added limit for upload file in message - partial CT#190

main/inc/lib/message.lib.php

@@ -185,7 +185,18 @@ class MessageManager
         $receiver_user_id = intval($receiver_user_id);
         $parent_id = intval($parent_id);
 		$user_sender_id = api_get_user_id();
-
+		
+		$total_filesize = 0;
+		if (is_array($file_attachments)) {
+			foreach ($file_attachments as $file_attach) {
+				$total_filesize += $file_attach['size'];
+			}
+		}
+		
+		if ($total_filesize > intval(api_get_setting('message_max_upload_filesize'))) {			
+			return sprintf(get_lang("FilesSizeExceedsX"),format_file_size(api_get_setting('message_max_upload_filesize')));
+		}
+		
         if (!empty($receiver_user_id) || !empty($group_id)) {
         	// message for user friend
 	        $title = api_convert_encoding($title,$charset);
@@ -331,7 +342,6 @@ class MessageManager
 		
 		// user's file name
 		$file_name =$file_attach['name'];
-	
 		if (!filter_extension($new_file_name))  {
 			Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
 		} else {

main/install/dokeos_main.sql

@@ -744,7 +744,8 @@ VALUES
 ('students_download_folders',NULL,'radio','Tools','true','AllowStudentsDownloadFoldersTitle','AllowStudentsDownloadFoldersComment',NULL,NULL, 0),
 ('show_tabs', 'social', 'checkbox', 'Platform', 'true', 'ShowTabsTitle','ShowTabsComment',NULL,'TabsSocial', 0),
 ('allow_students_to_create_groups_in_social',NULL,'radio','Tools','false','AllowStudentsToCreateGroupsInSocialTitle','AllowStudentsToCreateGroupsInSocialComment',NULL,NULL, 0),
-('allow_send_message_to_all_platform_users',NULL,'radio','Tools','false','AllowSendMessageToAllPlatformUsersTitle','AllowSendMessageToAllPlatformUsersComment',NULL,NULL, 0);
+('allow_send_message_to_all_platform_users',NULL,'radio','Tools','false','AllowSendMessageToAllPlatformUsersTitle','AllowSendMessageToAllPlatformUsersComment',NULL,NULL, 0),
+('message_max_upload_filesize',NULL,'textfield','Tools','50000000','MessageMaxUploadFilesizeTitle','MessageMaxUploadFilesizeComment',NULL,NULL, 0);
 
 UNLOCK TABLES;
 /*!40000 ALTER TABLE settings_current ENABLE KEYS */;

main/install/migrate-db-1.8.6.1-1.8.6.2-pre.sql

@@ -84,6 +84,7 @@ INSERT INTO settings_current (variable, subkey, type, category, selected_value,
 INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_send_message_to_all_platform_users', 'true', 'Yes');
 INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_send_message_to_all_platform_users', 'false', 'No');
 
+INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('message_max_upload_filesize', NULL, 'textfield', 'Tools', '50000000', 'MessageMaxUploadFilesizeTitle','MessageMaxUploadFilesizeComment',NULL,NULL, 0);
 
 -- xxSTATSxx
 ALTER TABLE track_e_exercices ADD COLUMN expired_time_control datetime NOT NULL DEFAULT '0000-00-00 00:00:00';

main/messages/new_message.php

@@ -69,23 +69,36 @@ $(document).ready(function (){
           	});	
 });
 		
-var counter_image = 1;	
+var counter_image = 1;
+/*		
 function remove_image_form(id_elem1) {
 	var elem1 = document.getElementById(id_elem1);
-	elem1.parentNode.removeChild(elem1);        
-} 								
-function add_image_form() {
-    counter_image = counter_image + 1;														
+	elem1.parentNode.removeChild(elem1);			        
+}
+*/	
+function add_image_form() {    														
 	// Multiple filepaths for image form					
-	var filepaths = document.getElementById("filepaths");		
+	var filepaths = document.getElementById("filepaths");	
+	if (document.getElementById("filepath_"+counter_image)) {
+		counter_image = counter_image + 1;				
+	}  else {
+		counter_image = counter_image; 
+	}
 	var elem1 = document.createElement("div");			
 	elem1.setAttribute("id","filepath_"+counter_image);							
 	filepaths.appendChild(elem1);	
 	id_elem1 = "filepath_"+counter_image;		
 	id_elem1 = "\'"+id_elem1+"\'";
-	document.getElementById("filepath_"+counter_image).innerHTML = "<input type=\"file\" name=\"attach_"+counter_image+"\"  size=\"28\" />&nbsp;<input type=\"text\" name=\"legend[]\" size=\"28\" />&nbsp;<a href=\"javascript:remove_image_form("+id_elem1+")\"><img src=\"'.api_get_path(WEB_CODE_PATH).'img/delete.gif\"></a>";				
-}		
-		
+	//document.getElementById("filepath_"+counter_image).innerHTML = "<input type=\"file\" name=\"attach_"+counter_image+"\"  size=\"20\" />&nbsp;<a href=\"javascript:remove_image_form("+id_elem1+")\"><img src=\"'.api_get_path(WEB_CODE_PATH).'img/delete.gif\"></a>";						
+	document.getElementById("filepath_"+counter_image).innerHTML = "<input type=\"file\" name=\"attach_"+counter_image+"\"  size=\"28\" />&nbsp;<input type=\"text\" name=\"legend[]\" size=\"28\" /></a>";
+	if (filepaths.childNodes.length == 6) {		
+		var link_attach = document.getElementById("link-more-attach");		
+		if (link_attach) {
+			link_attach.innerHTML="";
+		}
+	}
+}
+				
 </script>';
 
 $nameTools = get_lang('ComposeMessage');
@@ -190,7 +203,7 @@ function manage_form ($default, $select_from_user_list = null) {
 				<input type="file" name="attach_1"  size="28" />
 				<input type="text" name="legend[]" size="28" />
 				</div></span></div></div>');
-		$form->addElement('html','<div class="row"><div class="formw"><a href="javascript://" onclick="return add_image_form()">'.get_lang('AddOneMoreFile').'</a>&nbsp;('.sprintf(get_lang('MaximunFileSizeXMB'),25).')</div></div>');
+		$form->addElement('html','<div class="row"><div class="formw"><span id="link-more-attach"><a href="javascript://" onclick="return add_image_form()">'.get_lang('AddOneMoreFile').'</a></span>&nbsp;('.sprintf(get_lang('MaximunFileSizeX'),format_file_size(api_get_setting('message_max_upload_filesize'))).')</div></div>');
 	}
 		
 	$form->addElement('style_submit_button','compose',api_xml_http_response_encode(get_lang('SendMessage')),'class="save"');
@@ -212,8 +225,14 @@ function manage_form ($default, $select_from_user_list = null) {
 		if (is_array($user_list) && count($user_list)> 0) {
 			//all is well, send the message
 			foreach ($user_list as $user) {				
-				MessageManager::send_message($user, $title, $content, $_FILES, $file_comments, $group_id, $parent_id);
-				MessageManager::display_success_message($user);	
+				$res = MessageManager::send_message($user, $title, $content, $_FILES, $file_comments, $group_id, $parent_id);
+				if ($res) {
+					if (is_string($res)) {
+						Display::display_error_message($res);
+					} else {
+						MessageManager::display_success_message($user);
+					}
+				}	
 			}			
 		} 		
 	} else {

main/social/group_add.php

@@ -14,6 +14,9 @@ require_once api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php';
 
 api_block_anonymous_users();
 
+if (api_get_setting('allow_students_to_create_groups_in_social') == 'false' && !api_is_allowed_to_edit()) {
+	api_not_allowed();
+}
 
 global $charset;
 $table_message = Database::get_main_table(TABLE_MESSAGE);

main/social/groups.php

@@ -28,7 +28,7 @@ function remove_image_form(id_elem1) {
 	var elem1 = document.getElementById(id_elem1);
 	elem1.parentNode.removeChild(elem1);
 	counter_image--;
-	var filepaths = document.getElementById("filepaths");		
+	var filepaths = document.getElementById("filepaths");	
 	if (filepaths.childNodes.length < 3) {		
 		var link_attach = document.getElementById("link-more-attach");		
 		if (link_attach) {
@@ -66,6 +66,12 @@ $interbreadcrumb[]= array ('url' =>'profile.php','name' => get_lang('Social'));
 $interbreadcrumb[]= array ('url' =>'#','name' => get_lang('Groups'));
 Display :: display_header($tool_name, 'Groups');
 
+//show the action menu
+SocialManager::show_social_menu();
+echo '<div class="actions-title">';
+echo get_lang('Groups');
+echo '</div>';
+
 // save message group
 if (isset($_POST['token']) && $_POST['token'] == $_SESSION['sec_token']) {
 	if (isset($_POST['action']) && $_POST['action']=='send_message_group') {	
@@ -73,19 +79,16 @@ if (isset($_POST['token']) && $_POST['token'] == $_SESSION['sec_token']) {
 		$content = $_POST['content'];
 		$group_id = $_POST['group_id'];
 		$parent_id = $_POST['parent_id'];	
-		MessageManager::send_message(0, $title, $content, $_FILES, '', $group_id, $parent_id);
+		$res = MessageManager::send_message(0, $title, $content, $_FILES, '', $group_id, $parent_id);		
+		if (is_string($res)) {			
+			Display::display_error_message($res);
+		}		
 		Security::clear_token();
 	}	
 } else {
 	$tok = Security::get_token();	
 }
 
-//show the action menu
-SocialManager::show_social_menu();
-echo '<div class="actions-title">';
-echo get_lang('Groups');
-echo '</div>';
-
 // getting group information
 $group_id	= intval($_GET['id']);
 	

main/social/message_for_group_form.inc.php

@@ -65,7 +65,7 @@ if (!empty($group_id)) {
 		   		 <br /><?php echo api_xml_http_response_encode(get_lang('AttachmentFiles')); ?> :<br />
 	
 				<span id="filepaths"><div id="filepath_1"><input type="file" name="attach_1" size="20" /></div></span>
-				<div id="link-more-attach"><a href="javascript://" onclick="return add_image_form()"><?php echo get_lang('AddOneMoreFile') ?></a>&nbsp;(<?php echo api_xml_http_response_encode(sprintf(get_lang('MaximunFileSizeXMB'),25)) ?>)</div>
+				<div id="link-more-attach"><a href="javascript://" onclick="return add_image_form()"><?php echo get_lang('AddOneMoreFile') ?></a>&nbsp;(<?php echo api_xml_http_response_encode(sprintf(get_lang('MaximunFileSizeX'),format_file_size(api_get_setting('message_max_upload_filesize')))) ?>)</div>
 		   		<!--button class="save" type="button" value="<?php echo api_xml_http_response_encode(get_lang('SendMessage')); ?>" onclick="return ajaxFileUpload()"><?php echo api_xml_http_response_encode(get_lang('SendMessage')) ?></button-->
 		   		<br />
 		   		<button class="save" type="submit" value="<?php echo api_xml_http_response_encode(get_lang('SendMessage')); ?>"><?php echo api_xml_http_response_encode(get_lang('SendMessage')) ?></button>