Debugging announcements DT#818

15 years ago · faf4e249c7
parent 29e4c1ad16
commit faf4e249c7
7 changed files with 380 additions and 26 deletions
--- a/main/announcements/announcements.inc.php
+++ b/main/announcements/announcements.inc.php
@ -27,6 +27,8 @@
 ==============================================================================
 */

+$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+
 /*
 ==============================================================================
 		DISPLAY FUNCTIONS
@ -534,6 +536,21 @@ function to_javascript()
 			cbList[i].selected = !(cbList[i].selected)
 		}
 	}
+	
+	
+function plus_attachment() {
+				if (document.getElementById('options').style.display == 'none') {
+					document.getElementById('options').style.display = 'block';
+					document.getElementById('plus').innerHTML='&nbsp;<img style=\"vertical-align:middle;\" src=\"../img/div_hide.gif\" alt=\"\" />&nbsp;".get_lang('AddAnAttachment')."';
+				} else {
+				document.getElementById('options').style.display = 'none';
+				document.getElementById('plus').innerHTML='&nbsp;<img style=\"vertical-align:middle;\" src=\"../img/div_show.gif\" alt=\"\" />&nbsp;".get_lang('AddAnAttachment')."';
+				}
+}
+	
+	
+	
+	
 	//	End	-->
 	</script>";
 }
@ -744,8 +761,7 @@ function change_visibility_announcement($tool,$id)
 	            STORE_ADVALVAS_ITEM
 ====================================================*/

-function store_advalvas_item($emailTitle,$newContent, $order, $to)
-{
+function store_advalvas_item($emailTitle,$newContent, $order, $to, $file_comment='') {

 	global $_course;
 	global $nameTools;
@ -757,11 +773,15 @@ function store_advalvas_item($emailTitle,$newContent, $order, $to)
 	$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
 	$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
 	$order = intval($order);
+	
 	// store in the table announcement
 	$sql = "INSERT INTO $tbl_announcement SET content = '$newContent', title = '$emailTitle', end_date = NOW(), display_order ='$order', session_id=".intval($_SESSION['id_session']);
 	$result = Database::query($sql,__FILE__,__LINE__) or die (mysql_error());
+	
+	//store the attach file
 	$last_id= Database::insert_id();
-
+	$save_attachment = add_announcement_attachment_file($last_id, $_FILES['user_upload'], $file_comment);
+	
 	// store in item_property (first the groups, then the users
 	if (!is_null($to)) // !is_null($to): when no user is selected we send it to everyone
 	{
@ -788,9 +808,7 @@ function store_advalvas_item($emailTitle,$newContent, $order, $to)
 	{
 		api_item_property_update($_course, TOOL_ANNOUNCEMENT, $last_id, "AnnouncementAdded", $_user['user_id'], '0');
 	}
-
 	return $last_id;
-
 }


@ -799,19 +817,23 @@ function store_advalvas_group_item($emailTitle,$newContent, $order, $to, $to_use
 	global $_course;
 	global $nameTools;
 	global $_user;
-
+	
 	global $tbl_announcement;
 	global $tbl_item_property;
-
+	
+	// database definitions
+	$tbl_announcement	= Database::get_course_table(TABLE_ANNOUNCEMENT);
+	
 	$newContent=stripslashes($newContent);
 	$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
 	$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
 	$order = intval($order);
+	
 	// store in the table announcement
 	$sql = "INSERT INTO $tbl_announcement SET content = '$newContent', title = '$emailTitle', end_date = NOW(), display_order ='$order', session_id=".intval($_SESSION['id_session']);
 	$result = Database::query($sql,__FILE__,__LINE__) or die (mysql_error());
-	$last_id= Database::insert_id();
-
+	$last_id = Database::insert_id();
+	
 	// store in item_property (first the groups, then the users
 	if (!isset($to_users)) // !isset($to): when no user is selected we send it to everyone
 	{
@ -849,7 +871,7 @@ function store_advalvas_group_item($emailTitle,$newContent, $order, $to, $to_use
 * This function stores the announcement Item in the table announcement
 * and updates the item_property also
 */
-function edit_advalvas_item($id,$emailTitle,$newContent,$to)
+function edit_advalvas_item($id,$emailTitle,$newContent,$to, $file_comment='')
 {

 	global $_course;
@ -862,16 +884,25 @@ function edit_advalvas_item($id,$emailTitle,$newContent,$to)
 	$newContent=stripslashes($newContent);
 	$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
 	$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
-
+	$order = intval($order);
+	
 	// store the modifications in the table announcement
-	$sql = "UPDATE $tbl_announcement SET content='$newContent', title = '$emailTitle' WHERE id='$id'";
-
+ 	$sql = "UPDATE $tbl_announcement SET content='$newContent', title = '$emailTitle' WHERE id='$id'";
 	$result = Database::query($sql,__FILE__,__LINE__) or die (mysql_error());
+	
+	if(empty($last_id)){
+		$last_id = $id;
+	$save_attachment = add_announcement_attachment_file($last_id, $_FILES['user_upload'], $file_comment);
+	
+	}
+	
+	$last_id = $id;
+	$edit_attachment = edit_announcement_attachment_file($last_id, $_FILES['user_upload'], $file_comment);

 	// we remove everything from item_property for this
 	$sql_delete="DELETE FROM $tbl_item_property WHERE ref='$id' AND tool='announcement'";
 	$result = Database::query($sql_delete,__FILE__,__LINE__) or die (mysql_error());
-
+	
 	// store in item_property (first the groups, then the users
 	if (!is_null($to)) // !is_null($to): when no user is selected we send it to everyone
 	{
@ -991,3 +1022,145 @@ function get_all_annoucement_by_user_course($course_db, $user_id)
 		return '';
 	}
 }
+
+/*
+==============================================================================
+		ATTACHMENT FUNCTIONS
+==============================================================================
+*/
+
+/**
+ * Show a list with all the attachments according to the post's id
+ * @param the post's id
+ * @return array with the post info
+ * @author Arthur Portugal
+ * @version November 2009, dokeos 1.8.6.2
+ */
+ 
+function get_attachment($announcement_id) {
+	
+	$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+	$announcement_id=Database::escape_string($announcement_id);
+	$row=array();
+	$sql = 'SELECT id,path, filename,comment FROM '. $tbl_announcement_attachment.' WHERE announcement_id = '.(int)$announcement_id.'';
+	$result=Database::query($sql, __FILE__, __LINE__);
+	if (Database::num_rows($result)!=0) {
+		$row=Database::fetch_array($result,ASSOC);
+	}
+	return $row;
+}
+
+/**
+ * This function add a attachment file into announcement
+ * @param string  a comment about file
+ * @param int last id from announcement table
+ *
+ */
+
+function add_announcement_attachment_file($last_id, $file = array(), $file_comment) {
+	global $_course;
+	$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+	
+	// Storing the attachments	
+    if(empty($_FILES['user_upload'])) {
+		$upload_ok = process_uploaded_file($_FILES['user_upload']);
+	}
+
+	if (!empty($upload_ok)) {
+			$courseDir   = $_course['path'].'/upload/announcements';
+			$sys_course_path = api_get_path(SYS_COURSE_PATH);
+			$updir = $sys_course_path.$courseDir;
+			
+			// Try to add an extension to the file if it hasn't one
+			$new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']);
+			// user's file name
+			$file_name =$_FILES['user_upload']['name'];
+
+			if (!filter_extension($new_file_name))  {
+				Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
+			} else {
+				$new_file_name = uniqid('');
+				$new_path=$updir.'/'.$new_file_name;
+				$result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path);
+				$safe_file_comment= Database::escape_string($file_comment);
+				$safe_file_name = Database::escape_string($file_name);
+				$safe_new_file_name = Database::escape_string($new_file_name);
+				// Storing the attachments if any
+				//if ($result) {
+					$sql='INSERT INTO '.$tbl_announcement_attachment.'(filename,comment, path,announcement_id,size) '.
+						 "VALUES ( '".$safe_file_name."', '".$file_comment."', '".$safe_new_file_name."' , '".$last_id."', '".$_FILES['user_upload']['size']."' )";
+					$result=Database::query($sql, __LINE__, __FILE__);
+					$message.=' / '.get_lang('FileUploadSucces').'<br />';
+
+					//$last_id_file=Database::insert_id();
+					//api_item_property_update($_course, 'announcement_attachment', $last_id_file ,'AnnouncementAttachmentAdded', api_get_user_id());
+
+				//}
+			}
+		}
+}
+
+/**
+ * This function edit a attachment file into announcement
+ * @param string  a comment about file
+ * @param int Agenda Id
+ *  @param int attachment file Id
+ */
+function edit_announcement_attachment_file($last_id, $file = array(), $file_comment) {
+
+	global $_course;
+	$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+	// Storing the attachments
+
+    if(!empty($_FILES['user_upload'])) {
+		$upload_ok = process_uploaded_file($_FILES['user_upload']);
+	}
+
+	if (!empty($upload_ok)) {
+			$courseDir   = $_course['path'].'/upload/announcements';
+			$sys_course_path = api_get_path(SYS_COURSE_PATH);
+			$updir = $sys_course_path.$courseDir;
+
+			// Try to add an extension to the file if it hasn't one
+			$new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']);
+			// user's file name
+			$file_name =$_FILES['user_upload'] ['name'];
+
+			if (!filter_extension($new_file_name))  {
+				Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
+			} else {
+				$new_file_name = uniqid('');
+				$new_path=$updir.'/'.$new_file_name;
+				$result= @move_uploaded_file($_FILES['user_upload']['tmp_name'], $new_path);
+				$safe_file_comment= Database::escape_string($file_comment);
+				$safe_file_name = Database::escape_string($file_name);
+				$safe_new_file_name = Database::escape_string($new_file_name);	
+				// Storing the attachments if any
+				//if ($result) {
+					$sql="UPDATE $tbl_announcement_attachment SET filename = '$safe_file_name', comment = '$safe_file_comment', path = '$safe_new_file_name', announcement_id = '$last_id', size ='".$_FILES['user_upload']['size']."'
+						 WHERE announcement_id = '$last_id'";
+					$result=Database::query($sql, __FILE__,__LINE__);
+					$message.=' / '.get_lang('FileUploadSucces').'<br />';
+					//api_item_property_update($_course, 'announcement_attachment', $last_id ,'AnnouncementAttachmentUpdated', api_get_user_id());
+
+				//}
+			}
+		}
+}
+
+/**
+ * This function delete a attachment file by id
+ * @param integer attachment file Id
+ *
+ */
+function delete_announcement_attachment_file($id) {
+
+	global $_course;
+	$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+	$id=Database::escape_string($id);	
+	$sql="DELETE FROM $tbl_announcement_attachment WHERE id = $id";
+	error_log($sql);
+	$result=Database::query($sql, __FILE__,__LINE__);
+	// update item_property
+	//api_item_property_update($_course, 'announcement_attachment',  $id,'AnnouncementAttachmentDeleted', api_get_user_id());
+}
--- a/main/announcements/announcements.php
+++ b/main/announcements/announcements.php
@ -1,4 +1,4 @@
-<?php //$Id: announcements.php 22259 2009-07-20 18:56:45Z ivantcholakov $
+<?php //$Id: announcements.php 2009-11-13 18:56:45Z aportugal $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -89,6 +89,7 @@ $tbl_session_course_user= Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USE
 $tbl_group     			= Database::get_course_table(TABLE_GROUP);
 $tbl_groupUser  		= Database::get_course_table(TABLE_GROUP_USER);
 $tbl_announcement		= Database::get_course_table(TABLE_ANNOUNCEMENT);
+$tbl_announcement_attachment = Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
 $tbl_item_property  	= Database::get_course_table(TABLE_ITEM_PROPERTY);

 /*
@ -137,6 +138,7 @@ if (!empty($_POST['addresources'])) // When the "Add Resource" button is clicked
 */
 event_access_tool(TOOL_ANNOUNCEMENT);

+
 /*
 -----------------------------------------------------------
 	Libraries
@ -148,7 +150,8 @@ require_once(api_get_path(INCLUDE_PATH).'lib/mail.lib.inc.php');
 require_once(api_get_path(INCLUDE_PATH).'conf/mail.conf.php');
 require_once(api_get_path(LIBRARY_PATH).'debug.lib.inc.php');
 require_once(api_get_path(LIBRARY_PATH).'tracking.lib.php');
-require_once(api_get_path(LIBRARY_PATH) . '/fckeditor/fckeditor.php');
+require_once(api_get_path(LIBRARY_PATH).'/fckeditor/fckeditor.php');
+require_once(api_get_path(LIBRARY_PATH).'fileUpload.lib.php');
 /*
 -----------------------------------------------------------
 	POST TO
@ -438,7 +441,8 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
 			$sql="SELECT * FROM  $tbl_announcement WHERE id='$id'";
 			$result = Database::query($sql,__FILE__,__LINE__);
 			$myrow = Database::fetch_array($result);
-
+			$last_id = $id;
+			$edit_attachment = edit_announcement_attachment_file($last_id, $_FILES['user_upload'], $file_comment);
 			if ($myrow) {
 				$announcement_to_modify 	= $myrow['id'];
 				$content_to_modify 		= $myrow['content'];
@ -533,6 +537,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed

 	$emailTitle=(!empty($_POST['emailTitle'])?$safe_emailTitle:'');
 	$newContent=(!empty($_POST['newContent'])?$safe_newContent:'');
+	
 	$submitAnnouncement=isset($_POST['submitAnnouncement'])?$_POST['submitAnnouncement']:0;

 	$id = 0;
@ -557,6 +562,7 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
 		} else {
 			//insert mode
 			if ($ctok == $_POST['sec_token']) {
+				
 				if (!$surveyid) {
 					$result = Database::query("SELECT MAX(display_order) FROM $tbl_announcement WHERE session_id=".intval($_SESSION['id_session'])." OR session_id=0",__FILE__,__LINE__);
 					list($orderMax) = Database::fetch_row($result);
@ -564,8 +570,8 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
 					if (!empty($_SESSION['toolgroup'])) {
 						$insert_id=store_advalvas_group_item($safe_emailTitle,$safe_newContent,$order,array('GROUP:'.$_SESSION['toolgroup']),$_POST['selectedform']);
 					} else {
-						$insert_id=store_advalvas_item($safe_emailTitle,$safe_newContent,$order,$_POST['selectedform']);
-					}
+						$insert_id=store_advalvas_item($safe_emailTitle,$safe_newContent,$order,$_POST['selectedform'],$_POST['file_comment']);
+					}					
 				    store_resources($_SESSION['source_type'],$insert_id);
 				    $_SESSION['select_groupusers']="hide";
 				    $message = get_lang('AnnouncementAdded');
@ -1015,7 +1021,7 @@ if ($display_form == true) {
 	$title_to_modify=stripslashes($title_to_modify);

 	// DISPLAY ADD ANNOUNCEMENT COMMAND
-	echo '<form method="post" name="f1" action="'.api_get_self().'?publish_survey='.Security::remove_XSS($surveyid).'&id='.Security::remove_XSS($_GET['id']).'&db_name='.$db_name.'&cidReq='.Security::remove_XSS($_GET['cidReq']).'" style="margin:0px;">'."\n";
+	echo '<form method="post" name="f1" enctype = "multipart/form-data" action="'.api_get_self().'?publish_survey='.Security::remove_XSS($surveyid).'&id='.Security::remove_XSS($_GET['id']).'&db_name='.$db_name.'&cidReq='.Security::remove_XSS($_GET['cidReq']).'" style="margin:0px;">'."\n";
 	if (empty($_GET['id'])) {
 		$form_name = get_lang('AddAnnouncement');
 	} else {
@ -1159,6 +1165,32 @@ if ($display_form == true) {

 	echo $oFCKeditor->CreateHtml();

+	//File attachment
+
+	echo '	<div style="float:left; padding:5px 5px;" >
+				<div class="label">
+					<a href="javascript://" onclick="return plus_attachment();"><span id="plus"><img style="vertical-align:middle;" src="../img/div_show.gif" alt="" />&nbsp;'.get_lang('AddAnAttachment').'</span></a>
+				</div>
+				<div class="formw">
+					<table id="options" style="display: none;">
+					<tr>
+						<td colspan="2">
+					        <label for="file_name">'.get_lang('FileName').'&nbsp;</label>
+					        <input type="file" name="user_upload"/>
+					    </td>
+					 </tr>
+					 <tr>
+					    <td colspan="2">
+					    	<label for="comment">'.get_lang('FileComment').'</label><br />
+					    	<textarea name="file_comment" rows ="4" cols = "34" ></textarea>
+					    </td>
+				    </tr>
+			    </table>
+			 </div>
+			</div>';
+
+
+
 	echo'<br />';
 	if (empty($_SESSION['toolgroup'])) {
 		echo '<input type="hidden" name="submitAnnouncement" value="OK">';
@ -1394,7 +1426,7 @@ if ($display_announcement_list && !$surveyid) {
 			$sent_to_form=sent_to_form($sent_to);
 			$user_info=api_get_user_info($myrow['insert_user_id']);

-				echo '&nbsp;&nbsp;&nbsp;'.get_lang('By').' : &nbsp;'.str_replace(' ', '&nbsp;', api_get_person_name($user_info['firstName'], $user_info['lastName']));
+			echo '&nbsp;&nbsp;&nbsp;'.get_lang('By').' : &nbsp;'.str_replace(' ', '&nbsp;', api_get_person_name($user_info['firstName'], $user_info['lastName']));
 			echo "\t\t\t\t\t</th>\n","\t\t\t\t</tr>\n";
 			echo "\t\t\t\t<tr class='row_odd'>\n\t\t\t\t\t<td class=\"announcements_datum\" colspan=\"3\">";
 			echo get_lang('AnnouncementPublishedOn')," : ",api_ucfirst(format_locale_date($dateFormatLong,strtotime($last_post_date)));
@ -1449,7 +1481,35 @@ if ($display_announcement_list && !$surveyid) {
 					echo	"<a href=\"".api_get_self()."?".api_get_cidreq()."&down=".$myrow["id"]."&sec_token=".$stok."\">".
 							Display::return_icon('down.gif', get_lang('Down'))."</a>";
 				}
-
+				
+				//delete attachment file
+				if($_GET['action'] == 'delete') {
+					$id = $_GET['id_attach'];
+					delete_announcement_attachment_file($id);
+				}
+					
+				// show attachment list
+				$attachment_list = array();
+				$attachment_list = get_attachment($myrow['id']);
+								
+				if (count($attachment_list)>0) {
+				$realname=$attachment_list['path'];
+				$user_filename=$attachment_list['filename'];
+				$full_file_name = 'download.php?file='.$realname;
+				echo '<br/>';
+				echo '<br/>';
+				echo Display::return_icon('attachment.gif',get_lang('Attachment'));
+				echo '<a href="'.$full_file_name.'';
+				echo ' "> '.$user_filename.' </a>';
+				echo '<span class="forum_attach_comment" >'.$attachment_list['comment'].'</span>';
+				
+				if (api_is_allowed_to_edit()) {
+					echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&action=delete&id_attach='.$attachment_list['id'].'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a><br />';
+				}
+				
+			}					
+	    		
+																	
 				echo "</td>\n</tr>\n";

 				$iterator ++;
@ -1468,6 +1528,7 @@ if ($display_announcement_list && !$surveyid) {
 echo "</table>";
 if (!empty($display_specific_announcement)) display_announcement($announcement_id);

+
 /*
 ==============================================================================
 		FOOTER
--- a/main/announcements/download.php
+++ b/main/announcements/download.php
@ -0,0 +1,93 @@
+<?php // $Id: announcements.php 2009-11-13 10:57:03Z aportugal $
+/*
+==============================================================================
+	Dokeos - elearning and course management software
+
+	Copyright (c) 2009 Dokeos SPRL
+
+	For a full list of contributors, see "credits.txt".
+	The full license can be read in "license.txt".
+
+	This program is free software; you can redistribute it and/or
+	modify it under the terms of the GNU General Public License
+	as published by the Free Software Foundation; either version 2
+	of the License, or (at your option) any later version.
+
+	See the GNU General Public License for more details.
+
+	Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
+	info@dokeos.com
+==============================================================================
+*/
+/**
+==============================================================================
+*	This file is responsible for  passing requested documents to the browser.
+*	Html files are parsed to fix a few problems with URLs,
+*	but this code will hopefully be replaced soon by an Apache URL
+*	rewrite mechanism.
+*
+*	@package dokeos.announcements
+==============================================================================
+*/
+
+/*
+==============================================================================
+		MAIN CODE
+==============================================================================
+*/
+
+session_cache_limiter('public');
+
+require_once '../inc/global.inc.php';
+$this_section=SECTION_COURSES;
+
+require_once api_get_path(LIBRARY_PATH).'document.lib.php';
+require_once 'announcements.inc.php';
+// IMPORTANT to avoid caching of documents
+header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
+header('Cache-Control: public');
+header('Pragma: no-cache');
+
+//protection
+api_protect_course_script(true);
+
+$doc_url = $_GET['file'];
+//change the '&' that got rewritten to '///' by mod_rewrite back to '&'
+$doc_url = str_replace('///', '&', $doc_url);
+//still a space present? it must be a '+' (that got replaced by mod_rewrite)
+$doc_url = str_replace(' ', '+', $doc_url);
+$doc_url = str_replace('/..', '', $doc_url); //echo $doc_url;
+
+if (!isset($_course)) {
+	api_not_allowed(true);
+}
+
+$full_file_name = api_get_path(SYS_COURSE_PATH).api_get_course_path().'/upload/announcements/'.$doc_url;
+//if the rewrite rule asks for a directory, we redirect to the document explorer
+if (is_dir($full_file_name))
+{
+	//remove last slash if present
+	//$doc_url = ($doc_url{strlen($doc_url)-1}=='/')?substr($doc_url,0,strlen($doc_url)-1):$doc_url;
+	//mod_rewrite can change /some/path/ to /some/path// in some cases, so clean them all off (Ren<EFBFBD>)
+	while ($doc_url{$dul = strlen($doc_url)-1}=='/') $doc_url = substr($doc_url,0,$dul);
+	//create the path
+	$document_explorer = api_get_path(WEB_COURSE_PATH).api_get_course_path(); // home course path
+	//redirect
+	header('Location: '.$document_explorer);
+}
+
+$tbl_announcement_attachment 	= Database::get_course_table(TABLE_ANNOUNCEMENT_ATTACHMENT);
+
+// launch event
+event_download($doc_url);
+
+$sql='SELECT filename FROM '.$tbl_announcement_attachment.'
+  	  WHERE path LIKE BINARY "'.$doc_url.'"';
+
+$result= Database::query($sql, __FILE__, __LINE__);
+$row= Database::fetch_array($result);
+$title = str_replace(' ','_', $row['filename']);
+DocumentManager::file_send_for_download($full_file_name,TRUE, $title);
+
+exit;
+?>
--- a/main/inc/lib/add_course.lib.inc.php
+++ b/main/inc/lib/add_course.lib.inc.php
@ -219,6 +219,8 @@ function prepare_course_repository($courseRepository, $courseId)
 	mkdir(api_get_path(SYS_COURSE_PATH).$courseRepository . "/upload/calendar", $perm);
 	mkdir(api_get_path(SYS_COURSE_PATH).$courseRepository . "/upload/calendar/images", $perm);
 	mkdir(api_get_path(SYS_COURSE_PATH).$courseRepository . "/work", $perm);
+	mkdir(api_get_path(SYS_COURSE_PATH).$courseRepository . "/upload/announcements", $perm);
+	mkdir(api_get_path(SYS_COURSE_PATH).$courseRepository . "/upload/announcements/images", $perm);

 	//create .htaccess in dropbox
 	$fp = fopen(api_get_path(SYS_COURSE_PATH).$courseRepository . "/dropbox/.htaccess", "w");
@ -283,7 +285,8 @@ function update_Db_course($courseDbName)
 	$TABLETOOLAGENDAATTACHMENT	= $courseDbName . 'calendar_event_attachment';

 	// Announcements
-	$TABLETOOLANNOUNCEMENTS 	= $courseDbName . 'announcement';
+	$TABLETOOLANNOUNCEMENTS 			= $courseDbName . 'announcement';
+	$TABLETOOLANNOUNCEMENTSATTACHMENT	= $courseDbName . 'announcement_attachment';

 	// Resourcelinker
 	$TABLEADDEDRESOURCES 		= $courseDbName . 'resource';
@ -402,7 +405,18 @@ function update_Db_course($courseDbName)
 	Database::query($sql, __FILE__, __LINE__);
 	$sql = "ALTER TABLE `".$TABLETOOLANNOUNCEMENTS . "` ADD INDEX ( session_id ) ";
 	Database::query($sql, __FILE__, __LINE__);
-
+	
+	// Announcement Attachment
+	$sql = "CREATE TABLE  `".$TABLETOOLANNOUNCEMENTSATTACHMENT."` (
+			  id int NOT NULL auto_increment,
+			  path varchar(255) NOT NULL,
+			  comment text,
+			  size int NOT NULL default 0,
+			  announcement_id int NOT NULL,
+			  filename varchar(255) NOT NULL,
+			  PRIMARY KEY (id)
+			)";
+	Database::query($sql, __FILE__, __LINE__);

 	/*
 	-----------------------------------------------------------
--- a/main/inc/lib/database.lib.php
+++ b/main/inc/lib/database.lib.php
@ -134,6 +134,7 @@ define('TABLE_AGENDA_REPEAT', 'calendar_event_repeat');
 define('TABLE_AGENDA_REPEAT_NOT', 'calendar_event_repeat_not');
 define('TABLE_AGENDA_ATTACHMENT', 'calendar_event_attachment');
 define('TABLE_ANNOUNCEMENT', 'announcement');
+define('TABLE_ANNOUNCEMENT_ATTACHMENT', 'announcement_attachment');
 define('TABLE_CHAT_CONNECTED', 'chat_connected'); // @todo: probably no longer in use !!!
 define('TABLE_COURSE_DESCRIPTION', 'course_description');
 define('TABLE_DOCUMENT', 'document');
--- a/main/install/migrate-db-1.8.6.1-1.8.6.2-pre.sql
+++ b/main/install/migrate-db-1.8.6.1-1.8.6.2-pre.sql
@ -35,7 +35,9 @@ INSERT INTO settings_options (variable, value, display_text) VALUES ('show_gloss
 INSERT INTO settings_options (variable, value, display_text) VALUES ('show_glossary_in_extra_tools', 'false', 'No');

 CREATE TABLE user_tag (id int NOT NULL auto_increment, tag varchar(255) NOT NULL, field_id int NOT NULL, count int NOT NULL, PRIMARY KEY  (id));
-CREATE TABLE user_rel_tag (id int NOT NULL auto_increment,user_id int NOT NULL,tag_id int NOT NULL, PRIMARY KEY  (id));
+CREATE TABLE user_rel_tag (id int NOT NULL auto_increment,user_id int NOT NULL,tag_id int NOT NULL, PRIMARY KEY  (id));
+
+CREATE TABLE announcement_attachment ( id int NOT NULL auto_increment, path varchar(255) NOT NULL, comment text, size int NOT NULL default 0, announcement_id int NOT NULL, filename varchar(255) NOT NULL, PRIMARY KEY (id) );

 INSERT INTO settings_current (variable, subkey, type, category, selected_value, title, comment, scope, subkeytext, access_url_changeable) VALUES ('send_email_to_admin_when_create_course',NULL,'radio','Platform','false','SendEmailToAdminTitle','SendEmailToAdminComment',NULL,NULL, 1);
 INSERT INTO settings_options (variable, value, display_text) VALUES ('send_email_to_admin_when_create_course','true','Yes');
@ -67,4 +69,4 @@ ALTER TABLE dropbox_category ADD COLUMN session_id smallint NOT NULL DEFAULT 0,
 ALTER TABLE chat_connected ADD COLUMN session_id  smallint NOT NULL DEFAULT 0;
 ALTER TABLE chat_connected ADD COLUMN to_group_id INT NOT NULL DEFAULT 0;
 ALTER TABLE chat_connected DROP PRIMARY KEY;  
-ALTER TABLE chat_connected ADD INDEX char_connected_index(user_id,session_id,to_group_id);  
+ALTER TABLE chat_connected ADD INDEX char_connected_index(user_id,session_id,to_group_id);  
--- a/main/install/update-files-1.8.6.1-1.8.6.2.inc.php
+++ b/main/install/update-files-1.8.6.1-1.8.6.2.inc.php
@ -68,6 +68,16 @@ if (defined('DOKEOS_INSTALL') || defined('DOKEOS_COURSE_UPDATE'))
 	if(!is_dir($pathForm.'home/default_platform_document/template_thumb')){
 		mkdir($pathForm.'home/default_platform_document/template_thumb',$perm);
 	}
+	
+	//upload > announcements
+	if(!is_dir($currentCourseRepositorySys."upload/announcements")){
+		mkdir($currentCourseRepositorySys."upload/announcements",$perm);
+		}
+
+	//upload > announcements > images
+	if(!is_dir($currentCourseRepositorySys."upload/announcements/images")){
+		mkdir($currentCourseRepositorySys."upload/announcements/images",$perm);
+		}

 }
 else