access_url_edit.php 5.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * @package chamilo.admin
  5. *
  6. * @author Julio Montoya <gugli100@gmail.com>
  7. */
  8. $cidReset = true;
  9. require_once __DIR__.'/../inc/global.inc.php';
  10. $this_section = SECTION_PLATFORM_ADMIN;
  11. api_protect_global_admin_script();
  12. if (!api_get_multiple_access_url()) {
  13. header('Location: index.php');
  14. exit;
  15. }
  16. // Create the form
  17. $form = new FormValidator('add_url');
  18. if ($form->validate()) {
  19. $check = Security::check_token('post');
  20. if ($check) {
  21. $url_array = $form->getSubmitValues();
  22. $url = Security::remove_XSS($url_array['url']);
  23. $description = Security::remove_XSS($url_array['description']);
  24. $active = isset($url_array['active']) ? (int) $url_array['active'] : 0;
  25. $url_id = isset($url_array['id']) ? (int) $url_array['id'] : 0;
  26. $url_to_go = 'access_urls.php';
  27. if (!empty($url_id)) {
  28. //we can't change the status of the url with id=1
  29. if ($url_id == 1) {
  30. $active = 1;
  31. }
  32. // Checking url
  33. if (substr($url, strlen($url) - 1, strlen($url)) == '/') {
  34. UrlManager::update($url_id, $url, $description, $active);
  35. } else {
  36. UrlManager::update($url_id, $url.'/', $description, $active);
  37. }
  38. // URL Images
  39. $url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';
  40. $image_fields = ['url_image_1', 'url_image_2', 'url_image_3'];
  41. foreach ($image_fields as $image_field) {
  42. if ($_FILES[$image_field]['error'] == 0) {
  43. // Hardcoded: only PNG files allowed
  44. $fileFields = explode('.', $_FILES[$image_field]['name']);
  45. if (end($fileFields) === 'png') {
  46. if (file_exists($url_images_dir.$url_id.'_'.$image_field.'.png')) {
  47. // if the file exists, we have to remove it before move_uploaded_file
  48. unlink($url_images_dir.$url_id.'_'.$image_field.'.png');
  49. }
  50. move_uploaded_file(
  51. $_FILES[$image_field]['tmp_name'],
  52. $url_images_dir.$url_id.'_'.$image_field.'.png'
  53. );
  54. }
  55. }
  56. }
  57. $url_to_go = 'access_urls.php';
  58. $message = get_lang('The URL has been edited');
  59. } else {
  60. $num = UrlManager::url_exist($url);
  61. if ($num == 0) {
  62. // checking url
  63. if (substr($url, strlen($url) - 1, strlen($url)) == '/') {
  64. UrlManager::add($url, $description, $active);
  65. } else {
  66. //create
  67. UrlManager::add($url.'/', $description, $active);
  68. }
  69. $message = get_lang('The URL has been added');
  70. $url_to_go = 'access_urls.php';
  71. } else {
  72. $url_to_go = 'access_url_edit.php';
  73. $message = get_lang('This URL already exists, please select another URL');
  74. }
  75. // URL Images
  76. $url .= (substr($url, strlen($url) - 1, strlen($url)) == '/') ? '' : '/';
  77. $url_id = UrlManager::get_url_id($url);
  78. $url_images_dir = api_get_path(SYS_PATH).'custompages/url-images/';
  79. $image_fields = ["url_image_1", "url_image_2", "url_image_3"];
  80. foreach ($image_fields as $image_field) {
  81. if ($_FILES[$image_field]['error'] == 0) {
  82. // Hardcoded: only PNG files allowed
  83. $fileFields = explode('.', $_FILES[$image_field]['name']);
  84. if (end($fileFields) == 'png') {
  85. move_uploaded_file(
  86. $_FILES[$image_field]['tmp_name'],
  87. $url_images_dir.$url_id.'_'.$image_field.'.png'
  88. );
  89. }
  90. }
  91. }
  92. }
  93. Security::clear_token();
  94. $tok = Security::get_token();
  95. Display::addFlash(Display::return_message($message));
  96. header('Location: '.$url_to_go.'?sec_token='.$tok);
  97. exit();
  98. }
  99. } else {
  100. if (isset($_POST['submit'])) {
  101. Security::clear_token();
  102. }
  103. $token = Security::get_token();
  104. $form->addElement('hidden', 'sec_token');
  105. $form->setConstants(['sec_token' => $token]);
  106. }
  107. $form->addElement('text', 'url', 'URL');
  108. $form->addRule('url', get_lang('Required field'), 'required');
  109. $form->addRule('url', '', 'maxlength', 254);
  110. $form->addElement('textarea', 'description', get_lang('Description'));
  111. //the first url with id = 1 will be always active
  112. if (isset($_GET['url_id']) && $_GET['url_id'] != 1) {
  113. $form->addElement('checkbox', 'active', null, get_lang('active'));
  114. }
  115. $defaults['url'] = 'http://';
  116. $form->setDefaults($defaults);
  117. $submit_name = get_lang('Add URL');
  118. if (isset($_GET['url_id'])) {
  119. $url_id = (int) $_GET['url_id'];
  120. $num_url_id = UrlManager::url_id_exist($url_id);
  121. if ($num_url_id != 1) {
  122. header('Location: access_urls.php');
  123. exit();
  124. }
  125. $url_data = UrlManager::get_url_data_from_id($url_id);
  126. $form->addElement('hidden', 'id', $url_data['id']);
  127. $form->setDefaults($url_data);
  128. $submit_name = get_lang('Add URL');
  129. }
  130. if (!api_is_multiple_url_enabled()) {
  131. header('Location: index.php');
  132. exit;
  133. }
  134. $tool_name = get_lang('Add URL');
  135. $interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('Administration')];
  136. $interbreadcrumb[] = ['url' => 'access_urls.php', 'name' => get_lang('Multiple access URL / Branding')];
  137. Display :: display_header($tool_name);
  138. // URL Images
  139. $form->addElement('file', 'url_image_1', 'URL Image 1 (PNG)');
  140. $form->addElement('file', 'url_image_2', 'URL Image 2 (PNG)');
  141. $form->addElement('file', 'url_image_3', 'URL Image 3 (PNG)');
  142. // Submit button
  143. $form->addButtonCreate($submit_name);
  144. $form->display();
  145. Display::display_footer();