chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing edit icons when using sessions + fixing visibility icons see #3250

Browse Source
skala
Julio Montoya 15 years ago
parent 8f2f68ad49
commit c5df28d4bf
8 changed files with 208 additions and 206 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 127
      main/document/document.inc.php
  2. 94
      main/document/document.php
  3. 118
      main/document/edit_document.php
  4. 6
      main/document/edit_paint.php
  5. 27
      main/document/upload.php
  6. 11
      main/inc/lib/document.lib.php
  7. 26
      main/inc/lib/fileUpload.lib.php
  8. 5
      main/upload/upload.document.php

127
main/document/document.inc.php
Unescape View File

@ -349,15 +349,17 @@ function build_edit_icons($document_data, $id, $is_template, $is_read_only = 0,
} else {
$req_gid = '';
}
$document_id = $document_data['id'];
$document_id = $document_data['id'];
$type = $document_data['filetype'];
$path = $document_data['path'];
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($path));
$visibility= $document_data['visibility'];
$is_read_only= $document_data['readonly'];
$curdirpath = dirname($document_data['path']);
$type = $document_data['filetype'];
$visibility = $document_data['visibility'];
$is_read_only = $document_data['readonly'];
$path = $document_data['path'];
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($path));
$curdirpath = dirname($document_data['path']);
$is_certificate_mode = DocumentManager::is_certificate_mode($path);
$curdirpath = urlencode($curdirpath);
$extension = pathinfo($path, PATHINFO_EXTENSION);
// Build URL-parameters for table-sorting
$sort_params = array();
@ -374,59 +376,98 @@ function build_edit_icons($document_data, $id, $is_template, $is_read_only = 0,
$sort_params[] = 'direction='.Security::remove_XSS($_GET['direction']);
}
$sort_params = implode('&', $sort_params);
$visibility_icon = ($visibility == 0) ? 'invisible' : 'visible';
$visibility_icon = ($visibility == 0) ? 'invisible' : 'visible';
$visibility_command = ($visibility == 0) ? 'set_visible' : 'set_invisible';
$curdirpath = urlencode($curdirpath);
$is_certificate_mode = DocumentManager::is_certificate_mode($path);
$modify_icons = '';
$cur_ses = api_get_session_id();
$extension = pathinfo($path, PATHINFO_EXTENSION);
$modify_icons = '';
// If document is read only *or* we're in a session and the document
// is from a non-session context, hide the edition capabilities
if ($is_read_only /*or ($session_id!=$cur_ses)*/) {
$modify_icons = Display::return_icon('edit_na.png', get_lang('Modify'),'',22);
$modify_icons .= ' '.Display::return_icon('delete_na.png', get_lang('Delete'),array(), 22);
$modify_icons .= ' '.Display::return_icon('move.png', get_lang('Move'),array(), 22);
if (api_is_allowed_to_edit() || api_is_platform_admin()){
if ($is_read_only /*or ($session_id!=api_get_session_id())*/) {
if (api_is_course_admin() || api_is_platform_admin()) {
if($extension=='svg' && api_browser_support('svg') && api_get_setting('enabled_support_svg') == 'true') {
$modify_icons = '<a href="edit_draw.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} elseif($extension=='png' || $extension=='jpg' || $extension=='jpeg' || $extension=='bmp' || $extension=='gif' ||$extension=='pxd' && api_get_setting('enabled_support_pixlr') == 'true'){
$modify_icons = '<a href="edit_paint.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} else {
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
}
} else {
$modify_icons = Display::return_icon('edit_na.png', get_lang('Modify'),'',22);
}
$modify_icons .= '&nbsp;'.Display::return_icon('move_na.png', get_lang('Move'),array(), 22);
if (api_is_allowed_to_edit() || api_is_platform_admin()) {
$modify_icons .= '&nbsp;'.Display::return_icon($visibility_icon.'.png', get_lang('VisibilityCannotBeChanged'),'',22);
}
$modify_icons .= '&nbsp;'.Display::return_icon('delete_na.png', get_lang('Delete'),array(), 22);
} else {
if ($is_certificate_mode) {
//$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'&selectcat='.$gradebook_category.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'&selectcat='.$gradebook_category.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'&selectcat='.$gradebook_category.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} else {
if($extension=='svg' && api_browser_support('svg') && api_get_setting('enabled_support_svg') == 'true'){
$modify_icons = '<a href="edit_draw.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} elseif($extension=='png' || $extension=='jpg' || $extension=='jpeg' || $extension=='bmp' || $extension=='gif' ||$extension=='pxd' && api_get_setting('enabled_support_pixlr') == 'true'){
$modify_icons = '<a href="edit_paint.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
if (api_get_session_id()) {
if ($document_data['session_id'] == api_get_session_id()) {
if ($extension=='svg' && api_browser_support('svg') && api_get_setting('enabled_support_svg') == 'true') {
$modify_icons = '<a href="edit_draw.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} elseif($extension=='png' || $extension=='jpg' || $extension=='jpeg' || $extension=='bmp' || $extension=='gif' ||$extension=='pxd' && api_get_setting('enabled_support_pixlr') == 'true'){
$modify_icons = '<a href="edit_paint.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} else {
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
}
} else {
$modify_icons .= '&nbsp;'.Display::return_icon('edit_na.png', get_lang('Edit'),array(), 22).'</a>';
}
} else {
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
if($extension=='svg' && api_browser_support('svg') && api_get_setting('enabled_support_svg') == 'true') {
$modify_icons = '<a href="edit_draw.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} elseif($extension=='png' || $extension=='jpg' || $extension=='jpeg' || $extension=='bmp' || $extension=='gif' ||$extension=='pxd' && api_get_setting('enabled_support_pixlr') == 'true'){
$modify_icons = '<a href="edit_paint.php?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;file='.urlencode($path).$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
} else {
$modify_icons = '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'">'.Display::return_icon('edit.png', get_lang('Modify'),'',22).'</a>';
}
}
}
if ($is_certificate_mode) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'&amp;move='.$document_id.$req_gid.'&selectcat='.$gradebook_category.'">'.Display::return_icon('move.png', get_lang('Move'),array(), 22).'</a>';
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&'.$visibility_command.'='.$id.$req_gid.'&amp;'.$sort_params.'&selectcat='.$gradebook_category.'">'.
Display::return_icon($visibility_icon.'.png', get_lang('Move'),array(), 22).'</a>';
//$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'&amp;move='.$document_id.$req_gid.'&selectcat='.$gradebook_category.'">'.Display::return_icon('move.png', get_lang('Move'),array(), 22).'</a>';
$modify_icons .= '&nbsp;'.Display::return_icon('move_na.png', get_lang('Move'),array(), 22).'</a>';
$modify_icons .= '&nbsp;'.Display::return_icon($visibility_icon.'.png', get_lang('Move'),array(), 22).'</a>';
//$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&'.$visibility_command.'='.$id.$req_gid.'&amp;'.$sort_params.'&selectcat='.$gradebook_category.'">'.
Display::return_icon($visibility_icon.'.png', get_lang('VisibilityCannotBeChanged'),array(), 22).'</a>';
} else {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'&amp;move='.$document_id.$req_gid.'">'.Display::return_icon('move.png', get_lang('Move'),array(), 22).'</a>';
if(api_is_allowed_to_edit() || api_is_platform_admin()){
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&'.$visibility_command.'='.$id.$req_gid.'&amp;'.$sort_params.'">'.Display::return_icon($visibility_icon.'.png', get_lang('VisibilityCannotBeChanged'),'',22).'</a>';
if (api_get_session_id()) {
if ($document_data['session_id'] == api_get_session_id()) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'&amp;move='.$document_id.$req_gid.'">'.Display::return_icon('move.png', get_lang('Move'),array(), 22).'</a>';
} else {
$modify_icons .= '&nbsp;'.Display::return_icon('move_na.png', get_lang('Move'),array(), 22).'</a>';
}
} else {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'&amp;move='.$document_id.$req_gid.'">'.Display::return_icon('move.png', get_lang('Move'),array(), 22).'</a>';
}
if (api_is_allowed_to_edit() || api_is_platform_admin()) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&'.$visibility_command.'='.$id.$req_gid.'&amp;'.$sort_params.'">'.Display::return_icon($visibility_icon.'.png', get_lang('ChangeVisibility'),'',22).'</a>';
}
}
if (in_array($path, array('/audio', '/flash', '/images', '/shared_folder', '/video', '/chat_files', '/certificates'))) {
$modify_icons .= '&nbsp;'.Display::return_icon('delete_na.png', get_lang('ThisFolderCannotBeDeleted'),array(), 22);
} else {
if (isset($_GET['curdirpath']) && $_GET['curdirpath']=='/certificates' && DocumentManager::get_default_certificate_id(api_get_course_id())==$id) {
if (isset($_GET['curdirpath']) && $_GET['curdirpath']=='/certificates' && DocumentManager::get_default_certificate_id(api_get_course_id())==$id) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;delete='.urlencode($path).$req_gid.'&amp;'.$sort_params.'delete_certificate_id='.$id.'&selectcat='.$gradebook_category.' " onclick="return confirmation(\''.basename($path).'\');">'.Display::return_icon('delete.png', get_lang('Delete'),array(), 22).'</a>';
} else {
if ($is_certificate_mode) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;delete='.urlencode($path).$req_gid.'&amp;'.$sort_params.'&selectcat='.$gradebook_category.'" onclick="return confirmation(\''.basename($path).'\');">'.Display::return_icon('delete.png', get_lang('Delete'),array(), 22).'</a>';
} else {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;delete='.urlencode($path).$req_gid.'&amp;'.$sort_params.'" onclick="return confirmation(\''.basename($path).'\');">'.Display::return_icon('delete.png', get_lang('Delete'),array(), 22).'</a>';
if (api_get_session_id()) {
if ($document_data['session_id'] == api_get_session_id()) {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;delete='.urlencode($path).$req_gid.'&amp;'.$sort_params.'" onclick="return confirmation(\''.basename($path).'\');">'.Display::return_icon('delete.png', get_lang('Delete'),array(), 22).'</a>';
} else {
$modify_icons .= '&nbsp;'.Display::return_icon('delete_na.png', get_lang('ThisFolderCannotBeDeleted'),array(), 22);
}
} else {
$modify_icons .= '&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.$curdirpath.'&amp;delete='.urlencode($path).$req_gid.'&amp;'.$sort_params.'" onclick="return confirmation(\''.basename($path).'\');">'.Display::return_icon('delete.png', get_lang('Delete'),array(), 22).'</a>';
}
}
}
}
@ -676,13 +717,11 @@ function is_my_shared_folder($user_id, $path, $current_session_id) {
$main_user_shared_folder = '/shared_folder\/sf_user_'.$user_id.'\//';//for security does not remove the last slash
$main_user_shared_folder_session='/shared_folder_session_'.$current_session_id.'\/sf_user_'.$user_id.'\//';//for security does not remove the last slash
if(preg_match($main_user_shared_folder, $clean_path)){
if (preg_match($main_user_shared_folder, $clean_path)){
return true;
}
elseif(preg_match($main_user_shared_folder_session, $clean_path)){
} elseif(preg_match($main_user_shared_folder_session, $clean_path)) {
return true;
}
else{
} else {
return false;
}
}
@ -720,6 +759,4 @@ function is_browser_viewable($file_extension) {
return api_browser_support('svg');
}
return $result;
}
?>
}

94
main/document/document.php
Unescape View File

@ -69,7 +69,11 @@ DocumentManager::create_directory_certificate_in_course($course_id);
//Hack in order to use document.php?id=X
if (isset($_GET['id'])) {
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($document_data['path']));
if (!$parent_id) {
$parent_id = 0;
}
//@todo replace all
$_GET['curdirpath'] = $document_data['path'];
}
@ -208,7 +212,8 @@ require_once $lib_path.'fileUpload.lib.php';
// Check the path
// If the path is not found (no document id), set the path to /
if (!DocumentManager::get_document_id($_course, $curdirpath)) {
$document_id = DocumentManager::get_document_id($_course, $curdirpath);
if (!$document_id) {
$curdirpath = '/';
// Urlencoded version
$curdirpathurl = '%2F';
@ -218,7 +223,7 @@ if ($to_group_id != 0 && $curdirpath == '/') {
$curdirpath = $group_properties['directory'];
$curdirpathurl = urlencode($group_properties['directory']);
}
$current_folder_id = $document_id;
// Check visibility of the current dir path. Don't show anything if not allowed
//@todo check this validation for coaches
@ -231,13 +236,12 @@ if (!$is_allowed_to_edit && api_is_coach()) {
}
/* Constants and variables */
$current_session_id = api_get_session_id();
/* Create shared folders */
if($current_session_id==0){
if ($current_session_id==0) {
//Create shared folder. Necessary for courses recycled. Allways session_id should be zero. Allway should be created from a base course, never from a session.
if (!file_exists($base_work_dir.'/shared_folder')) {
$usf_dir_title = get_lang('UserFolders');
@ -314,9 +318,7 @@ if (isset($_GET['action']) && $_GET['action'] == 'download') {
// Download a folder
if (isset($_GET['action']) && $_GET['action'] == 'downloadfolder' && (api_get_setting('students_download_folders') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin())) {
//filter when I am into shared folder, I can donwload only my shared folder
if(is_any_user_shared_folder($_GET['path'],$current_session_id)){
if(is_my_shared_folder(api_get_user_id(), $_GET['path'], $current_session_id) || api_is_allowed_to_edit() || api_is_platform_admin()){
require 'downloadfolder.inc.php';
@ -752,12 +754,10 @@ if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isse
/* GET ALL DOCUMENT DATA FOR CURDIRPATH */
if(isset($_GET['keyword']) && !empty($_GET['keyword'])) {
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, $search=true);
}else{
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, $search=true);
} else {
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, $search=false);
}
$folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights);
if ($folders === false) {
$folders = array();
@ -775,13 +775,12 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights){
$form->display();
echo '</span>';
}
/* GO TO PARENT DIRECTORY */
/* GO TO PARENT DIRECTORY */
if ($curdirpath!= '/' && $curdirpath != $group_properties['directory'] && !$is_certificate_mode) {
?>
<a href="<?php echo api_get_self(); ?>?<?php echo api_get_cidreq();?>&amp;curdirpath=<?php echo urlencode((dirname($curdirpath) == '\\') ? '/' : dirname($curdirpath)).$req_gid; ?>">
<?php Display::display_icon('folder_up.png', get_lang('Up'),'','32'); ?></a>
<?php
echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.'">';
echo Display::display_icon('folder_up.png', get_lang('Up'),'','32');
echo '</a>';
}
if ($is_certificate_mode && $curdirpath != '/certificates') {
@ -792,7 +791,6 @@ if ($is_certificate_mode && $curdirpath != '/certificates') {
}
if (isset($docs_and_folders) && is_array($docs_and_folders)) {
//echo('<pre>');
//print_r($docs_and_folders);
//echo('</pre>');
@ -804,43 +802,43 @@ if (isset($docs_and_folders) && is_array($docs_and_folders)) {
$sortable_data = array();
//while (list($key, $id) = each($docs_and_folders)) {
foreach ($docs_and_folders as $key=>$id) {
foreach ($docs_and_folders as $key => $document_data) {
$row = array();
// If the item is invisible, wrap it in a span with class invisible
$invisibility_span_open = ($id['visibility'] == 0) ? '<span class="invisible">' : '';
$invisibility_span_close = ($id['visibility'] == 0) ? '</span>' : '';
$invisibility_span_open = ($document_data['visibility'] == 0) ? '<span class="invisible">' : '';
$invisibility_span_close = ($document_data['visibility'] == 0) ? '</span>' : '';
// Size (or total size of a directory)
$size = $id['filetype'] == 'folder' ? get_total_folder_size($id['path'], $is_allowed_to_edit) : $id['size'];
$size = $document_data['filetype'] == 'folder' ? get_total_folder_size($document_data['path'], $is_allowed_to_edit) : $document_data['size'];
// Get the title or the basename depending on what we're using
if ($use_document_title == 'true' && $id['title'] != '') {
$document_name = $id['title'];
if ($use_document_title == 'true' && $document_data['title'] != '') {
$document_name = $document_data['title'];
} else {
$document_name = basename($id['path']);
$document_name = basename($document_data['path']);
}
// Data for checkbox
if (($is_allowed_to_edit || $group_member_with_upload_rights) && count($docs_and_folders) > 1) {
$row[] = $id['path'];
$row[] = $document_data['path'];
}
// Hide HotPotatoes Certificates and all css folders
if ($id['path']=='/HotPotatoes_files' || $id['path']=='/certificates' || basename($id['path'])=='css'){
if ($document_data['path']=='/HotPotatoes_files' || $document_data['path']=='/certificates' || basename($document_data['path'])=='css'){
continue;
}
//Admin setting for Hide/Show the folders of all users
if (api_get_setting('show_users_folders') == 'false' && ($id['path']=='/shared_folder' || strstr($id['path'], 'shared_folder_session_'))){
if (api_get_setting('show_users_folders') == 'false' && ($document_data['path']=='/shared_folder' || strstr($document_data['path'], 'shared_folder_session_'))){
continue;
}
//Admin setting for Hide/Show Default folders to all users
if (api_get_setting('show_default_folders') == 'false' && ($id['path']=='/images' || $id['path']=='/flash' || $id['path']=='/audio' || $id['path']=='/video')){
if (api_get_setting('show_default_folders') == 'false' && ($document_data['path']=='/images' || $document_data['path']=='/flash' || $document_data['path']=='/audio' || $document_data['path']=='/video')){
continue;
}
//Admin setting for Hide/Show chat history folder
if (api_get_setting('show_chat_folder') == 'false' && $id['path']=='/chat_files'){
if (api_get_setting('show_chat_folder') == 'false' && $document_data['path']=='/chat_files'){
continue;
}
@ -848,42 +846,40 @@ if (isset($docs_and_folders) && is_array($docs_and_folders)) {
$user_link = '';
if (isset($_SESSION['_gid']) && $_SESSION['_gid'] != '') {
if (!empty($id['insert_user_id'])) {
$user_info = UserManager::get_user_info_by_id($id['insert_user_id']);
if (!empty($document_data['insert_user_id'])) {
$user_info = UserManager::get_user_info_by_id($document_data['insert_user_id']);
$user_name = api_get_person_name($user_info['firstname'], $user_info['lastname']);
$user_link = '<div class="document_owner">'.get_lang('Owner').': '.display_user_link_document($id['insert_user_id'], $user_name).'</div>';
$user_link = '<div class="document_owner">'.get_lang('Owner').': '.display_user_link_document($document_data['insert_user_id'], $user_name).'</div>';
}
}
// Icons (clickable)
//$row[]= build_document_icon_tag($id['filetype'],$id['path']);
$row[] = create_document_link($id, true);
$row[] = create_document_link($document_data, true);
// Validacion when belongs to a session
$session_img = api_get_session_image($id['session_id'], $_user['status']);
$session_img = api_get_session_image($document_data['session_id'], $_user['status']);
// Document title with hyperlink
$row[] = create_document_link($id).$session_img.'<br />'.$invisibility_span_open.nl2br(htmlspecialchars($id['comment'],ENT_QUOTES,$charset)).$invisibility_span_close.$user_link;
$row[] = create_document_link($document_data).$session_img.'<br />'.$invisibility_span_open.'<i>'.nl2br(htmlspecialchars($document_data['comment'],ENT_QUOTES,$charset)).'</i>'.$invisibility_span_close.$user_link;
// Comments => display comment under the document name
//$row[] = $invisibility_span_open.nl2br(htmlspecialchars($id['comment'])).$invisibility_span_close;
$display_size = format_file_size($size);
$row[] = '<span style="display:none;">'.$size.'</span>'.$invisibility_span_open.$display_size.$invisibility_span_close;
// Last edit date
$last_edit_date = $id['lastedit_date'];
$last_edit_date = $document_data['lastedit_date'];
$last_edit_date = api_get_local_time($last_edit_date, null, date_default_timezone_get());
//$display_date = date_to_str_ago($last_edit_date).'<br /><span class="dropbox_date">'.api_format_date($last_edit_date).'</span>';
$display_date = date_to_str_ago($last_edit_date);
$row[] = $invisibility_span_open.$display_date.$invisibility_span_close;
// Admins get an edit column
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $current_session_id)) {
$is_template = isset($id['is_template']) ? $id['is_template'] : false;
$is_template = isset($document_data['is_template']) ? $document_data['is_template'] : false;
// If readonly, check if it the owner of the file or if the user is an admin
if ($id['insert_user_id'] == api_get_user_id() || api_is_platform_admin()) {
$edit_icons = build_edit_icons($id, $key, $is_template, 0);
} else {
$edit_icons = build_edit_icons($curdirpath, $id['filetype'], $id['path'], $id['visibility'], $key, $is_template, $id['readonly']);
if ($document_data['insert_user_id'] == api_get_user_id() || api_is_platform_admin()) {
$edit_icons = build_edit_icons($document_data, $key, $is_template, 0);
} else {
$edit_icons = build_edit_icons($document_data, $key, $is_template, $document_data['readonly']);
}
$row[] = $edit_icons;
}
@ -952,15 +948,11 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_fold
}
// File upload link
if ($is_certificate_mode) {
?>
<a href="upload.php?<?php echo api_get_cidreq(); ?>&amp;curdirpath=<?php echo $curdirpathurl.$req_gid; ?>">
<?php Display::display_icon('upload_certificate.png', get_lang('UploadCertificate'),'','32'); ?></a>
<?php
echo '<a href="upload.php?'.api_get_cidreq().'&id='.$current_folder_id.$req_gid.'">';
echo Display::display_icon('upload_certificate.png', get_lang('UploadCertificate'),'','32').'</a>';
} else {
?>
<a href="upload.php?<?php echo api_get_cidreq(); ?>&amp;curdirpath=<?php echo $curdirpathurl.$req_gid; ?>">
<?php Display::display_icon('upload_file.png', get_lang('UplUploadDocument'),'','32'); ?></a>
<?php
echo '<a href="upload.php?'.api_get_cidreq().'&id='.$current_folder_id.$req_gid.'">';
echo Display::display_icon('upload_file.png', get_lang('UplUploadDocument'),'','32').'</a>';
}
// Create directory
if (!$is_certificate_mode) {

118
main/document/edit_document.php
Unescape View File

@ -96,18 +96,19 @@ if (api_is_in_group()) {
}
if (isset($_GET['id'])) {
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
$document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id());
if (empty($document_data)) {
api_not_allowed();
}
$document_id = $document_data['id'];
$dir = dirname($document_data['path']);
$parent_id = DocumentManager::get_document_id(api_get_course_info(), $dir);
$document_id = $document_data['id'];
$file = $document_data['path'];
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($file));
$dir = dirname($document_data['path']);
$dir_original = $dir;
$dir_original = $dir;
$file = $document_data['path'];
$doc = basename($file);
$doc = basename($file);
$my_cur_dir_path = Security::remove_XSS($_GET['curdirpath']);
} else {
$dir = Security::remove_XSS($_GET['curdirpath']);
$dir_original = $dir;
@ -122,12 +123,9 @@ $is_certificate_mode = DocumentManager::is_certificate_mode($dir);
$call_from_tool = Security::remove_XSS($_GET['origin']);
$slide_id = Security::remove_XSS($_GET['origin_opt']);
//echo('dir: '.$dir.'<br />');
$file_name = $doc;
//echo('file_name: '.$file_name.'<br />');
$baseServDir = api_get_path(SYS_COURSE_PATH);
$baseServUrl = $_configuration['url_append'].'/';
$courseDir = $_course['path'].'/document';
$baseWorkDir = $baseServDir.$courseDir;
$group_document = false;
@ -222,27 +220,14 @@ if (!is_allowed_to_edit()) {
Step 2. React on POST data
(Step 1 see below) */
if (isset($_POST['newComment'])) {
// Fixing the path if it is wrong
$commentPath = str_replace('//', '/', Database::escape_string(Security::remove_XSS($_POST['commentPath'])));
$newComment = trim(Database::escape_string($_POST['newComment'])); // Remove spaces
$newTitle = trim(Database::escape_string($_POST['newTitle'])); // Remove spaces
// Check whether there is already a database record for this file
$result = Database::query ("SELECT * FROM $dbTable WHERE path LIKE BINARY '".$commentPath."'");
while ($row = Database::fetch_array($result, 'ASSOC')) {
$attribute['path' ] = $row['path' ];
$attribute['comment' ] = $row['title'];
}
// Determine the correct query to the DB,
// new code always keeps document in database
$query = "UPDATE $dbTable
SET comment='".$newComment."', title='".$newTitle."'
WHERE path LIKE BINARY '".$commentPath."'";
Database::query($query);
$oldComment = $newComment;
$oldTitle = $newTitle;
if (isset($_POST['comment'])) {
// Fixing the path if it is wrong
$comment = trim(Database::escape_string($_POST['comment']));
$title = trim(Database::escape_string($_POST['title']));
$query = "UPDATE $dbTable SET comment='".$comment."', title='".$title."' WHERE id = ".$document_id;
Database::query($query);
$comments_updated = get_lang('ComMod');
$info_message = get_lang('fileModified');
$info_message = get_lang('fileModified');
}
/* Code to change the name
@ -251,7 +236,6 @@ if (isset($_POST['newComment'])) {
if (isset($_POST['renameTo'])) {
$info_message = change_name($baseWorkDir, $_GET['sourceFile'], $_POST['renameTo'], $dir, $doc);
//assume name change was successful
}
/* Code to change the comment
@ -259,7 +243,7 @@ if (isset($_POST['renameTo'])) {
/** TODO: Check whether this code is still used **/
/* Search the old comment */ // RH: metadata: added 'id,'
$result = Database::query("SELECT id,comment,title FROM $dbTable WHERE path LIKE BINARY '$dir$doc'");
$result = Database::query("SELECT id, comment, title FROM $dbTable WHERE id = ".$document_id);
/*
// Debug info - enable on temporary needs only.
@ -271,8 +255,8 @@ Display::display_normal_message($message);
while ($row = Database::fetch_array($result, 'ASSOC')) {
$oldComment = $row['comment'];
$oldTitle = $row['title'];
$docId = $row['id']; // RH: metadata
$oldTitle = $row['title'];
$docId = $row['id']; // RH: metadata
}
/* WYSIWYG HTML EDITOR - Program Logic */
@ -281,10 +265,8 @@ if ($is_allowed_to_edit) {
if ($_POST['formSent'] == 1) {
if (isset($_POST['renameTo'])) {
$_POST['filename'] = disable_dangerous_file($_POST['renameTo']);
$extension = explode('.', $_POST['filename']);
$extension = $extension[sizeof($extension) - 1];
$_POST['filename'] = str_replace('.'.$extension, '', $_POST['filename']);
}
@ -296,22 +278,27 @@ if ($is_allowed_to_edit) {
if (!strstr($content, '/css/frames.css')) {
$content=str_replace('</title></head>', '</title><link rel="stylesheet" href="../css/frames.css" type="text/css" /></head>', $content);
}
/*
if (!ctype_alnum($_POST['extension'])) {
header('Location: document.php?msg=WeirdExtensionDeniedInPost');
exit ();
}
}*/
$extension = $_POST['extension'];
$file = $dir.$filename.'.'.$extension;
$read_only_flag = $_POST['readonly'];
$read_only_flag = empty($read_only_flag) ? 0 : 1;
$show_edit = $_SESSION['showedit'];
//unset($_SESSION['showedit']);
api_session_unregister('showedit');
if (empty($filename)) {
$msgError = get_lang('NoFileName');
} else {
} else {
if ($document_data['filetype'] == 'file') {
$file_size = filesize($filepath.$filename.'.'.$extension);
} else {
$file_size = filesize($filepath.$filename);
}
if ($read_only_flag == 0) {
if (!empty($content)) {
if ($fp = @fopen($filepath.$filename.'.'.$extension, 'w')) {
@ -348,8 +335,7 @@ if ($is_allowed_to_edit) {
// "WHAT'S NEW" notification: update table item_property
$document_id = DocumentManager::get_document_id($_course, $file);
if ($document_id) {
$file_size = filesize($filepath.$filename.'.'.$extension);
if ($document_id) {
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', api_get_user_id(), null, null, null, null, $current_session_id);
// Update parent folders
@ -367,35 +353,15 @@ if ($is_allowed_to_edit) {
} else {
$msgError = get_lang('Impossible');
}
} else {
if (is_file($filepath.$filename.'.'.$extension)) {
$file_size = filesize($filepath.$filename.'.'.$extension);
$document_id = DocumentManager::get_document_id($_course, $file);
if ($document_id) {
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
}
}
}
} else {
if (is_file($filepath.$filename.'.'.$extension)) {
$file_size = filesize($filepath.$filename.'.'.$extension);
$document_id = DocumentManager::get_document_id($_course, $file);
} else {
if ($document_id) {
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
}
}
if (empty($document_id)) { // or if is a folder
$folder = $_POST['file_path'];
$document_id = DocumentManager::get_document_id($_course, $folder);
if (DocumentManager::is_folder($_course, $document_id)) {
if ($document_id) {
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
}
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
}
}
} else {
if ($document_id) {
update_existing_document($_course, $document_id, $file_size, $read_only_flag);
}
}
}
}
@ -449,7 +415,6 @@ $document_info = api_get_item_property_info(api_get_course_int_id(),'document',
$owner_id = $document_info['insert_user_id'];
$last_edit_date = $document_info['lastedit_date'];
if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_edit || GroupManager :: is_user_in_group(api_get_user_id(), api_get_group_id() )) {
$get_cur_path = $dir;
$action = api_get_self().'?sourceFile='.urlencode($file_name).'&id='.$document_data['id'];
@ -469,8 +434,8 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_
$form->addElement('hidden', 'origin_opt');
if ($use_document_title) {
$form->add_textfield('newTitle', get_lang('Title'));
$defaults['newTitle'] = $oldTitle;
$form->add_textfield('title', get_lang('Title'));
$defaults['title'] = $oldTitle;
} else {
$form->addElement('hidden', 'renameTo');
}
@ -504,7 +469,7 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_
$form->addElement('static', null, get_lang('UpdatedOn'), $display_date);
}
$form->addElement('textarea', 'newComment', get_lang('Comment'), 'rows="3" style="width:300px;"');
$form->addElement('textarea', 'comment', get_lang('Comment'), 'rows="3" style="width:300px;"');
/*
$renderer = $form->defaultRenderer();
*/
@ -526,7 +491,7 @@ if ($owner_id == api_get_user_id() || api_is_platform_admin() || $is_allowed_to_
$defaults['file_path'] = Security::remove_XSS($_GET['file']);
$defaults['commentPath'] = $file;
$defaults['renameTo'] = $file_name;
$defaults['newComment'] = $oldComment;
$defaults['comment'] = $oldComment;
$defaults['origin'] = Security::remove_XSS($_GET['origin']);
$defaults['origin_opt'] = Security::remove_XSS($_GET['origin_opt']);
@ -605,16 +570,17 @@ function change_name($base_work_dir, $source_file, $rename_to, $dir, $doc) {
function show_return($document_id, $path, $call_from_tool='', $slide_id=0, $is_certificate_mode=false) {
$pathurl = urlencode($path);
echo '<div class="actions">';
if ($is_certificate_mode) {
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['curdirpath']).'&selectcat=' . Security::remove_XSS($_GET['selectcat']).'">'.Display::return_icon('back.png',get_lang('Back').' '.get_lang('To').' '.get_lang('CertificateOverview'),'','32').'</a>';
} elseif($call_from_tool=='slideshow') {
echo '<a href="'.api_get_path(WEB_PATH).'main/document/slideshow.php?slide_id='.$slide_id.'&curdirpath='.Security::remove_XSS(urlencode($_GET['curdirpath'])).'">'.Display::return_icon('slideshow.png', get_lang('BackTo').' '.get_lang('ViewSlideshow'),'','32').'</a>';
} elseif($call_from_tool=='editdraw') {
echo '<a href="document.php?action=exit_slideshow&curdirpath='.$pathurl.'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="javascript:history.back(1)">'.Display::return_icon('draw.png',get_lang('BackTo').' '.get_lang('Draw'),'','32').'</a>';
echo '<a href="javascript:history.back(1)">'.Display::return_icon('draw.png', get_lang('BackTo').' '.get_lang('Draw'), array(), 32).'</a>';
} elseif($call_from_tool=='editpaint'){
echo '<a href="document.php?action=exit_slideshow&curdirpath='.$pathurl.'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="javascript:history.back(1)">'.Display::return_icon('paint.png',get_lang('BackTo').' '.get_lang('Paint')).'</a>';
echo '<a href="document.php?action=exit_slideshow&curdirpath='.$pathurl.'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('DocumentsOverview'), array(), '32').'</a>';
echo '<a href="javascript:history.back(1)">'.Display::return_icon('paint.png', get_lang('BackTo').' '.get_lang('Paint'), array(), 32).'</a>';
} else {
echo '<a href="document.php?action=exit_slideshow&id='.$document_id.'">'.Display::return_icon('back.png', get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
}

6
main/document/edit_paint.php
Unescape View File

@ -48,6 +48,8 @@ $filename=$temp_file[0];
$nameTools = get_lang('EditDocument') . ': '.$filename;
$dir = Security::remove_XSS($_GET['curdirpath']);
$document_id = DocumentManager::get_document_id(api_get_course_info(), $get_file);
$courseDir = $_course['path'].'/document';
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
@ -107,8 +109,8 @@ Display :: display_header($nameTools, 'Doc');
echo '<div class="actions">';
echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['curdirpath']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="edit_document.php?'.api_get_cidreq().'&curdirpath='.Security::remove_XSS($_GET['curdirpath']).'&amp;file='.urlencode($dir.$file).$req_gid.'&amp;origin=editpaint">'.Display::return_icon('edit.png',get_lang('Rename').'/'.get_lang('Comment' ),'','32').'</a>';
echo '</div>';
echo '<a href="edit_document.php?'.api_get_cidreq().'&id='.$document_id.$req_gid.'&amp;origin=editpaint">'.Display::return_icon('edit.png', get_lang('Rename').'/'.get_lang('Comment' ),'','32').'</a>';
echo '</div>';
///pixlr
$title=$file;//disk name. No sql name because pixlr return this when save

27
main/document/upload.php
Unescape View File

@ -109,6 +109,7 @@ $sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path.$courseDir;
$noPHP_SELF = true;
/*
// What's the current path?
if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
$path = $_GET['curdirpath'];
@ -116,15 +117,19 @@ if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
$path = $_POST['curdirpath'];
} else {
$path = '/';
}
}*/
// Check the path: if the path is not found (no document id), set the path to /
if (!DocumentManager::get_document_id($_course, $path)) {
$path = '/';
$document_data = DocumentManager::get_document_data_by_id($_REQUEST['id'], api_get_course_id());
if (empty($document_data)) {
api_not_allowed();
}
$document_id = $document_data['id'];
$path = $document_data['path'];
$parent_id = DocumentManager::get_document_id(api_get_course_info(), dirname($path));
// This needs cleaning!
if (api_get_group_id()) { // If the group id is set, check if the user has the right to be here
if (api_get_group_id()) {
// If the group id is set, check if the user has the right to be here
// Needed for group related stuff
require_once api_get_path(LIBRARY_PATH).'groupmanager.lib.php';
// Get group info
@ -138,7 +143,9 @@ if (api_get_group_id()) { // If the group id is set, check if the user has the r
} else {
api_not_allowed(true);
}
} elseif ($is_allowed_to_edit || is_my_shared_folder($_user['user_id'], $path,api_get_session_id())) { // Admin for "regular" upload, no group documents. And check if is my shared folder
} elseif ($is_allowed_to_edit || is_my_shared_folder(api_get_user_id(), $path, api_get_session_id())) {
// Admin for "regular" upload, no group documents. And check if is my shared folder
$to_group_id = 0;
$req_gid = '';
} else { // No course admin and no group member...
@ -175,7 +182,7 @@ if (isset($_REQUEST['certificate'])) {
if ($is_certificate_mode) {
$interbreadcrumb[] = array('url' => '../gradebook/'.$_SESSION['gradebook_dest'], 'name' => get_lang('Gradebook'));
} else {
$interbreadcrumb[] = array('url' => './document.php?curdirpath='.urlencode($path).$req_gid, 'name'=> get_lang('Documents'));
$interbreadcrumb[] = array('url' => './document.php?id='.$document_id.$req_gid, 'name'=> get_lang('Documents'));
}
@ -193,12 +200,11 @@ if (!empty($_FILES)) {
// Actions
echo '<div class="actions">';
// Link back to the documents overview
if ($is_certificate_mode) {
echo '<a href="document.php?curdirpath='.$path.'&selectcat=' . Security::remove_XSS($_GET['selectcat']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('CertificateOverview'),'','32').'</a>';
echo '<a href="document.php?id='.$document_id.'&selectcat=' . Security::remove_XSS($_GET['selectcat']).'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('CertificateOverview'),'','32').'</a>';
} else {
echo '<a href="document.php?curdirpath='.$path.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
echo '<a href="document.php?id='.$document_id.'">'.Display::return_icon('back.png',get_lang('BackTo').' '.get_lang('DocumentsOverview'),'','32').'</a>';
}
// Link to create a folder
@ -215,6 +221,7 @@ if (!$is_certificate_mode) {
}
$form = new FormValidator('upload', 'POST', api_get_self(), '', 'enctype="multipart/form-data"');
$form->addElement('hidden', 'id', $document_id);
$form->addElement('hidden', 'curdirpath', $path);
$form->addElement('file', 'file', get_lang('File'), 'id="user_upload" size="45"');
$form->addElement('html', '<div class="row" style="font-size:smaller;font-style:italic;"><div class="label">&nbsp;</div><div class="formw">'.get_lang('MaxFileSize').': '.ini_get('upload_max_filesize').'<br/>'.get_lang('DocumentQuota').': '.(round(DocumentManager::get_course_quota()/1000000)-round(DocumentManager::documents_total_space($_course)/1000000)).' M</div></div>');

11
main/inc/lib/document.lib.php
Unescape View File

@ -561,7 +561,6 @@ class DocumentManager {
}
//Checking disponibility in a session
//var_dump($my_repeat_ids);
foreach($my_repeat_ids as $id) {
foreach($doc_list as $row ) {
if ($id == $row['id']) {
@ -1899,8 +1898,7 @@ class DocumentManager {
SE_USER => api_get_user_id(),
);
var_dump($xapian_data);
echo '<pre>';
//var_dump($xapian_data); echo '<pre>';
$ic_slide->xapian_data = serialize($xapian_data);
$di = new DokeosIndexer();
@ -1950,7 +1948,7 @@ class DocumentManager {
$di->addChunk($ic_slide);
// Index and return a new search engine document id
$did = $di->index();
var_dump($did);
//var_dump($did);
if ($did) {
// update the search_did on db
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
@ -1994,12 +1992,12 @@ class DocumentManager {
}
}
// Check for missing images in html files
/*// Check for missing images in html files
$missing_files = check_for_missing_files($base_work_dir.$new_path);
if ($missing_files && $show_output) {
// Show a form to upload the missing files
Display::display_normal_message(build_missing_files_form($missing_files, $path, $files['file']['name']), false);
}
}*/
if (!empty($docid) && is_numeric($docid)) {
$document_data = self::get_document_data_by_id($docid, $course_info['code']);
@ -2041,7 +2039,6 @@ class DocumentManager {
break;
case 'application/msword':
exec("catdoc $doc_path", $output, $ret_val);
//var_dump($output);
break;
case 'text/html':
exec("html2text $doc_path", $output, $ret_val);

26
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -813,7 +813,7 @@ function add_document($_course, $path, $filetype, $filesize, $title, $comment =
*/
function update_existing_document($_course, $document_id, $filesize, $readonly = 0) {
$document_table = Database::get_course_table(TABLE_DOCUMENT, $_course['dbName']);
$sql = "UPDATE $document_table SET size = '$filesize' , readonly = '$readonly' WHERE id='$document_id'";
$sql = "UPDATE $document_table SET size = '$filesize' , readonly = '$readonly' WHERE id = $document_id";
if (Database::query($sql)) {
return true;
} else {
@ -1355,26 +1355,28 @@ function check_for_missing_files($file) {
function build_missing_files_form($missing_files, $upload_path, $file_name) {
// Do we need a / or not?
$added_slash = ($upload_path == '/') ? '' : '/';
$folder_id = DocumentManager::get_document_id(api_get_course_info(), $upload_path);
// Build the form
$form .= "<p><strong>".get_lang('MissingImagesDetected')."</strong></p>\n"
."<form method=\"post\" action=\"".api_get_self()."\" enctype=\"multipart/form-data\">\n"
$form .= "<p><strong>".get_lang('MissingImagesDetected')."</strong></p>"
."<form method=\"post\" action=\"".api_get_self()."\" enctype=\"multipart/form-data\">"
// Related_file is the path to the file that has missing images
."<input type=\"hidden\" name=\"related_file\" value=\"".$upload_path.$added_slash.$file_name."\" />\n"
."<input type=\"hidden\" name=\"upload_path\" value=\"".$upload_path."\" />\n"
."<table border=\"0\">\n";
."<input type=\"hidden\" name=\"related_file\" value=\"".$upload_path.$added_slash.$file_name."\" />"
."<input type=\"hidden\" name=\"upload_path\" value=\"".$upload_path."\" />"
."<input type=\"hidden\" name=\"id\" value=\"".$folder_id."\" />"
."<table border=\"0\">";
foreach ($missing_files as & $this_img_file_path) {
$form .= "<tr>\n"
."<td>".basename($this_img_file_path)." : </td>\n"
$form .= "<tr>"
."<td>".basename($this_img_file_path)." : </td>"
."<td>"
."<input type=\"file\" name=\"img_file[]\"/>"
."<input type=\"hidden\" name=\"img_file_path[]\" value=\"".$this_img_file_path."\" />"
."</td>\n"
."</tr>\n";
."</td>"
."</tr>";
}
$form .= "</table>\n"
$form .= "</table>"
."<button type='submit' name=\"cancel_submit_image\" value=\"".get_lang('Cancel')."\" class=\"cancel\">".get_lang('Cancel')."</button>"
."<button type='submit' name=\"submit_image\" value=\"".get_lang('Ok')."\" class=\"save\">".get_lang('Ok')."</button>"
."</form>\n";
."</form>";
return $form;
}

5
main/upload/upload.document.php
Unescape View File

@ -98,9 +98,8 @@ if(isset($_FILES['user_upload']))
}
}
//missing images are submitted
if(isset($_POST['submit_image']))
{
$number_of_uploaded_images = count($_FILES['img_file']['name']);
if(isset($_POST['submit_image'])) {
$number_of_uploaded_images = count($_FILES['img_file']['name']);
//if images are uploaded
if ($number_of_uploaded_images > 0)
{

Write Preview
Loading…
Cancel
Save