document.ajax.php 2.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Responses to AJAX calls for the document upload
  5. */
  6. require_once '../global.inc.php';
  7. require_once api_get_path(LIBRARY_PATH).'document.lib.php';
  8. require_once api_get_path(SYS_CODE_PATH).'document/document.inc.php';
  9. $action = $_REQUEST['a'];
  10. switch ($action) {
  11. case 'upload_file':
  12. api_protect_course_script(true);
  13. //User access same as upload.php
  14. $is_allowed_to_edit = api_is_allowed_to_edit(null, true);
  15. // This needs cleaning!
  16. if (api_get_group_id()) {
  17. // Only course admin or group members allowed
  18. if ($is_allowed_to_edit || GroupManager::is_user_in_group(api_get_user_id(), api_get_group_id())) {
  19. } else {
  20. exit;
  21. }
  22. } elseif ($is_allowed_to_edit || is_my_shared_folder(api_get_user_id(), $_POST['curdirpath'], api_get_session_id())) {
  23. } else {
  24. // No course admin and no group member...
  25. exit;
  26. }
  27. $fileExistsOption = api_get_configuration_value('document_if_file_exists_option');
  28. $defaultFileExistsOption = 'rename';
  29. if (!empty($fileExistsOption)) {
  30. $defaultFileExistsOption = $fileExistsOption;
  31. }
  32. //$ifExists = isset($_POST['if_exists']) ? $_POST['if_exists'] : $defaultFileExistsOption;
  33. if (!empty($_FILES)) {
  34. require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
  35. $file = $_FILES['file'];
  36. $result = DocumentManager::upload_document(
  37. $_FILES,
  38. $_POST['curdirpath'],
  39. $file['name'],
  40. '', // comment
  41. 0,
  42. $defaultFileExistsOption,
  43. false,
  44. false
  45. );
  46. $json = array();
  47. $json['name'] = Display::url(
  48. api_htmlentities($result['title']),
  49. api_htmlentities($result['url']),
  50. array('target'=>'_blank')
  51. );
  52. $json['type'] = api_htmlentities($file['type']);
  53. $json['size'] = format_file_size($file['size']);
  54. if (!empty($result) && is_array($result)) {
  55. $json['result'] = Display::return_icon('accept.png', get_lang('Uploaded'));
  56. } else {
  57. $json['result'] = Display::return_icon('exclamation.png', get_lang('Error'));
  58. }
  59. echo json_encode($json);
  60. }
  61. break;
  62. case 'document_preview':
  63. $course_info = api_get_course_info_by_id($_REQUEST['course_id']);
  64. if (!empty($course_info) && is_array($course_info)) {
  65. echo DocumentManager::get_document_preview(
  66. $course_info,
  67. false,
  68. '_blank',
  69. $_REQUEST['session_id']
  70. );
  71. }
  72. break;
  73. }
  74. exit;