downloadfolder.inc.php 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Functions and main code for the download folder feature
  5. * @todo use ids instead of the path like the document tool
  6. * @package chamilo.work
  7. */
  8. $work_id = $_GET['id'];
  9. require_once '../inc/global.inc.php';
  10. $current_course_tool = TOOL_STUDENTPUBLICATION;
  11. $_course = api_get_course_info();
  12. // Protection
  13. api_protect_course_script(true);
  14. require_once 'work.lib.php';
  15. $work_data = get_work_data_by_id($work_id);
  16. $groupId = api_get_group_id();
  17. if (empty($work_data)) {
  18. exit;
  19. }
  20. // Prevent some stuff.
  21. if (empty($path)) {
  22. $path = '/';
  23. }
  24. if (empty($_course) || empty($_course['path'])) {
  25. api_not_allowed();
  26. }
  27. $sys_course_path = api_get_path(SYS_COURSE_PATH);
  28. //zip library for creation of the zipfile
  29. require_once api_get_path(LIBRARY_PATH).'pclzip/pclzip.lib.php';
  30. // Creating a ZIP file
  31. $temp_zip_file = api_get_path(SYS_ARCHIVE_PATH).api_get_unique_id().".zip";
  32. $zip_folder = new PclZip($temp_zip_file);
  33. $tbl_student_publication = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
  34. $prop_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
  35. $tableUser = Database::get_main_table(TABLE_MAIN_USER);
  36. // Put the files in the zip
  37. // 2 possibilities: admins get all files and folders in the selected folder (except for the deleted ones)
  38. // normal users get only visible files that are in visible folders
  39. //admins are allowed to download invisible files
  40. $files = array();
  41. $course_id = api_get_course_int_id();
  42. $sessionId = api_get_session_id();
  43. $filenameCondition = null;
  44. if (array_key_exists('filename', $work_data)) {
  45. $filenameCondition = ", filename";
  46. }
  47. if (api_is_allowed_to_edit() || api_is_coach()) {
  48. //Search for all files that are not deleted => visibility != 2
  49. $sql = "SELECT DISTINCT
  50. url,
  51. title,
  52. description,
  53. insert_user_id,
  54. insert_date,
  55. contains_file
  56. $filenameCondition
  57. FROM $tbl_student_publication AS work
  58. INNER JOIN $prop_table AS props
  59. INNER JOIN $tableUser as u
  60. ON (
  61. props.c_id = $course_id AND
  62. work.c_id = $course_id AND
  63. work.id = props.ref AND
  64. props.tool='work' AND
  65. work.user_id = u.user_id
  66. )
  67. WHERE
  68. work.parent_id = $work_id AND
  69. work.filetype = 'file' AND
  70. props.visibility <> '2' AND
  71. work.active IN (0, 1) AND
  72. work.post_group_id = $groupId AND
  73. session_id = $sessionId
  74. ";
  75. } else {
  76. $courseInfo = api_get_course_info();
  77. allowOnlySubscribedUser(api_get_user_id(), $work_id, $courseInfo['real_id']);
  78. $userCondition = null;
  79. // All users
  80. if ($courseInfo['show_score'] == 0) {
  81. // Do another filter
  82. } else {
  83. // Only teachers
  84. $userCondition = " AND props.insert_user_id = ".api_get_user_id();
  85. }
  86. //for other users, we need to create a zipfile with only visible files and folders
  87. $sql = "SELECT DISTINCT
  88. url,
  89. title,
  90. description,
  91. insert_user_id,
  92. insert_date,
  93. contains_file
  94. $filenameCondition
  95. FROM $tbl_student_publication AS work
  96. INNER JOIN $prop_table AS props
  97. ON (props.c_id = $course_id AND
  98. work.c_id = $course_id AND
  99. work.id = props.ref)
  100. WHERE
  101. props.tool='work' AND
  102. work.accepted = 1 AND
  103. work.active = 1 AND
  104. work.parent_id = $work_id AND
  105. work.filetype = 'file' AND
  106. props.visibility = '1' AND
  107. work.post_group_id = $groupId
  108. $userCondition
  109. ";
  110. }
  111. $query = Database::query($sql);
  112. //add tem to the zip file
  113. while ($not_deleted_file = Database::fetch_assoc($query)) {
  114. $user_info = api_get_user_info($not_deleted_file['insert_user_id']);
  115. $insert_date = api_get_local_time($not_deleted_file['insert_date']);
  116. $insert_date = str_replace(array(':', '-', ' '), '_', $insert_date);
  117. $title = basename($not_deleted_file['title']);
  118. if (!empty($filenameCondition)) {
  119. if (isset($not_deleted_file['filename']) && !empty($not_deleted_file['filename'])) {
  120. $title = $not_deleted_file['filename'];
  121. }
  122. }
  123. $filename = $insert_date.'_'.$user_info['username'].'_'.$title;
  124. // File exists
  125. if (file_exists($sys_course_path.$_course['path'].'/'.$not_deleted_file['url']) &&
  126. !empty($not_deleted_file['url'])
  127. ) {
  128. $files[basename($not_deleted_file['url'])] = $filename;
  129. $addStatus = $zip_folder->add(
  130. $sys_course_path.$_course['path'].'/'.$not_deleted_file['url'],
  131. PCLZIP_OPT_REMOVE_PATH,
  132. $sys_course_path.$_course['path'].'/work',
  133. PCLZIP_CB_PRE_ADD,
  134. 'my_pre_add_callback'
  135. );
  136. } else {
  137. // Convert texts in html files
  138. //if ($not_deleted_file['contains_file'] == 0) {
  139. $filename = trim($filename).".html";
  140. $work_temp = api_get_path(SYS_ARCHIVE_PATH).api_get_unique_id().'_'.$filename;
  141. file_put_contents($work_temp, $not_deleted_file['description']);
  142. $files[basename($work_temp)] = $filename;
  143. $addStatus = $zip_folder->add(
  144. $work_temp,
  145. PCLZIP_OPT_REMOVE_PATH,
  146. api_get_path(SYS_ARCHIVE_PATH),
  147. PCLZIP_CB_PRE_ADD,
  148. 'my_pre_add_callback'
  149. );
  150. @unlink($work_temp);
  151. }
  152. }
  153. if (!empty($files)) {
  154. $fileName = replace_dangerous_char($work_data['title']);
  155. // Logging
  156. event_download($fileName .'.zip (folder)');
  157. //start download of created file
  158. $name = $fileName .'.zip';
  159. if (Security::check_abs_path($temp_zip_file, api_get_path(SYS_ARCHIVE_PATH))) {
  160. DocumentManager::file_send_for_download($temp_zip_file, true, $name);
  161. @unlink($temp_zip_file);
  162. exit;
  163. }
  164. } else {
  165. exit;
  166. }
  167. /* Extra function (only used here) */
  168. function my_pre_add_callback($p_event, &$p_header)
  169. {
  170. global $files;
  171. if (isset($files[basename($p_header['stored_filename'])])) {
  172. $p_header['stored_filename'] = $files[basename($p_header['stored_filename'])];
  173. return 1;
  174. }
  175. return 0;
  176. }
  177. /**
  178. * Return the difference between two arrays, as an array of those key/values
  179. * Use this as array_diff doesn't give the
  180. *
  181. * @param array $arr1 first array
  182. * @param array $arr2 second array
  183. *
  184. * @return array difference between the two arrays
  185. */
  186. function diff($arr1, $arr2)
  187. {
  188. $res = array();
  189. $r = 0;
  190. foreach ($arr1 as $av) {
  191. if (!in_array($av, $arr2)) {
  192. $res[$r] = $av;
  193. $r++;
  194. }
  195. }
  196. return $res;
  197. }