Removing main/conference see #6713

main/conference/api.php

@@ -1,301 +0,0 @@
-<?php
-/* See license terms in /license.txt */
-
-/* FIX for IE cache when using https */
-session_cache_limiter("none");
-
-/**
- *    This is an interface between Chamilo and Videoconference application
- *
-
- */
-/*==== DEBUG ====*/
-$debug = 0;
-/*==== CONSTANTS ==== */
-define('VIDEOCONF_UPLOAD_PATH', '/videoconf');
-$presentation_extension = array('.ppt', '.odp');
-$image_extension = array('.png', '.jpg', '.gif', '.jpeg');
-
-if ($debug > 0) {
-    // dump the request
-    $v = array_keys(get_defined_vars());
-    error_log(var_export($v, true), 3, '/tmp/log');
-
-    foreach (array_keys(get_defined_vars()) as $k) {
-        if ($k == 'GLOBALS') {
-            continue;
-        }
-        error_log($k, 3, '/tmp/log');
-        error_log(var_export($$k, true), 3, '/tmp/log');
-    }
-
-}
-
-
-/*==== Flash loose the cookie ===*/
-/* needed when using the nice upload window :
-if ($_SERVER['HTTP_USER_AGENT'] == 'Shockwave Flash') {
-	$sid = $_REQUEST['sid'];
-	if ($debug>0) error_log("reusing: ".$sid);
-	session_id($sid);
-} */
-
-/*==== INCLUDE ====*/
-require_once '../inc/global.inc.php';
-api_block_anonymous_users();
-
-require_once ("../newscorm/learnpath.class.php");
-require_once ("../newscorm/openoffice_presentation.class.php");
-
-/*==== Variables initialisation ====*/
-$action = $_REQUEST["action"]; //safe as only used in if()'s
-$seek = array('/', '%2F', '..');
-$destroy = array('', '', '');
-$cidReq = str_replace($seek, $destroy, $_REQUEST["cidReq"]);
-$cidReq = Security::remove_XSS($cidReq);
-
-$user_id = api_get_user_id();
-$coursePath = api_get_path(SYS_COURSE_PATH).$cidReq.'/document';
-$_course = CourseManager::get_course_information($cidReq);
-$_course['path'] = $_course['directory'];
-// FIXME: FileManager::add_document needs this to work
-$_course['dbName'] = $_course['db_name'];
-
-// FIXME: check if CourseManager::get_user_in_course_status return !=
-//	COURSEMANAGER when the code is not valid
-if ($debug > 0) {
-    error_log($coursePath, 0);
-}
-
-if ($action == "uploadgui") {
-    echo '<form enctype="multipart/form-data" action="api.php" method="POST">
-	<input type="hidden" name="MAX_FILE_SIZE" value="100000000" />
-	<input type="hidden" name="action" value="upload" />
-	<input type="hidden" name="cidReq" value="'.$cidReq.'" />
-	<input type="hidden" name="sid" value="'.Security::remove_XSS($_REQUEST["sid"]).'" />
-
-	'.get_lang('SelectFile').': <input name="Filedata" type="file" /><br />
-	<input type="submit" value="'.get_lang('UploadFile').'"  />
-	</form>
-	';
-    die();
-} else {
-    if ($action == "upload") {
-        if ($debug > 0) {
-            error_log("upload".$_FILES['Filedata']);
-        }
-        /*==== PERMISSION ====*/
-        $permissions = CourseManager::get_user_in_course_status($user_id, $cidReq);
-        if ($permissions != COURSEMANAGER) {
-            if ($debug > 0) {
-                error_log("Upload from videoconf not allowed !!!", 0);
-            }
-            die('Not allowed'); // this user is not allowed to add upload documents
-        }
-        /*==== UPLOAD ====*/
-        $destPath = $coursePath.VIDEOCONF_UPLOAD_PATH;
-
-        /*==== creation of /videoconf ====*/
-        if (!is_dir($destPath)) {
-            $result = FileManager::create_unexisting_directory(
-                $_course,
-                $user_id,
-                api_get_session_id(),
-                0,
-                null,
-                $coursePath,
-                VIDEOCONF_UPLOAD_PATH
-            );
-            if (!$result) {
-                if ($debug > 0) {
-                    error_log("Can't create ".$destPath." folder", 0);
-                }
-            }
-        }
-
-        /*==== file upload ====*/
-        $newPath = $_FILES['Filedata']['name'];
-        if ($debug > 0) {
-            error_log($newPath);
-        }
-
-        /*==== extension extraction ====*/
-        $file_name = (strrpos($newPath, '.') > 0 ? substr($newPath, 0, strrpos($newPath, '.')) : $newPath);
-        $file_extension = (strrpos($newPath, '.') > 0 ? substr($newPath, strrpos($newPath, '.'), 10) : '');
-        if ($debug > 0) {
-            error_log(strrpos($newPath, '.'));
-        }
-        if ($debug > 0) {
-            error_log($file_extension);
-        }
-
-        /*==== conversion if needed ====*/
-        if (!in_array(strtolower($file_extension), $image_extension)) {
-            if ($debug > 0) {
-                error_log("converting: ".$file_extension);
-            }
-            $take_slide_name = false;
-            $o_ppt = new OpenofficePresentation($take_slide_name);
-            $o_ppt->set_slide_size(640, 480);
-            $o_ppt->convert_document($_FILES['Filedata'], 'add_docs_to_visio');
-        }
-
-        echo '<html><body><script language="javascript">setTimeout(1000,window.close());</script></body></html>';
-    } else {
-        if ($action == "service") {
-            /*==== List files ====*/
-            if ($debug > 0) {
-                error_log("sending file list", 0);
-            }
-            $subaction = $_REQUEST["subaction"];
-            $is_manager = (CourseManager::get_user_in_course_status($user_id, $cidReq) == COURSEMANAGER);
-            if ($subaction == "list") {
-                // FIXME: check security around $_REQUEST["cwd"]
-                $cwd = $_REQUEST["cwd"];
-
-
-                // treat /..
-                $nParent = 0; // the number of /.. into the url
-                while (substr($cwd, -3, 3) == "/..") {
-                    // go to parent directory
-                    $cwd = substr($cwd, 0, -3);
-                    if (strlen($cwd) == 0) {
-                        $cwd = "/";
-                    }
-                    $nParent++;
-                }
-                for (; $nParent > 0; $nParent--) {
-                    $cwd = (strrpos($cwd, '/') > -1 ? substr($cwd, 0, strrpos($cwd, '/')) : $cwd);
-                }
-
-                if (strlen($cwd) == 0) {
-                    $cwd = "/";
-                }
-
-                if (Security::check_abs_path($cwd, api_get_path(SYS_PATH))) {
-                    die();
-                }
-
-                // check if user can delete files. He must be manager and be inside /videoconf
-                $is_below_videoconf_dir = (substr($cwd, 0, strlen(VIDEOCONF_UPLOAD_PATH)) == VIDEOCONF_UPLOAD_PATH);
-                if ($debug > 0) {
-                    error_log('Current working directory: '.$cwd);
-                }
-                if ($debug > 0) {
-                    error_log('Videoconf upload path: '.VIDEOCONF_UPLOAD_PATH);
-                }
-                /* $canDelete = ($canDelete && $isBellowVideoConfUploadPath);
-                */
-                $can_delete = ($is_manager && $is_below_videoconf_dir);
-
-                // get files list
-                $files = DocumentManager::get_all_document_data($_course, $cwd, 0, null, false);
-                printf("<dokeosobject><fileListMeta></fileListMeta><fileList>");
-                printf("<folders>");
-
-                // title filter
-                if (is_array($files)) {
-                    foreach (array_keys($files) as $k) {
-                        // converting to UTF-8
-                        $files[$k]['title'] = api_convert_encoding(
-                            api_strlen($files[$k]['title']) > 32 ?
-                                api_substr($files[$k]['title'], 0, 32)."..." :
-                                $files[$k]['title'],
-                            'utf-8',
-                            api_get_system_encoding()
-                        );
-                        // removing '<', '>' and '_'
-                        $files[$k]['title'] = str_replace(array('<', '>', '_'), ' ', $files[$k]['title']);
-                    }
-                }
-
-                if (is_array($files)) {
-
-                    foreach ($files as $i) {
-                        if ($i["filetype"] == "folder") {
-                            printf(
-                                '<folder><path>%s</path><title>%s</title><canDelete>%s</canDelete></folder>',
-                                $i['path'],
-                                $i['title'],
-                                ($can_delete ? 'true' : 'false')
-                            );
-                        }
-                    }
-                }
-                printf("</folders><files>");
-                if (is_array($files)) {
-                    foreach ($files as $i) {
-                        $extension = (strrpos($i['path'], '.') > 0 ? substr(
-                            $i['path'],
-                            strrpos($i['path'], '.'),
-                            10
-                        ) : '');
-                        if ($i["filetype"] == "file" && in_array(strtolower($extension), $image_extension)) {
-                            printf(
-                                '<file><path>%s</path><title>%s</title><canDelete>%s</canDelete></file>',
-                                $i['path'],
-                                $i['title'],
-                                ($can_delete ? 'true' : 'false')
-                            );
-                        }
-                    }
-                }
-                printf("</files><ppts>");
-                printf("</ppts>");
-                printf("</fileList></dokeosobject>");
-            } else {
-                if ($subaction == "delete") {
-                    /*==== PERMISSION ====*/
-                    $permissions = CourseManager::get_user_in_course_status($user_id, $cidReq);
-                    if ($permissions != COURSEMANAGER) {
-                        if ($debug > 0) {
-                            error_log("Upload from videoconf not allowed !!!", 0);
-                        }
-                        die(); // this user is not allowed to add upload documents
-                    }
-                    /*==== DELETE ====*/
-                    $path = str_replace('../', '', $_REQUEST["path"]);
-                    if ((substr($path, 0, strlen(VIDEOCONF_UPLOAD_PATH)) != VIDEOCONF_UPLOAD_PATH)) {
-                        if ($debug > 0) {
-                            error_log("Delete from videoconf for " + $path + " NOT ALLOWED", 0);
-                        }
-                        die();
-                    }
-                    DocumentManager::delete_document($_course, $path, $coursePath);
-                    echo "<result>OK</result>"; // We have to return something to OpenLaszlo
-                }
-            }
-        } else {
-            if ($action == "download") {
-                /*==== DOWNLOAD ====*/
-                //check if the document is in the database
-                if (!DocumentManager::get_document_id($_course, $_REQUEST['file'])) {
-                    //file not found!
-                    if ($debug > 0) {
-                        error_log("404 ".$_REQUEST["file"]);
-                    }
-                    header("HTTP/1.0 404 Not Found");
-                    $error404 = '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">';
-                    $error404 .= '<html><head>';
-                    $error404 .= '<title>404 Not Found</title>';
-                    $error404 .= '</head><body>';
-                    $error404 .= '<h1>Not Found</h1>';
-                    $error404 .= '<p>The requested URL was not found on this server.</p>';
-                    $error404 .= '<hr>';
-                    $error404 .= '</body></html>';
-                    echo($error404);
-                    exit;
-                }
-                $doc_url = str_replace('../', '', $_REQUEST['file']);
-                if ($debug > 0) {
-                    error_log($doc_url);
-                }
-                $full_file_name = $coursePath.$doc_url;
-                if (Security::check_abs_path($full_file_name, $coursePath.'/')) {
-                    DocumentManager::file_send_for_download($full_file_name, false);
-                }
-                exit;
-            }
-        }
-    }
-}

main/conference/audiopost.php

@@ -1,83 +0,0 @@
-<?php
-/* See license terms in /license.txt */
-
-//file_put_contents("result.txt", print_r($_POST, true));
-//file_put_contents("result3.txt", print_r($_FILES, true));
-//file_put_contents("result2.txt", print_r($_GET, true));
-require_once '../inc/global.inc.php';
-
-// check the request comes from our red5 server
-$ips = gethostbynamel(api_get_setting('service_visio', 'visio_host'));
-$is_our_server = false;
-
-// ignoring null file
-if ($_FILES["file"]["size"] == 0) {
-    exit(0);
-}
-
-if (is_array($ips)) {
-    foreach ($ips as $ip) {
-        //get 255 range for known server address
-        $split = split('.', $ip);
-        $ip_range_server = $split[0].'.'.$split[1].'.'.$split[2];
-        //get 255 range for request source address
-        $split = split('.', $_SERVER['REMOTE_ADDR']);
-        $ip_range_request = $split[0].'.'.$split[1].'.'.$split[2];
-        if ($ip_range_server == $ip_range_request) {
-            $is_our_server = true;
-        }
-    }
-}
-if ($is_our_server) {
-    if (api_get_setting('service_visio', 'active') == 'true') {
-        //check encryption key
-        $string1 = $_GET['course_code'].$_GET['user_id'].gmdate('Ymd').$_configuration['security_key'];
-        $string2 = $_GET['course_code'].$_GET['user_id'].(gmdate('Ymd') - 1).$_configuration['security_key'];
-        if (md5($string1) == $_GET['checker'] or md5($string2) == $_GET['checker']) {
-            $course_info = api_get_course_info($_GET['course_code']);
-            $target = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document/audio/';
-            $basename = basename($_FILES['file']['name']);
-            $target = $target.$basename;
-            if (!move_uploaded_file($_FILES['file']['tmp_name'], $target)) {
-                error_log(__FILE__.':'.__LINE__.': File upload to '.$target.' failed', 0);
-            } else {
-                $id = FileManager::add_document(
-                    $course_info,
-                    '/audio/'.$basename,
-                    'file',
-                    filesize($target),
-                    $basename
-                );
-                if ($id !== false) {
-                    $res = api_item_property_update(
-                        $course_info,
-                        TOOL_DOCUMENT,
-                        $id,
-                        'DocumentAdded',
-                        $_GET['user_id']
-                    );
-                    if ($res === false) {
-                        error_log(
-                            __FILE__.':'.__LINE__.': Something went wrong with item properties update of '.$target,
-                            0
-                        );
-                    } else { //make sound invisible?
-                        //$res = api_item_property_update($course_info,TOOL_DOCUMENT,$id,'invisible',$_GET['user_id']);
-                    }
-                } else {
-                    error_log(__FILE__.':'.__LINE__.': Could not create document record for document '.$target, 0);
-                }
-            }
-        } else {
-            error_log(
-                __FILE__.':'.__LINE__.': Attempting to save file but hash check did not suceed (hacking attempt?)',
-                0
-            );
-        }
-    } else {
-        error_log(__FILE__.':'.__LINE__.': Attempting to save file but videoconf is not enabled', 0);
-    }
-} else {
-    error_log(__FILE__.':'.__LINE__.': Attempting to save file but coming from unknown source', 0);
-}
-?>

main/conference/checksession.php

@@ -1,99 +0,0 @@
-<?php
-/* See license terms in /license.txt */
-
-/* FIX for IE cache when using https */
-session_cache_limiter("none");
-
-/**
- * This script gives information to the videoconference scripts (in OpenLaszlo)
- * to use the right URL and ports for the videoconference.
- */
-require_once('../newscorm/learnpath.class.php');
-if($debug>0) error_log('New LP - Included learnpath',0);
-require_once('../newscorm/learnpathItem.class.php');
-if($debug>0) error_log('New LP - Included learnpathItem',0);
-require_once('../newscorm/scorm.class.php');
-if($debug>0) error_log('New LP - Included scorm',0);
-require_once('../newscorm/scormItem.class.php');
-if($debug>0) error_log('New LP - Included scormItem',0);
-require_once('../newscorm/aicc.class.php');
-if($debug>0) error_log('New LP - Included aicc',0);
-require_once('../newscorm/aiccItem.class.php');
-if($debug>0) error_log('New LP - Included aiccItem',0);
-
-require("../../main/inc/global.inc.php");
-require_once('get_translation.lib.php');
-api_block_anonymous_users();
-
-//$confkey = "0123456789abcdef0123456789abcdef";
-$confkey = api_get_setting('service_visio','visio_pass');
-$challenge = api_generate_password(32); //generate a 32 characters-long challenge key
-
-require_once (api_get_path(LIBRARY_PATH)."course.lib.php");
-printf ('<?xml version="1.0" encoding="UTF-8" ?>');
-
-printf('<dokeosobject>');
-
-printf('<courseobject>');
-foreach ($_SESSION['_course'] as $key => $val)
-		printf('<%s>%s</%s>',$key,api_utf8_encode($val),$key);
-printf('</courseobject>');
-
-printf('<userobject>');
-foreach ($_SESSION['_user'] as $key => $val)
-	if ($key != "auth_source")
-	{
-		if (( $key == "lastName" || $key == "firstName" ) && strlen($val) == 0)
-			$val = get_lang('Unknown');
-		printf('<%s>%s</%s>',$key,api_utf8_encode($val),$key);
-	}
-
-printf('<sid>%s</sid>', session_id());
-$isadmin =((CourseManager::get_user_in_course_status($_SESSION['_user']['user_id'], $_SESSION['_course']['sysCode']) == COURSEMANAGER)||
-		api_is_platform_admin() ||
-		api_is_course_tutor() ||
-		api_is_course_admin() ||
-		api_is_course_coach() ? "true" : "false");
-printf('<key>%s</key>', md5($confkey.$challenge));
-printf('<challenge>%s</challenge>', $challenge);
-printf('<isUploadAllowed>%s</isUploadAllowed>', $isadmin);
-printf('<canStartModerator>%s</canStartModerator>',($isadmin=='true' || $_SESSION["roomType"] == "conference")?'true':'false');
-printf('<mustStartModerator>%s</mustStartModerator>',($isadmin=='true' || $_SESSION["roomType"] == "conference")?'true':'false');
-printf('</userobject>');
-
-printf('<config>');
-printf('<host>'.api_get_setting('service_visio','visio_host').'</host>');
-printf('<port>'.api_get_setting('service_visio','visio_port').'</port>');
-printf('</config>');
-
-$path = preg_replace('/^([^:]*:\/\/)/','',api_get_path(WEB_PATH));
-$path = str_replace('/','_',$path);
-printf('<roomConfig>');
-printf('<portal>%s</portal>', $path);
-printf('<roomType>%s</roomType>', $_SESSION['roomType']); // fixme remove +
-printf('</roomConfig>');
-
-printf('<recorderparams>');
-
-if(isset($_SESSION['oLP']))
-{
-	switch ($_SESSION['whereami'])
-	{
-		case 'lp/build' :
-			$student_view = 'false';
-			break;
-		default :
-			$student_view = 'true';
-		break;
-	}
-	$document_id = $_SESSION['oLP']->current;
-}
-
-printf('<studentview>%s</studentview>',$student_view);
-printf('<documentid>%s</documentid>',$document_id);
-printf('</recorderparams>');
-printf('<languageobject>');
-printf(get_language_file_as_xml($language_interface));
-printf('</languageobject>');
-printf('</dokeosobject>');
-?>

main/conference/get_translation.lib.php

@@ -1,94 +0,0 @@
-<?php
-/* See license terms in /license.txt */
-/**
- * Library for language translation from Chamilo language files to XML for videoconference
- * @uses api.lib.php for api_get_path()
- */
-/**
- * This function reads a Chamilo language file and transforms it into XML,
- * then returns the XML string to the caller.
- */
-function get_language_file_as_xml($language='english')
-{
-	$path = api_get_path(SYS_LANG_PATH).$language.'/';
-	if(!is_dir($path) or !is_readable($path))
-	{
-		if($language != 'english')
-		{
-			return get_language_file_as_xml('english');
-		}
-		else
-		{
-			return '';
-		}
-	}
-	//error_log('Analysing path '.$path);
-	$file = $path.'videoconf.inc.php';
-	if(!is_file($file) or !is_readable($file))
-	{
-		if($language != 'english')
-		{
-			return get_language_file_as_xml('english');
-		}
-		else
-		{
-			return '';
-		}
-	}
-
-	/*
-	$convert = true;
-	if(substr($language,-7,7) == 'unicode')
-	{//do not convert if the language ends with 'unicode', which means it's in UTF-8
-		$convert=false;
-	}
-	$list = file($file);
-	$xml = '';
-	foreach ( $list as $line )
-	{
-		if(substr($line,0,1)=='$')
-		{
-			$items = array();
-			$match = preg_match('/^\$([^\s]*)\s*=\s*"(.*)";$/',$line,$items);
-			if($match)
-			{
-				//todo: The following conversion should only happen for old language files (encoded in ISO-8859-1).
-				if($convert)
-				{
-					$string = api_convert_encoding($items[2],'UTF-8','ISO-8859-1');
-				}
-				else
-				{
-					$string = $items[2];
-				}
-				$xml .= '<labelfield><labelid>'.$items[1].'</labelid><labelvalue>'.stripslashes($string).'</labelvalue></labelfield>'."\n";
-			}
-		}
-	}
-	*/
-
-	//---------
-	$list = file($file);
-	$xml = '';
-	foreach ( $list as $line ) {
-		if(substr($line, 0, 1)=='$') {
-			$items = array();
-			$match = preg_match('/^\$([^\s]*)\s*=\s*"(.*)";$/', $line, $items);
-			if($match) {
-				$string = $items[2];
-				if (!api_is_valid_utf8($string)) {
-					$string = api_html_entity_decode(api_utf8_encode($string), ENT_QUOTES, 'UTF-8');
-				}
-				$xml .= '<labelfield><labelid>'.$items[1].'</labelid><labelvalue>'.stripslashes($string).'</labelvalue></labelfield>'."\n";
-			}
-		}
-	}
-	//---------
-
-	if(empty($xml) && $language!='english')
-	{
-		return get_language_file_as_xml('english');
-	}
-	return $xml;
-}
-?>

main/conference/index.php

@@ -1,15 +0,0 @@
-<?php
-/* See license terms in /license.txt */
-/**
- * Generates the HTML page containing the iframe that loads the videoconference's Flash plugin
- */
-require_once '../inc/global.inc.php'; 
-api_protect_course_script();
-// Only allow conference or classroom modes. Others are likely to be attacks
-if ($_GET['type'] == 'conference' or $_GET['type'] == 'classroom') {
-	$_SESSION["roomType"] = $_GET['type'];
-}
-?>
-<span align="center">
-<iframe frameborder="0" scrolling="no" width="100%" height="100%" src="videoconference.php"></iframe>
-</span>