From 9835041cca2bd9189e74e442843d8641d16ef20e Mon Sep 17 00:00:00 2001
From: jmontoyaa <gugli100@gmail.com>
Date: Tue, 13 Feb 2018 10:00:31 +0100
Subject: [PATCH] Fix move document see BT#14005

---
 main/document/document.php    | 33 ++++++++++++++++++---------------
 main/inc/lib/document.lib.php |  2 +-
 2 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/main/document/document.php b/main/document/document.php
index 9e81a9bdec..286dc35363 100755
--- a/main/document/document.php
+++ b/main/document/document.php
@@ -121,7 +121,7 @@ DocumentManager::create_directory_certificate_in_course($courseInfo);
 $dbl_click_id = 0;
 $selectcat = isset($_GET['selectcat']) ? Security::remove_XSS($_GET['selectcat']) : null;
 $moveTo = isset($_POST['move_to']) ? Security::remove_XSS($_POST['move_to']) : null;
-$moveFile = isset($_POST['move_file']) && is_int($_POST['move_file']) ? $_POST['move_file'] : null;
+$moveFile = isset($_POST['move_file']) ? (int) $_POST['move_file'] : 0;
 
 $certificateLink = '';
 if ($is_certificate_mode) {
@@ -596,17 +596,17 @@ if (isset($document_id) && empty($action)) {
             $groupIid
         );
 
-        if (!empty($document_data['filetype']) && $document_data['filetype'] == 'file' || $document_data['filetype'] == 'link') {
+        if (!empty($document_data['filetype']) &&
+            ($document_data['filetype'] == 'file' || $document_data['filetype'] == 'link')
+        ) {
             if ($visibility && api_is_allowed_to_session_edit()) {
-                $url = api_get_path(WEB_COURSE_PATH).
-                    $courseInfo['path'].'/document'.$document_data['path'].'?'
-                    .api_get_cidreq();
+                $url = api_get_path(WEB_COURSE_PATH).$courseInfo['path'].'/document'.$document_data['path'].'?'.api_get_cidreq();
                 header("Location: $url");
+                exit;
             }
-            exit;
         } else {
             if (!$visibility && !$isAllowedToEdit) {
-                api_not_allowed();
+                api_not_allowed(true);
             }
         }
         $_GET['curdirpath'] = $document_data['path'];
@@ -621,7 +621,6 @@ if (isset($document_id) && empty($action)) {
     } else {
         $curdirpath = '/';
     }
-
     $curdirpathurl = urlencode($curdirpath);
 } else {
     // What's the current path?
@@ -962,10 +961,11 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
         }
 
         if (!$isAllowedToEdit) {
-            if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), $my_get_move)) {
+            if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $my_get_move)) {
                 api_not_allowed(true);
             }
         }
+
         // Get the document data from the ID
         $document_to_move = DocumentManager::get_document_data_by_id(
             $my_get_move,
@@ -983,6 +983,7 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
                 false,
                 $curdirpath
             );
+            $moveForm .= '<legend>'.get_lang('Move').': '.$document_to_move['title'].'</legend>';
 
             // filter if is my shared folder. TODO: move this code to build_move_to_selector function
             if (DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) &&
@@ -1000,8 +1001,6 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
                         $user_shared_folders[] = $fold;
                     }
                 }
-
-                $moveForm .= '<legend>'.get_lang('Move').'</legend>';
                 $moveForm .= DocumentManager::build_move_to_selector(
                     $user_shared_folders,
                     $move_path,
@@ -1009,7 +1008,6 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
                     $group_properties['directory']
                 );
             } else {
-                $moveForm .= '<legend>'.get_lang('Move').'</legend>';
                 $moveForm .= DocumentManager::build_move_to_selector(
                     $folders,
                     $move_path,
@@ -1022,7 +1020,7 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
 
     if (!empty($moveTo) && isset($moveFile)) {
         if (!$isAllowedToEdit) {
-            if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), $moveFile)) {
+            if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $moveFile)) {
                 api_not_allowed(true);
             }
         }
@@ -1047,7 +1045,12 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
                 $real_path_target = $base_work_dir.$moveTo.'/';
                 if (!DocumentManager::cloudLinkExists($_course, $moveTo, $document_to_move['comment'])) {
                     $doc_id = $moveFile;
-                    DocumentManager::updateDBInfoCloudLink($document_to_move['path'], $moveTo.'/', $doc_id);
+                    //DocumentManager::updateDbInfo($document_to_move['path'], $moveTo.'/', $doc_id);
+                    DocumentManager::updateDbInfo(
+                        'update',
+                        $document_to_move['path'],
+                        $moveTo.'/'.basename($document_to_move['path'])
+                    );
 
                     // Update database item property
                     api_item_property_update(
@@ -1056,7 +1059,7 @@ if ($isAllowedToEdit || $group_member_with_upload_rights ||
                         $doc_id,
                         'FileMoved',
                         api_get_user_id(),
-                        $to_group_id,
+                        $group_properties,
                         null,
                         null,
                         null,
diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php
index 715a0e383e..e120ed0bad 100644
--- a/main/inc/lib/document.lib.php
+++ b/main/inc/lib/document.lib.php
@@ -5895,7 +5895,7 @@ class DocumentManager
         $form = new FormValidator('move_to', 'post', api_get_self().'?'.api_get_cidreq());
 
         // Form title
-        $form->addElement('hidden', 'move_file', $move_file);
+        $form->addHidden('move_file', $move_file);
 
         $options = [];