Adding "c_student_publication.filename" field in order to separate the changes between the title and the file name see BT#6418 If the column does not exists the tool works as usual.

12 years ago · efdc138249
parent 5b871bea00
commit efdc138249
3 changed files with 67 additions and 27 deletions
--- a/main/work/download.php
+++ b/main/work/download.php
@ -37,7 +37,8 @@ if (empty($course_info)) {
 $tbl_student_publication = Database::get_course_table(TABLE_STUDENT_PUBLICATION);

 if (!empty($course_info['real_id'])) {
-    $sql = 'SELECT * FROM '.$tbl_student_publication.' WHERE c_id = '.$course_info['real_id'].' AND id = "'.$id.'"';
+    $sql = 'SELECT * FROM '.$tbl_student_publication.'
+            WHERE c_id = '.$course_info['real_id'].' AND id = "'.$id.'"';
    $result = Database::query($sql);
    if ($result && Database::num_rows($result)) {
        $row = Database::fetch_array($result, 'ASSOC');
@ -48,7 +49,7 @@ if (!empty($course_info['real_id'])) {
        allowOnlySubscribedUser(api_get_user_id(), $row['parent_id'], $course_info['real_id']);

        if (empty($item_info)) {
-            exit;
+            api_not_allowed();
        }

        /*
@ -84,7 +85,14 @@ if (!empty($course_info['real_id'])) {
            //|| (!$doc_visible_for_all && $work_is_visible && $student_is_owner_of_work)
            || ($student_is_owner_of_work)
            || ($doc_visible_for_all && $work_is_visible)) {
-            $title = str_replace(' ', '_', $row['title']);
+
+            $title = $row['title'];
+
+            if (array_key_exists('filename', $row) && !empty($row['filename'])) {
+                $title = $row['filename'];
+            }
+
+            $title = str_replace(' ', '_', $title);
            event_download($title);
            if (Security::check_abs_path($full_file_name, api_get_path(SYS_COURSE_PATH).api_get_course_path().'/')) {
                DocumentManager::file_send_for_download($full_file_name, true, $title);
--- a/main/work/downloadfolder.inc.php
+++ b/main/work/downloadfolder.inc.php
@ -52,9 +52,14 @@ $prop_table              = Database::get_course_table(TABLE_ITEM_PROPERTY);
 $files = array();
 $course_id = api_get_course_int_id();

+$filenameCondition = null;
+if (array_key_exists('filename', $work_data)) {
+    $filenameCondition = ", filename";
+}
+
 if (api_is_allowed_to_edit()) {
    //Search for all files that are not deleted => visibility != 2
-    $sql = "SELECT DISTINCT url, title, description, insert_user_id, insert_date, contains_file
+    $sql = "SELECT DISTINCT url, title, description, insert_user_id, insert_date, contains_file $filenameCondition
            FROM $tbl_student_publication AS work INNER JOIN $prop_table AS props
                ON (
                    props.c_id = $course_id AND
@ -85,7 +90,7 @@ if (api_is_allowed_to_edit()) {
    }

    //for other users, we need to create a zipfile with only visible files and folders
-    $sql = "SELECT DISTINCT url, title, description, insert_user_id, insert_date, contains_file
+    $sql = "SELECT DISTINCT url, title, description, insert_user_id, insert_date, contains_file $filenameCondition
            FROM $tbl_student_publication AS work INNER JOIN $prop_table AS props
                ON (props.c_id = $course_id AND
                    work.c_id = $course_id AND
@ -109,20 +114,40 @@ while ($not_deleted_file = Database::fetch_assoc($query)) {
    $user_info = api_get_user_info($not_deleted_file['insert_user_id']);
    $insert_date = api_get_local_time($not_deleted_file['insert_date']);
    $insert_date = str_replace(array(':','-', ' '), '_', $insert_date);
-    $filename = $insert_date.'_'.$user_info['username'].'_'.basename($not_deleted_file['title']);
+
+    $title = basename($not_deleted_file['title']);
+    if (!empty($filenameCondition)) {
+        if (isset($not_deleted_file['filename']) && !empty($not_deleted_file['filename'])) {
+            $title = $not_deleted_file['filename'];
+        }
+    }
+
+    $filename = $insert_date.'_'.$user_info['username'].'_'.$title;

    if (file_exists($sys_course_path.$_course['path'].'/'.$not_deleted_file['url']) && !empty($not_deleted_file['url'])) {
        $files[basename($not_deleted_file['url'])] = $filename;
-        $zip_folder->add($sys_course_path.$_course['path'].'/'.$not_deleted_file['url'], PCLZIP_OPT_REMOVE_PATH, $sys_course_path.$_course['path'].'/work', PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
+        $zip_folder->add(
+            $sys_course_path.$_course['path'].'/'.$not_deleted_file['url'],
+            PCLZIP_OPT_REMOVE_PATH,
+            $sys_course_path.$_course['path'].'/work',
+            PCLZIP_CB_PRE_ADD,
+            'my_pre_add_callback'
+        );
    }

-    //Convert texts in html files
+    // Convert texts in html files
    if ($not_deleted_file['contains_file'] == 0) {
        $filename = trim($filename).".html";
        $work_temp = api_get_path(SYS_ARCHIVE_PATH).api_get_unique_id().'_'.$filename;
        file_put_contents($work_temp, $not_deleted_file['description']);
        $files[basename($work_temp)] = $filename;
-        $zip_folder->add($work_temp, PCLZIP_OPT_REMOVE_PATH, api_get_path(SYS_ARCHIVE_PATH), PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
+        $zip_folder->add(
+            $work_temp,
+            PCLZIP_OPT_REMOVE_PATH,
+            api_get_path(SYS_ARCHIVE_PATH),
+            PCLZIP_CB_PRE_ADD,
+            'my_pre_add_callback'
+        );
        @unlink($work_temp);
    }
 }
@ -146,12 +171,12 @@ if (!empty($files)) {
 /*	Extra function (only used here) */

 function my_pre_add_callback($p_event, &$p_header) {
-	global $files;
-	if (isset($files[basename($p_header['stored_filename'])])) {
-		$p_header['stored_filename'] = $files[basename($p_header['stored_filename'])];
-		return 1;
-	}
-	return 0;
+    global $files;
+    if (isset($files[basename($p_header['stored_filename'])])) {
+        $p_header['stored_filename'] = $files[basename($p_header['stored_filename'])];
+        return 1;
+    }
+    return 0;
 }

 /**
@ -163,13 +188,13 @@ function my_pre_add_callback($p_event, &$p_header) {
 * @return difference between the two arrays
 */
 function diff($arr1, $arr2) {
-	$res = array();
-	$r = 0;
-	foreach ($arr1 as $av) {
-		if (!in_array($av, $arr2)) {
-			$res[$r] = $av;
-			$r++;
-		}
-	}
-	return $res;
+    $res = array();
+    $r = 0;
+    foreach ($arr1 as $av) {
+        if (!in_array($av, $arr2)) {
+            $res[$r] = $av;
+            $r++;
+        }
+    }
+    return $res;
 }
--- a/main/work/upload.php
+++ b/main/work/upload.php
@ -194,6 +194,8 @@ if ($form->validate()) {

        // Check the token inserted into the form

+        $filename = null;
+
        if (isset($_POST['submitWork'])) {
            $url = null;
            $contains_file = 0;
@ -205,13 +207,13 @@ if ($form->validate()) {
                $updir = $currentCourseRepositorySys.'work/'; //directory path to upload

                // Try to add an extension to the file if it has'nt one
-                $new_file_name = add_ext_on_mime(stripslashes($_FILES['file']['name']), $_FILES['file']['type']);
+                $filename = add_ext_on_mime(stripslashes($_FILES['file']['name']), $_FILES['file']['type']);

                // Replace dangerous characters
-                $new_file_name = replace_dangerous_char($new_file_name, 'strict');
+                $filename = replace_dangerous_char($filename, 'strict');

                // Transform any .php file in .phps fo security
-                $new_file_name = php2phps($new_file_name);
+                $filename = php2phps($filename);

                $filesize = filesize($_FILES['file']['tmp_name']);

@ -269,6 +271,11 @@ if ($form->validate()) {

                Database::query($sql_add_publication);
                $id = Database::insert_id();
+
+                if ($id && array_key_exists('filename', $my_folder_data) && !empty($filename)) {
+                    $sql = "UPDATE $work_table SET filename = '$filename' WHERE c_id = $course_id AND id = $id";
+                    Database::query($sql);
+                }
            }

            if ($id) {