceivedcategory' or $_GET['action'] == 'addsentcategory') {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
display_addcategory_form($_POST['category_name'],'',$_GET['action']);
}
// *** editing a category: displaying the form ***
// editing a category: displaying the form
if ($_GET['action'] == 'editcategory' and isset($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
if (!$_POST) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
display_addcategory_form('', $_GET['id'], 'editcategory');
}
}
// *** storing a new or edited category ***
// storing a new or edited category
if (isset($_POST['StoreCategory'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
$return_information = store_addcategory();
if( $return_information['type'] == 'confirmation')
{
if ($return_information['type'] == 'confirmation') {
Display :: display_confirmation_message($return_information['message']);
}
if( $return_information['type'] == 'error')
{
if ($return_information['type'] == 'error') {
Display :: display_error_message(get_lang('FormHasErrorsPleaseComplete').'<br />'.$return_information['message']);
display_addcategory_form($_POST['category_name'], $_POST['edit_id'], $_POST['action']);
}
}
// *** Move a File ***
// Move a File
if (($_GET['action'] == 'movesent' OR $_GET['action'] == 'movereceived') AND isset($_GET['move_id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
display_move_form(str_replace('move', '', $_GET['action']), $_GET['move_id'], get_dropbox_categories(str_replace('move', '', $_GET['action'])));
@ -196,9 +186,9 @@ if ($_POST['do_move']) {
Display :: display_confirmation_message(store_move($_POST['id'], $_POST['move_target'], $_POST['part']));
}
// *** Delete a file ***
// Delete a file
if (($_GET['action'] == 'deletereceivedfile' OR $_GET['action'] == 'deletesentfile') AND isset($_GET['id']) AND is_numeric($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
$dropboxfile = new Dropbox_Person($_user['user_id'], $is_courseAdmin, $is_courseTutor);
@ -213,31 +203,31 @@ if (($_GET['action']=='deletereceivedfile' OR $_GET['action']=='deletesentfile')
Display :: display_confirmation_message($message);
}
// *** Delete a category ***
// Delete a category
if (($_GET['action'] == 'deletereceivedcategory' OR $_GET['action'] == 'deletesentcategory') AND isset($_GET['id']) AND is_numeric($_GET['id'])) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
$message = delete_category($_GET['action'], $_GET['id']);
Display :: display_confirmation_message($message);
}
// *** Do an action on multiple files ***
// Do an action on multiple files
// only the download has is handled separately in dropbox_init_inc.php because this has to be done before the headers are sent
// (which also happens in dropbox_init.inc.php
if (!isset($_POST['feedback']) && (strstr($_POST['action'], 'move_received') OR
$_POST['action'] == 'delete_received' OR $_POST['action'] == 'download_received' OR
$_POST['action'] == 'delete_sent' OR $_POST['action'] == 'download_sent'))
{
$_POST['action'] == 'delete_sent' OR $_POST['action'] == 'download_sent')) {
$display_message = handle_multiple_actions();
Display :: display_normal_message($display_message);
}
// *** Store Feedback ***
// Store Feedback
if ($_POST['feedback']) {
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false,true)) {
api_not_allowed();
}
$check = Security::check_token();
@ -248,14 +238,14 @@ if ($_POST['feedback']) {
}
}
// *** Error Message ***
// Error Message
if (isset($_GET['error']) AND !empty($_GET['error'])) {
Display :: display_normal_message(get_lang($_GET['error']));
}
if ($_GET['action'] != 'add') {
if ($_GET['action']!="add") {
// getting all the categories in the dropbox for the given user
$dropbox_categories = get_dropbox_categories();
// creating the arrays with the categories for the received files and for the sent files
@ -270,7 +260,7 @@ foreach ($dropbox_categories as $category) {
// ACTIONS
if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
if ($_GET['view'] == 'received' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('ReceivedFiles').'</h3>';
// This is for the categories
@ -280,12 +270,11 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$view_dropbox_category_received = 0;
}
/* *** Menu Received *** */
/* Menu Received */
if (api_get_session_id() == 0) {
echo '<div class="actions">';
if ($view_dropbox_category_received<>0 && api_is_allowed_to_session_edit(false,true)) {
if ($view_dropbox_category_received != 0 && api_is_allowed_to_session_edit(false, true)) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
$movelist[0] = 'Root'; // move_received selectbox content
@ -296,7 +285,7 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
} else {
if (api_is_allowed_to_session_edit(false, true)) {
echo '<div class="actions">';
if ($view_dropbox_category_received<>0 && api_is_allowed_to_session_edit(false,true)) {
if ($view_dropbox_category_received != 0 && api_is_allowed_to_session_edit(false, true)) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_received]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category=0&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
$movelist[0] = 'Root'; // move_received selectbox content
@ -307,21 +296,22 @@ if ( $_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
}
}
}
if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs']==false) {
if (!$_GET['view'] OR $_GET['view'] == 'sent' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('SentFiles').'</h3>';
// This is for the categories
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category']<>'') {
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category'] != '') {
$view_dropbox_category_sent = $_GET['view_sent_category'];
} else {
$view_dropbox_category_sent = 0;
}
/* *** Menu Sent *** */
/* Menu Sent */
if (api_get_session_id() == 0) {
echo '<div class="actions">';
if ($view_dropbox_category_sent<>0) {
if ($view_dropbox_category_sent != 0) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
} else {
@ -334,7 +324,7 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
} else {
if (api_is_allowed_to_session_edit(false, true)) {
echo '<div class="actions">';
if ($view_dropbox_category_sent<>0) {
if ($view_dropbox_category_sent != 0) {
echo get_lang('CurrentlySeeing').': <strong>'.$dropbox_categories[$view_dropbox_category_sent]['cat_name'].'</strong> ';
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category=0&amp;view='.Security::remove_XSS($_GET['view']).'">'.Display::return_icon('folder_up.gif', get_lang('Up')).' '.get_lang('Root')."</a>\n";
} else {
@ -346,14 +336,11 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
echo '</div>';
}
}
}
/*
-----------------------------------------------------------
THE MENU TABS
-----------------------------------------------------------
*/
if ($dropbox_cnf['sent_received_tabs']) {
?>
@ -367,15 +354,13 @@ if ($dropbox_cnf['sent_received_tabs']) {
}
/*
-----------------------------------------------------------
RECEIVED FILES
-----------------------------------------------------------
*/
if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
if ($_GET['view'] == 'received' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('ReceivedFiles').'</h3>';
// This is for the categories
if (isset($_GET['view_received_category']) AND $_GET['view_received_category']<>'') {
if (isset($_GET['view_received_category']) AND $_GET['view_received_category'] != '') {
$view_dropbox_category_received = $_GET['view_received_category'];
} else {
$view_dropbox_category_received = 0;
@ -394,21 +379,20 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
// the headers of the sortable tables
$column_header = array();
$column_header[] = array('', false, '');
$column_header[] = array(get_lang('Type'),true,'style="width:40px"');
$column_header[] = array(get_lang('ReceivedTitle'), TRUE, '');
$column_header[] = array(get_lang('Size'), TRUE, '');
$column_header[] = array(get_lang('Authors'), TRUE, '');
$column_header[] = array(get_lang('Type'), true, '', 'style="width:40px; text-align:center"');
$column_header[] = array(get_lang('ReceivedTitle'), true, '');
$column_header[] = array(get_lang('Size'), true, '');
$column_header[] = array(get_lang('Authors'), true, '');
$column_header[] = array(get_lang('LastResent'), true);
if (api_get_session_id()==0)
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"');
elseif (api_is_allowed_to_session_edit(false,true)){
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"');
if (api_get_session_id() == 0) {
$column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
} elseif (api_is_allowed_to_session_edit(false,true)) {
$column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
}
$column_header[] = array('RealDate', true);
// An array with the setting of the columns -> 1: columns that we will show, 0:columns that will be hide
$column_show[] = 1;
$column_show[] = 1;
@ -417,9 +401,9 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$column_show[] = 1;
$column_show[] = 1;
if (api_get_session_id()==0)
if (api_get_session_id() == 0) {
$column_show[] = 1;
elseif (api_is_allowed_to_session_edit(false,true)){
} elseif (api_is_allowed_to_session_edit(false, true)) {
$column_show[] = 1;
}
$column_show[] = 0;
@ -437,8 +421,6 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$column_order[] = 7;
$column_order[] = 8;
// the content of the sortable table = the received files
foreach ($dropbox_person -> receivedWork as $dropbox_file) {
$dropbox_file_data = array();
@ -455,30 +437,29 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$new_icon = '&nbsp;'.Display::return_icon('new.gif', get_lang('New'));
}
$dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title);
$dropbox_file_data[]='<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Download'), array('style'=>'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a>'.$new_icon.'<br>'.$dropbox_file->description;
$dropbox_file_data[] = '<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Download'), array('style' => 'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a>'.$new_icon.'<br />'.$dropbox_file->description;
$dropbox_file_data[] = ceil(($dropbox_file->filesize) / 1024).' '.get_lang('kB');
$dropbox_file_data[] = $dropbox_file->author;
//$dropbox_file_data[] = $dropbox_file->description;
$dropbox_file_data[]=date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
$dropbox_file_data[] = date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br /><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
$action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').'
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>';
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
//$action_icons=' <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=movereceived&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer.gif',get_lang('Move')).'</a>
// <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>';
// <a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.$_GET['view_received_category'].'&amp;view_sent_category='.$_GET['view_sent_category'].'&amp;action=deletereceivedfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
// this is a hack to have an additional row in a sortable table
if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id == $_GET['id']) {
$action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table
$action_icons .= '<tr><td colspan="2"><a href="index.php?"'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n";
}
if (api_get_session_id()==0)
if (api_get_session_id() == 0) {
$dropbox_file_data[] = $action_icons;
elseif (api_is_allowed_to_session_edit(false,true)){
} elseif (api_is_allowed_to_session_edit(false, true)) {
$dropbox_file_data[] = $action_icons;
}
$action_icons = '';
@ -489,8 +470,6 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
}
}
// the content of the sortable table = the categories (if we are not in the root)
if ($view_dropbox_category_received == 0) {
foreach ($dropbox_categories as $category) { // note: this can probably be shortened since the categories for the received files are already in the $dropbox_received_category array;
@ -505,7 +484,7 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
$dropbox_category_data[] = '';
$dropbox_category_data[] = '';
$dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&amp;id='.$category['cat_id'].'">'.Display::return_icon('edit.gif',get_lang('Edit')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedcategory&amp;id='.$category['cat_id'].'" onclick="return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>';
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletereceivedcategory&amp;id='.$category['cat_id'].'" onclick="javascript: return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
}
if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) {
$dropbox_data_recieved[] = $dropbox_category_data;
@ -521,24 +500,22 @@ if ($_GET['view']=='received' OR $dropbox_cnf['sent_received_tabs']==false) {
}
}
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
$selectlist = array();
}
Display::display_sortable_config_table($column_header, $dropbox_data_recieved, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist);
}
/*
-----------------------------------------------------------
SENT FILES
-----------------------------------------------------------
*/
if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs']==false) {
if (!$_GET['view'] OR $_GET['view'] == 'sent' OR !$dropbox_cnf['sent_received_tabs']) {
//echo '<h3>'.get_lang('SentFiles').'</h3>';
// This is for the categories
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category']<>'') {
if (isset($_GET['view_sent_category']) AND $_GET['view_sent_category'] != '') {
$view_dropbox_category_sent = $_GET['view_sent_category'];
} else {
$view_dropbox_category_sent = 0;
@ -558,20 +535,19 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$column_header = array();
$column_header[] = array('', false, '');
$column_header[] = array(get_lang('Type'),true,'style="width:40px"','style="text-align:center"');
$column_header[] = array(get_lang('SentTitle'), TRUE, '');
$column_header[] = array(get_lang('Size'), TRUE, '');
$column_header[] = array(get_lang('SentTo'), TRUE, '');
$column_header[] = array(get_lang('LastResent'), TRUE, '');
$column_header[] = array(get_lang('Type'), true, '', 'style="width:40px; text-align:center"');
$column_header[] = array(get_lang('SentTitle'), true, '');
$column_header[] = array(get_lang('Size'), true, '');
$column_header[] = array(get_lang('SentTo'), true, '');
$column_header[] = array(get_lang('LastResent'), true, '');
if (api_get_session_id()==0)
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"');
elseif (api_is_allowed_to_session_edit(false,true)){
$column_header[] = array(get_lang('Modify'), FALSE, '', 'nowrap style="text-align: right"');
if (api_get_session_id() == 0) {
$column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
} elseif (api_is_allowed_to_session_edit(false, true)) {
$column_header[] = array(get_lang('Modify'), false, '', 'nowrap style="text-align: right"');
}
$column_header[] = array('RealDate', FALSE);
$column_header[] = array('RealDate', false);
$column_show = array();
$column_order = array();
@ -583,9 +559,9 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$column_show[] = 1;
$column_show[] = 1;
$column_show[] = 1;
if (api_get_session_id()==0)
if (api_get_session_id() == 0) {
$column_show[] = 1;
elseif (api_is_allowed_to_session_edit(false,true)){
} elseif (api_is_allowed_to_session_edit(false, true)) {
$column_show[] = 1;
}
$column_show[] = 0;
@ -610,26 +586,25 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
if ($view_dropbox_category_sent == $dropbox_file->category) {
$dropbox_file_data[] = $dropbox_file->id;
$dropbox_file_data[] = build_document_icon_tag('file', $dropbox_file->title);
$dropbox_file_data[]='<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif',get_lang('Save'), array('style'=>'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a><br>'.$dropbox_file->description;
$dropbox_file_data[] = '<a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'&amp;action=download">'.Display::return_icon('filesave.gif', get_lang('Save'), array('style' => 'float:right;')).'</a><a href="dropbox_download.php?'.api_get_cidreq().'&id='.$dropbox_file->id.'">'.$dropbox_file->title.'</a><br />'.$dropbox_file->description;
$dropbox_file_data[] = ceil(($dropbox_file->filesize)/1024).' '.get_lang('kB');
foreach ($dropbox_file->recipients as $recipient) {
$receivers_celldata = display_user_link_work($recipient['user_id'], $recipient['name']).', '.$receivers_celldata;
}
$receivers_celldata = trim(trim($receivers_celldata), ','); // Removing the trailing comma.
$dropbox_file_data[] = $receivers_celldata;
$dropbox_file_data[]=date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
$dropbox_file_data[] = date_to_str_ago(api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get())).'<br /><span class="dropbox_date">'.api_get_local_time($dropbox_file->last_upload_date, null, null, date_default_timezone_get()).'</span>';
//$dropbox_file_data[] = $dropbox_file->author;
$receivers_celldata = '';
$action_icons = check_number_feedback($dropbox_file->id, $number_feedback).' '.get_lang('Feedback').'
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=viewfeedback&amp;id='.$dropbox_file->id.'">'.Display::return_icon('comment_bubble.gif', get_lang('Comment')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=movesent&amp;move_id='.$dropbox_file->id.'">'.Display::return_icon('deplacer_fichier.gif', get_lang('Move')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentfile&amp;id='.$dropbox_file->id.'" onclick="return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>';
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentfile&amp;id='.$dropbox_file->id.'" onclick="javascript: return confirmation(\''.$dropbox_file->title.'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
// this is a hack to have an additional row in a sortable table
if ($_GET['action'] == 'viewfeedback' AND isset($_GET['id']) and is_numeric($_GET['id']) AND $dropbox_file->id==$_GET['id']) {
$action_icons .= "</td></tr>\n"; // ending the normal row of the sortable table
$action_icons .= "<tr>\n\t<td colspan=\"2\"><a href=\"index.php?".api_get_cidreq()."&view_received_category=".Security::remove_XSS($_GET['view_received_category'])."&amp;view_sent_category=".Security::remove_XSS($_GET['view_sent_category'])."&amp;view=".Security::remove_XSS($_GET['view'])."\">".get_lang('CloseFeedback')."</a></td><td colspan=\"7\">".feedback($dropbox_file->feedback2)."</td>\n</tr>\n";
}
$dropbox_file_data[] = $action_icons;
$dropbox_file_data[] = $dropbox_file->last_upload_date;
@ -652,7 +627,7 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
$dropbox_category_data[] = '';
$dropbox_category_data[] = '';
$dropbox_category_data[] = '<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=editcategory&id='.$category['cat_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentcategory&amp;id='.$category['cat_id'].'" onclick="return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a>';
<a href="'.api_get_self().'?'.api_get_cidreq().'&view_received_category='.Security::remove_XSS($_GET['view_received_category']).'&amp;view_sent_category='.Security::remove_XSS($_GET['view_sent_category']).'&amp;view='.Security::remove_XSS($_GET['view']).'&amp;action=deletesentcategory&amp;id='.$category['cat_id'].'" onclick="javascript: return confirmation(\''.$category['cat_name'].'\');">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
}
if (is_array($dropbox_category_data) && count($dropbox_category_data) > 0) {
$dropbox_data_sent[] = $dropbox_category_data;
@ -662,10 +637,12 @@ if (!$_GET['view'] OR $_GET['view']=='sent' OR $dropbox_cnf['sent_received_tabs'
// Displaying the table
$additional_get_parameters = array('view' => Security::remove_XSS($_GET['view']), 'view_received_category' => Security::remove_XSS($_GET['view_received_category']), 'view_sent_category' => Security::remove_XSS($_GET['view_sent_category']));
$selectlist = array('delete_received' => get_lang('Delete'), 'download_received' => get_lang('Download'));
if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
$selectlist = array('download_received' => get_lang('Download'));
}
Display::display_sortable_config_table($column_header, $dropbox_data_sent, $sorting_options, $paging_options, $additional_get_parameters, $column_show, $column_order, $selectlist);
}
}
Display::display_footer();

Write Preview
Loading…
Cancel
Save