chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Corrections in the document tool in order to use document_id instead of curdirpath (partial) see # 3261

Browse Source
skala
Julio Montoya 14 years ago
parent 3a64681231
commit c199867a2b
10 changed files with 144 additions and 148 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 97
      main/document/create_document.php
  2. 22
      main/document/create_draw.php
  3. 18
      main/document/create_paint.php
  4. 4
      main/document/document.inc.php
  5. 58
      main/document/document.php
  6. 5
      main/document/edit_paint.php
  7. 7
      main/document/exit_pixlr.php
  8. 30
      main/document/record_audio.php
  9. 4
      main/inc/lib/document.lib.php
  10. 47
      main/inc/lib/svg-edit/extensions/filesave.php

97
main/document/create_document.php
Unescape View File

@ -27,25 +27,19 @@ function InnerDialogLoaded() {
var isIE = (navigator.appVersion.indexOf(\'MSIE\') != -1) ? true : false ;
var EditorFrame = null ;
if ( !isIE )
{
if ( !isIE ) {
EditorFrame = window.frames[0] ;
}
else
{
} else {
// For this dynamic page window.frames[0] enumerates frames in a different order in IE.
// We need a sure method to locate the frame that contains the online editor.
for ( var i = 0, n = window.frames.length ; i < n ; i++ )
{
if ( window.frames[i].location.toString().indexOf(\'InstanceName=content\') != -1 )
{
for ( var i = 0, n = window.frames.length ; i < n ; i++ ) {
if ( window.frames[i].location.toString().indexOf(\'InstanceName=content\') != -1 ) {
EditorFrame = window.frames[i] ;
}
}
}
if ( !EditorFrame )
{
if ( !EditorFrame ) {
return null ;
}
@ -58,22 +52,19 @@ function InnerDialogLoaded() {
var use_document_title='.api_get_setting('use_document_title').';
var load_default_template = '. ((isset($_POST['submit']) || empty($_SERVER['QUERY_STRING'])) ? 'false' : 'true' ) .';
function launch_templates()
{
function launch_templates() {
//document.getElementById(\'frmModel\').style.display="block";
//document.getElementById(\'content___Frame\').width=\'70%\';
//window.frames[0].FCKToolbarItems.GetItem("Template").Click;
}
function FCKeditor_OnComplete( editorInstance )
{
function FCKeditor_OnComplete( editorInstance ) {
editorInstance.Events.AttachEvent( \'OnSelectionChange\', check_for_title ) ;
document.getElementById(\'frmModel\').innerHTML = "<iframe style=\'height: 525px; width: 180px;\' scrolling=\'no\' frameborder=\'0\' src=\''.api_get_path(WEB_LIBRARY_PATH).'fckeditor/editor/fckdialogframe.html \'>";
}
function check_for_title()
{
if(temp){
function check_for_title() {
if (temp) {
// This functions shows that you can interact directly with the editor area
// DOM. In this way you have the freedom to do anything you want with it.
@ -134,31 +125,29 @@ function InnerDialogLoaded() {
temp=true;
}
function trim(s)
{
while(s.substring(0,1) == \' \') {
s = s.substring(1,s.length);
}
while(s.substring(s.length-1,s.length) == \' \') {
s = s.substring(0,s.length-1);
}
return s;
function trim(s) {
while(s.substring(0,1) == \' \') {
s = s.substring(1,s.length);
}
while(s.substring(s.length-1,s.length) == \' \') {
s = s.substring(0,s.length-1);
}
return s;
}
function check_if_still_empty()
{
if(trim(document.getElementById(\'filename\').value) != "")
{
function check_if_still_empty() {
if(trim(document.getElementById(\'filename\').value) != "") {
document.getElementById(\'title_edited\').value = "true";
}
}
function setFocus(){
$("#document_title").focus();
}
function setFocus() {
$("#document_title").focus();
}
$(window).load(function () {
setFocus();
});
setFocus();
});
</script>';
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
@ -178,7 +167,16 @@ $nameTools = get_lang('CreateDocument');
/* Constants and variables */
$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
//$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$document_data = DocumentManager::get_document_data_by_id($_REQUEST['id'], api_get_course_id());
if (empty($document_data)) {
$dir = '/';
$folder_id = 0;
} else {
$folder_id = $document_data['id'];
$dir = $document_data['path'];
}
//$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
/* MAIN CODE */
@ -208,8 +206,7 @@ if ($dir[strlen($dir) - 1] != '/') {
$doc_tree= explode('/', $dir);
$count_dir = count($doc_tree) -2; // "2" because at the begin and end there are 2 "/"
// Level correction for group documents.
if (!empty($group_properties['directory']))
{
if (!empty($group_properties['directory'])) {
$count_dir = $count_dir > 0 ? $count_dir - 1 : 0;
}
$relative_url = '';
@ -302,8 +299,8 @@ if (isset($_REQUEST['certificate'])) {//added condition for certicate in gradebo
$renderer = & $form->defaultRenderer();
// Hidden element with current directory
$form->addElement('hidden', 'dir');
$default['dir'] = $dir;
$form->addElement('hidden', 'id');
$default['id'] = $folder_id;
// Filename
$form->addElement('hidden', 'title_edited', 'false', 'id="title_edited"');
@ -424,19 +421,19 @@ if (!$is_certificate_mode && !is_my_shared_folder($_user['user_id'], $_GET['dir'
$escaped_folders = array();
foreach ($folders as $key => & $val) {
//Hide some folders
if($val=='/HotPotatoes_files' || $val=='/certificates' || basename($val)=='css'){
if ($val=='/HotPotatoes_files' || $val=='/certificates' || basename($val)=='css'){
continue;
}
//Admin setting for Hide/Show the folders of all users
if(api_get_setting('show_users_folders') == 'false' && (strstr($val, '/shared_folder') || strstr($val, 'shared_folder_session_'))){
if (api_get_setting('show_users_folders') == 'false' && (strstr($val, '/shared_folder') || strstr($val, 'shared_folder_session_'))){
continue;
}
//Admin setting for Hide/Show Default folders to all users
if(api_get_setting('show_default_folders') == 'false' && ($val=='/images' || $val=='/flash' || $val=='/audio' || $val=='/video' || strstr($val, '/images/gallery') || $val=='/video/flv')){
if (api_get_setting('show_default_folders') == 'false' && ($val=='/images' || $val=='/flash' || $val=='/audio' || $val=='/video' || strstr($val, '/images/gallery') || $val=='/video/flv')){
continue;
}
//Admin setting for Hide/Show chat history folder
if(api_get_setting('show_chat_folder') == 'false' && $val=='/chat_files'){
if (api_get_setting('show_chat_folder') == 'false' && $val=='/chat_files'){
continue;
}
@ -464,19 +461,19 @@ if (!$is_certificate_mode && !is_my_shared_folder($_user['user_id'], $_GET['dir'
if (is_array($folders)) {
foreach ($folders as & $folder) {
//Hide some folders
if($folder=='/HotPotatoes_files' || $folder=='/certificates' || basename($folder)=='css'){
if ($folder=='/HotPotatoes_files' || $folder=='/certificates' || basename($folder)=='css'){
continue;
}
//Admin setting for Hide/Show the folders of all users
if(api_get_setting('show_users_folders') == 'false' && (strstr($folder, '/shared_folder') || strstr($folder, 'shared_folder_session_'))){
if (api_get_setting('show_users_folders') == 'false' && (strstr($folder, '/shared_folder') || strstr($folder, 'shared_folder_session_'))){
continue;
}
//Admin setting for Hide/Show Default folders to all users
if(api_get_setting('show_default_folders') == 'false' && ($folder=='/images' || $folder=='/flash' || $folder=='/audio' || $folder=='/video' || strstr($folder, '/images/gallery') || $folder=='/video/flv')){
if (api_get_setting('show_default_folders') == 'false' && ($folder=='/images' || $folder=='/flash' || $folder=='/audio' || $folder=='/video' || strstr($folder, '/images/gallery') || $folder=='/video/flv')){
continue;
}
//Admin setting for Hide/Show chat history folder
if(api_get_setting('show_chat_folder') == 'false' && $folder=='/chat_files'){
if (api_get_setting('show_chat_folder') == 'false' && $folder=='/chat_files'){
continue;
}
@ -611,7 +608,7 @@ if ($form->validate()) {
$selectcat = '';
if (isset($_REQUEST['selectcat']))
$selectcat = "&selectcat=".Security::remove_XSS($_REQUEST['selectcat']);
header('Location: document.php?curdirpath='.urlencode($dir).$selectcat);
header('Location: document.php?id='.$folder_id.$selectcat);
exit ();
} else {
Display :: display_header($nameTools, 'Doc');

22
main/document/create_draw.php
Unescape View File

@ -28,18 +28,23 @@ $nameTools = get_lang('Draw');
api_protect_course_script();
api_block_anonymous_users();
if (!isset($_GET['dir'])){
if (!isset($_GET['id'])) {
api_not_allowed(true);
}
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_id = $document_data['id'];
$dir = $document_data['path'];
/* Constants and variables */
//path for svg-edit save
$_SESSION['draw_dir']=Security::remove_XSS($_GET['dir']);
if($_SESSION['draw_dir']=='/'){
$_SESSION['draw_dir']='';
$_SESSION['draw_dir'] = Security::remove_XSS($dir);
if ($_SESSION['draw_dir']=='/'){
$_SESSION['draw_dir']='';
}
$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$dir = isset($dir) ? Security::remove_XSS($dir) : Security::remove_XSS($_POST['dir']);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
// Please, do not modify this dirname formatting
@ -80,13 +85,13 @@ if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
}
}
$interbreadcrumb[] = array ("url" => "./document.php?curdirpath=".urlencode($_GET['dir']).$req_gid, "name" => get_lang('Documents'));
$interbreadcrumb[] = array ("url" => "./document.php?id=".$parent_id.$req_gid, "name" => get_lang('Documents'));
if (!$is_allowed_in_course) {
api_not_allowed(true);
}
if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($_GET['dir']), api_get_session_id()))) {
if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($dir), api_get_session_id()))) {
api_not_allowed(true);
}
@ -130,11 +135,10 @@ if (isset ($group)) {
}
$dir_acum .= $dir_array[$i].'/';
}
//
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['dir']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '</div>';
if (api_browser_support('svg')){

18
main/document/create_paint.php
Unescape View File

@ -25,20 +25,24 @@ $nameTools = get_lang('PhotoRetouching');
api_protect_course_script();
api_block_anonymous_users();
if (api_get_setting('enabled_support_paint') == 'false'){
if (api_get_setting('enabled_support_paint') == 'false') {
api_not_allowed(true);
}
if (!isset($_GET['dir'])){
api_not_allowed(true);
if (!isset($_GET['id'])) {
api_not_allowed(true);
}
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_id = $document_data['id'];
$dir = $document_data['path'];
$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
//$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
//path for pixlr save
$_SESSION['paint_dir']=Security::remove_XSS($_GET['dir']);
if($_SESSION['paint_dir']=='/'){
if ($_SESSION['paint_dir']=='/'){
$_SESSION['paint_dir']='';
}
$_SESSION['paint_file']=get_lang('NewImage');
@ -107,8 +111,6 @@ if (isset ($group)) {
// Copied from document.php
$dir_array = explode('/', $dir);
$array_len = count($dir_array);
$dir_acum = '';
for ($i = 0; $i < $array_len; $i++) {
$url_dir = 'document.php?&curdirpath='.$dir_acum.$dir_array[$i];
@ -125,7 +127,7 @@ if (isset ($group)) {
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['dir']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '</div>';
///pixlr

4
main/document/document.inc.php
Unescape View File

@ -651,9 +651,9 @@ function display_user_link_document($user_id, $name) {
* @return string html-output text for the form
*/
function create_dir_form() {
global $document_id;
$new_folder_text = '<form action="'.api_get_self().'" method="post">';
$new_folder_text .= '<input type="hidden" name="curdirpath" value="'.Security::remove_XSS($_GET['curdirpath']).'" />';
$new_folder_text .= '<input type="hidden" name="dir_id" value="'.$document_id.'" />';
// Form title
$new_folder_text .= '<div class="row"><div class="form_header">'.get_lang('CreateDir').'</div></div>';

58
main/document/document.php
Unescape View File

@ -48,6 +48,10 @@ require_once $lib_path.'formvalidator/FormValidator.class.php';
api_protect_course_script(true);
//Removing sessions
unset($_SESSION['draw_dir']);
unset($_SESSION['paint_dir']);
//jquery thickbox already called from main/inc/header.inc.php
$htmlHeadXtra[] = '<script type="text/javascript">
@ -69,11 +73,7 @@ DocumentManager::create_directory_certificate_in_course(api_get_course_id());
//Hack in order to use document.php?id=X
if (isset($_GET['id'])) {
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($document_data['path']));
if (!$parent_id) {
$parent_id = 0;
}
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
//@todo replace all
$_GET['curdirpath'] = $document_data['path'];
}
@ -88,18 +88,24 @@ if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
} else {
$curdirpath = '/';
}
$curdirpathurl = urlencode($curdirpath);
$curdirpathurl = urlencode($curdirpath);
// Check the path
// If the path is not found (no document id), set the path to /
$document_id = DocumentManager::get_document_id($_course, $curdirpath);
if (!$document_id) {
if (!$document_id) {
$document_id = DocumentManager::get_document_id(api_get_course_info(), $curdirpath);
$curdirpath = '/';
// Urlencoded version
$curdirpathurl = '%2F';
}
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($document_data['path']));
if (!$parent_id) {
$parent_id = 0;
}
$current_folder_id = $document_id;
@ -372,6 +378,7 @@ if (!$is_certificate_mode) {
*/
$dir_acum = '';
for ($i = 0; $i < $array_len; $i++) {
$url_dir = 'document.php?&amp;curdirpath='.$dir_acum.$dir_array[$i];
//Max char 80
@ -583,7 +590,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'copytomyfiles' && api_get_sett
/* CREATE DIRECTORY */
//Only teacher and all users into their group and any user into his/her shared folder
if($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $current_session_id)){
if($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $current_session_id)) {
// Create directory with $_POST data
if (isset($_POST['create_dir']) && $_POST['dirname'] != '') {
// Needed for directory creation
@ -593,7 +600,9 @@ if (isset($_GET['action']) && $_GET['action'] == 'copytomyfiles' && api_get_sett
if ($post_dir_name == '../' || $post_dir_name == '.' || $post_dir_name == '..') {
Display::display_error_message(get_lang('CannotCreateDir'));
} else {
$added_slash = ($curdirpath == '/') ? '' : '/';
$document_data = DocumentManager::get_document_data_by_id($_POST['dir_id'], api_get_course_id());
$curdirpath = $document_data['path'];
$added_slash = ($curdirpath == '/') ? '' : '/';
$dir_name = $curdirpath.$added_slash.replace_dangerous_char($post_dir_name);
$dir_name = disable_dangerous_file($dir_name);
$dir_name = str_replace('.', '_', $dir_name);
@ -785,6 +794,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights){
}
/* GO TO PARENT DIRECTORY */
if ($curdirpath!= '/' && $curdirpath != $group_properties['directory'] && !$is_certificate_mode) {
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'">';
echo Display::display_icon('folder_up.png', get_lang('Up'),'','32');
@ -797,7 +807,7 @@ if ($is_certificate_mode && $curdirpath != '/certificates') {
<?php Display::display_icon('folder_up.png', get_lang('Up'),'','32'); ?></a>
<?php
}
$table_footer = '';
if (isset($docs_and_folders) && is_array($docs_and_folders)) {
//echo('<pre>');
//print_r($docs_and_folders);
@ -901,7 +911,7 @@ if (isset($docs_and_folders) && is_array($docs_and_folders)) {
}
} else {
$sortable_data = '';
$table_footer = '<div style="text-align:center;"><strong>'.get_lang('NoDocsInFolder').'</strong></div>';
$table_footer = get_lang('NoDocsInFolder');
}
$column_show = array();
@ -914,7 +924,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
// Create new document
if (!$is_certificate_mode) {
?>
<a href="create_document.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>">
<a href="create_document.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>">
<?php Display::display_icon('new_document.png', get_lang('CreateDoc'),'','32'); ?></a>
<?php
@ -922,7 +932,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
if (api_get_setting('enabled_support_svg') == 'true') {
if (api_browser_support('svg')) {
?>
<a href="create_draw.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>">
<a href="create_draw.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>">
<?php Display::display_icon('new_draw.png', get_lang('Draw'),'','32'); ?></a>&nbsp;
<?php
} else {
@ -933,15 +943,15 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
// Create new paint
if (api_get_setting('enabled_support_pixlr') == 'true'){
?>
<a href="create_paint.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>">
<a href="create_paint.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>">
<?php Display::display_icon('new_paint.png', get_lang('PhotoRetouching'),'','32'); ?></a>
<?php
}
// Record new audio
if (api_get_setting('enable_nanogong') == 'true'){
if (api_get_setting('enable_nanogong') == 'true') {
?>
<a href="record_audio.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>">
<a href="record_audio.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>">
<?php Display::display_icon('new_recording.png', get_lang('RecordMyVoice'),'',32); ?></a>
<?php
}
@ -949,7 +959,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
// Create new audio
if (api_get_setting('enabled_text2audio') == 'true'){
?>
<a href="create_audio.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>">
<a href="create_audio.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>">
<?php Display::display_icon('new_sound.png', get_lang('CreateAudio'),'','32'); ?></a>
<?php
}
@ -958,7 +968,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
// Create new certificate
if ($is_certificate_mode) {
?>
<a href="create_document.php?<?php echo api_get_cidreq(); ?>&amp;dir=<?php echo $curdirpathurl.$req_gid; ?>&amp;certificate=true&amp;<?php echo 'selectcat='.Security::remove_XSS($_GET['selectcat']); ?>">
<a href="create_document.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>&certificate=true&<?php echo 'selectcat='.Security::remove_XSS($_GET['selectcat']); ?>">
<?php Display::display_icon('new_certificate.png', get_lang('CreateCertificate'),'','32'); ?></a>
<?php
}
@ -972,8 +982,8 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
}
// Create directory
if (!$is_certificate_mode) {
?>
<a href="<?php echo api_get_self(); ?>?<?php echo api_get_cidreq(); ?>&amp;curdirpath=<?php echo $curdirpathurl.$req_gid; ?>&amp;createdir=1">
?>
<a href="<?php echo api_get_self(); ?>?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id.$req_gid; ?>&createdir=1">
<?php Display::display_icon('new_folder.png', get_lang('CreateDir'),'','32'); ?></a>
<?php
}
@ -1062,14 +1072,14 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
// Actions on multiple selected documents
// TODO: Currently only delete action -> take only DELETE right into account
if (count($docs_and_folders) > 1) {
if ($is_allowed_to_edit || $group_member_with_upload_rights) {
$form_actions = array();
$form_action['delete'] = get_lang('Delete');
$table->set_form_actions($form_action, 'path');
}
}
}
$table->display();
if (count($docs_and_folders) > 1) {
@ -1085,7 +1095,7 @@ if (count($docs_and_folders) > 1) {
}
}
if (!empty($table_footer)) {
echo $table_footer;
Display::display_warning_message($table_footer);
}
// Footer

5
main/document/edit_paint.php
Unescape View File

@ -123,8 +123,7 @@ $langpixlr = isset($pixlr_code_translation_table[$langpixlr]) ? $pixlredit_code_
$loc=$langpixlr;// deprecated ?? TODO:check pixlr read user browser
$exit_path=api_get_path(WEB_CODE_PATH).'document/exit_pixlr.php';
$_SESSION['exit_pixlr']= Security::remove_XSS($dir);
$exit=$exit_path;
$_SESSION['exit_pixlr']= Security::remove_XSS($parent_id);
$referrer="Chamilo";
@ -176,7 +175,7 @@ $_SESSION['temp_realpath_image']=$to;
//load image to url
$to_url=api_get_path(WEB_ARCHIVE_PATH).'temp/images/'.$file_crip;
$image=urlencode($to_url);
$pixlr_url = 'http://pixlr.com/editor/?title='.$title.'&amp;image='.$image.'&amp;loc='.$loc.'&amp;referrer='.$referrer.'&amp;target='.$target.'&amp;exit='.$exit.'&amp;locktarget='.$locktarget.'&amp;locktitle='.$locktitle;
$pixlr_url = 'http://pixlr.com/editor/?title='.$title.'&amp;image='.$image.'&amp;loc='.$loc.'&amp;referrer='.$referrer.'&amp;target='.$target.'&amp;exit='.$exit_path.'&amp;locktarget='.$locktarget.'&amp;locktitle='.$locktitle;
//make frame an send image
echo '<iframe style="height: 600px; width: 100%;" scrolling="no" frameborder="0" src="'.$pixlr_url.'">';

7
main/document/exit_pixlr.php
Unescape View File

@ -6,7 +6,7 @@
*
* @package chamilo.document
*
* @author Juan Carlos Raña Trabado
* @author Juan Carlos Ra<EFBFBD>a Trabado
* @since 30/january/2011
*/
@ -30,8 +30,7 @@ if (!isset($_SESSION['exit_pixlr'])){
}
else{
echo '<div align="center" style="padding-top:150; font-family:Arial, Helvetica, Sans-serif;font-size:25px;color:#aaa;font-weight:bold;">'.get_lang('PleaseStandBy').'</div>';
$location=api_get_path(WEB_CODE_PATH).'document/document.php?curdirpath='.Security::remove_XSS($_SESSION['exit_pixlr']);
$location=api_get_path(WEB_CODE_PATH).'document/document.php?id='.Security::remove_XSS($_SESSION['exit_pixlr']);
echo '<script>window.parent.location.href="'.$location.'"</script>';
unset($_SESSION['exit_pixlr']);
}
?>
}

30
main/document/record_audio.php
Unescape View File

@ -28,14 +28,16 @@ $nameTools = get_lang('VoiceRecord');
api_protect_course_script();
api_block_anonymous_users();
if (!isset($_GET['dir'])){
api_not_allowed(true);
if (!isset($_GET['id'])) {
api_not_allowed(true);
}
$dir = isset($_GET['dir']) ? Security::remove_XSS($_GET['dir']) : Security::remove_XSS($_POST['dir']);
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_id = $document_data['id'];
$dir = $document_data['path'];
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
//////////////////////////////////
// Please, do not modify this dirname formatting
if (strstr($dir, '..')) {
@ -73,14 +75,14 @@ if (isset ($_SESSION['_gid']) && $_SESSION['_gid'] != 0) {
api_not_allowed(true);
}
}
$interbreadcrumb[] = array ("url" => "./document.php?curdirpath=".urlencode($_GET['dir']).$req_gid, "name" => get_lang('Documents'));
$interbreadcrumb[] = array ("url" => "./document.php?id=".$document_id.$req_gid, "name" => get_lang('Documents'));
if (!$is_allowed_in_course) {
api_not_allowed(true);
}
if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder($_user['user_id'], Security::remove_XSS($_GET['dir']),api_get_session_id()))) {
if (!($is_allowed_to_edit || $_SESSION['group_member_with_upload_rights'] || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($dir),api_get_session_id()))) {
api_not_allowed(true);
}
@ -128,7 +130,7 @@ if (isset ($group)) {
Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['dir']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '</div>';
echo '<br/>';
@ -194,22 +196,16 @@ echo '<applet id="nanogong" archive="'.api_get_path(WEB_LIBRARY_PATH).'nanogong/
//echo '<param name="Start" value="true" />';// the applet will start playing the file from SoundFileURL after loading (default false)
echo '</applet>';
//check browser support and load form
$array_browser=api_browser_support('check_browser');
if ($array_browser[0]=="Internet Explorer"){
echo '<div style="width:210px; background-color:#FFEFA7">'.get_lang('BrowserNotSupportNanogongSend').'</div>';
}
else{
if ($array_browser[0]=="Internet Explorer") {
echo '<div style="width:210px; background-color:#FFEFA7">'.get_lang('BrowserNotSupportNanogongSend').'</div>';
} else {
echo '<form name="form_nanogong">';
echo '<input type="text" id="audio_title">';
echo '<input type="button" value="'.get_lang('Save').'" onClick="submitVoice()" />';
echo '</form>';
}
echo '</div>';
Display :: display_footer();
?>
Display :: display_footer();

4
main/inc/lib/document.lib.php
Unescape View File

@ -995,6 +995,7 @@ class DocumentManager {
*
* @param array $_course
* @param string $path
* @todo load parent_id
* @return int id of document / false if no doc found
*/
public static function get_document_data_by_id($id, $course_code) {
@ -1004,12 +1005,13 @@ class DocumentManager {
}
$TABLE_DOCUMENT = Database :: get_course_table(TABLE_DOCUMENT, $course_info['dbName']);
$id = intval($id);
$sql = "SELECT * FROM $TABLE_DOCUMENT WHERE id = $id ";
$sql = "SELECT * FROM $TABLE_DOCUMENT WHERE id = $id ";
$result = Database::query($sql);
if ($result && Database::num_rows($result) == 1) {
$row = Database::fetch_array($result,'ASSOC');
//Public document URL
$row['url'] = api_get_path(WEB_CODE_PATH).'document/showinframes.php?cidReq='.$course_code.'&id='.$id;
$row['parent_id'] = self::get_document_id($course_info, dirname($row['path']));
return $row;
}
return false;

47
main/inc/lib/svg-edit/extensions/filesave.php
Unescape View File

@ -8,7 +8,7 @@
* Copyright(c) 2010 Alexis Deveria
*
* Integrate svg-edit with Chamilo
* @author Juan Carlos Raña Trabado
* @author Juan Carlos Ra<EFBFBD>a Trabado
* @since 25/september/2010
*/
@ -28,22 +28,15 @@ if(!isset($_POST['output_svg']) && !isset($_POST['output_png'])) {
die();
}
$file = '';
$suffix = isset($_POST['output_svg'])?'svg':'png';
if(isset($_POST['filename']) && strlen($_POST['filename']) > 0) {
$file = $_POST['filename'];
$file = $_POST['filename'];
} else {
$file = 'image';
}
if($suffix == 'svg') {
$mime = 'image/svg+xml';
$contents = rawurldecode($_POST['output_svg']);
@ -54,7 +47,6 @@ if($suffix == 'svg') {
$contents = base64_decode(substr($contents, $pos));
}
//get SVG-Edit values
$filename=$file;//from svg-edit
$extension=$suffix;// from svg-edit
@ -64,7 +56,7 @@ $title = Database::escape_string(str_replace('_',' ',$filename));
//get Chamilo variables
if(!isset($_SESSION['draw_dir']) && !isset($_SESSION['whereami'])){
if(!isset($_SESSION['draw_dir']) && !isset($_SESSION['whereami'])) {
api_not_allowed();//from Chamilo
die();
}
@ -84,7 +76,7 @@ $filename = replace_dangerous_char($filename, 'strict');
$filename = disable_dangerous_file($filename);
// a bit extension
if($suffix!= 'svg' && $suffix!= 'png'){
if ($suffix!= 'svg' && $suffix!= 'png'){
die();
}
@ -96,23 +88,20 @@ if (phpversion() >= '5.3') {
$mime_png='image/png';//svg-edit return image/png; charset=binary
$mime_svg='image/svg+xml';
$mime_xml='application/xml';//hack for svg-edit because original code return application/xml; charset=us-ascii. See
if(strpos($current_mime, $mime_png)===false && $extension=='png')
{
if(strpos($current_mime, $mime_png)===false && $extension=='png') {
//die();//File extension does not match its content //disabled to check into chamilo dev campus TODO:check
}elseif(strpos($current_mime, $mime_svg)===false && strpos($current_mime, $mime_xml)===false && $extension=='svg')
{
} elseif(strpos($current_mime, $mime_svg)===false && strpos($current_mime, $mime_xml)===false && $extension=='svg') {
//die();//File extension does not match its content //disabled to check into chamilo dev campus TODO:check
}
}
//checks if the file exists, then rename the new
if(file_exists($saveDir.'/'.$filename.$i.'.'.$extension) && $currentTool=='document/createdraw'){
if (file_exists($saveDir.'/'.$filename.$i.'.'.$extension) && $currentTool=='document/createdraw'){
echo '<script language="javascript" type="text/javascript">';
echo 'alert("'.get_lang('FileExistsChangeToSave').'");';
echo '</script>';
die();
}else{
} else {
$drawFileName = $filename.'.'.$extension;
$title = $title.'.'.$extension;
}
@ -121,23 +110,23 @@ $documentPath = $saveDir.'/'.$drawFileName;
//add new document to disk
file_put_contents( $documentPath, $contents );
if($currentTool=='document/createdraw'){
if ($currentTool=='document/createdraw') {
//add document to database
$doc_id = add_document($_course, $relativeUrlPath.'/'.$drawFileName, 'file', filesize($documentPath), $title);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id);
}elseif($currentTool=='document/editdraw'){
} elseif($currentTool=='document/editdraw') {
//check path
if(!isset($_SESSION['draw_file'])){
if (!isset($_SESSION['draw_file'])){
api_not_allowed();//from Chamilo
die();
}
if($_SESSION['draw_file']==$drawFileName){
if ($_SESSION['draw_file'] == $drawFileName ){
$document_id = DocumentManager::get_document_id($_course, $relativeUrlPath.'/'.$drawFileName);
update_existing_document($_course, $document_id, filesize($documentPath), null);
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_user['user_id'], $groupId, null, null, null, $current_session_id);
}else{
} else {
//add a new document
$doc_id = add_document($_course, $relativeUrlPath.'/'.$drawFileName, 'file', filesize($documentPath), $title);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id);
@ -151,13 +140,11 @@ unset($_SESSION['whereami']);
echo '<script language="javascript" type="text/javascript">';
if($suffix!= 'png'){
if($relativeUrlPath==''){$relativeUrlPath='/';};
$interbreadcrumb=api_get_path(WEB_CODE_PATH).'document/document.php?'.api_get_cidreq().'&amp;curdirpath='. urlencode($relativeUrlPath);
if ($relativeUrlPath==''){$relativeUrlPath='/';};
$interbreadcrumb=api_get_path(WEB_CODE_PATH).'document/document.php?'.api_get_cidreq().'&curdirpath='. urlencode($relativeUrlPath);
echo 'alert("'.get_lang('FileSavedAs').': '.$title.'");';
echo 'window.top.location.href="'.$interbreadcrumb.'";';//return to current document list
}else{
} else {
echo 'alert("'.get_lang('FileExportAs').': '.$title.'");';
}
echo '</script>';
?>
echo '</script>';
Write Preview
Loading…
Cancel
Save