Admin: Add configuration setting 'skip_scorm_package_clean_up' BT#16922

Skip rename the scorm files (except .htaccess and php files)
6 years ago · c674baa7c2
parent 977fbdcdde
commit c674baa7c2
3 changed files with 42 additions and 10 deletions
--- a/main/inc/lib/fileUpload.lib.php
+++ b/main/inc/lib/fileUpload.lib.php
@ -1221,6 +1221,27 @@ function clean_up_files_in_zip($p_event, &$p_header)
    return 1;
 }
 function cleanZipFilesNoRename($p_event, &$p_header)
 {
    $originalStoredFileName = $p_header['stored_filename'];
    $baseName = basename($originalStoredFileName);
    // Skip files
    $skipFiles = [
        '__MACOSX',
        '.Thumbs.db',
        'Thumbs.db',
    ];
    if (in_array($baseName, $skipFiles)) {
        return 0;
    }
    $modifiedStoredFileName = clean_up_path($originalStoredFileName, false);
    $p_header['filename'] = str_replace($originalStoredFileName, $modifiedStoredFileName, $p_header['filename']);
    return 1;
 }
 /**
 * Allow .htaccess file.
 *
@ -1260,13 +1281,14 @@ function cleanZipFilesAllowHtaccess($p_event, &$p_header)
 * by eliminating dangerous file names and cleaning them.
 *
 * @param string $path
 * @param bool   $replaceName
 *
 * @return string
 *
 * @see disable_dangerous_file()
 * @see api_replace_dangerous_char()
 */
-function clean_up_path($path)
+function clean_up_path($path, $replaceName = true)
 {
    // Split the path in folders and files
    $path_array = explode('/', $path);
@ -1274,7 +1296,10 @@ function clean_up_path($path)
    foreach ($path_array as $key => &$val) {
        // We don't want to lose the dots in ././folder/file (cfr. zipfile)
        if ($val != '.') {
-            $val = disable_dangerous_file(api_replace_dangerous_char($val));
+            if ($replaceName) {
                $val = api_replace_dangerous_char($val);
            }
            $val = disable_dangerous_file($val);
        }
    }
    // Join the "cleaned" path (modified in-place as passed by reference)
--- a/main/install/configuration.dist.php
+++ b/main/install/configuration.dist.php
@ -1390,7 +1390,7 @@ ALTER TABLE notification_event ADD COLUMN event_id INT NULL;
 //$_configuration['scorm_api_username_as_student_id'] = false;
 // In Scorm comunication use a specific extra field instead of the user_id
-//$_configuration['scorm_api_extrafield_to_use_as_student_id'] = "";
+//$_configuration['scorm_api_extrafield_to_use_as_student_id'] = '';
 // Show online user only to Administrators
 //$_configuration['whoisonline_only_for_admin'] = false;
@ -1419,6 +1419,9 @@ ALTER TABLE notification_event ADD COLUMN event_id INT NULL;
 // id of the admin to attach user session
 //$_configuration['session_automatic_creation_user_id'] = 1;
 // Skip scorm package file names clean up
 //$_configuration['skip_scorm_package_clean_up'] = false;
 // KEEP THIS AT THE END
 // -------- Custom DB changes
 // Add user activation by confirmation email
--- a/main/lp/scorm.class.php
+++ b/main/lp/scorm.class.php
@ -752,6 +752,10 @@ class scorm extends learnpath
                $callBack = 'cleanZipFilesAllowHtaccess';
            }
            if (api_get_configuration_value('skip_scorm_package_clean_up')) {
                $callBack = 'cleanZipFilesNoRename';
            }
            $zipFile->extract(
                PCLZIP_CB_PRE_EXTRACT,
                $callBack