4.3,
* but this doesn't work as it should on Windows installations
*
* @param string $filename or boolean TRUE to return complete array
* @author ? first version
* @author Bert Vanderkimpen
* @return string
*
*/
public static function file_get_mime_type($filename)
{
// All MIME types in an array (from 1.6, this is the authorative source)
// Please, keep this alphabetical if you add something to this list!
$mime_types = array(
'ai' => 'application/postscript',
'aif' => 'audio/x-aiff',
'aifc' => 'audio/x-aiff',
'aiff' => 'audio/x-aiff',
'asf' => 'video/x-ms-asf',
'asc' => 'text/plain',
'au' => 'audio/basic',
'avi' => 'video/x-msvideo',
'bcpio' => 'application/x-bcpio',
'bin' => 'application/octet-stream',
'bmp' => 'image/bmp',
'cdf' => 'application/x-netcdf',
'class' => 'application/octet-stream',
'cpio' => 'application/x-cpio',
'cpt' => 'application/mac-compactpro',
'csh' => 'application/x-csh',
'css' => 'text/css',
'dcr' => 'application/x-director',
'dir' => 'application/x-director',
'djv' => 'image/vnd.djvu',
'djvu' => 'image/vnd.djvu',
'dll' => 'application/octet-stream',
'dmg' => 'application/x-diskcopy',
'dms' => 'application/octet-stream',
'doc' => 'application/msword',
'docm' => 'application/vnd.ms-word.document.macroEnabled.12',
'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
'dotx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.template',
'dvi' => 'application/x-dvi',
'dwg' => 'application/vnd.dwg',
'dwf' => 'application/vnd.dwf',
'dxf' => 'application/vnd.dxf',
'dxr' => 'application/x-director',
'eps' => 'application/postscript',
'epub' => 'application/epub+zip',
'etx' => 'text/x-setext',
'exe' => 'application/octet-stream',
'ez' => 'application/andrew-inset',
'gif' => 'image/gif',
'gtar' => 'application/x-gtar',
'gz' => 'application/x-gzip',
'hdf' => 'application/x-hdf',
'hqx' => 'application/mac-binhex40',
'htm' => 'text/html',
'html' => 'text/html',
'ice' => 'x-conference-xcooltalk',
'ief' => 'image/ief',
'iges' => 'model/iges',
'igs' => 'model/iges',
'jar' => 'application/java-archiver',
'jpe' => 'image/jpeg',
'jpeg' => 'image/jpeg',
'jpg' => 'image/jpeg',
'js' => 'application/x-javascript',
'kar' => 'audio/midi',
'lam' => 'application/vnd.ms-excel.addin.macroEnabled.12',
'latex' => 'application/x-latex',
'lha' => 'application/octet-stream',
'log' => 'text/plain',
'lzh' => 'application/octet-stream',
'm1a' => 'audio/mpeg',
'm2a' => 'audio/mpeg',
'm3u' => 'audio/x-mpegurl',
'man' => 'application/x-troff-man',
'me' => 'application/x-troff-me',
'mesh' => 'model/mesh',
'mid' => 'audio/midi',
'midi' => 'audio/midi',
'mov' => 'video/quicktime',
'movie' => 'video/x-sgi-movie',
'mp2' => 'audio/mpeg',
'mp3' => 'audio/mpeg',
'mp4' => 'video/mpeg4-generic',
'mpa' => 'audio/mpeg',
'mpe' => 'video/mpeg',
'mpeg' => 'video/mpeg',
'mpg' => 'video/mpeg',
'mpga' => 'audio/mpeg',
'ms' => 'application/x-troff-ms',
'msh' => 'model/mesh',
'mxu' => 'video/vnd.mpegurl',
'nc' => 'application/x-netcdf',
'oda' => 'application/oda',
'oga' => 'audio/ogg',
'ogg' => 'application/ogg',
'ogx' => 'application/ogg',
'ogv' => 'video/ogg',
'pbm' => 'image/x-portable-bitmap',
'pct' => 'image/pict',
'pdb' => 'chemical/x-pdb',
'pdf' => 'application/pdf',
'pgm' => 'image/x-portable-graymap',
'pgn' => 'application/x-chess-pgn',
'pict' => 'image/pict',
'png' => 'image/png',
'pnm' => 'image/x-portable-anymap',
'potm' => 'application/vnd.ms-powerpoint.template.macroEnabled.12',
'potx' => 'application/vnd.openxmlformats-officedocument.presentationml.template',
'pps' => 'application/vnd.ms-powerpoint',
'ppam' => 'application/vnd.ms-powerpoint.addin.macroEnabled.12',
'ppsm' => 'application/vnd.ms-powerpoint.slideshow.macroEnabled.12',
'ppsx' => 'application/vnd.openxmlformats-officedocument.presentationml.slideshow',
'pptm' => 'application/vnd.ms-powerpoint.presentation.macroEnabled.12',
'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
'ppm' => 'image/x-portable-pixmap',
'ppt' => 'application/vnd.ms-powerpoint',
'pps' => 'application/vnd.ms-powerpoint',
'ps' => 'application/postscript',
'qt' => 'video/quicktime',
'ra' => 'audio/x-realaudio',
'ram' => 'audio/x-pn-realaudio',
'rar' => 'image/x-rar-compressed',
'ras' => 'image/x-cmu-raster',
'rgb' => 'image/x-rgb',
'rm' => 'audio/x-pn-realaudio',
'roff' => 'application/x-troff',
'rpm' => 'audio/x-pn-realaudio-plugin',
'rtf' => 'text/rtf',
'rtx' => 'text/richtext',
'sgm' => 'text/sgml',
'sgml' => 'text/sgml',
'sh' => 'application/x-sh',
'shar' => 'application/x-shar',
'silo' => 'model/mesh',
'sib' => 'application/X-Sibelius-Score',
'sit' => 'application/x-stuffit',
'skd' => 'application/x-koan',
'skm' => 'application/x-koan',
'skp' => 'application/x-koan',
'skt' => 'application/x-koan',
'smi' => 'application/smil',
'smil' => 'application/smil',
'snd' => 'audio/basic',
'so' => 'application/octet-stream',
'spl' => 'application/x-futuresplash',
'src' => 'application/x-wais-source',
'sv4cpio' => 'application/x-sv4cpio',
'sv4crc' => 'application/x-sv4crc',
'svf' => 'application/vnd.svf',
'svg' => 'image/svg+xml',
//'svgz' => 'image/svg+xml',
'swf' => 'application/x-shockwave-flash',
'sxc' => 'application/vnd.sun.xml.calc',
'sxi' => 'application/vnd.sun.xml.impress',
'sxw' => 'application/vnd.sun.xml.writer',
't' => 'application/x-troff',
'tar' => 'application/x-tar',
'tcl' => 'application/x-tcl',
'tex' => 'application/x-tex',
'texi' => 'application/x-texinfo',
'texinfo' => 'application/x-texinfo',
'tga' => 'image/x-targa',
'tif' => 'image/tif',
'tiff' => 'image/tiff',
'tr' => 'application/x-troff',
'tsv' => 'text/tab-seperated-values',
'txt' => 'text/plain',
'ustar' => 'application/x-ustar',
'vcd' => 'application/x-cdlink',
'vrml' => 'model/vrml',
'wav' => 'audio/x-wav',
'wbmp' => 'image/vnd.wap.wbmp',
'wbxml' => 'application/vnd.wap.wbxml',
'wml' => 'text/vnd.wap.wml',
'wmlc' => 'application/vnd.wap.wmlc',
'wmls' => 'text/vnd.wap.wmlscript',
'wmlsc' => 'application/vnd.wap.wmlscriptc',
'wma' => 'audio/x-ms-wma',
'wmv' => 'video/x-ms-wmv',
'wrl' => 'model/vrml',
'xbm' => 'image/x-xbitmap',
'xht' => 'application/xhtml+xml',
'xhtml' => 'application/xhtml+xml',
'xls' => 'application/vnd.ms-excel',
'xlsb' => 'application/vnd.ms-excel.sheet.binary.macroEnabled.12',
'xlsm' => 'application/vnd.ms-excel.sheet.macroEnabled.12',
'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'xltm' => 'application/vnd.ms-excel.template.macroEnabled.12',
'xltx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.template',
'xml' => 'text/xml',
'xpm' => 'image/x-xpixmap',
'xsl' => 'text/xml',
'xwd' => 'image/x-windowdump',
'xyz' => 'chemical/x-xyz',
'zip' => 'application/zip'
);
if ($filename === true) {
return $mime_types;
}
//get the extension of the file
$extension = explode('.', $filename);
//$filename will be an array if a . was found
if (is_array($extension)) {
$extension = strtolower($extension[sizeof($extension) - 1]);
} else {
//file without extension
$extension = 'empty';
}
//if the extension is found, return the content type
if (isset($mime_types[$extension])) {
return $mime_types[$extension];
}
//else return octet-stream
return 'application/octet-stream';
}
/**
* @param string
* @param string
* @return true if the user is allowed to see the document, false otherwise
* @author Sergio A Kessler, first version
* @author Roan Embrechts, bugfix
* @todo not only check if a file is visible, but also check if the user is allowed to see the file??
*/
public static function file_visible_to_user($this_course, $doc_url)
{
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
if ($is_allowed_to_edit) {
return true;
} else {
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$tbl_item_property = $this_course.'item_property';
$doc_url = Database::escape_string($doc_url);
$query = "SELECT 1 FROM $tbl_document AS docs,$tbl_item_property AS props
WHERE
props.tool = 'document' AND
docs.id=props.ref AND
props.visibility <> '1' AND
docs.path = '$doc_url'";
$result = Database::query($query);
return Database::num_rows($result) == 0;
}
}
/**
* This function streams a file to the client
*
* @param string $full_file_name
* @param boolean $forced
* @param string $name
* @param string $fixLinksHttpToHttps change file content from http to https
*
* @return false if file doesn't exist, true if stream succeeded
*/
public static function file_send_for_download(
$full_file_name,
$forced = false,
$name = '',
$fixLinksHttpToHttps = false
) {
session_write_close(); //we do not need write access to session anymore
if (!is_file($full_file_name)) {
return false;
}
$filename = ($name == '') ? basename($full_file_name) : api_replace_dangerous_char($name);
$len = filesize($full_file_name);
// Fixing error when file name contains a ","
$filename = str_replace(',', '', $filename);
$sendFileHeaders = api_get_configuration_value('enable_x_sendfile_headers');
if ($forced) {
// Force the browser to save the file instead of opening it
if (isset($sendFileHeaders) &&
!empty($sendFileHeaders)) {
header("X-Sendfile: $filename");
}
header('Content-type: application/octet-stream');
header('Content-length: '.$len);
if (preg_match("/MSIE 5.5/", $_SERVER['HTTP_USER_AGENT'])) {
header('Content-Disposition: filename= '.$filename);
} else {
header('Content-Disposition: attachment; filename= '.$filename);
}
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')) {
header('Pragma: ');
header('Cache-Control: ');
header('Cache-Control: public'); // IE cannot download from sessions without a cache
}
header('Content-Description: '.$filename);
header('Content-Transfer-Encoding: binary');
$res = fopen($full_file_name, 'r');
fpassthru($res);
return true;
} else {
//no forced download, just let the browser decide what to do according to the mimetype
$content_type = self::file_get_mime_type($filename);
$lpFixedEncoding = api_get_configuration_value('lp_fixed_encoding');
// Commented to let courses content to be cached in order to improve performance:
//header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
//header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
// Commented to avoid double caching declaration when playing with IE and HTTPS
//header('Cache-Control: no-cache, must-revalidate');
//header('Pragma: no-cache');
switch ($content_type) {
case 'text/html':
if (isset($lpFixedEncoding) && $lpFixedEncoding === 'true') {
$content_type .= '; charset=UTF-8';
} else {
$encoding = @api_detect_encoding_html(file_get_contents($full_file_name));
if (!empty($encoding)) {
$content_type .= '; charset='.$encoding;
}
}
break;
case 'text/plain':
if (isset($lpFixedEncoding) && $lpFixedEncoding === 'true') {
$content_type .= '; charset=UTF-8';
} else {
$encoding = @api_detect_encoding(strip_tags(file_get_contents($full_file_name)));
if (!empty($encoding)) {
$content_type .= '; charset='.$encoding;
}
}
break;
case 'application/vnd.dwg':
case 'application/vnd.dwf':
header('Content-type: application/octet-stream');
break;
}
header('Content-type: '.$content_type);
header('Content-Length: '.$len);
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if (strpos($user_agent, 'msie')) {
header('Content-Disposition: ; filename= '.$filename);
} else {
header('Content-Disposition: inline; filename= '.$filename);
}
if ($fixLinksHttpToHttps) {
$content = file_get_contents($full_file_name);
$content = str_replace(
array('http%3A%2F%2F', 'http://'),
array('https%3A%2F%2F', 'https://'),
$content
);
echo $content;
} else {
readfile($full_file_name);
}
return true;
}
}
/**
* This function streams a string to the client for download.
* You have to ensure that the calling script then stops processing (exit();)
* otherwise it may cause subsequent use of the page to want to download
* other pages in php rather than interpreting them.
*
* @param string $full_string The string contents
* @param boolean $forced Whether "save" mode is forced (or opening directly authorized)
* @param string $name The name of the file in the end (including extension)
*
* @return false if file doesn't exist, true if stream succeeded
*/
public static function string_send_for_download($full_string, $forced = false, $name = '')
{
$filename = $name;
$len = strlen($full_string);
if ($forced) {
//force the browser to save the file instead of opening it
header('Content-type: application/octet-stream');
//header('Content-Type: application/force-download');
header('Content-length: '.$len);
if (preg_match("/MSIE 5.5/", $_SERVER['HTTP_USER_AGENT'])) {
header('Content-Disposition: filename= '.$filename);
} else {
header('Content-Disposition: attachment; filename= '.$filename);
}
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')) {
header('Pragma: ');
header('Cache-Control: ');
header('Cache-Control: public'); // IE cannot download from sessions without a cache
}
header('Content-Description: '.$filename);
header('Content-transfer-encoding: binary');
echo $full_string;
return true;
//You have to ensure that the calling script then stops processing (exit();)
//otherwise it may cause subsequent use of the page to want to download
//other pages in php rather than interpreting them.
} else {
//no forced download, just let the browser decide what to do according to the mimetype
$content_type = self::file_get_mime_type($filename);
header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
switch ($content_type) {
case 'text/html':
$encoding = @api_detect_encoding_html($full_string);
if (!empty($encoding)) {
$content_type .= '; charset='.$encoding;
}
break;
case 'text/plain':
$encoding = @api_detect_encoding(strip_tags($full_string));
if (!empty($encoding)) {
$content_type .= '; charset='.$encoding;
}
break;
}
header('Content-type: '.$content_type);
header('Content-Length: '.$len);
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if (strpos($user_agent, 'msie')) {
header('Content-Disposition: ; filename= '.$filename);
} else {
header('Content-Disposition: inline; filename= '.$filename);
}
echo($full_string);
//You have to ensure that the calling script then stops processing (exit();)
//otherwise it may cause subsequent use of the page to want to download
//other pages in php rather than interpreting them.
return true;
}
}
/**
* Session folder filters
*
* @param string $path
* @param int $sessionId
*
* @return null|string
*/
public static function getSessionFolderFilters($path, $sessionId)
{
$sessionId = intval($sessionId);
$condition = null;
if (!empty($sessionId)) {
// Chat folder filter
if ($path == '/chat_files') {
$condition .= " AND (docs.session_id = '$sessionId') ";
}
// share_folder filter
$condition .= " AND docs.path != '/shared_folder' ";
}
return $condition;
}
/**
* Fetches all document data for the given user/group
*
* @param array $_course
* @param string $path
* @param int $to_group_id iid
* @param int $to_user_id
* @param boolean $can_see_invisible
* @param boolean $search
* @param int $sessionId
* @return array with all document data
*/
public static function get_all_document_data(
$_course,
$path = '/',
$to_group_id = 0,
$to_user_id = null,
$can_see_invisible = false,
$search = false,
$sessionId = 0
) {
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$userGroupFilter = '';
if (!is_null($to_user_id)) {
$to_user_id = intval($to_user_id);
$userGroupFilter = "last.to_user_id = $to_user_id";
if (empty($to_user_id)) {
$userGroupFilter = " (last.to_user_id = 0 OR last.to_user_id IS NULL) ";
}
} else {
$to_group_id = intval($to_group_id);
$userGroupFilter = "last.to_group_id = $to_group_id";
if (empty($to_group_id)) {
$userGroupFilter = "( last.to_group_id = 0 OR last.to_group_id IS NULL) ";
}
}
// Escape underscores in the path so they don't act as a wildcard
$originalPath = $path;
$path = str_replace('_', '\_', $path);
$visibility_bit = ' <> 2';
// The given path will not end with a slash, unless it's the root '/'
// so no root -> add slash
$added_slash = $path == '/' ? '' : '/';
// Condition for the session
$sessionId = $sessionId ?: api_get_session_id();
$condition_session = " AND (last.session_id = '$sessionId' OR (last.session_id = '0' OR last.session_id IS NULL) )";
$condition_session .= self::getSessionFolderFilters($originalPath, $sessionId);
$sharedCondition = null;
if ($originalPath == '/shared_folder') {
$students = CourseManager::get_user_list_from_course_code($_course['code'], $sessionId);
if (!empty($students)) {
$conditionList = array();
foreach ($students as $studentId => $studentInfo) {
$conditionList[] = '/shared_folder/sf_user_'.$studentInfo['user_id'];
}
$sharedCondition .= ' AND docs.path IN ("'.implode('","', $conditionList).'")';
}
}
$sql = "SELECT
docs.id,
docs.filetype,
docs.path,
docs.title,
docs.comment,
docs.size,
docs.readonly,
docs.session_id,
last.session_id item_property_session_id,
last.lastedit_date,
last.visibility,
last.insert_user_id
FROM $TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (
docs.id = last.ref AND
docs.c_id = last.c_id
)
WHERE
last.tool = '".TOOL_DOCUMENT."' AND
docs.c_id = {$_course['real_id']} AND
last.c_id = {$_course['real_id']} AND
docs.path LIKE '".Database::escape_string($path.$added_slash.'%')."' AND
docs.path NOT LIKE '" . Database::escape_string($path.$added_slash.'%/%')."' AND
docs.path NOT LIKE '%_DELETED_%' AND
$userGroupFilter AND
last.visibility $visibility_bit
$condition_session
$sharedCondition
";
$result = Database::query($sql);
$doc_list = array();
$document_data = array();
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$isCoach = api_is_coach();
if ($result !== false && Database::num_rows($result) != 0) {
while ($row = Database::fetch_array($result, 'ASSOC')) {
if ($isCoach) {
// Looking for course items that are invisible to hide it in the session
if (in_array($row['id'], array_keys($doc_list))) {
if ($doc_list[$row['id']]['item_property_session_id'] == 0 &&
$doc_list[$row['id']]['session_id'] == 0
) {
if ($doc_list[$row['id']]['visibility'] == 0) {
unset($document_data[$row['id']]);
continue;
}
}
}
$doc_list[$row['id']] = $row;
}
if (!$isCoach && !$is_allowed_to_edit) {
$doc_list[] = $row;
}
if ($row['filetype'] == 'file' &&
pathinfo($row['path'], PATHINFO_EXTENSION) == 'html'
) {
// Templates management
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
$sql = "SELECT id FROM $table_template
WHERE
course_code = '".$_course['code']."' AND
user_id = '".api_get_user_id()."' AND
ref_doc = '".$row['id']."'";
$template_result = Database::query($sql);
$row['is_template'] = (Database::num_rows($template_result) > 0) ? 1 : 0;
}
$row['basename'] = basename($row['path']);
// Just filling $document_data.
$document_data[$row['id']] = $row;
}
// Only for the student we filter the results see BT#1652
if (!$isCoach && !$is_allowed_to_edit) {
$ids_to_remove = array();
$my_repeat_ids = $temp = array();
// Selecting repeated ids
foreach ($doc_list as $row) {
if (in_array($row['id'], array_keys($temp))) {
$my_repeat_ids[] = $row['id'];
}
$temp[$row['id']] = $row;
}
//@todo use the self::is_visible function
// Checking visibility in a session
foreach ($my_repeat_ids as $id) {
foreach ($doc_list as $row) {
if ($id == $row['id']) {
if ($row['visibility'] == 0 && $row['item_property_session_id'] == 0) {
$delete_repeated[$id] = true;
}
if ($row['visibility'] == 0 && $row['item_property_session_id'] != 0) {
$delete_repeated[$id] = true;
}
}
}
}
foreach ($doc_list as $key => $row) {
if (in_array($row['visibility'], array('0', '2')) &&
!in_array($row['id'], $my_repeat_ids)
) {
$ids_to_remove[] = $row['id'];
unset($doc_list[$key]);
}
}
foreach ($document_data as $row) {
if (in_array($row['id'], $ids_to_remove)) {
unset($document_data[$row['id']]);
}
if (isset($delete_repeated[$row['id']]) && $delete_repeated[$row['id']]) {
unset($document_data[$row['id']]);
}
}
// Checking parents visibility.
$final_document_data = array();
foreach ($document_data as $row) {
$is_visible = self::check_visibility_tree(
$row['id'],
$_course['code'],
$sessionId,
api_get_user_id(),
$to_group_id
);
if ($is_visible) {
$final_document_data[$row['id']] = $row;
}
}
} else {
$final_document_data = $document_data;
}
return $final_document_data;
} else {
return false;
}
}
/**
* Gets the paths of all folders in a course
* can show all folders (except for the deleted ones) or only visible ones
*
* @param array $_course
* @param int $groupIid iid
* @param boolean $can_see_invisible
* @param boolean $getInvisibleList
* @param string $path current path
*
* @return array with paths
*/
public static function get_all_document_folders(
$_course,
$groupIid = 0,
$can_see_invisible = false,
$getInvisibleList = false,
$path = ''
) {
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$groupIid = intval($groupIid);
$document_folders = array();
$students = CourseManager::get_user_list_from_course_code(
$_course['code'],
api_get_session_id()
);
$conditionList = array();
if (!empty($students)) {
foreach ($students as $studentId => $studentInfo) {
$conditionList[] = '/shared_folder/sf_user_'.$studentInfo['user_id'];
}
}
$groupCondition = " last.to_group_id = $groupIid";
if (empty($groupIid)) {
$groupCondition = " (last.to_group_id = 0 OR last.to_group_id IS NULL)";
}
$show_users_condition = '';
if (api_get_setting('show_users_folders') === 'false') {
$show_users_condition = " AND docs.path NOT LIKE '%shared_folder%'";
}
if ($can_see_invisible) {
// condition for the session
$session_id = api_get_session_id();
//$condition_session = api_get_session_condition($session_id, true, false, 'docs.session_id');
$session_id = $session_id ?: api_get_session_id();
$condition_session = " AND (last.session_id = '$session_id' OR (last.session_id = '0' OR last.session_id IS NULL) )";
$condition_session .= self::getSessionFolderFilters($path, $session_id);
if ($groupIid <> 0) {
$sql = "SELECT DISTINCT docs.id, path
FROM $TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (
docs.id = last.ref AND
docs.c_id = last.c_id
)
WHERE
last.tool = '".TOOL_DOCUMENT."' AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} AND
docs.filetype = 'folder' AND
$groupCondition AND
docs.path NOT LIKE '%shared_folder%' AND
docs.path NOT LIKE '%_DELETED_%' AND
last.visibility <> 2
$condition_session ";
} else {
$sql = "SELECT DISTINCT docs.id, path
FROM $TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (
docs.id = last.ref AND
docs.c_id = last.c_id
)
WHERE
last.tool = '".TOOL_DOCUMENT."' AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} AND
docs.filetype = 'folder' AND
docs.path NOT LIKE '%_DELETED_%' AND
$groupCondition AND
last.visibility <> 2
$show_users_condition
$condition_session
";
}
$result = Database::query($sql);
if ($result && Database::num_rows($result) != 0) {
while ($row = Database::fetch_array($result, 'ASSOC')) {
if (self::is_folder_to_avoid($row['path'])) {
continue;
}
if (strpos($row['path'], '/shared_folder/') !== false) {
if (!in_array($row['path'], $conditionList)) {
continue;
}
}
$document_folders[$row['id']] = $row['path'];
}
if (!empty($document_folders)) {
natsort($document_folders);
}
return $document_folders;
} else {
return false;
}
} else {
// No invisible folders
// Condition for the session
$session_id = api_get_session_id();
$condition_session = api_get_session_condition(
$session_id,
true,
false,
'docs.session_id'
);
$visibilityCondition = 'last.visibility = 1';
$fileType = "docs.filetype = 'folder' AND";
if ($getInvisibleList) {
$visibilityCondition = 'last.visibility = 0';
$fileType = '';
}
//get visible folders
$sql = "SELECT DISTINCT docs.id, path
FROM
$TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (docs.id = last.ref AND last.c_id = docs.c_id)
WHERE
$fileType
last.tool = '".TOOL_DOCUMENT."' AND
$groupCondition AND
$visibilityCondition
$show_users_condition
$condition_session AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} ";
$result = Database::query($sql);
$visibleFolders = array();
while ($row = Database::fetch_array($result, 'ASSOC')) {
$visibleFolders[$row['id']] = $row['path'];
}
if ($getInvisibleList) {
return $visibleFolders;
}
//get invisible folders
$sql = "SELECT DISTINCT docs.id, path
FROM $TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (docs.id = last.ref AND last.c_id = docs.c_id)
WHERE
docs.filetype = 'folder' AND
last.tool = '".TOOL_DOCUMENT."' AND
$groupCondition AND
last.visibility = 0 $condition_session AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} ";
$result = Database::query($sql);
$invisibleFolders = array();
while ($row = Database::fetch_array($result, 'ASSOC')) {
//get visible folders in the invisible ones -> they are invisible too
$sql = "SELECT DISTINCT docs.id, path
FROM $TABLE_ITEMPROPERTY AS last
INNER JOIN $TABLE_DOCUMENT AS docs
ON (docs.id = last.ref AND docs.c_id = last.c_id)
WHERE
docs.path LIKE '".Database::escape_string($row['path'].'/%')."' AND
docs.filetype = 'folder' AND
last.tool = '" . TOOL_DOCUMENT."' AND
$groupCondition AND
last.visibility = 1 $condition_session AND
last.c_id = {$_course['real_id']} AND
docs.c_id = {$_course['real_id']} ";
$folder_in_invisible_result = Database::query($sql);
while ($folders_in_invisible_folder = Database::fetch_array($folder_in_invisible_result, 'ASSOC')) {
$invisibleFolders[$folders_in_invisible_folder['id']] = $folders_in_invisible_folder['path'];
}
}
// If both results are arrays -> //calculate the difference between the 2 arrays -> only visible folders are left :)
if (is_array($visibleFolders) && is_array($invisibleFolders)) {
$document_folders = array_diff($visibleFolders, $invisibleFolders);
natsort($document_folders);
return $document_folders;
} elseif (is_array($visibleFolders)) {
natsort($visibleFolders);
return $visibleFolders;
} else {
//no visible folders found
return false;
}
}
}
/**
* This check if a document has the readonly property checked, then see if the user
* is the owner of this file, if all this is true then return true.
*
* @param array $_course
* @param int $user_id id of the current user
* @param string $file path stored in the database (if not defined, $documentId must be used)
* @param int $document_id in case you dont have the file path ,
* insert the id of the file here and leave $file in blank ''
* @param bool $to_delete
* @param int $sessionId
* @return boolean true/false
* */
public static function check_readonly(
$_course,
$user_id,
$file = null,
$document_id = '',
$to_delete = false,
$sessionId = null,
$documentId = null
) {
if (empty($sessionId)) {
$sessionId = api_get_session_id();
} else {
$sessionId = intval($sessionId);
}
if (empty($document_id) || !is_numeric($document_id)) {
$document_id = self::get_document_id($_course, $file, $sessionId);
} else {
$document_id = intval($document_id);
}
$TABLE_PROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$course_id = $_course['real_id'];
if ($to_delete) {
if (self::is_folder($_course, $document_id)) {
if (!empty($file)) {
$path = Database::escape_string($file);
// Check
$sql = "SELECT td.id, readonly, tp.insert_user_id
FROM $TABLE_DOCUMENT td
INNER JOIN $TABLE_PROPERTY tp
ON (td.c_id = tp.c_id AND tp.ref= td.id)
WHERE
td.c_id = $course_id AND
tp.c_id = $course_id AND
td.session_id = $sessionId AND
(path='".$path."' OR path LIKE BINARY '".$path."/%' ) ";
// Get all id's of documents that are deleted
$what_to_check_result = Database::query($sql);
if ($what_to_check_result && Database::num_rows($what_to_check_result) != 0) {
// file with readonly set to 1 exist?
$readonly_set = false;
while ($row = Database::fetch_array($what_to_check_result)) {
//query to delete from item_property table
if ($row['readonly'] == 1) {
if (!($row['insert_user_id'] == $user_id)) {
$readonly_set = true;
break;
}
}
}
if ($readonly_set) {
return true;
}
}
}
return false;
}
}
if (!empty($document_id)) {
$sql = "SELECT a.insert_user_id, b.readonly
FROM $TABLE_PROPERTY a
INNER JOIN $TABLE_DOCUMENT b
ON (a.c_id = b.c_id AND a.ref= b.id)
WHERE
a.c_id = $course_id AND
b.c_id = $course_id AND
a.ref = $document_id
LIMIT 1";
$result = Database::query($sql);
$doc_details = Database::fetch_array($result, 'ASSOC');
if ($doc_details['readonly'] == 1) {
return !($doc_details['insert_user_id'] == $user_id || api_is_platform_admin());
}
}
return false;
}
/**
* This check if a document is a folder or not
* @param array $_course
* @param int $document_id of the item
* @return boolean true/false
* */
public static function is_folder($_course, $document_id)
{
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$course_id = $_course['real_id'];
$document_id = intval($document_id);
$sql = "SELECT filetype FROM $TABLE_DOCUMENT
WHERE c_id = $course_id AND id= $document_id";
$result = Database::fetch_array(Database::query($sql), 'ASSOC');
return $result['filetype'] == 'folder';
}
/**
* @param int $document_id
* @param array $course_info
* @param int $session_id
* @param bool $remove_content_from_db
*/
public static function deleteDocumentFromDb(
$document_id,
$course_info = array(),
$session_id = 0,
$remove_content_from_db = false
) {
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
// Deleting from the DB
$user_id = api_get_user_id();
$document_id = intval($document_id);
if (empty($course_info)) {
$course_info = api_get_course_info();
}
if (empty($session_id)) {
$session_id = api_get_session_id();
}
// Soft DB delete
api_item_property_update(
$course_info,
TOOL_DOCUMENT,
$document_id,
'delete',
$user_id,
null,
null,
null,
null,
$session_id
);
self::delete_document_from_search_engine($course_info['code'], $document_id);
self::unset_document_as_template($document_id, $course_info['code'], $user_id);
//Hard DB delete
if ($remove_content_from_db) {
$sql = "DELETE FROM $TABLE_ITEMPROPERTY
WHERE
c_id = {$course_info['real_id']} AND
ref = ".$document_id." AND
tool='".TOOL_DOCUMENT."'";
Database::query($sql);
$sql = "DELETE FROM $TABLE_DOCUMENT
WHERE c_id = {$course_info['real_id']} AND id = ".$document_id;
Database::query($sql);
}
}
/**
* This deletes a document by changing visibility to 2, renaming it to filename_DELETED_#id
* Files/folders that are inside a deleted folder get visibility 2
*
* @param array $_course
* @param string $path Path stored in the database
* @param string $base_work_dir Path to the documents folder (if not defined, $documentId must be used)
* @param int $sessionId The ID of the session, if any
* @param int $documentId The document id, if available
* @param int $groupId iid
* @return boolean true/false
* @todo now only files/folders in a folder get visibility 2, we should rename them too.
* @todo We should be able to get rid of this later when using only documentId (check further usage)
*/
public static function delete_document(
$_course,
$path = null,
$base_work_dir = null,
$sessionId = null,
$documentId = null,
$groupId = 0
) {
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
if (empty($groupId)) {
$groupId = api_get_group_id();
} else {
$groupId = intval($groupId);
}
if (empty($sessionId)) {
$sessionId = api_get_session_id();
} else {
$sessionId = intval($sessionId);
}
$course_id = $_course['real_id'];
if (empty($course_id)) {
return false;
}
if (empty($base_work_dir)) {
return false;
}
if (empty($documentId)) {
$documentId = self::get_document_id($_course, $path, $sessionId);
$docInfo = self::get_document_data_by_id(
$documentId,
$_course['code'],
false,
$sessionId
);
$path = $docInfo['path'];
} else {
$docInfo = self::get_document_data_by_id(
$documentId,
$_course['code'],
false,
$sessionId
);
if (empty($docInfo)) {
return false;
}
$path = $docInfo['path'];
}
$documentId = intval($documentId);
if (empty($path) || empty($docInfo) || empty($documentId)) {
return false;
}
$itemInfo = api_get_item_property_info(
$_course['real_id'],
TOOL_DOCUMENT,
$documentId,
$sessionId,
$groupId
);
if (empty($itemInfo)) {
return false;
}
// File was already deleted.
if ($itemInfo['lastedit_type'] == 'DocumentDeleted' ||
$itemInfo['lastedit_type'] == 'delete' ||
$itemInfo['visibility'] == 2
) {
return false;
}
// Filtering by group.
if ($itemInfo['to_group_id'] != $groupId) {
return false;
}
$document_exists_in_disk = file_exists($base_work_dir.$path);
$new_path = $path.'_DELETED_'.$documentId;
$file_deleted_from_db = false;
$file_deleted_from_disk = false;
$file_renamed_from_disk = false;
if ($documentId) {
// Deleting doc from the DB.
self::deleteDocumentFromDb($documentId, $_course, $sessionId);
// Checking
// $file_exists_in_db = self::get_document_data_by_id($documentId, $_course['code']);
$file_deleted_from_db = true;
}
// Looking for children.
if ($docInfo['filetype'] == 'folder') {
$cleanPath = Database::escape_string($path);
// Deleted files inside this folder.
$sql = "SELECT id FROM $TABLE_DOCUMENT
WHERE
c_id = $course_id AND
session_id = $sessionId AND
path LIKE BINARY '".$cleanPath."/%'";
// Get all id's of documents that are deleted.
$result = Database::query($sql);
if ($result && Database::num_rows($result) != 0) {
// Recursive delete.
while ($row = Database::fetch_array($result)) {
self::delete_document(
$_course,
null,
$base_work_dir,
$sessionId,
$row['id'],
$groupId
);
}
}
}
if ($document_exists_in_disk) {
if (api_get_setting('permanently_remove_deleted_files') === 'true') {
// Delete documents, do it like this so metadata gets deleted too
my_delete($base_work_dir.$path);
// Hard delete.
self::deleteDocumentFromDb($documentId, $_course, $sessionId, true);
$file_deleted_from_disk = true;
} else {
// Set visibility to 2 and rename file/folder to xxx_DELETED_#id (soft delete)
if (is_file($base_work_dir.$path) || is_dir($base_work_dir.$path)) {
if (rename($base_work_dir.$path, $base_work_dir.$new_path)) {
$new_path = Database::escape_string($new_path);
$sql = "UPDATE $TABLE_DOCUMENT
SET path = '".$new_path."'
WHERE
c_id = $course_id AND
session_id = $sessionId AND
id = ".$documentId;
Database::query($sql);
// Soft delete.
self::deleteDocumentFromDb($documentId, $_course, $sessionId);
// Change path of sub folders and documents in database.
$old_item_path = $docInfo['path'];
$new_item_path = $new_path.substr($old_item_path, strlen($path));
$new_item_path = Database::escape_string($new_item_path);
$sql = "UPDATE $TABLE_DOCUMENT
SET path = '".$new_item_path."'
WHERE
c_id = $course_id AND
session_id = $sessionId AND
id = ".$documentId;
Database::query($sql);
$file_renamed_from_disk = true;
} else {
// Couldn't rename - file permissions problem?
error_log(
__FILE__.' '.__LINE__.': Error renaming '.$base_work_dir.$path.' to '.$base_work_dir.$new_path.'. This is probably due to file permissions',
0
);
}
}
}
}
// Checking inconsistency
//error_log('Doc status: (1 del db :'.($file_deleted_from_db?'yes':'no').') - (2 del disk: '.($file_deleted_from_disk?'yes':'no').') - (3 ren disk: '.($file_renamed_from_disk?'yes':'no').')');
if ($file_deleted_from_db && $file_deleted_from_disk ||
$file_deleted_from_db && $file_renamed_from_disk
) {
return true;
} else {
//Something went wrong
//The file or directory isn't there anymore (on the filesystem)
// This means it has been removed externally. To prevent a
// blocking error from happening, we drop the related items from the
// item_property and the document table.
error_log(
__FILE__.' '.__LINE__.': System inconsistency detected. The file or directory '.$base_work_dir.$path.' seems to have been removed from the filesystem independently from the web platform. To restore consistency, the elements using the same path will be removed from the database',
0
);
return false;
}
}
/**
* Removes documents from search engine database
*
* @param string $course_id Course code
* @param int $document_id Document id to delete
*/
public static function delete_document_from_search_engine($course_id, $document_id)
{
// remove from search engine if enabled
if (api_get_setting('search_enabled') === 'true') {
$tbl_se_ref = Database::get_main_table(TABLE_MAIN_SEARCH_ENGINE_REF);
$sql = 'SELECT * FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_DOCUMENT, $document_id);
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$row2 = Database::fetch_array($res);
require_once api_get_path(LIBRARY_PATH).'search/ChamiloIndexer.class.php';
$di = new ChamiloIndexer();
$di->remove_document((int) $row2['search_did']);
}
$sql = 'DELETE FROM %s WHERE course_code=\'%s\' AND tool_id=\'%s\' AND ref_id_high_level=%s LIMIT 1';
$sql = sprintf($sql, $tbl_se_ref, $course_id, TOOL_DOCUMENT, $document_id);
Database::query($sql);
// remove terms from db
require_once api_get_path(LIBRARY_PATH).'specific_fields_manager.lib.php';
delete_all_values_for_item($course_id, TOOL_DOCUMENT, $document_id);
}
}
/**
* Gets the id of a document with a given path
*
* @param array $courseInfo
* @param string $path
* @param int $sessionId
* @return int id of document / false if no doc found
*/
public static function get_document_id($courseInfo, $path, $sessionId = null)
{
$table = Database::get_course_table(TABLE_DOCUMENT);
$courseId = $courseInfo['real_id'];
if (!isset($sessionId)) {
$sessionId = api_get_session_id();
} else {
$sessionId = intval($sessionId);
}
$path = Database::escape_string($path);
if (!empty($courseId) && !empty($path)) {
$sql = "SELECT id FROM $table
WHERE
c_id = $courseId AND
path LIKE BINARY '$path' AND
session_id = $sessionId
LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result)) {
$row = Database::fetch_array($result);
return intval($row['id']);
}
}
return false;
}
/**
* Gets the document data with a given id
*
* @param int $id Document Id (id field in c_document table)
* @param string $course_code Course code
* @param bool $load_parents load folder parents.
* @param int $session_id The session ID,
* 0 if requires context *out of* session, and null to use global context
* @return array document content
*/
public static function get_document_data_by_id(
$id,
$course_code,
$load_parents = false,
$session_id = null
) {
$course_info = api_get_course_info($course_code);
$course_id = $course_info['real_id'];
if (empty($course_info)) {
return false;
}
$session_id = empty($session_id) ? api_get_session_id() : intval($session_id);
$www = api_get_path(WEB_COURSE_PATH).$course_info['path'].'/document';
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
$id = intval($id);
$sessionCondition = api_get_session_condition($session_id, true, true);
$sql = "SELECT * FROM $TABLE_DOCUMENT
WHERE c_id = $course_id $sessionCondition AND id = $id";
$result = Database::query($sql);
if ($result && Database::num_rows($result) == 1) {
$row = Database::fetch_array($result, 'ASSOC');
//@todo need to clarify the name of the URLs not nice right now
$url_path = urlencode($row['path']);
$path = str_replace('%2F', '/', $url_path);
$pathinfo = pathinfo($row['path']);
$row['url'] = api_get_path(WEB_CODE_PATH).'document/showinframes.php?cidReq='.$course_code.'&id='.$id;
$row['document_url'] = api_get_path(WEB_CODE_PATH).'document/document.php?cidReq='.$course_code.'&id='.$id;
$row['absolute_path'] = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document'.$row['path'];
$row['absolute_path_from_document'] = '/document'.$row['path'];
$row['absolute_parent_path'] = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document'.$pathinfo['dirname'].'/';
$row['direct_url'] = $www.$path;
$row['basename'] = basename($row['path']);
if (dirname($row['path']) == '.') {
$row['parent_id'] = '0';
} else {
$row['parent_id'] = self::get_document_id($course_info, dirname($row['path']), $session_id);
}
$parents = array();
//Use to generate parents (needed for the breadcrumb)
//@todo sorry but this for is here because there's not a parent_id in the document table so we parsed the path!!
if ($load_parents) {
$dir_array = explode('/', $row['path']);
$dir_array = array_filter($dir_array);
$array_len = count($dir_array) + 1;
$real_dir = '';
for ($i = 1; $i < $array_len; $i++) {
$real_dir .= '/'.(isset($dir_array[$i]) ? $dir_array[$i] : '');
$parent_id = self::get_document_id($course_info, $real_dir);
if ($session_id != 0 && empty($parent_id)) {
$parent_id = self::get_document_id($course_info, $real_dir, 0);
}
if (!empty($parent_id)) {
$sub_document_data = self::get_document_data_by_id(
$parent_id,
$course_code,
false,
$session_id
);
if ($session_id != 0 and !$sub_document_data) {
$sub_document_data = self::get_document_data_by_id(
$parent_id,
$course_code,
false,
0
);
}
//@todo add visibility here
$parents[] = $sub_document_data;
}
}
}
$row['parents'] = $parents;
return $row;
}
return false;
}
/**
* Allow to set a specific document as a new template for CKeditor
* for a particular user in a particular course
*
* @param string $title
* @param string $description
* @param int $document_id_for_template the document id
* @param string $course_code
* @param int $user_id
* @param string $image
* @return bool
*/
public static function set_document_as_template(
$title,
$description,
$document_id_for_template,
$course_code,
$user_id,
$image
) {
// Database table definition
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
$params = [
'title' => $title,
'description' => $description,
'course_code' => $course_code,
'user_id' => $user_id,
'ref_doc' => $document_id_for_template,
'image' => $image,
];
Database::insert($table_template, $params);
return true;
}
/**
* Unset a document as template
*
* @param int $document_id
* @param string $course_code
* @param int $user_id
*/
public static function unset_document_as_template(
$document_id,
$course_code,
$user_id
) {
$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
$course_code = Database::escape_string($course_code);
$user_id = intval($user_id);
$document_id = intval($document_id);
$sql = 'SELECT id FROM '.$table_template.'
WHERE
course_code="' . $course_code.'" AND
user_id="' . $user_id.'" AND
ref_doc="' . $document_id.'"';
$result = Database::query($sql);
$template_id = Database::result($result, 0, 0);
my_delete(api_get_path(SYS_CODE_PATH).'upload/template_thumbnails/'.$template_id.'.jpg');
$sql = 'DELETE FROM '.$table_template.'
WHERE
course_code="' . $course_code.'" AND
user_id="' . $user_id.'" AND
ref_doc="' . $document_id.'"';
Database::query($sql);
}
/**
* Return true if the documentpath have visibility=1 as
* item_property (you should use the is_visible_by_id)
*
* @param string $doc_path the relative complete path of the document
* @param array $course the _course array info of the document's course
* @param int
* @param string
* @return bool
*/
public static function is_visible(
$doc_path,
$course,
$session_id = 0,
$file_type = 'file'
) {
$docTable = Database::get_course_table(TABLE_DOCUMENT);
$propTable = Database::get_course_table(TABLE_ITEM_PROPERTY);
$course_id = $course['real_id'];
//note the extra / at the end of doc_path to match every path in the document table that is part of the document path
$session_id = intval($session_id);
$condition = "AND d.session_id IN ('$session_id', '0') ";
// The " d.filetype='file' " let the user see a file even if the folder is hidden see #2198
/*
When using hotpotatoes files, a new html files are generated
in the hotpotatoes folder to display the test.
The genuine html file is copied to math4.htm(user_id).t.html
Images files are not copied, and keep same name.
To check the html file visibility, we don't have to check file math4.htm(user_id).t.html but file math4.htm
In this case, we have to remove (user_id).t.html to check the visibility of the file
For images, we just check the path of the image file.
Exemple of hotpotatoes folder :
A.jpg
maths4-consigne.jpg
maths4.htm
maths4.htm1.t.html
maths4.htm52.t.html
maths4.htm654.t.html
omega.jpg
theta.jpg
*/
if (strpos($doc_path, 'HotPotatoes_files') && preg_match("/\.t\.html$/", $doc_path)) {
$doc_path = substr($doc_path, 0, strlen($doc_path) - 7 - strlen(api_get_user_id()));
}
if (!in_array($file_type, array('file', 'folder'))) {
$file_type = 'file';
}
$doc_path = Database::escape_string($doc_path).'/';
$sql = "SELECT visibility
FROM $docTable d
INNER JOIN $propTable ip
ON (d.id = ip.ref AND d.c_id = ip.c_id)
WHERE
d.c_id = $course_id AND
ip.c_id = $course_id AND
ip.tool = '".TOOL_DOCUMENT."' $condition AND
filetype = '$file_type' AND
locate(concat(path,'/'), '$doc_path')=1
";
$result = Database::query($sql);
$is_visible = false;
if (Database::num_rows($result) > 0) {
$row = Database::fetch_array($result, 'ASSOC');
if ($row['visibility'] == 1) {
$is_visible = api_is_allowed_in_course() || api_is_platform_admin();
}
}
/* improved protection of documents viewable directly through the url:
incorporates the same protections of the course at the url of
documents:
access allowed for the whole world Open, access allowed for
users registered on the platform Private access, document accessible
only to course members (see the Users list), Completely closed;
the document is only accessible to the course admin and
teaching assistants.*/
//return $_SESSION ['is_allowed_in_course'] || api_is_platform_admin();
return $is_visible;
}
/**
* Return true if user can see a file
*
* @param int document id
* @param array course info
* @param int
* @param int
* @param bool
* @return bool
*/
public static function is_visible_by_id(
$doc_id,
$course_info,
$session_id,
$user_id,
$admins_can_see_everything = true,
$userIsSubscribed = null
) {
$user_in_course = false;
//1. Checking the course array
if (empty($course_info)) {
$course_info = api_get_course_info();
if (empty($course_info)) {
return false;
}
}
$doc_id = intval($doc_id);
$session_id = intval($session_id);
//2. Course and Session visibility are handle in local.inc.php/global.inc.php
//3. Checking if user exist in course/session
if ($session_id == 0) {
if (is_null($userIsSubscribed)) {
$userIsSubscribed = CourseManager::is_user_subscribed_in_course(
$user_id,
$course_info['code']
);
}
if ($userIsSubscribed === true || api_is_platform_admin()) {
$user_in_course = true;
}
// Check if course is open then we can consider that the student is registered to the course
if (isset($course_info) &&
in_array(
$course_info['visibility'],
array(COURSE_VISIBILITY_OPEN_PLATFORM, COURSE_VISIBILITY_OPEN_WORLD)
)
) {
$user_in_course = true;
}
} else {
$user_status = SessionManager::get_user_status_in_course_session(
$user_id,
$course_info['real_id'],
$session_id
);
if (in_array($user_status, array('0', '2', '6'))) {
//is true if is an student, course session teacher or coach
$user_in_course = true;
}
if (api_is_platform_admin()) {
$user_in_course = true;
}
}
// 4. Checking document visibility (i'm repeating the code in order to be more clear when reading ) - jm
if ($user_in_course) {
// 4.1 Checking document visibility for a Course
if ($session_id == 0) {
$item_info = api_get_item_property_info(
$course_info['real_id'],
'document',
$doc_id,
0
);
if (isset($item_info['visibility'])) {
// True for admins if document exists
if ($admins_can_see_everything && api_is_platform_admin()) {
return true;
}
if ($item_info['visibility'] == 1) {
return true;
}
}
} else {
// 4.2 Checking document visibility for a Course in a Session
$item_info = api_get_item_property_info(
$course_info['real_id'],
'document',
$doc_id,
0
);
$item_info_in_session = api_get_item_property_info(
$course_info['real_id'],
'document',
$doc_id,
$session_id
);
// True for admins if document exists
if (isset($item_info['visibility'])) {
if ($admins_can_see_everything && api_is_platform_admin()) {
return true;
}
}
if (isset($item_info_in_session['visibility'])) {
if ($item_info_in_session['visibility'] == 1) {
return true;
}
} else {
if ($item_info['visibility'] == 1) {
return true;
}
}
}
} elseif ($admins_can_see_everything && api_is_platform_admin()) {
return true;
}
return false;
}
/**
* Allow attach a certificate to a course
* @param string $course_id
* @param int $document_id
* @param int $session_id
* @return void
*/
public static function attach_gradebook_certificate($course_id, $document_id, $session_id = 0)
{
$tbl_category = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
$session_id = intval($session_id);
if (empty($session_id)) {
$session_id = api_get_session_id();
}
if (empty($session_id)) {
$sql_session = 'AND (session_id = 0 OR isnull(session_id)) ';
} elseif ($session_id > 0) {
$sql_session = 'AND session_id='.intval($session_id);
} else {
$sql_session = '';
}
$sql = 'UPDATE '.$tbl_category.' SET document_id="'.intval($document_id).'"
WHERE course_code="' . Database::escape_string($course_id).'" '.$sql_session;
Database::query($sql);
}
/**
* get the document id of default certificate
* @param string $course_id
* @param int $session_id
*
* @return int The default certificate id
*/
public static function get_default_certificate_id($course_id, $session_id = 0)
{
$tbl_category = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
$session_id = intval($session_id);
if (empty($session_id)) {
$session_id = api_get_session_id();
}
if (empty($session_id)) {
$sql_session = 'AND (session_id = 0 OR isnull(session_id)) ';
} elseif ($session_id > 0) {
$sql_session = 'AND session_id='.intval($session_id);
} else {
$sql_session = '';
}
$sql = 'SELECT document_id FROM '.$tbl_category.'
WHERE course_code="' . Database::escape_string($course_id).'" '.$sql_session;
$rs = Database::query($sql);
$num = Database::num_rows($rs);
if ($num == 0) {
return null;
}
$row = Database::fetch_array($rs);
return $row['document_id'];
}
/**
* Allow replace user info in file html
* @param int $user_id
* @param string $course_code
* @param int $sessionId
* @param bool $is_preview
* @return string The html content of the certificate
*/
public static function replace_user_info_into_html(
$user_id,
$course_code,
$sessionId,
$is_preview = false
) {
$user_id = intval($user_id);
$course_info = api_get_course_info($course_code);
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$course_id = $course_info['real_id'];
$document_id = self::get_default_certificate_id(
$course_code,
$sessionId
);
$my_content_html = null;
if ($document_id) {
$sql = "SELECT path FROM $tbl_document
WHERE c_id = $course_id AND id = $document_id";
$rs = Database::query($sql);
$new_content = '';
$all_user_info = array();
if (Database::num_rows($rs)) {
$row = Database::fetch_array($rs);
$filepath = api_get_path(SYS_COURSE_PATH).$course_info['path'].'/document'.$row['path'];
if (is_file($filepath)) {
$my_content_html = file_get_contents($filepath);
}
$all_user_info = self::get_all_info_to_certificate(
$user_id,
$course_code,
$is_preview
);
$info_to_be_replaced_in_content_html = $all_user_info[0];
$info_to_replace_in_content_html = $all_user_info[1];
$new_content = str_replace(
$info_to_be_replaced_in_content_html,
$info_to_replace_in_content_html,
$my_content_html
);
}
return [
'content' => $new_content,
'variables' => $all_user_info
];
}
return [];
}
/**
* Return all content to replace and all content to be replace
* @param int $user_id
* @param int $course_id
* @param bool $is_preview
* @return array
*/
public static function get_all_info_to_certificate($user_id, $course_id, $is_preview = false)
{
$info_list = array();
$user_id = intval($user_id);
$course_info = api_get_course_info($course_id);
// Portal info
$organization_name = api_get_setting('Institution');
$portal_name = api_get_setting('siteName');
// Extra user data information
$extra_user_info_data = UserManager::get_extra_user_data(
$user_id,
false,
false,
false,
true
);
// get extra fields
$extraField = new ExtraField('user');
$extraFields = $extraField->get_all(['filter = ? AND visible_to_self = ?' => [1, 1]]);
//Student information
$user_info = api_get_user_info($user_id);
$first_name = $user_info['firstname'];
$last_name = $user_info['lastname'];
$official_code = $user_info['official_code'];
// Teacher information
$info_teacher_id = UserManager::get_user_id_of_course_admin_or_session_admin($course_info);
$teacher_info = api_get_user_info($info_teacher_id);
$teacher_first_name = $teacher_info['firstname'];
$teacher_last_name = $teacher_info['lastname'];
// info gradebook certificate
$info_grade_certificate = UserManager::get_info_gradebook_certificate($course_id, $user_id);
$date_certificate = $info_grade_certificate['created_at'];
$date_long_certificate = '';
$date_no_time = api_convert_and_format_date(api_get_utc_datetime(), DATE_FORMAT_LONG_NO_DAY);
if (!empty($date_certificate)) {
$date_long_certificate = api_convert_and_format_date($date_certificate);
$date_no_time = api_convert_and_format_date($date_certificate, DATE_FORMAT_LONG_NO_DAY);
}
if ($is_preview) {
$date_long_certificate = api_convert_and_format_date(api_get_utc_datetime());
$date_no_time = api_convert_and_format_date(api_get_utc_datetime(), DATE_FORMAT_LONG_NO_DAY);
}
$url = api_get_path(WEB_PATH).'certificates/index.php?id='.$info_grade_certificate['id'];
$externalStyleFile = api_get_path(SYS_CSS_PATH).'themes/'.api_get_visual_theme().'/certificate.css';
$externalStyle = '';
if (is_file($externalStyleFile)) {
$externalStyle = file_get_contents($externalStyleFile);
}
// Replace content
$info_to_replace_in_content_html = array(
$first_name,
$last_name,
$organization_name,
$portal_name,
$teacher_first_name,
$teacher_last_name,
$official_code,
$date_long_certificate,
$date_no_time,
$course_id,
$course_info['name'],
$info_grade_certificate['grade'],
$url,
''.get_lang('CertificateOnlineLink').'',
'((certificate_barcode))',
$externalStyle
);
$info_to_be_replaced_in_content_html = array(
'((user_firstname))',
'((user_lastname))',
'((gradebook_institution))',
'((gradebook_sitename))',
'((teacher_firstname))',
'((teacher_lastname))',
'((official_code))',
'((date_certificate))',
'((date_certificate_no_time))',
'((course_code))',
'((course_title))',
'((gradebook_grade))',
'((certificate_link))',
'((certificate_link_html))',
'((certificate_barcode))',
'((external_style))'
);
if (!empty($extraFields)) {
foreach ($extraFields as $extraField) {
$valueExtra = isset($extra_user_info_data[$extraField['variable']]) ? $extra_user_info_data[$extraField['variable']] : '';
$info_to_be_replaced_in_content_html[] = '(('.strtolower($extraField['variable']).'))';
$info_to_replace_in_content_html[] = $valueExtra;
}
}
$info_list[] = $info_to_be_replaced_in_content_html;
$info_list[] = $info_to_replace_in_content_html;
return $info_list;
}
/**
* Remove default certificate
* @param string $course_id The course code
* @param int $default_certificate_id The document id of the default certificate
* @return void
*/
public static function remove_attach_certificate($course_id, $default_certificate_id)
{
if (empty($default_certificate_id)) {
return false;
}
$default_certificate = self::get_default_certificate_id($course_id);
if ((int) $default_certificate == (int) $default_certificate_id) {
$tbl_category = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
$session_id = api_get_session_id();
if ($session_id == 0 || is_null($session_id)) {
$sql_session = 'AND (session_id='.intval($session_id).' OR isnull(session_id)) ';
} elseif ($session_id > 0) {
$sql_session = 'AND session_id='.intval($session_id);
} else {
$sql_session = '';
}
$sql = 'UPDATE '.$tbl_category.' SET document_id = null
WHERE
course_code = "' . Database::escape_string($course_id).'" AND
document_id="' . $default_certificate_id.'" '.$sql_session;
Database::query($sql);
}
}
/**
* Create directory certificate
* @param array $courseInfo
* @return void
*/
public static function create_directory_certificate_in_course($courseInfo)
{
if (!empty($courseInfo)) {
$to_group_id = 0;
$to_user_id = null;
$course_dir = $courseInfo['path']."/document/";
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path.$course_dir;
$base_work_dir_test = $base_work_dir.'certificates';
$dir_name = '/certificates';
$post_dir_name = get_lang('CertificatesFiles');
$visibility_command = 'invisible';
$id = self::get_document_id_of_directory_certificate();
if (empty($id)) {
create_unexisting_directory(
$courseInfo,
api_get_user_id(),
api_get_session_id(),
$to_group_id,
$to_user_id,
$base_work_dir,
$dir_name,
$post_dir_name,
null,
false
);
$id = self::get_document_id_of_directory_certificate();
if (empty($id)) {
$id = add_document(
$courseInfo,
$dir_name,
'folder',
0,
$post_dir_name,
null,
0,
true,
$to_group_id
);
}
if (!empty($id)) {
api_item_property_update(
$courseInfo,
TOOL_DOCUMENT,
$id,
$visibility_command,
api_get_user_id()
);
}
}
}
}
/**
* Get the document id of the directory certificate
* @return int The document id of the directory certificate
*/
public static function get_document_id_of_directory_certificate()
{
$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
$course_id = api_get_course_int_id();
$sql = "SELECT id FROM $tbl_document
WHERE c_id = $course_id AND path='/certificates' ";
$rs = Database::query($sql);
$row = Database::fetch_array($rs);
return $row['id'];
}
/**
* Check if a directory given is for certificate
* @param string $dir path of directory
* @return bool true if is a certificate or false otherwise
*/
public static function is_certificate_mode($dir)
{
// I'm in the certification module?
$is_certificate_mode = false;
$is_certificate_array = explode('/', $dir);
array_shift($is_certificate_array);
if (isset($is_certificate_array[0]) && $is_certificate_array[0] == 'certificates') {
$is_certificate_mode = true;
}
return $is_certificate_mode;
}
/**
* Gets the list of included resources as a list of absolute or relative paths from a html file or string html
* This allows for a better SCORM export or replace urls inside content html from copy course
* The list will generally include pictures, flash objects, java applets, or any other
* stuff included in the source of the current item. The current item is expected
* to be an HTML file or string html. If it is not, then the function will return and empty list.
* @param string source html (content or path)
* @param bool is file or string html
* @param string type (one of the app tools) - optional (otherwise takes the current item's type)
* @param int level of recursivity we're in
* @return array List of file paths. An additional field containing 'local' or 'remote' helps determine
* if the file should be copied into the zip or just linked
*/
public static function get_resources_from_source_html($source_html, $is_file = false, $type = null, $recursivity = 1)
{
$max = 5;
$attributes = array();
$wanted_attributes = array('src', 'url', '@import', 'href', 'value', 'flashvars', 'poster');
$explode_attributes = array('flashvars' => 'file');
$abs_path = '';
if ($recursivity > $max) {
return array();
}
if (!isset($type)) {
$type = TOOL_DOCUMENT;
}
if (!$is_file) {
$attributes = self::parse_HTML_attributes(
$source_html,
$wanted_attributes,
$explode_attributes
);
} else {
if (is_file($source_html)) {
$abs_path = $source_html;
//for now, read the whole file in one go (that's gonna be a problem when the file is too big)
$info = pathinfo($abs_path);
$ext = $info['extension'];
switch (strtolower($ext)) {
case 'html':
case 'htm':
case 'shtml':
case 'css':
$file_content = file_get_contents($abs_path);
//get an array of attributes from the HTML source
$attributes = self::parse_HTML_attributes($file_content, $wanted_attributes, $explode_attributes);
break;
default:
break;
}
} else {
return false;
}
}
$files_list = array();
switch ($type) {
case TOOL_DOCUMENT:
case TOOL_QUIZ:
case 'sco':
foreach ($wanted_attributes as $attr) {
if (isset($attributes[$attr])) {
//find which kind of path these are (local or remote)
$sources = $attributes[$attr];
foreach ($sources as $source) {
//skip what is obviously not a resource
if (strpos($source, '+this.')) {
continue; //javascript code - will still work unaltered
}
if (strpos($source, '.') === false) {
continue; //no dot, should not be an external file anyway
}
if (strpos($source, 'mailto:')) {
continue; //mailto link
}
if (strpos($source, ';') && !strpos($source, '&')) {
continue; //avoid code - that should help
}
if ($attr == 'value') {
if (strpos($source, 'mp3file')) {
$files_list[] = array(substr($source, 0, strpos($source, '.swf') + 4), 'local', 'abs');
$mp3file = substr($source, strpos($source, 'mp3file=') + 8);
if (substr($mp3file, 0, 1) == '/') {
$files_list[] = array($mp3file, 'local', 'abs');
} else {
$files_list[] = array($mp3file, 'local', 'rel');
}
} elseif (strpos($source, 'flv=') === 0) {
$source = substr($source, 4);
if (strpos($source, '&') > 0) {
$source = substr($source, 0, strpos($source, '&'));
}
if (strpos($source, '://') > 0) {
if (strpos($source, api_get_path(WEB_PATH)) !== false) {
//we found the current portal url
$files_list[] = array($source, 'local', 'url');
} else {
//we didn't find any trace of current portal
$files_list[] = array($source, 'remote', 'url');
}
} else {
$files_list[] = array($source, 'local', 'abs');
}
/* skipping anything else to avoid two entries
(while the others can have sub-files in their url, flv's can't)*/
continue;
}
}
if (strpos($source, '://') > 0) {
//cut at '?' in a URL with params
if (strpos($source, '?') > 0) {
$second_part = substr($source, strpos($source, '?'));
if (strpos($second_part, '://') > 0) {
//if the second part of the url contains a url too, treat the second one before cutting
$pos1 = strpos($second_part, '=');
$pos2 = strpos($second_part, '&');
$second_part = substr($second_part, $pos1 + 1, $pos2 - ($pos1 + 1));
if (strpos($second_part, api_get_path(WEB_PATH)) !== false) {
//we found the current portal url
$files_list[] = array($second_part, 'local', 'url');
$in_files_list[] = self::get_resources_from_source_html($second_part, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//we didn't find any trace of current portal
$files_list[] = array($second_part, 'remote', 'url');
}
} elseif (strpos($second_part, '=') > 0) {
if (substr($second_part, 0, 1) === '/') {
//link starts with a /, making it absolute (relative to DocumentRoot)
$files_list[] = array($second_part, 'local', 'abs');
$in_files_list[] = self::get_resources_from_source_html($second_part, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} elseif (strstr($second_part, '..') === 0) {
//link is relative but going back in the hierarchy
$files_list[] = array($second_part, 'local', 'rel');
//$dir = api_get_path(SYS_CODE_PATH);//dirname($abs_path);
//$new_abs_path = realpath($dir.'/'.$second_part);
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$second_part);
$in_files_list[] = self::get_resources_from_source_html($new_abs_path, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//no starting '/', making it relative to current document's path
if (substr($second_part, 0, 2) == './') {
$second_part = substr($second_part, 2);
}
$files_list[] = array($second_part, 'local', 'rel');
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$second_part);
$in_files_list[] = self::get_resources_from_source_html(
$new_abs_path,
true,
TOOL_DOCUMENT,
$recursivity + 1
);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
}
}
//leave that second part behind now
$source = substr($source, 0, strpos($source, '?'));
if (strpos($source, '://') > 0) {
if (strpos($source, api_get_path(WEB_PATH)) !== false) {
//we found the current portal url
$files_list[] = array($source, 'local', 'url');
$in_files_list[] = self::get_resources_from_source_html($source, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//we didn't find any trace of current portal
$files_list[] = array($source, 'remote', 'url');
}
} else {
//no protocol found, make link local
if (substr($source, 0, 1) === '/') {
//link starts with a /, making it absolute (relative to DocumentRoot)
$files_list[] = array($source, 'local', 'abs');
$in_files_list[] = self::get_resources_from_source_html(
$source,
true,
TOOL_DOCUMENT,
$recursivity + 1
);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} elseif (strstr($source, '..') === 0) { //link is relative but going back in the hierarchy
$files_list[] = array($source, 'local', 'rel');
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$source);
$in_files_list[] = self::get_resources_from_source_html($new_abs_path, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//no starting '/', making it relative to current document's path
if (substr($source, 0, 2) == './') {
$source = substr($source, 2);
}
$files_list[] = array($source, 'local', 'rel');
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$source);
$in_files_list[] = self::get_resources_from_source_html($new_abs_path, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
}
}
}
//found some protocol there
if (strpos($source, api_get_path(WEB_PATH)) !== false) {
//we found the current portal url
$files_list[] = array($source, 'local', 'url');
$in_files_list[] = self::get_resources_from_source_html($source, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//we didn't find any trace of current portal
$files_list[] = array($source, 'remote', 'url');
}
} else {
//no protocol found, make link local
if (substr($source, 0, 1) === '/') {
//link starts with a /, making it absolute (relative to DocumentRoot)
$files_list[] = array($source, 'local', 'abs');
$in_files_list[] = self::get_resources_from_source_html($source, true, TOOL_DOCUMENT, $recursivity + 1);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} elseif (strpos($source, '..') === 0) {
//link is relative but going back in the hierarchy
$files_list[] = array($source, 'local', 'rel');
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$source);
$in_files_list[] = self::get_resources_from_source_html(
$new_abs_path,
true,
TOOL_DOCUMENT,
$recursivity + 1
);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
} else {
//no starting '/', making it relative to current document's path
if (substr($source, 0, 2) == './') {
$source = substr($source, 2);
}
$files_list[] = array($source, 'local', 'rel');
$dir = '';
if (!empty($abs_path)) {
$dir = dirname($abs_path).'/';
}
$new_abs_path = realpath($dir.$source);
$in_files_list[] = self::get_resources_from_source_html(
$new_abs_path,
true,
TOOL_DOCUMENT,
$recursivity + 1
);
if (count($in_files_list) > 0) {
$files_list = array_merge($files_list, $in_files_list);
}
}
}
}
}
}
break;
default: //ignore
break;
}
$checked_files_list = array();
$checked_array_list = array();
if (count($files_list) > 0) {
foreach ($files_list as $idx => $file) {
if (!empty($file[0])) {
if (!in_array($file[0], $checked_files_list)) {
$checked_files_list[] = $files_list[$idx][0];
$checked_array_list[] = $files_list[$idx];
}
}
}
}
return $checked_array_list;
}
/**
* Parses the HTML attributes given as string.
*
* @param string HTML attribute string
* @param array List of attributes that we want to get back
* @param array
* @return array An associative array of attributes
* @author Based on a function from the HTML_Common2 PEAR module *
*/
public static function parse_HTML_attributes($attrString, $wanted = array(), $explode_variables = array())
{
$attributes = array();
$regs = array();
$reduced = false;
if (count($wanted) > 0) {
$reduced = true;
}
try {
//Find all occurences of something that looks like a URL
// The structure of this regexp is:
// (find protocol) then
// (optionally find some kind of space 1 or more times) then
// find (either an equal sign or a bracket) followed by an optional space
// followed by some text without quotes (between quotes itself or not)
// then possible closing brackets if we were in the opening bracket case
// OR something like @import()
$res = preg_match_all(
'/(((([A-Za-z_:])([A-Za-z0-9_:\.-]*))'.
// '/(((([A-Za-z_:])([A-Za-z0-9_:\.-]|[^\x00-\x7F])*)' . -> seems to be taking too much
// '/(((([A-Za-z_:])([^\x00-\x7F])*)' . -> takes only last letter of parameter name
'([ \n\t\r]+)?('.
// '(=([ \n\t\r]+)?("[^"]+"|\'[^\']+\'|[^ \n\t\r]+))' . -> doesn't restrict close enough to the url itself
'(=([ \n\t\r]+)?("[^"\)]+"|\'[^\'\)]+\'|[^ \n\t\r\)]+))'.
'|'.
// '(\(([ \n\t\r]+)?("[^"]+"|\'[^\']+\'|[^ \n\t\r]+)\))' . -> doesn't restrict close enough to the url itself
'(\(([ \n\t\r]+)?("[^"\)]+"|\'[^\'\)]+\'|[^ \n\t\r\)]+)\))'.
'))'.
'|'.
// '(@import([ \n\t\r]+)?("[^"]+"|\'[^\']+\'|[^ \n\t\r]+)))?/', -> takes a lot (like 100's of thousands of empty possibilities)
'(@import([ \n\t\r]+)?("[^"]+"|\'[^\']+\'|[^ \n\t\r]+)))/',
$attrString,
$regs
);
} catch (Exception $e) {
error_log('Caught exception: '.$e->getMessage(), 0);
}
if ($res) {
for ($i = 0; $i < count($regs[1]); $i++) {
$name = trim($regs[3][$i]);
$check = trim($regs[0][$i]);
$value = trim($regs[10][$i]);
if (empty($value) and !empty($regs[13][$i])) {
$value = $regs[13][$i];
}
if (empty($name) && !empty($regs[16][$i])) {
$name = '@import';
$value = trim($regs[16][$i]);
}
if (!empty($name)) {
if (!$reduced OR in_array(strtolower($name), $wanted)) {
if ($name == $check) {
$attributes[strtolower($name)][] = strtolower($name);
} else {
if (!empty($value) && ($value[0] == '\'' || $value[0] == '"')) {
$value = substr($value, 1, -1);
}
if ($value == 'API.LMSGetValue(name') {
$value = 'API.LMSGetValue(name)';
}
//Gets the xx.flv value from the string flashvars="width=320&height=240&autostart=false&file=xxx.flv&repeat=false"
if (isset($explode_variables[$name])) {
$value_modified = str_replace('&', '&', $value);
$value_array = explode('&', $value_modified);
foreach ($value_array as $item) {
list($key, $item_value) = explode('=', $item);
if ($key == $explode_variables[$name]) {
$attributes[strtolower($name)][] = $item_value;
}
}
}
$attributes[strtolower($name)][] = $value;
}
}
}
}
}
return $attributes;
}
/**
* Replace urls inside content html from a copy course
* @param string $content_html
* @param string $origin_course_code
* @param string $destination_course_directory
* @param string $origin_course_path_from_zip
* @param string $origin_course_info_path
*
* @return string new content html with replaced urls or return false if content is not a string
*/
public static function replace_urls_inside_content_html_from_copy_course(
$content_html,
$origin_course_code,
$destination_course_directory,
$origin_course_path_from_zip = null,
$origin_course_info_path = null
) {
if (empty($content_html)) {
return false;
}
$orig_source_html = self::get_resources_from_source_html($content_html);
$orig_course_info = api_get_course_info($origin_course_code);
// Course does not exist in the current DB probably this came from a zip file?
if (empty($orig_course_info)) {
if (!empty($origin_course_path_from_zip)) {
$orig_course_path = $origin_course_path_from_zip.'/';
$orig_course_info_path = $origin_course_info_path;
}
} else {
$orig_course_path = api_get_path(SYS_COURSE_PATH).$orig_course_info['path'].'/';
$orig_course_info_path = $orig_course_info['path'];
}
$destination_course_code = CourseManager::get_course_id_from_path($destination_course_directory);
$destination_course_info = api_get_course_info($destination_course_code);
$dest_course_path = api_get_path(SYS_COURSE_PATH).$destination_course_directory.'/';
$dest_course_path_rel = api_get_path(REL_COURSE_PATH).$destination_course_directory.'/';
$user_id = api_get_user_id();
if (!empty($orig_source_html)) {
foreach ($orig_source_html as $source) {
// Get information about source url
$real_orig_url = $source[0]; // url
$scope_url = $source[1]; // scope (local, remote)
$type_url = $source[2]; // type (rel, abs, url)
// Get path and query from origin url
$orig_parse_url = parse_url($real_orig_url);
$real_orig_path = isset($orig_parse_url['path']) ? $orig_parse_url['path'] : null;
$real_orig_query = isset($orig_parse_url['query']) ? $orig_parse_url['query'] : null;
// Replace origin course code by destination course code from origin url query
$dest_url_query = '';
if (!empty($real_orig_query)) {
$dest_url_query = '?'.$real_orig_query;
if (strpos($dest_url_query, $origin_course_code) !== false) {
$dest_url_query = str_replace($origin_course_code, $destination_course_code, $dest_url_query);
}
}
if ($scope_url == 'local') {
if ($type_url == 'abs' || $type_url == 'rel') {
$document_file = strstr($real_orig_path, 'document');
if (strpos($real_orig_path, $document_file) !== false) {
$origin_filepath = $orig_course_path.$document_file;
$destination_filepath = $dest_course_path.$document_file;
// copy origin file inside destination course
if (file_exists($origin_filepath)) {
$filepath_dir = dirname($destination_filepath);
if (!is_dir($filepath_dir)) {
$perm = api_get_permissions_for_new_directories();
$result = @mkdir($filepath_dir, $perm, true);
if ($result) {
$filepath_to_add = str_replace(array($dest_course_path, 'document'), '', $filepath_dir);
//Add to item properties to the new folder
$doc_id = add_document(
$destination_course_info,
$filepath_to_add,
'folder',
0,
basename($filepath_to_add)
);
api_item_property_update(
$destination_course_info,
TOOL_DOCUMENT,
$doc_id,
'FolderCreated',
$user_id,
null,
null,
null,
null
);
}
}
if (!file_exists($destination_filepath)) {
$result = @copy($origin_filepath, $destination_filepath);
if ($result) {
$filepath_to_add = str_replace(array($dest_course_path, 'document'), '', $destination_filepath);
$size = filesize($destination_filepath);
// Add to item properties to the file
$doc_id = add_document(
$destination_course_info,
$filepath_to_add,
'file',
$size,
basename($filepath_to_add)
);
api_item_property_update(
$destination_course_info,
TOOL_DOCUMENT,
$doc_id,
'FolderCreated',
$user_id,
null,
null,
null,
null
);
}
}
}
// Replace origin course path by destination course path.
if (strpos($content_html, $real_orig_url) !== false) {
$url_course_path = str_replace($orig_course_info_path.'/'.$document_file, '', $real_orig_path);
//$destination_url = $url_course_path . $destination_course_directory . '/' . $document_file . $dest_url_query;
// See BT#7780
$destination_url = $dest_course_path_rel.$document_file.$dest_url_query;
// If the course code doesn't exist in the path? what we do? Nothing! see BT#1985
if (strpos($real_orig_path, $origin_course_code) === false) {
$url_course_path = $real_orig_path;
$destination_url = $real_orig_path;
}
$content_html = str_replace($real_orig_url, $destination_url, $content_html);
}
}
// replace origin course code by destination course code from origin url
if (strpos($real_orig_url, '?') === 0) {
$dest_url = str_replace($origin_course_code, $destination_course_code, $real_orig_url);
$content_html = str_replace($real_orig_url, $dest_url, $content_html);
}
}
}
}
}
return $content_html;
}
/**
* Replace urls inside content html when moving a file
* @todo this code is only called in document.php but is commented
* @param string content html
* @param string origin
* @param string destination
* @return string new content html with replaced urls or return false if content is not a string
*/
public function replace_urls_inside_content_html_when_moving_file($file_name, $original_path, $destiny_path)
{
if (substr($original_path, strlen($original_path) - 1, strlen($original_path)) == '/') {
$original = $original_path.$file_name;
} else {
$original = $original_path.'/'.$file_name;
}
if (substr($destiny_path, strlen($destiny_path) - 1, strlen($destiny_path)) == '/') {
$destination = $destiny_path.$file_name;
} else {
$destination = $destiny_path.'/'.$file_name;
}
$original_count = count(explode('/', $original));
$destination_count = count(explode('/', $destination));
if ($original_count == $destination_count) {
//Nothing to change
return true;
}
if ($original_count > $destination_count) {
$mode = 'outside';
} else {
$mode = 'inside';
}
//We do not select the $original_path becayse the file was already moved
$content_html = file_get_contents($destiny_path.'/'.$file_name);
$destination_file = $destiny_path.'/'.$file_name;
$pre_original = strstr($original_path, 'document');
$pre_destin = strstr($destiny_path, 'document');
$pre_original = substr($pre_original, 8, strlen($pre_original));
$pre_destin = substr($pre_destin, 8, strlen($pre_destin));
$levels = count(explode('/', $pre_destin)) - 1;
$link_to_add = '';
for ($i = 1; $i <= $levels; $i++) {
$link_to_add .= '../';
}
if ($pre_original == '/') {
$pre_original = '';
}
if ($pre_destin == '/') {
$pre_destin = '';
}
if ($pre_original != '') {
$pre_original = '..'.$pre_original.'/';
}
if ($pre_destin != '') {
$pre_destin = '..'.$pre_destin.'/';
}
$levels = explode('/', $pre_original);
$count_pre_destination_levels = 0;
foreach ($levels as $item) {
if (!empty($item) && $item != '..') {
$count_pre_destination_levels++;
}
}
$count_pre_destination_levels--;
//$count_pre_destination_levels = count() - 3;
if ($count_pre_destination_levels == 0) {
$count_pre_destination_levels = 1;
}
//echo '$count_pre_destination_levels '. $count_pre_destination_levels;
$pre_remove = '';
for ($i = 1; $i <= $count_pre_destination_levels; $i++) {
$pre_remove .= '..\/';
}
$orig_source_html = self::get_resources_from_source_html($content_html);
foreach ($orig_source_html as $source) {
// get information about source url
$real_orig_url = $source[0]; // url
$scope_url = $source[1]; // scope (local, remote)
$type_url = $source[2]; // tyle (rel, abs, url)
// Get path and query from origin url
$orig_parse_url = parse_url($real_orig_url);
$real_orig_path = $orig_parse_url['path'];
$real_orig_query = $orig_parse_url['query'];
// Replace origin course code by destination course code from origin url query
/*
$dest_url_query = '';
if (!empty($real_orig_query)) {
$dest_url_query = '?'.$real_orig_query;
if (strpos($dest_url_query,$origin_course_code) !== false) {
$dest_url_query = str_replace($origin_course_code, $destination_course_code, $dest_url_query);
}
} */
if ($scope_url == 'local') {
if ($type_url == 'abs' || $type_url == 'rel') {
$document_file = strstr($real_orig_path, 'document');
if (strpos($real_orig_path, $document_file) !== false) {
echo 'continue1';
continue;
} else {
$real_orig_url_temp = '';
if ($mode == 'inside') {
$real_orig_url_temp = str_replace('../', '', $real_orig_url);
$destination_url = $link_to_add.$real_orig_url_temp;
} else {
$real_orig_url_temp = $real_orig_url;
$destination_url = preg_replace("/".$pre_remove."/", '', $real_orig_url, 1);
}
if ($real_orig_url == $destination_url) {
//echo 'continue2';
continue;
}
$content_html = str_replace($real_orig_url, $destination_url, $content_html);
}
} else {
echo 'continue3';
continue;
}
}
}
$return = file_put_contents($destination, $content_html);
return $return;
}
/**
* Export document to PDF
*
* @param int $document_id
* @param string $courseCode
* @param string $orientation
* @param bool $showHeaderAndFooter
*/
public static function export_to_pdf(
$document_id,
$courseCode,
$orientation = 'landscape',
$showHeaderAndFooter = true
) {
$course_data = api_get_course_info($courseCode);
$document_data = self::get_document_data_by_id($document_id, $courseCode);
$file_path = api_get_path(SYS_COURSE_PATH).$course_data['path'].'/document'.$document_data['path'];
if ($orientation == 'landscape') {
$pageFormat = 'A4-L';
$pdfOrientation = 'L';
} else {
$pageFormat = 'A4';
$pdfOrientation = 'P';
}
$pdf = new PDF($pageFormat, $pdfOrientation);
if (api_get_configuration_value('use_alternative_document_pdf_footer')) {
$view = new Template('', false, false, false, true, false, false);
$template = $view->get_template('export/alt_pdf_footer.tpl');
$pdf->set_custom_footer([
'html' => $view->fetch($template)
]);
}
$pdf->html_to_pdf(
$file_path,
$document_data['title'],
$courseCode,
false,
$showHeaderAndFooter
);
}
/**
* Uploads a document
*
* @param array $files the $_FILES variable
* @param string $path
* @param string $title
* @param string $comment
* @param int $unzip unzip or not the file
* @param string $if_exists overwrite, rename or warn (default)
* @param bool $index_document index document (search xapian module)
* @param bool $show_output print html messages
* @param string $fileKey
* @param bool $treat_spaces_as_hyphens
*
* @return array|bool
*/
public static function upload_document(
$files,
$path,
$title = null,
$comment = null,
$unzip = 0,
$if_exists = null,
$index_document = false,
$show_output = false,
$fileKey = 'file',
$treat_spaces_as_hyphens = true
) {
$course_info = api_get_course_info();
$sessionId = api_get_session_id();
$course_dir = $course_info['path'].'/document';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$base_work_dir = $sys_course_path.$course_dir;
$group_properties = GroupManager::get_group_properties(api_get_group_id());
$groupIid = isset($group_properties['iid']) ? $group_properties['iid'] : 0;
if (isset($files[$fileKey])) {
$upload_ok = process_uploaded_file($files[$fileKey], $show_output);
if ($upload_ok) {
$new_path = handle_uploaded_document(
$course_info,
$files[$fileKey],
$base_work_dir,
$path,
api_get_user_id(),
$groupIid,
null,
$unzip,
$if_exists,
$show_output,
false,
null,
$sessionId,
$treat_spaces_as_hyphens
);
// Showing message when sending zip files
if ($new_path === true && $unzip == 1) {
if ($show_output) {
echo Display::return_message(
get_lang('UplUploadSucceeded').'
',
'confirm',
false
);
}
return [
'title' => $path,
'url' => $path,
];
}
if ($new_path) {
$documentId = self::get_document_id(
$course_info,
$new_path,
$sessionId
);
if (!empty($documentId)) {
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$params = array();
/*if ($if_exists == 'rename') {
// Remove prefix
$suffix = self::getDocumentSuffix(
$course_info,
$sessionId,
api_get_group_id()
);
$new_path = basename($new_path);
$new_path = str_replace($suffix, '', $new_path);
error_log('renamed');
error_log($new_path);
$params['title'] = get_document_title($new_path);
} else {
if (!empty($title)) {
$params['title'] = get_document_title($title);
} else {
$params['title'] = get_document_title($files['file']['name']);
}
}*/
if (!empty($title)) {
$params['title'] = $title;
}
if (!empty($comment)) {
$params['comment'] = trim($comment);
}
Database::update(
$table_document,
$params,
array(
'id = ? AND c_id = ? ' => array(
$documentId,
$course_info['real_id']
)
)
);
}
if ($index_document) {
self::index_document(
$documentId,
$course_info['code'],
null,
$_POST['language'],
$_REQUEST,
$if_exists
);
}
if (!empty($documentId) && is_numeric($documentId)) {
$documentData = self::get_document_data_by_id(
$documentId,
$course_info['code'],
false,
$sessionId
);
return $documentData;
}
}
}
}
return false;
}
/**
* Obtains the text inside the file with the right parser
*/
public static function get_text_content($doc_path, $doc_mime)
{
// TODO: review w$ compatibility
// Use usual exec output lines array to store stdout instead of a temp file
// because we need to store it at RAM anyway before index on ChamiloIndexer object
$ret_val = null;
switch ($doc_mime) {
case 'text/plain':
$handle = fopen($doc_path, 'r');
$output = array(fread($handle, filesize($doc_path)));
fclose($handle);
break;
case 'application/pdf':
exec("pdftotext $doc_path -", $output, $ret_val);
break;
case 'application/postscript':
$temp_file = tempnam(sys_get_temp_dir(), 'chamilo');
exec("ps2pdf $doc_path $temp_file", $output, $ret_val);
if ($ret_val !== 0) { // shell fail, probably 127 (command not found)
return false;
}
exec("pdftotext $temp_file -", $output, $ret_val);
unlink($temp_file);
break;
case 'application/msword':
exec("catdoc $doc_path", $output, $ret_val);
break;
case 'text/html':
exec("html2text $doc_path", $output, $ret_val);
break;
case 'text/rtf':
// Note: correct handling of code pages in unrtf
// on debian lenny unrtf v0.19.2 can not, but unrtf v0.20.5 can
exec("unrtf --text $doc_path", $output, $ret_val);
if ($ret_val == 127) { // command not found
return false;
}
// Avoid index unrtf comments
if (is_array($output) && count($output) > 1) {
$parsed_output = array();
foreach ($output as & $line) {
if (!preg_match('/^###/', $line, $matches)) {
if (!empty($line)) {
$parsed_output[] = $line;
}
}
}
$output = $parsed_output;
}
break;
case 'application/vnd.ms-powerpoint':
exec("catppt $doc_path", $output, $ret_val);
break;
case 'application/vnd.ms-excel':
exec("xls2csv -c\" \" $doc_path", $output, $ret_val);
break;
}
$content = '';
if (!is_null($ret_val)) {
if ($ret_val !== 0) { // shell fail, probably 127 (command not found)
return false;
}
}
if (isset($output)) {
foreach ($output as & $line) {
$content .= $line."\n";
}
return $content;
} else {
return false;
}
}
/**
* Calculates the total size of all documents in a course
*
* @author Bert vanderkimpen
* @param int $course_id
* @param int $group_id (to calculate group document space)
* @param int $session_id
*
* @return int total size
*/
public static function documents_total_space($course_id = null, $group_id = null, $session_id = null)
{
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT);
if (isset($course_id)) {
$course_id = intval($course_id);
} else {
$course_id = api_get_course_int_id();
}
$group_condition = null;
if (isset($group_id)) {
$group_id = intval($group_id);
$group_condition = " AND props.to_group_id='".$group_id."' ";
}
$session_condition = null;
if (isset($session_id)) {
$session_id = intval($session_id);
$session_condition = " AND props.session_id='".$session_id."' ";
}
$sql = "SELECT SUM(size)
FROM $TABLE_ITEMPROPERTY AS props
INNER JOIN $TABLE_DOCUMENT AS docs
ON (docs.id = props.ref AND props.c_id = docs.c_id)
WHERE
props.c_id = $course_id AND
docs.c_id = $course_id AND
props.tool = '".TOOL_DOCUMENT."' AND
props.visibility <> 2
$group_condition
$session_condition
";
$result = Database::query($sql);
if ($result && Database::num_rows($result) != 0) {
$row = Database::fetch_row($result);
return $row[0];
} else {
return 0;
}
}
/**
* Here we count 1 Kilobyte = 1024 Bytes, 1 Megabyte = 1048576 Bytes
*/
public static function display_quota($course_quota, $already_consumed_space)
{
$course_quota_m = round($course_quota / 1048576);
$already_consumed_space_m = round($already_consumed_space / 1048576);
$message = get_lang('MaximumAllowedQuota').' '.$course_quota_m.' megabyte.
';
$message .= get_lang('CourseCurrentlyUses').' '.$already_consumed_space_m.' megabyte.
';
$percentage = round(($already_consumed_space / $course_quota * 100), 1);
$other_percentage = $percentage < 100 ? 100 - $percentage : 0;
// Decide where to place percentage in graph
if ($percentage >= 50) {
$text_in_filled = ' '.$other_percentage.'%';
$text_in_unfilled = '';
} else {
$text_in_unfilled = ' '.$other_percentage.'%';
$text_in_filled = '';
}
// Decide the background colour of the graph
if ($percentage < 65) {
$colour = '#00BB00'; // Safe - green
} elseif ($percentage < 90) {
$colour = '#ffd400'; // Filling up - yelloworange
} else {
$colour = '#DD0000'; // Full - red
}
// This is used for the table width: a table of only 100 pixels looks too small
$visual_percentage = 4 * $percentage;
$visual_other_percentage = 4 * $other_percentage;
$message .= get_lang('PercentageQuotaInUse').': '.$percentage.'%.
'.
get_lang('PercentageQuotaFree').': '.$other_percentage.'%.
';
$show_percentage = ' '.$percentage.'%';
$message .= '