chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing some document redirections see #4780

Browse Source
skala
Julio Montoya 13 years ago
parent 389fa6ede3
commit a22a16c932
6 changed files with 66 additions and 41 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      main/document/create_paint.php
  2. 5
      main/document/document.php
  3. 2
      main/document/edit_document.php
  4. 33
      main/document/edit_draw.php
  5. 23
      main/document/edit_paint.php
  6. 33
      main/document/save_pixlr.php

1
main/document/create_paint.php
Unescape View File

@ -21,7 +21,6 @@ $_SESSION['whereami'] = 'document/createpaint';
$this_section = SECTION_COURSES;
require_once 'document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
$nameTools = get_lang('PhotoRetouching');

5
main/document/document.php
Unescape View File

@ -134,7 +134,7 @@ if (api_get_group_id()) {
//Actions
$document_id = intval($_REQUEST['id']);
$document_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
$message = '';
@ -273,9 +273,7 @@ if (isset($document_id) && empty($action)) {
} else {
$curdirpath = '/';
}
$curdirpathurl = urlencode($curdirpath);
} else {
// What's the current path?
// We will verify this a bit further down
@ -287,6 +285,7 @@ if (isset($document_id) && empty($action)) {
$curdirpath = '/';
}
$curdirpathurl = urlencode($curdirpath);
// Check the path

2
main/document/edit_document.php
Unescape View File

@ -109,6 +109,8 @@ if (api_is_in_group()) {
}
$course_info = api_get_course_info();
$group_id = api_get_group_id();
$dir = '/';

33
main/document/edit_draw.php
Unescape View File

@ -23,12 +23,12 @@ $_SESSION['whereami'] = 'document/editdraw';
$this_section = SECTION_COURSES;
require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
api_protect_course_script();
api_block_anonymous_users();
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true);
if (empty($document_data)) {
api_not_allowed();
} else {
@ -36,12 +36,16 @@ if (empty($document_data)) {
$file_path = $document_data['path'];
$dir = dirname($document_data['path']);
$parent_id = DocumentManager::get_document_id(api_get_course_info(), $dir);
$my_cur_dir_path = Security::remove_XSS($_GET['curdirpath']);
}
$dir= str_replace('\\', '/',$dir);//and urlencode each url $curdirpath (hack clean $curdirpath under Windows - Bug #3261)
/* Constants & Variables */
$current_session_id=api_get_session_id();
$group_id = api_get_group_id();
//path for svg-edit save
$_SESSION['draw_dir']=Security::remove_XSS($dir);
if ($_SESSION['draw_dir']=='/'){
@ -85,17 +89,31 @@ if (!is_dir($filepath)) {
}
//groups //TODO:clean
if (isset($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
$req_gid = '&gidReq='.$_SESSION['_gid'];
$interbreadcrumb[] = array ('url' => '../group/group_space.php?gidReq='.$_SESSION['_gid'], 'name' => get_lang('GroupSpace'));
if (!empty($group_id)) {
$req_gid = '&gidReq='.$group_id;
$interbreadcrumb[] = array ('url' => '../group/group_space.php?gidReq='.$group_id, 'name' => get_lang('GroupSpace'));
$group_document = true;
$noPHP_SELF = true;
}
$is_certificate_mode = DocumentManager::is_certificate_mode($dir);
if (!$is_certificate_mode)
$interbreadcrumb[]=array("url"=>"./document.php?id=".$document_id.$req_gid, "name"=> get_lang('Documents'));
$interbreadcrumb[]= array("url" => "./document.php?curdirpath=".urlencode($my_cur_dir_path).$req_gid, "name"=> get_lang('Documents'));
else
$interbreadcrumb[]= array ( 'url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
$interbreadcrumb[]= array ('url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
// Interbreadcrumb for the current directory root path
if (empty($document_data['parents'])) {
$interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']);
} else {
foreach($document_data['parents'] as $document_sub_data) {
if ($document_data['title'] == $document_sub_data['title']) {
continue;
}
$interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']);
}
}
$is_allowedToEdit = api_is_allowed_to_edit(null, true) || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), $dir, $current_session_id);
@ -108,7 +126,6 @@ event_access_tool(TOOL_DOCUMENT);
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?id='.$parent_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'',ICON_SIZE_MEDIUM).'</a>';
echo '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'&origin=editdraw">'.Display::return_icon('edit.png',get_lang('Rename').'/'.get_lang('Comments'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>';

23
main/document/edit_paint.php
Unescape View File

@ -23,12 +23,12 @@ $_SESSION['whereami'] = 'document/editpaint';
$this_section = SECTION_COURSES;
require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
api_protect_course_script();
api_block_anonymous_users();
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true);
if (empty($document_data)) {
api_not_allowed();
} else {
@ -36,6 +36,7 @@ if (empty($document_data)) {
$file_path = $document_data['path'];
$dir = dirname($document_data['path']);
$parent_id = DocumentManager::get_document_id(api_get_course_info(), $dir);
$my_cur_dir_path = Security::remove_XSS($_GET['curdirpath']);
}
$dir= str_replace('\\', '/',$dir);//and urlencode each url $curdirpath (hack clean $curdirpath under Windows - Bug #3261)
@ -98,10 +99,24 @@ if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
}
$is_certificate_mode = DocumentManager::is_certificate_mode($dir);
if (!$is_certificate_mode)
$interbreadcrumb[]=array("url"=>"./document.php?id=".$document_id.$req_gid, "name"=> get_lang('Documents'));
$interbreadcrumb[]= array("url" => "./document.php?curdirpath=".urlencode($my_cur_dir_path).$req_gid, "name"=> get_lang('Documents'));
else
$interbreadcrumb[]= array ( 'url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
$interbreadcrumb[]= array ('url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
// Interbreadcrumb for the current directory root path
if (empty($document_data['parents'])) {
$interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']);
} else {
foreach($document_data['parents'] as $document_sub_data) {
if ($document_data['title'] == $document_sub_data['title']) {
continue;
}
$interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']);
}
}
$is_allowedToEdit = api_is_allowed_to_edit(null, true) || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), $dir, $current_session_id);

33
main/document/save_pixlr.php
Unescape View File

@ -13,13 +13,10 @@
*/
require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
require_once api_get_path(LIBRARY_PATH).'document.lib.php';
api_protect_course_script();
api_block_anonymous_users();
if ($_user['user_id']!= api_get_user_id() || api_get_user_id()==0 || $_user['user_id']==0) {
api_not_allowed();
die();
@ -45,7 +42,7 @@ $urlcontents=Security::remove_XSS($_GET['image']);//A URL to the image on Pixlr.
$title = Database::escape_string(str_replace('_',' ',$filename));
$current_session_id = api_get_session_id();
$groupId=$_SESSION['_gid'];
$groupId= api_get_group_id();
$relativeUrlPath=$_SESSION['paint_dir'];
$currentTool=$_SESSION['whereami'];
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
@ -104,16 +101,15 @@ if ($content_type[0] != "image") {
}
//Verify that the file is an image. Fileinfo method
if (phpversion() >= '5.3' && extension_loaded('fileinfo')) {
$finfo = new finfo(FILEINFO_MIME);
$current_mime=$finfo->buffer($contents);
finfo_close($finfo);
if(strpos($current_mime, 'image')===false) {
echo "Invalid mime type file";
exit;
}
$finfo = new finfo(FILEINFO_MIME);
$current_mime=$finfo->buffer($contents);
finfo_close($finfo);
if(strpos($current_mime, 'image')===false) {
echo "Invalid mime type file";
exit;
}
//path, file and title
$paintFileName = $filename.'.'.$extension;
$title = $title.'.'.$extension;
@ -121,11 +117,9 @@ $title = $title.'.'.$extension;
if($currentTool=='document/createpaint'){
//check save as and prevent rewrite an older file with same name
if (0 != $groupId){
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
$group_properties = GroupManager :: get_group_properties($groupId);
$groupPath = $group_properties['directory'];
}
else{
$group_properties = GroupManager :: get_group_properties($groupId);
$groupPath = $group_properties['directory'];
} else {
$groupPath ='';
}
@ -181,10 +175,9 @@ if (!isset($_SESSION['exit_pixlr'])) {
$location=api_get_path(WEB_CODE_PATH).'document/document.php';
echo '<script>window.parent.location.href="'.$location.'"</script>';
api_not_allowed(true);
}
else{
} else {
echo '<div align="center" style="padding-top:150; font-family:Arial, Helvetica, Sans-serif;font-size:25px;color:#aaa;font-weight:bold;">'.get_lang('PleaseStandBy').'</div>';
$location=api_get_path(WEB_CODE_PATH).'document/document.php?curdirpath='.Security::remove_XSS($_SESSION['exit_pixlr']);
$location=api_get_path(WEB_CODE_PATH).'document/document.php?id='.Security::remove_XSS($_SESSION['exit_pixlr']);
echo '<script>window.parent.location.href="'.$location.'"</script>';
unset($_SESSION['exit_pixlr']);
}
Write Preview
Loading…
Cancel
Save