chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Minor - Code style

Browse Source
pull/2487/head
Yannick Warnier 9 years ago
parent b467be4456
commit c7def978da
1 changed files with 64 additions and 45 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 109
      main/exercise/Hpdownload.php

109
main/exercise/Hpdownload.php
Unescape View File

@ -12,12 +12,12 @@
session_cache_limiter('public');
require_once __DIR__.'/../inc/global.inc.php';
$this_section=SECTION_COURSES;
$this_section = SECTION_COURSES;
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$doc_url=str_replace(array('../','\\..','\\0','..\\'),array('','','',''),urldecode($_GET['doc_url']));
$filename=basename($doc_url);
$doc_url = str_replace(array('../','\\..','\\0','..\\'),array('','','',''),urldecode($_GET['doc_url']));
$filename = basename($doc_url);
// launch event
//Event::event_download($doc_url);
@ -29,34 +29,54 @@ if (isset($_course['path'])) {
$full_file_name = $course_path.Security::remove_XSS($doc_url);
}
if(!is_file($full_file_name)) {
if (!is_file($full_file_name)) {
exit;
}
if (!Security::check_abs_path($full_file_name, $course_path.'/')) {
if (!Security::check_abs_path($full_file_name, $course_path . '/')) {
exit;
}
$extension=explode('.',$filename);
$extension=strtolower($extension[sizeof($extension)-1]);
$extension = explode('.', $filename);
$extension = strtolower($extension[sizeof($extension) - 1]);
switch($extension) {
case 'gz': $content_type='application/x-gzip'; break;
case 'zip': $content_type='application/zip'; break;
case 'pdf': $content_type='application/pdf'; break;
case 'png': $content_type='image/png'; break;
case 'gif': $content_type='image/gif'; break;
case 'jpg': $content_type='image/jpeg'; break;
case 'txt': $content_type='text/plain'; break;
case 'htm': $content_type='text/html'; break;
case 'html': $content_type='text/html'; break;
default: $content_type='application/octet-stream'; break;
case 'gz':
$content_type = 'application/x-gzip';
break;
case 'zip':
$content_type = 'application/zip';
break;
case 'pdf':
$content_type = 'application/pdf';
break;
case 'png':
$content_type = 'image/png';
break;
case 'gif':
$content_type = 'image/gif';
break;
case 'jpg':
$content_type = 'image/jpeg';
break;
case 'txt':
$content_type = 'text/plain';
break;
case 'htm':
$content_type = 'text/html';
break;
case 'html':
$content_type = 'text/html';
break;
default:
$content_type = 'application/octet-stream';
break;
}
header('Content-disposition: filename='.$filename);
header('Content-Type: '.$content_type);
header('Expires: '.gmdate('D, d M Y H:i:s',time()+10).' GMT');
header('Last-Modified: '.gmdate('D, d M Y H:i:s',time()+10).' GMT');
header('Content-disposition: filename=' . $filename);
header('Content-Type: ' . $content_type);
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 10) . ' GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time() + 10) . ' GMT');
/*
Dynamic parsing section
@ -69,11 +89,11 @@ header('Last-Modified: '.gmdate('D, d M Y H:i:s',time()+10).' GMT');
if ($content_type == 'text/html') {
$directory_name = dirname($full_file_name);
$coursePath = api_get_path(SYS_COURSE_PATH);
$dir=str_replace(array('\\', $coursePath . $_course['path'] . '/document'), array('/', ''), $directory_name);
$dir=str_replace(array('\\',$_configuration['root_sys']."courses/".$_course['path'].'/document'),array('/',''),$directory_name);
if($dir[strlen($dir)-1] != '/') {
$dir.='/';
if ($dir[strlen($dir)-1] != '/') {
$dir .= '/';
}
@ -82,15 +102,14 @@ if ($content_type == 'text/html') {
$file_content = fread ($fp, filesize ($full_file_name));
fclose($fp);
$exercisePath = api_get_self();
$exfile = explode('/',$exercisePath);
$exfile = $exfile[sizeof($exfile)-1];
$exercisePath = substr($exercisePath,0,strpos($exercisePath,$exfile));
$exercisePath = $exercisePath;
$exfile = explode('/', $exercisePath);
$exfile = $exfile[sizeof($exfile) - 1];
$exercisePath = substr($exercisePath,0,strpos($exercisePath, $exfile));
$content = $file_content;
$mit = "function Finish(){";
$content = $file_content;
$mit = "function Finish(){";
$js_content = "var SaveScoreVariable = 0; // This variable included by Dokeos System\n".
$js_content = "var SaveScoreVariable = 0; // This variable included by Dokeos System\n".
"function mySaveScore() // This function included by Dokeos System\n".
"{\n".
" if (SaveScoreVariable==0)\n".
@ -109,28 +128,28 @@ if ($content_type == 'text/html') {
"// Must be included \n".
"function Finish(){\n".
" mySaveScore();";
$newcontent = str_replace($mit,$js_content,$content);
$newcontent = str_replace($mit, $js_content, $content);
$prehref="javascript:void(0);";
$posthref = api_get_path(WEB_CODE_PATH) . "main/exercise/Hpdownload.php?doc_url=".$doc_url."&cid=".$cid."&uid=".$uid;
$newcontent = str_replace($prehref,$posthref,$newcontent);
$prehref = "javascript:void(0);";
$posthref = api_get_path(WEB_CODE_PATH) . "main/exercise/Hpdownload.php?doc_url=" . $doc_url . "&cid=" . $cid . "&uid=" . $uid;
$newcontent = str_replace($prehref, $posthref, $newcontent);
$prehref="class=\"GridNum\" onclick=";
$posthref="class=\"GridNum\" onMouseover=";
$newcontent = str_replace($prehref,$posthref,$newcontent);
$prehref = "class=\"GridNum\" onclick=";
$posthref = "class=\"GridNum\" onMouseover=";
$newcontent = str_replace($prehref, $posthref, $newcontent);
header('Content-length: '.strlen($newcontent));
// Dipsp.
echo $newcontent;
header('Content-length: '.strlen($newcontent));
// Dipsp.
echo $newcontent;
exit();
}
//normal case, all non-html files
//header('Content-length: '.filesize($full_file_name));
$fp=fopen($full_file_name,'rb');
//header('Content-length: ' . filesize($full_file_name));
$fp = fopen($full_file_name, 'rb');
fpassthru($fp);
fclose($fp);
?>

Write Preview
Loading…
Cancel
Save