@ -1,4 +1,4 @@
<?php
<?php
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -25,10 +25,10 @@
============================================================================== ==============================================================================
INIT SECTION INIT SECTION
============================================================================== ==============================================================================
*/ */
// we cannot use dropbox_init.inc.php because this one already outputs data. // we cannot use dropbox_init.inc.php because this one already outputs data.
//name of langfile //name of langfile
$langFile = "dropbox"; $langFile = "dropbox";
// including the basic Dokeos initialisation file // including the basic Dokeos initialisation file
require("../inc/global.inc.php"); require("../inc/global.inc.php");
@ -46,26 +46,26 @@ include_once('dropbox_functions.inc.php');
require_once( "dropbox_class.inc.php"); require_once( "dropbox_class.inc.php");
// //
include_once(api_get_library_ path().'/document.lib.php'); include_once(api_get_path(LIBRARY_PATH ).'/document.lib.php');
/* /*
============================================================================== ==============================================================================
DOWNLOAD A FOLDER DOWNLOAD A FOLDER
============================================================================== ==============================================================================
*/ */
if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=='downloadcategory' AND isset($_GET['sent_received']) ) if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=='downloadcategory' AND isset($_GET['sent_received']) )
{ {
// step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table // step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table
// dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored // dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored
// in dropbox_person (which stores the link file-person) // in dropbox_person (which stores the link file-person)
// Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a // Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a
// received category) // received category)
if ($_GET['sent_received']=='sent') if ($_GET['sent_received']=='sent')
{ {
// here we also incorporate the person table to make sure that deleted sent documents are not included. // here we also incorporate the person table to make sure that deleted sent documents are not included.
$sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person $sql="SELECT DISTINCT file.id, file.filename, file.title FROM `".$dropbox_cnf["fileTbl"]."` file, `".$dropbox_cnf["personTbl"]."` person
WHERE file.uploader_id='".mysql_real_escape_string($_uid)."' WHERE file.uploader_id='".mysql_real_escape_string($_uid)."'
AND file.cat_id='".mysql_real_escape_string($_GET['cat_id'])."' AND file.cat_id='".mysql_real_escape_string($_GET['cat_id'])."'
AND person.user_id='".mysql_real_escape_string($_uid)."' AND person.user_id='".mysql_real_escape_string($_uid)."'
AND person.file_id=file.id AND person.file_id=file.id
@ -88,11 +88,11 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
if (!is_array($files_to_download) OR empty($files_to_download)) if (!is_array($files_to_download) OR empty($files_to_download))
{ {
header ("location: index.php?view=".$_GET['sent_received']."&error=ErrorNoFilesInFolder"); header ("location: index.php?view=".$_GET['sent_received']."&error=ErrorNoFilesInFolder");
exit; exit;
} }
zip_download($files_to_download); zip_download($files_to_download);
exit; exit;
} }
@ -101,25 +101,25 @@ if ( isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action']=
============================================================================== ==============================================================================
DOWNLOAD A FILE DOWNLOAD A FILE
============================================================================== ==============================================================================
*/ */
/* /*
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
AUTHORIZATION AUTHORIZATION
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
*/ */
// Check if the id makes sense // Check if the id makes sense
if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id'])) if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id']))
{ {
Display::display_header($nameTools,"Dropbox"); Display::display_header($nameTools,"Dropbox");
Display :: display_error_message(get_lang('Error')); Display :: display_error_message(get_lang('Error'));
Display::display_footer(); Display::display_footer();
exit; exit;
} }
// Check if the user is allowed to download the file // Check if the user is allowed to download the file
$allowed_to_download=false; $allowed_to_download=false;
// Check if the user has sent or received the file. // Check if the user has sent or received the file.
$sql="SELECT * FROM `".$dropbox_cnf["personTbl"]."` WHERE file_id='".mysql_real_escape_string($_GET['id'])."' AND user_id='".mysql_real_escape_string($_uid)."'"; $sql="SELECT * FROM `".$dropbox_cnf["personTbl"]."` WHERE file_id='".mysql_real_escape_string($_GET['id'])."' AND user_id='".mysql_real_escape_string($_uid)."'";
$result=api_sql_query($sql); $result=api_sql_query($sql);
if (mysql_num_rows($result)>0) if (mysql_num_rows($result)>0)
@ -131,38 +131,38 @@ if (mysql_num_rows($result)>0)
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
ERROR IF NOT ALLOWED TO DOWNLOAD ERROR IF NOT ALLOWED TO DOWNLOAD
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
*/ */
if (!$allowed_to_download) if (!$allowed_to_download)
{ {
Display::display_header($nameTools,"Dropbox"); Display::display_header($nameTools,"Dropbox");
Display :: display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile')); Display :: display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile'));
Display::display_footer(); Display::display_footer();
exit; exit;
} }
/* /*
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
DOWNLOAD THE FILE DOWNLOAD THE FILE
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
*/ */
// the user is allowed to download the file // the user is allowed to download the file
else else
{ {
$_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][]=$_GET['id']; $_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][]=$_GET['id'];
$work = new Dropbox_work($_GET['id']); $work = new Dropbox_work($_GET['id']);
$path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server $path = dropbox_cnf("sysPath") . "/" . $work -> filename; //path to file as stored on server
$file = $work->title; $file = $work->title;
require_once(api_get_library_ path() . '/document.lib.php'); require_once(api_get_path(LIBRARY_PATH ) . '/document.lib.php');
$mimetype = DocumentManager::file_get_mime_type(TRUE); $mimetype = DocumentManager::file_get_mime_type(TRUE);
$fileparts = explode( '.', $file); $fileparts = explode( '.', $file);
$filepartscount = count( $fileparts); $filepartscount = count( $fileparts);
if ( ( $filepartscount > 1) & & isset( $mimetype[$fileparts [$filepartscount - 1]]) & & $_GET['action']< >'download') if ( ( $filepartscount > 1) & & isset( $mimetype[$fileparts [$filepartscount - 1]]) & & $_GET['action']< >'download')
{ {
// give hint to browser about filetype // give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n"); header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n");
} }
else else
{ {
//no information about filetype: force a download dialog window in browser //no information about filetype: force a download dialog window in browser
header( "Content-type: application/octet-stream\n"); header( "Content-type: application/octet-stream\n");
} }
@ -174,20 +174,20 @@ else
{ {
header('Content-Disposition: attachment; filename='.$file); header('Content-Disposition: attachment; filename='.$file);
} }
/** /**
* Note that if you use these two headers from a previous example: * Note that if you use these two headers from a previous example:
* header('Cache-Control: no-cache, must-revalidate'); * header('Cache-Control: no-cache, must-revalidate');
* header('Pragma: no-cache'); * header('Pragma: no-cache');
* before sending a file to the browser, the "Open" option on Internet Explorer's file download dialog will not work properly. If the user clicks "Open" instead of "Save," the target application will open an empty file, because the downloaded file was not cached. The user will have to save the file to their hard drive in order to use it. * before sending a file to the browser, the "Open" option on Internet Explorer's file download dialog will not work properly. If the user clicks "Open" instead of "Save," the target application will open an empty file, because the downloaded file was not cached. The user will have to save the file to their hard drive in order to use it.
* Make sure to leave these headers out if you'd like your visitors to be able to use IE's "Open" option. * Make sure to leave these headers out if you'd like your visitors to be able to use IE's "Open" option.
*/ */
header( "Pragma: \n"); header( "Pragma: \n");
header( "Cache-Control: \n"); header( "Cache-Control: \n");
header( "Cache-Control: public\n"); // IE cannot download from sessions without a cache header( "Cache-Control: public\n"); // IE cannot download from sessions without a cache
/*if ( isset( $_SERVER["HTTPS"])) /*if ( isset( $_SERVER["HTTPS"]))
{ {
/** /**
@ -200,13 +200,13 @@ else
header( "Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1 header( "Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
header( "Cache-Control: post-check=0, pre-check=0\n", false); header( "Cache-Control: post-check=0, pre-check=0\n", false);
}*/ }*/
header( "Content-Description: " . trim( htmlentities( $file)) . "\n"); header( "Content-Description: " . trim( htmlentities( $file)) . "\n");
header( "Content-Transfer-Encoding: binary\n"); header( "Content-Transfer-Encoding: binary\n");
header( "Content-Length: " . filesize( $path)."\n" ); header( "Content-Length: " . filesize( $path)."\n" );
$fp = fopen( $path, "rb"); $fp = fopen( $path, "rb");
fpassthru( $fp); fpassthru( $fp);
exit(); exit();
@ -229,7 +229,7 @@ else
// $Id: dropbox_download.php,v 1.10 2005/05/19 14:41:30 renehaentjens Exp $ // $Id: dropbox_download.php,v 1.10 2005/05/19 14:41:30 renehaentjens Exp $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -258,18 +258,18 @@ else
* Dropbox module for Claroline * Dropbox module for Claroline
* handles downloads of files. Direct downloading is prevented because of an .htaccess file in the * handles downloads of files. Direct downloading is prevented because of an .htaccess file in the
* dropbox directory. So everything goes through this script. * dropbox directory. So everything goes through this script.
* *
* 1. Initialising vars * 1. Initialising vars
* 2. Authorisation * 2. Authorisation
* 3. Sanity check of get data & file * 3. Sanity check of get data & file
* 4. Send headers * 4. Send headers
* 5. Send file * 5. Send file
* *
* *
* NOTE : * NOTE :
* When testing this with PHP4.0.4 on WinXP and Apache2 there were problems with downloading in IE6 * When testing this with PHP4.0.4 on WinXP and Apache2 there were problems with downloading in IE6
* After searching the only explanation I could find is a problem with the headers: * After searching the only explanation I could find is a problem with the headers:
* *
* HEADERS SENT WITH PHP4.3: * HEADERS SENT WITH PHP4.3:
* HTTP/1.1·200·OK(CR) * HTTP/1.1·200·OK(CR)
* (LF) * (LF)
@ -299,7 +299,7 @@ else
* (LF) * (LF)
* (CR) * (CR)
* (LF) * (LF)
* *
* HEADERS SENT WITH PHP4.0.4: * HEADERS SENT WITH PHP4.0.4:
* HTTP/1.1·200·OK(CR) * HTTP/1.1·200·OK(CR)
* (LF) * (LF)
@ -329,10 +329,10 @@ else
* (LF) * (LF)
* (CR) * (CR)
* (LF) * (LF)
* *
* As you can see the there is a difference in the Cache-Control directive. I suspect that this * As you can see the there is a difference in the Cache-Control directive. I suspect that this
* explains the problem. Also take a look at http://bugs.php.net/bug.php?id=16458. * explains the problem. Also take a look at http://bugs.php.net/bug.php?id=16458.
* *
* @version 1.21 * @version 1.21
* @copyright 2004-2005 * @copyright 2004-2005
* @author Jan Bols < jan @ ivpv . UGent . be > , main programmer * @author Jan Bols < jan @ ivpv . UGent . be > , main programmer
@ -347,7 +347,7 @@ else
============================================================================== ==============================================================================
INITIALISING VARIABLES INITIALISING VARIABLES
============================================================================== ==============================================================================
*/ */
require_once( "dropbox_init.inc.php"); //only call init1 because init2 outputs data require_once( "dropbox_init.inc.php"); //only call init1 because init2 outputs data
require_once( "dropbox_class.inc.php"); require_once( "dropbox_class.inc.php");
@ -356,7 +356,7 @@ require_once( "dropbox_class.inc.php");
============================================================================== ==============================================================================
AUTHORISATION SECTION AUTHORISATION SECTION
============================================================================== ==============================================================================
*/ */
if ( !isset( $_uid) || !$is_course_member ) if ( !isset( $_uid) || !$is_course_member )
{ {
require_once( "dropbox_init2.inc.php"); require_once( "dropbox_init2.inc.php");
@ -370,7 +370,7 @@ if ($_GET['mailing']) // RH: Mailing detail window call
============================================================================== ==============================================================================
SANITY CHECKS OF GET DATA & FILE SANITY CHECKS OF GET DATA & FILE
============================================================================== ==============================================================================
*/ */
if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id'])) die(dropbox_lang("generalError")." (code 501)"); if ( ! isset( $_GET['id']) || ! is_numeric( $_GET['id'])) die(dropbox_lang("generalError")." (code 501)");
$work = new Dropbox_work($_GET['id']); $work = new Dropbox_work($_GET['id']);
@ -397,12 +397,12 @@ $fileparts = explode( '.', $file);
$filepartscount = count( $fileparts); $filepartscount = count( $fileparts);
if ( ( $filepartscount > 1) & & isset( $mimetype[$fileparts [$filepartscount - 1]])) if ( ( $filepartscount > 1) & & isset( $mimetype[$fileparts [$filepartscount - 1]]))
{ {
// give hint to browser about filetype // give hint to browser about filetype
header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n"); header( "Content-type: " . $mimetype[$fileparts [$filepartscount - 1]] . "\n");
} }
else else
{ {
//no information about filetype: force a download dialog window in browser //no information about filetype: force a download dialog window in browser
header( "Content-type: application/octet-stream\n"); header( "Content-type: application/octet-stream\n");
} }
@ -421,7 +421,7 @@ else
* Note that if you use these two headers from a previous example: * Note that if you use these two headers from a previous example:
* header('Cache-Control: no-cache, must-revalidate'); * header('Cache-Control: no-cache, must-revalidate');
* header('Pragma: no-cache'); * header('Pragma: no-cache');
* before sending a file to the browser, the "Open" option on Internet Explorer's file download dialog will not work properly. If the user clicks "Open" instead of "Save," the target application will open an empty file, because the downloaded file was not cached. The user will have to save the file to their hard drive in order to use it. * before sending a file to the browser, the "Open" option on Internet Explorer's file download dialog will not work properly. If the user clicks "Open" instead of "Save," the target application will open an empty file, because the downloaded file was not cached. The user will have to save the file to their hard drive in order to use it.
* Make sure to leave these headers out if you'd like your visitors to be able to use IE's "Open" option. * Make sure to leave these headers out if you'd like your visitors to be able to use IE's "Open" option.
*/ */
header( "Pragma: \n"); header( "Pragma: \n");
Bart Mollet
19 years ago