'../group/group.php', 'name' => get_lang('Groups')); $interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.api_get_group_id(), 'name' => get_lang('GroupSpace').' '.$group_properties['name']); //they are allowed to upload $group_member_with_upload_rights = true; } else { $to_group_id = 0; $req_gid = ''; } } elseif ($group_properties['doc_state'] == 1) { // Documents are public $to_group_id = api_get_group_id(); $req_gid = '&gidReq='.api_get_group_id(); $interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups')); $interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq='.api_get_group_id(), 'name' => get_lang('GroupSpace').' '.$group_properties['name']); //allowed to upload? if ($is_allowed_to_edit || GroupManager::is_subscribed(api_get_user_id(), api_get_group_id())) { // Only courseadmin or group members can upload $group_member_with_upload_rights = true; } } else { // Documents not active for this group $to_group_id = 0; $req_gid = ''; } $_SESSION['group_member_with_upload_rights'] = $group_member_with_upload_rights; } else { $_SESSION['group_member_with_upload_rights'] = false; $to_group_id = 0; $req_gid = ''; } //Actions $document_id = intval($_REQUEST['id']); $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null; $message = ''; switch ($action) { case 'download': $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id()); // Check whether the document is in the database if (empty($document_data)) { api_not_allowed(); } // Launch event event_download($document_data['url']); // Check visibility of document and paths if (!($is_allowed_to_edit || $group_member_with_upload_rights) && !DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id())) { api_not_allowed(true); } $full_file_name = $base_work_dir.$document_data['path']; if (Security::check_abs_path($full_file_name, $base_work_dir.'/')) { DocumentManager::file_send_for_download($full_file_name, true); } exit; break; case 'downloadfolder' : if (api_get_setting('students_download_folders') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) { $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id()); //filter when I am into shared folder, I can donwload only my shared folder if (is_any_user_shared_folder($document_data['path'], $session_id)) { if (is_my_shared_folder(api_get_user_id(), $document_data['path'], $session_id) || api_is_allowed_to_edit() || api_is_platform_admin()){ require 'downloadfolder.inc.php'; } } else { require 'downloadfolder.inc.php'; } exit; } break; case 'export_to_pdf' : if (api_get_setting('students_export2pdf') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) { DocumentManager::export_to_pdf($document_id, $course_code); } break; case 'copytomyfiles': // Copy a file to general my files user's if (api_get_setting('users_copy_files') == 'true' && api_get_user_id() != 0 && !api_is_anonymous()) { $document_info = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true); $parent_id = $document_info['parent_id']; $my_path = UserManager::get_user_picture_path_by_id(api_get_user_id(),'system'); $user_folder = $my_path['dir'].'my_files/'; $my_path = null; if (!file_exists($user_folder)) { $perm = api_get_permissions_for_new_directories(); @mkdir($user_folder, $perm, true); } $file = $sys_course_path.$_course['path'].'/document'.$document_info['path']; $copyfile = $user_folder.basename($document_info['path']); $cidReq = Security::remove_XSS($_GET['cidReq']); $id_session= Security::remove_XSS($_GET['id_session']); $gidReq= Security::remove_XSS($_GET['gidReq']); $id= Security::remove_XSS($_GET['id']); if(empty($parent_id)){ $parent_id=0; } $file_link = Display::url(get_lang('SeeFile'), api_get_path(WEB_CODE_PATH).'social/myfiles.php?cidReq='.$cidReq.'&id_session='.$id_session.'&gidReq='.$gidReq.'&parent_id='.$parent_id); if (file_exists($copyfile)) { $message = get_lang('CopyAlreadyDone').'
'; $message .= ''.get_lang("No").' | '.get_lang('Yes').'
'; if (!isset($_GET['copy'])) { $message = Display::return_message($message, 'warning', false); } if (Security::remove_XSS($_GET['copy']) == 'yes') { if (!copy($file, $copyfile)) { $message = Display::return_message(get_lang('CopyFailed'), 'error'); } else { $message = Display::return_message(get_lang('OverwritenFile').' '.$file_link, 'confirmation', false); } } } else { if (!copy($file, $copyfile)) { $message = Display::return_message(get_lang('CopyFailed'), 'error'); } else { $message = Display::return_message(get_lang('CopyMade').' '.$file_link, 'confirmation', false); /*$doc_id = add_document($_course, $copyfile , 'file', filesize($copyfile), $document_info['title']); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], null, null, null, null, $session_id);*/ } } } break; } // I'm in the certification module? $is_certificate_mode = DocumentManager::is_certificate_mode($_GET['curdirpath']); if (isset($_REQUEST['certificate']) && $_REQUEST['certificate'] == 'true') { $is_certificate_mode = true; } //If no actions we proceed to show the document (Hack in order to use document.php?id=X) if (isset($document_id) && empty($action)) { $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true); //If the document is not a folder we show the document if ($document_data) { $parent_id = $document_data['parent_id']; //$visibility = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id()); $visibility = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id()); if (!empty($document_data['filetype']) && $document_data['filetype'] == 'file') { if ($visibility && api_is_allowed_to_session_edit()) { $url = api_get_path(WEB_COURSE_PATH).$course_info['path'].'/document'.$document_data['path'].'?'.api_get_cidreq(); header("Location: $url"); } exit; } else { if (!$visibility && !api_is_allowed_to_edit()) { api_not_allowed(); } } $_GET['curdirpath'] = $document_data['path']; } // What's the current path? // We will verify this a bit further down if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') { $curdirpath = Security::remove_XSS($_GET['curdirpath']); } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') { $curdirpath = Security::remove_XSS($_POST['curdirpath']); } else { $curdirpath = '/'; } $curdirpathurl = urlencode($curdirpath); } else { // What's the current path? // We will verify this a bit further down if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') { $curdirpath = Security::remove_XSS($_GET['curdirpath']); } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') { $curdirpath = Security::remove_XSS($_POST['curdirpath']); } else { $curdirpath = '/'; } $curdirpathurl = urlencode($curdirpath); // Check the path // If the path is not found (no document id), set the path to / $document_id = DocumentManager::get_document_id($course_info, $curdirpath); if (!$document_id) { $document_id = DocumentManager::get_document_id($course_info, $curdirpath); } $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true); $parent_id = $document_data['parent_id']; } if (isset($document_data) && $document_data['path'] == '/certificates') { $is_certificate_mode = true; } if (!$parent_id) { $parent_id = 0; } $current_folder_id = $document_id; // Show preview if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isset($_GET['set_preview']) && $_GET['set_preview'] == strval(intval($_GET['set_preview']))) { if (isset($_GET['set_preview'])) { // Generate document HTML $content_html = DocumentManager::replace_user_info_into_html(api_get_user_id(), api_get_course_id(), true); $new_content_html = $content_html['content']; $path_image = api_get_path(WEB_COURSE_PATH).api_get_course_path().'/document/images/gallery'; $new_content_html = str_replace('../images/gallery', $path_image, $new_content_html); $path_image_in_default_course = api_get_path(WEB_CODE_PATH).'default_course_document'; $new_content_html = str_replace('/main/default_course_document', $path_image_in_default_course, $new_content_html); $new_content_html = str_replace('/main/img/', api_get_path(WEB_IMG_PATH), $new_content_html); echo ''; echo ' ' . get_lang('Print') . ''; print_r($new_content_html); exit; } } // Is the document tool visible? // Check whether the tool is actually visible $table_course_tool = Database::get_course_table(TABLE_TOOL_LIST); $course_id = api_get_course_int_id(); $tool_sql = 'SELECT visibility FROM ' . $table_course_tool . ' WHERE c_id = '.$course_id.' AND name = "'. TOOL_DOCUMENT .'" LIMIT 1'; $tool_result = Database::query($tool_sql); $tool_row = Database::fetch_array($tool_result); $tool_visibility = $tool_row['visibility']; if ($tool_visibility == '0' && $to_group_id == '0' && !($is_allowed_to_edit || $group_member_with_upload_rights)) { api_not_allowed(true); } $htmlHeadXtra[] = ""; // If they are looking at group documents they can't see the root if ($to_group_id != 0 && $curdirpath == '/') { $curdirpath = $group_properties['directory']; $curdirpathurl = urlencode($group_properties['directory']); } // Check visibility of the current dir path. Don't show anything if not allowed //@todo check this validation for coaches //if (!$is_allowed_to_edit || api_is_coach()) { before if (!$is_allowed_to_edit && api_is_coach()) { if ($curdirpath != '/' && !(DocumentManager::is_visible($curdirpath, $_course, api_get_session_id(),'folder'))) { api_not_allowed(true); } } /* Create shared folders */ if ($session_id == 0) { //Create shared folder. Necessary for courses recycled. Allways session_id should be zero. Allway should be created from a base course, never from a session. if (!file_exists($base_work_dir.'/shared_folder')) { $usf_dir_title = get_lang('UserFolders'); $usf_dir_name = '/shared_folder'; $to_group_id = 0; $visibility = 0; create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility); } // Create dynamic user shared folder if (!file_exists($base_work_dir.'/shared_folder/sf_user_'.api_get_user_id())) { $usf_dir_title = api_get_person_name($_user['firstName'], $_user['lastName']); $usf_dir_name = '/shared_folder/sf_user_'.api_get_user_id(); $to_group_id = 0; $visibility = 1; create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility); } } else { //Create shared folder session if (!file_exists($base_work_dir.'/shared_folder_session_'.$session_id)) { $usf_dir_title = get_lang('UserFolders').' ('.api_get_session_name($session_id).')'; $usf_dir_name = '/shared_folder_session_'.$session_id; $to_group_id = 0; $visibility = 0; create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility); } //Create dynamic user shared folder into a shared folder session if (!file_exists($base_work_dir.'/shared_folder_session_'.$session_id.'/sf_user_'.api_get_user_id())) { $usf_dir_title = api_get_person_name($_user['firstName'], $_user['lastName']).'('.api_get_session_name($session_id).')'; $usf_dir_name = '/shared_folder_session_'.$session_id.'/sf_user_'.api_get_user_id(); $to_group_id = 0; $visibility = 1; create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility); } } /* MAIN SECTION */ // Slideshow inititalisation $_SESSION['image_files_only'] = ''; $image_files_only = ''; /* Header */ if ($is_certificate_mode) { $interbreadcrumb[]= array('url' => '../gradebook/index.php', 'name' => get_lang('Gradebook')); } else { if ((isset($_GET['id']) && $_GET['id'] != 0) || isset($_GET['curdirpath']) || isset($_GET['createdir'])) { $interbreadcrumb[]= array('url' => 'document.php', 'name' => get_lang('Documents')); } else { $interbreadcrumb[]= array('url' => '#', 'name' => get_lang('Documents')); } } // Interbreadcrumb for the current directory root path if (empty($document_data['parents'])) { if (isset($_GET['createdir'])) { $interbreadcrumb[] = array('url' => $document_data['document_url'], 'name' => $document_data['title']); } else { $interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']); } } else { $counter = 0; foreach($document_data['parents'] as $document_sub_data) { //fixing double group folder in breadcrumb if (api_get_group_id()) { if ($counter == 0) { $counter++; continue; } } if (!isset($_GET['createdir']) && $document_sub_data['id'] == $document_data['id']) { $document_sub_data['document_url'] = '#'; } $interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']); $counter++; } } if (isset($_GET['createdir'])) { $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('CreateDir')); } $js_path = api_get_path(WEB_LIBRARY_PATH).'javascript/'; /* $htmlHeadXtra[] = ''; $htmlHeadXtra[] = api_get_js('yoxview/yoxview-init.js'); */ $htmlHeadXtra[] = ''; $htmlHeadXtra[] = ''; //$htmlHeadXtra[] = ''; $mediaplayer_path = api_get_path(WEB_LIBRARY_PATH).'mediaplayer/player.swf'; //automatic loading the course language for yoxview /*$yoxview_code_translation_table = array('' => 'en', 'pt' => 'pt-Pt', 'sr' => 'sr_latn'); $lang_yoxview = api_get_language_isocode(); $lang_yoxview = isset($yoxview_code_translation_table[$lang_yoxview]) ? $yoxview_code_translation_table[$lang_yoxview] : $lang_yoxview; */ $docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, false); $file_list = $format_list = ''; $count = 1; if (!empty($docs_and_folders)) foreach ($docs_and_folders as $file) { if ($file['filetype'] == 'file') { $path_info = pathinfo($file['path']); $extension = strtolower($path_info['extension']); //@todo use a js loop to autogenerate this code if (in_array($extension, array('ogg', 'mp3', 'wav'))) { $document_data = DocumentManager::get_document_data_by_id($file['id'], api_get_course_id()); if ($extension == 'ogg') { $extension = 'oga'; } //$("#jplayer_inspector_'.$count.'").jPlayerInspector({jPlayer:$("#jquery_jplayer_'.$count.'")}); $jquery .= ' $("#jquery_jplayer_'.$count.'").jPlayer({ ready: function() { $(this).jPlayer("setMedia", { '.$extension.' : "'.$document_data['direct_url'].'" }); }, play: function() { // To avoid both jPlayers playing together. $(this).jPlayer("pauseOthers"); }, //errorAlerts: true, //warningAlerts: true, swfPath: "'.$js_path.'jquery-jplayer", supplied: "m4a, oga, mp3, ogg, wav", wmode: "window", //solution: "flash, html", // Do not change this setting otherwise cssSelectorAncestor: "#jp_container_'.$count.'", }); '."\n\n"; $count++; } } } $htmlHeadXtra[] = ''; Display::display_header('','Doc'); // Lib for event log, stats & tracking & record of the access event_access_tool(TOOL_DOCUMENT); /* DISPLAY */ if ($to_group_id != 0) { // Add group name after for group documents $add_group_to_title = ' ('.$group_properties['name'].')'; } /* Introduction section (editable by course admins) */ if (!empty($_SESSION['_gid'])) { Display::display_introduction_section(TOOL_DOCUMENT.$_SESSION['_gid']); } else { Display::display_introduction_section(TOOL_DOCUMENT); } // ACTION MENU /* MOVE FILE OR DIRECTORY */ //Only teacher and all users into their group and each user into his/her shared folder if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id) || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($_POST['move_to']), $session_id)) { if (isset($_GET['move']) && $_GET['move'] != '') { $my_get_move = intval($_REQUEST['move']); if (api_is_coach()) { if (!DocumentManager::is_visible_by_id($my_get_move, $course_info, api_get_session_id(), api_get_user_id())) { api_not_allowed(); } } if (!$is_allowed_to_edit) { if (DocumentManager::check_readonly($_course, api_get_user_id(), $my_get_move)) { api_not_allowed(); } } $document_to_move = DocumentManager::get_document_data_by_id($my_get_move, api_get_course_id()); $move_path = $document_to_move['path']; if (!empty($document_to_move)) { $folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights); //filter if is my shared folder. TODO: move this code to build_move_to_selector function if (is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id) && !$is_allowed_to_edit){ $main_user_shared_folder_main = '/shared_folder/sf_user_'.api_get_user_id();//only main user shared folder $main_user_shared_folder_sub = '/shared_folder\/sf_user_'.api_get_user_id().'\//';//all subfolders $user_shared_folders=array(); foreach($folders as $fold){ if($main_user_shared_folder_main==$fold || preg_match($main_user_shared_folder_sub, $fold)){ $user_shared_folders[]=$fold; } } echo ''; echo build_move_to_selector($user_shared_folders, $move_path, $my_get_move, $group_properties['directory']); } else { echo ''; echo build_move_to_selector($folders, $move_path, $my_get_move, $group_properties['directory']); } } } if (isset($_POST['move_to']) && isset($_POST['move_file'])) { if (!$is_allowed_to_edit) { if (DocumentManager::check_readonly($_course, api_get_user_id(), $_POST['move_file'])) { api_not_allowed(); } } if (api_is_coach()) { if (!DocumentManager::is_visible_by_id($_POST['move_file'], $_course, api_get_session_id(), api_get_user_id())) { api_not_allowed(); } } $document_to_move = DocumentManager::get_document_data_by_id($_POST['move_file'], api_get_course_id()); require_once $lib_path.'fileManage.lib.php'; // Security fix: make sure they can't move files that are not in the document table if (!empty($document_to_move)) { $real_path_target = $base_work_dir.$_POST['move_to'].'/'.basename($document_to_move['path']); $fileExist=false; if(file_exists($real_path_target)){ $fileExist=true; } if (move($base_work_dir.$document_to_move['path'], $base_work_dir.$_POST['move_to'])) { update_db_info('update', $document_to_move['path'], $_POST['move_to'].'/'.basename($document_to_move['path'])); //update database item property $doc_id=$_POST['move_file']; if(is_dir($real_path_target)){ api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderMoved', api_get_user_id(),$to_group_id,null,null,null,$session_id); Display::display_confirmation_message(get_lang('DirMv')); } elseif(is_file($real_path_target)){ api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentMoved', api_get_user_id(),$to_group_id,null,null,null,$session_id); Display::display_confirmation_message(get_lang('DocMv')); } // Set the current path $curdirpath = $_POST['move_to']; $curdirpathurl = urlencode($_POST['move_to']); } else { if($fileExist){ if(is_dir($real_path_target)){ Display::display_error_message(get_lang('DirExists')); } elseif(is_file($real_path_target)){ Display::display_error_message(get_lang('FileExists')); } } else{ Display::display_error_message(get_lang('Impossible')); } } } else { Display::display_error_message(get_lang('Impossible')); } } } /* DELETE FILE OR DIRECTORY */ //Only teacher and all users into their group if($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)){ if (isset($_GET['delete'])) { if (!$is_allowed_to_edit) { if (api_is_coach()) { if (!DocumentManager::is_visible($_GET['delete'], $_course, api_get_session_id())) { api_not_allowed(); } } if (DocumentManager::check_readonly($_course, api_get_user_id(), $_GET['delete'], '', true)) { api_not_allowed(); } } require_once api_get_path(LIBRARY_PATH).'fileManage.lib.php'; if (DocumentManager::delete_document($_course, $_GET['delete'], $base_work_dir)) { if ( isset($_GET['delete_certificate_id']) && $_GET['delete_certificate_id'] == strval(intval($_GET['delete_certificate_id']))) { $default_certificate_id = $_GET['delete_certificate_id']; DocumentManager::remove_attach_certificate(api_get_course_id(), $default_certificate_id); } Display::display_confirmation_message(get_lang('DocDeleted')); } else { Display::display_error_message(get_lang('DocDeleteError')); } } if (isset($_POST['action'])) { switch ($_POST['action']) { case 'delete': foreach ($_POST['path'] as $index => & $path) { if (!$is_allowed_to_edit) { if (DocumentManager::check_readonly($_course, api_get_user_id(), $path)) { Display::display_error_message(get_lang('CantDeleteReadonlyFiles')); break 2; } } } foreach ($_POST['path'] as $index => & $path) { if (in_array($path, array('/audio', '/flash', '/images', '/shared_folder', '/video', '/chat_files', '/certificates'))) { continue; } else { $delete_document = DocumentManager::delete_document($_course, $path, $base_work_dir); } } if (!empty($delete_document)) { Display::display_confirmation_message(get_lang('DocDeleted')); } break; } } } /* CREATE DIRECTORY */ //Only teacher and all users into their group and any user into his/her shared folder if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) { // Create directory with $_POST data if (isset($_POST['create_dir']) && $_POST['dirname'] != '') { // Needed for directory creation $post_dir_name = $_POST['dirname']; if ($post_dir_name == '../' || $post_dir_name == '.' || $post_dir_name == '..') { Display::display_error_message(get_lang('CannotCreateDir')); } else { if (!empty($_POST['dir_id'])) { $document_data = DocumentManager::get_document_data_by_id($_POST['dir_id'], api_get_course_id()); $curdirpath = $document_data['path']; } $added_slash = ($curdirpath == '/') ? '' : '/'; $dir_name = $curdirpath.$added_slash.replace_dangerous_char($post_dir_name); $dir_name = disable_dangerous_file($dir_name); $dir_check = $base_work_dir.$dir_name; if (!is_dir($dir_check)) { $created_dir = create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $dir_name, $post_dir_name); if ($created_dir) { Display::display_confirmation_message(''.get_lang('DirCr').'', false); // Uncomment if you want to enter the created dir //$curdirpath = $created_dir; //$curdirpathurl = urlencode($curdirpath); } else { Display::display_error_message(get_lang('CannotCreateDir')); } } else { Display::display_error_message(get_lang('CannotCreateDir')); } } } // Show them the form for the directory name if (isset($_GET['createdir'])) { echo create_dir_form($document_id); } } /* VISIBILITY COMMANDS */ //Only teacher if ($is_allowed_to_edit) { if ((isset($_GET['set_invisible']) && !empty($_GET['set_invisible'])) || (isset($_GET['set_visible']) && !empty($_GET['set_visible'])) && $_GET['set_visible'] != '*' && $_GET['set_invisible'] != '*') { // Make visible or invisible? if (isset($_GET['set_visible'])) { $update_id = intval($_GET['set_visible']); $visibility_command = 'visible'; } else { $update_id = intval($_GET['set_invisible']); $visibility_command = 'invisible'; } if (!$is_allowed_to_edit) { if (api_is_coach()) { if (!DocumentManager::is_visible_by_id($update_id, $_course, api_get_session_id(), api_get_user_id())) { api_not_allowed(); } } if (DocumentManager::check_readonly($_course, api_get_user_id(), '', $update_id)) { api_not_allowed(); } } // Update item_property to change visibility if (api_item_property_update($_course, TOOL_DOCUMENT, $update_id, $visibility_command, api_get_user_id(), null, null, null, null, $session_id)) { Display::display_confirmation_message(get_lang('VisibilityChanged'));//don't use ViMod because firt is load ViMdod (Gradebook). VisibilityChanged (trad4all) } else { Display::display_error_message(get_lang('ViModProb')); } } } /* TEMPLATE ACTION */ //Only teacher and all users into their group if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)){ if (isset($_GET['add_as_template']) && !isset($_POST['create_template'])) { $document_id_for_template = intval($_GET['add_as_template']); // Create the form that asks for the directory name $template_text = ''; // Show the form Display::display_normal_message($template_text, false); } elseif (isset($_GET['add_as_template']) && isset($_POST['create_template'])) { $document_id_for_template = intval(Database::escape_string($_GET['add_as_template'])); $title = Security::remove_XSS($_POST['template_title']); //$description = Security::remove_XSS($_POST['template_description']); $user_id = api_get_user_id(); // Create the template_thumbnails folder in the upload folder (if needed) if (!is_dir(api_get_path(SYS_PATH).'courses/'.$_course['path'].'/upload/template_thumbnails/')) { @mkdir(api_get_path(SYS_PATH).'courses/'.$_course['path'].'/upload/template_thumbnails/', api_get_permissions_for_new_directories()); } // Upload the file if (!empty($_FILES['template_image']['name'])) { require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php'; $upload_ok = process_uploaded_file($_FILES['template_image']); if ($upload_ok) { // Try to add an extension to the file if it hasn't one $new_file_name = $_course['sysCode'].'-'.add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']); // Upload dir $upload_dir = api_get_path(SYS_PATH).'courses/'.$_course['path'].'/upload/template_thumbnails/'; // Resize image to max default and end upload $temp = new Image($_FILES['template_image']['tmp_name']); $picture_info = $temp->get_image_info(); $max_width_for_picture = 100; if ($picture_info['width'] > $max_width_for_picture) { $thumbwidth = $max_width_for_picture; if (empty($thumbwidth) || $thumbwidth == 0) { $thumbwidth = $max_width_for_picture; } $new_height = round(($thumbwidth/$picture_info['width'])*$picture_info['height']); $temp->resize($thumbwidth, $new_height, 0); } $temp->send_image($upload_dir.$new_file_name); } } DocumentManager::set_document_as_template($title, $description, $document_id_for_template, $course_code, $user_id, $new_file_name); Display::display_confirmation_message(get_lang('DocumentSetAsTemplate')); } if (isset($_GET['remove_as_template'])) { $document_id_for_template = intval($_GET['remove_as_template']); $user_id = api_get_user_id(); DocumentManager::unset_document_as_template($document_id_for_template, $course_code, $user_id); Display::display_confirmation_message(get_lang('DocumentUnsetAsTemplate')); } } // END ACTION MENU // Attach certificate in the gradebook if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isset($_GET['set_certificate']) && $_GET['set_certificate'] == strval(intval($_GET['set_certificate']))) { if (isset($_GET['cidReq'])) { $course_id = Security::remove_XSS($_GET['cidReq']); // course id $document_id = Security::remove_XSS($_GET['set_certificate']); // document id DocumentManager::attach_gradebook_certificate ($course_id,$document_id); Display::display_normal_message(get_lang('IsDefaultCertificate')); } } /* GET ALL DOCUMENT DATA FOR CURDIRPATH */ if (isset($_GET['keyword']) && !empty($_GET['keyword'])) { $docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, true); } else { $docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, false); } $folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights); if ($folders === false) { $folders = array(); } echo '