document.php 73 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. use Chamilo\CoreBundle\Entity\Resource\ResourceLink;
  4. use Chamilo\CoreBundle\Framework\Container;
  5. use Chamilo\CourseBundle\Entity\CDocument;
  6. use ChamiloSession as Session;
  7. /**
  8. * Homepage script for the documents tool.
  9. *
  10. * This script allows the user to manage files and directories on a remote http
  11. * server.
  12. * The user can : - navigate through files and directories.
  13. * - upload a file
  14. * - delete, copy a file or a directory
  15. * - edit properties & content (name, comments, html content)
  16. * The script is organised in four sections.
  17. *
  18. * 1) Execute the command called by the user
  19. * Note: somme commands of this section are organised in two steps.
  20. * The script always begins with the second step,
  21. * so it allows to return more easily to the first step.
  22. *
  23. * Note (March 2004) some editing functions (renaming, commenting)
  24. * are moved to a separate page, edit_document.php. This is also
  25. * where xml and other stuff should be added.
  26. * 2) Define the directory to display
  27. * 3) Read files and directories from the directory defined in part 2
  28. * 4) Display all of that on an HTML page
  29. */
  30. require_once __DIR__.'/../inc/global.inc.php';
  31. $allowDownloadDocumentsByApiKey = api_get_setting('allow_download_documents_by_api_key') === 'true';
  32. $current_course_tool = TOOL_DOCUMENT;
  33. $this_section = SECTION_COURSES;
  34. $to_user_id = null;
  35. $parent_id = null;
  36. $lib_path = api_get_path(LIBRARY_PATH);
  37. $actionsRight = '';
  38. $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
  39. $em = Database::getManager();
  40. $repo = Container::getDocumentRepository();
  41. $allowUseTool = false;
  42. if ($allowDownloadDocumentsByApiKey) {
  43. try {
  44. if ($action !== 'download') {
  45. throw new Exception(get_lang('Select an action'));
  46. }
  47. $username = isset($_GET['username']) ? Security::remove_XSS($_GET['username']) : null;
  48. $apiKey = isset($_GET['api_key']) ? Security::remove_XSS($_GET['api_key']) : null;
  49. $restApi = Rest::validate($username, $apiKey);
  50. $allowUseTool = $restApi ? true : false;
  51. } catch (Exception $e) {
  52. $allowUseTool = false;
  53. }
  54. }
  55. if (!$allowUseTool) {
  56. api_protect_course_script(true);
  57. api_protect_course_group(GroupManager::GROUP_TOOL_DOCUMENTS);
  58. }
  59. DocumentManager::removeGeneratedAudioTempFile();
  60. $tempRealPath = Session::read('temp_realpath_image');
  61. if (!empty($tempRealPath) &&
  62. file_exists($tempRealPath)
  63. ) {
  64. unlink($tempRealPath);
  65. }
  66. $_user = api_get_user_info();
  67. $courseInfo = api_get_course_info();
  68. $courseId = $courseInfo['real_id'];
  69. $course_dir = $courseInfo['directory'].'/document';
  70. $usePpt2lp = api_get_setting('service_ppt2lp', 'active') == 'true';
  71. $sys_course_path = api_get_path(SYS_COURSE_PATH);
  72. $base_work_dir = $sys_course_path.$course_dir;
  73. $document_path = $base_work_dir;
  74. $currentUrl = api_get_self().'?'.api_get_cidreq();
  75. // I'm in the certification module?
  76. $is_certificate_mode = false;
  77. if (isset($_GET['curdirpath'])) {
  78. $is_certificate_mode = DocumentManager::is_certificate_mode($_GET['curdirpath']);
  79. }
  80. if (isset($_REQUEST['certificate']) && $_REQUEST['certificate'] == 'true') {
  81. $is_certificate_mode = true;
  82. }
  83. // Removing sessions
  84. Session::erase('draw_dir');
  85. Session::erase('paint_dir');
  86. Session::erase('temp_audio_nanogong');
  87. $plugin = new AppPlugin();
  88. $pluginList = $plugin->getInstalledPlugins();
  89. $capturePluginInstalled = in_array('jcapture', $pluginList);
  90. if ($capturePluginInstalled) {
  91. $jcapturePath = api_get_path(WEB_PLUGIN_PATH).'jcapture/plugin_applet.php';
  92. $htmlHeadXtra[]
  93. = '<script>
  94. $(function() {
  95. $("#jcapture").click(function(){
  96. $("#appletplace").load("'.$jcapturePath.'");
  97. });
  98. });
  99. </script>
  100. ';
  101. }
  102. $htmlHeadXtra[]
  103. = '<script>
  104. $(function () {
  105. $(".select").click(function (e) {
  106. e.preventDefault();
  107. window.opener.CKEDITOR.tools.callFunction(1, $(this).attr("href"));
  108. window.close();
  109. });
  110. });
  111. </script>
  112. ';
  113. if (empty($courseInfo)) {
  114. api_not_allowed(true);
  115. }
  116. // Create directory certificates.
  117. DocumentManager::create_directory_certificate_in_course($courseInfo);
  118. // Used for avoiding double-click.
  119. $dbl_click_id = 0;
  120. $selectcat = isset($_GET['selectcat']) ? Security::remove_XSS($_GET['selectcat']) : null;
  121. $moveTo = isset($_POST['move_to']) ? Security::remove_XSS($_POST['move_to']) : null;
  122. $moveFile = isset($_POST['move_file']) ? (int) $_POST['move_file'] : 0;
  123. $certificateLink = '';
  124. if ($is_certificate_mode) {
  125. $certificateLink = '&certificate=true&selectcat='.$selectcat;
  126. }
  127. /* Constants and variables */
  128. $userId = api_get_user_id();
  129. $userInfo = api_get_user_info();
  130. $sessionId = api_get_session_id();
  131. $course_code = api_get_course_id();
  132. $groupId = api_get_group_id();
  133. $isAllowedToEdit = api_is_allowed_to_edit(null, true) || api_is_platform_admin();
  134. $groupMemberWithUploadRights = false;
  135. // If the group id is set, we show them group documents
  136. $group_properties = [];
  137. $group_properties['directory'] = null;
  138. // For sessions we should check the parameters of visibility
  139. if (api_get_session_id() != 0) {
  140. $groupMemberWithUploadRights = $groupMemberWithUploadRights && api_is_allowed_to_session_edit(false, true);
  141. }
  142. // Get group info
  143. $groupIid = 0;
  144. $groupMemberWithEditRights = false;
  145. // Setting group variables.
  146. if (!empty($groupId)) {
  147. $group_properties = GroupManager::get_group_properties($groupId);
  148. $groupIid = isset($group_properties['iid']) ? $group_properties['iid'] : 0;
  149. $groupMemberWithEditRights = GroupManager::allowUploadEditDocument(
  150. $userId,
  151. $courseId,
  152. $group_properties,
  153. null
  154. );
  155. // Let's assume the user cannot upload files for the group
  156. $groupMemberWithUploadRights = false;
  157. if ($group_properties['doc_state'] == 2) {
  158. // Documents are private
  159. if ($isAllowedToEdit || GroupManager::is_user_in_group($userId, $group_properties)) {
  160. // Only courseadmin or group members (members + tutors) allowed
  161. $interbreadcrumb[] = [
  162. 'url' => api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq(),
  163. 'name' => get_lang('Groups'),
  164. ];
  165. $interbreadcrumb[] = [
  166. 'url' => api_get_path(WEB_CODE_PATH).'group/group_space.php?'.api_get_cidreq(),
  167. 'name' => get_lang('Group area').' '.$group_properties['name'],
  168. ];
  169. //they are allowed to upload
  170. $groupMemberWithUploadRights = true;
  171. } else {
  172. $groupId = 0;
  173. }
  174. } elseif ($group_properties['doc_state'] == 1) {
  175. // Documents are public
  176. $interbreadcrumb[] = [
  177. 'url' => api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq(),
  178. 'name' => get_lang('Groups'),
  179. ];
  180. $interbreadcrumb[] = [
  181. 'url' => api_get_path(WEB_CODE_PATH).'group/group_space.php?'.api_get_cidreq(),
  182. 'name' => get_lang('Group area').' '.$group_properties['name'],
  183. ];
  184. // Allowed to upload?
  185. if ($isAllowedToEdit ||
  186. GroupManager::is_subscribed($userId, $group_properties) ||
  187. GroupManager::is_tutor_of_group($userId, $group_properties, $courseId)
  188. ) {
  189. // Only course admin or group members can upload
  190. $groupMemberWithUploadRights = true;
  191. }
  192. }
  193. // Group mode
  194. if (!GroupManager::allowUploadEditDocument($userId, $courseId, $group_properties)) {
  195. $groupMemberWithUploadRights = false;
  196. }
  197. Session::write('group_member_with_upload_rights', $groupMemberWithUploadRights);
  198. } else {
  199. Session::write('group_member_with_upload_rights', false);
  200. }
  201. // Detail.
  202. $document_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : null;
  203. $currentUrl = api_get_self().'?'.api_get_cidreq().'&id='.$document_id;
  204. $curdirpath = isset($_GET['curdirpath']) ? Security::remove_XSS($_GET['curdirpath']) : null;
  205. switch ($action) {
  206. case 'delete_item':
  207. if ($isAllowedToEdit ||
  208. $groupMemberWithUploadRights ||
  209. DocumentManager::isBasicCourseFolder($curdirpath, $sessionId) ||
  210. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) ||
  211. DocumentManager::is_my_shared_folder(api_get_user_id(), $moveTo, $sessionId)
  212. ) {
  213. if (isset($_GET['deleteid'])) {
  214. if (!$isAllowedToEdit) {
  215. if (api_is_coach()) {
  216. if (!DocumentManager::is_visible_by_id(
  217. $_GET['deleteid'],
  218. $courseInfo,
  219. $sessionId,
  220. api_get_user_id()
  221. )
  222. ) {
  223. api_not_allowed();
  224. }
  225. }
  226. if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $_GET['deleteid'], true)) {
  227. api_not_allowed();
  228. }
  229. }
  230. $documentInfo = DocumentManager::get_document_data_by_id(
  231. $_GET['deleteid'],
  232. $courseInfo['code'],
  233. false,
  234. $sessionId
  235. );
  236. GroupManager::allowUploadEditDocument(
  237. $userId,
  238. $courseId,
  239. $group_properties,
  240. $documentInfo,
  241. true
  242. );
  243. // Check whether the document is in the database.
  244. if (!empty($documentInfo)) {
  245. if ($documentInfo['filetype'] != 'link') {
  246. $deleteDocument = DocumentManager::delete_document(
  247. $courseInfo,
  248. null,
  249. $base_work_dir,
  250. $sessionId,
  251. $_GET['deleteid'],
  252. $groupIid
  253. );
  254. if ($deleteDocument) {
  255. $certificateId = isset($_GET['delete_certificate_id']) ? $_GET['delete_certificate_id'] : null;
  256. DocumentManager::remove_attach_certificate(
  257. api_get_course_int_id(),
  258. $certificateId
  259. );
  260. Display::addFlash(
  261. Display::return_message(
  262. get_lang('Document deleted').': '.$documentInfo['title'],
  263. 'success'
  264. )
  265. );
  266. } else {
  267. Display::addFlash(Display::return_message(get_lang('Error during the delete of document'), 'warning'));
  268. }
  269. } else {
  270. // Cloud Links
  271. $deleteDocument = DocumentManager::deleteCloudLink($courseInfo, $_GET['deleteid']);
  272. if ($deleteDocument) {
  273. Display::addFlash(Display::return_message(
  274. get_lang('Cloud link deleted').': '.$documentInfo['title'],
  275. 'success'
  276. ));
  277. } else {
  278. Display::addFlash(Display::return_message(
  279. get_lang('Error deleting the cloud link.').': '.$documentInfo['title'],
  280. 'error'
  281. ));
  282. }
  283. }
  284. } else {
  285. Display::addFlash(Display::return_message(get_lang('The file was not found'), 'warning'));
  286. }
  287. header("Location: $currentUrl");
  288. exit;
  289. }
  290. }
  291. break;
  292. case 'download':
  293. // Get the document data from the ID
  294. $document_data = DocumentManager::get_document_data_by_id(
  295. $document_id,
  296. api_get_course_id(),
  297. false,
  298. $sessionId
  299. );
  300. if ($sessionId != 0 && !$document_data) {
  301. // If there is a session defined and asking for the document *from
  302. // the session* didn't work, try it from the course (out of a
  303. // session context)
  304. $document_data = DocumentManager::get_document_data_by_id(
  305. $document_id,
  306. api_get_course_id(),
  307. false,
  308. 0
  309. );
  310. }
  311. // Check whether the document is in the database
  312. if (empty($document_data)) {
  313. api_not_allowed();
  314. }
  315. // Launch event
  316. Event::event_download($document_data['url']);
  317. $publicPath = api_get_path(WEB_PUBLIC_PATH);
  318. $courseCode = api_get_course_id();
  319. $path = $document_data['path'];
  320. $url = $publicPath."courses/$courseCode/document$path";
  321. header("Location: $url");
  322. exit;
  323. // Check visibility of document and paths
  324. if (!($isAllowedToEdit || $groupMemberWithUploadRights) &&
  325. !DocumentManager::is_visible_by_id($document_id, $courseInfo, $sessionId, api_get_user_id())
  326. ) {
  327. api_not_allowed(true);
  328. }
  329. $full_file_name = $base_work_dir.$document_data['path'];
  330. if (Security::check_abs_path($full_file_name, $base_work_dir.'/')) {
  331. $result = DocumentManager::file_send_for_download($full_file_name, true);
  332. if ($result === false) {
  333. api_not_allowed(true);
  334. }
  335. }
  336. exit;
  337. break;
  338. case 'downloadfolder':
  339. if (api_get_setting('students_download_folders') == 'true' || $isAllowedToEdit) {
  340. // Get the document data from the ID
  341. $document_data = DocumentManager::get_document_data_by_id(
  342. $document_id,
  343. api_get_course_id(),
  344. false,
  345. $sessionId
  346. );
  347. if ($sessionId != 0 && !$document_data) {
  348. // If there is a session defined and asking for the
  349. // document * from the session* didn't work, try it from the
  350. // course (out of a session context)
  351. $document_data = DocumentManager::get_document_data_by_id(
  352. $document_id,
  353. api_get_course_id(),
  354. false,
  355. 0
  356. );
  357. }
  358. //filter when I am into shared folder, I can download only my shared folder
  359. if (DocumentManager::is_any_user_shared_folder($document_data['path'], $sessionId)) {
  360. if (DocumentManager::is_my_shared_folder(api_get_user_id(), $document_data['path'], $sessionId) ||
  361. $isAllowedToEdit
  362. ) {
  363. require 'downloadfolder.inc.php';
  364. }
  365. } else {
  366. require 'downloadfolder.inc.php';
  367. }
  368. exit;
  369. }
  370. break;
  371. case 'export_to_pdf':
  372. if (api_get_setting('students_export2pdf') == 'true' ||
  373. $isAllowedToEdit || api_is_platform_admin()
  374. ) {
  375. $orientation = api_get_configuration_value('document_pdf_orientation');
  376. $orientation = in_array($orientation, ['landscape', 'portrait']) ? $orientation : 'landscape';
  377. $showHeaderAndFooter = true;
  378. if ($is_certificate_mode) {
  379. $certificateOrientation = api_get_configuration_value('certificate_pdf_orientation');
  380. $orientation = in_array($certificateOrientation, ['landscape', 'portrait'])
  381. ? $certificateOrientation
  382. : 'landscape';
  383. $showHeaderAndFooter = !api_get_configuration_value('certificate.hide_header_footer') === 'true';
  384. }
  385. DocumentManager::export_to_pdf($document_id, $course_code, $orientation, $showHeaderAndFooter);
  386. }
  387. break;
  388. case 'copytomyfiles':
  389. // Copy a file to general my files user's
  390. if (api_get_setting('allow_my_files') == 'true' &&
  391. api_get_setting('users_copy_files') == 'true' &&
  392. api_get_user_id() != 0 &&
  393. !api_is_anonymous()
  394. ) {
  395. // Get the document data from the ID
  396. $document_info = DocumentManager::get_document_data_by_id(
  397. $document_id,
  398. api_get_course_id(),
  399. true,
  400. $sessionId
  401. );
  402. if ($sessionId != 0 && !$document_info) {
  403. /* If there is a session defined and asking for the document
  404. from the session didn't work, try it from the course
  405. (out of a session context)*/
  406. $document_info = DocumentManager::get_document_data_by_id(
  407. $document_id,
  408. api_get_course_id(),
  409. 0
  410. );
  411. }
  412. GroupManager::allowUploadEditDocument(
  413. $userId,
  414. $courseId,
  415. $group_properties,
  416. $document_info,
  417. true
  418. );
  419. $parent_id = $document_info['parent_id'];
  420. $my_path = UserManager::getUserPathById(api_get_user_id(), 'system');
  421. $user_folder = $my_path.'my_files/';
  422. $my_path = null;
  423. if (!file_exists($user_folder)) {
  424. $perm = api_get_permissions_for_new_directories();
  425. @mkdir($user_folder, $perm, true);
  426. }
  427. $file = $sys_course_path.$courseInfo['directory'].'/document'.$document_info['path'];
  428. $copyfile = $user_folder.basename($document_info['path']);
  429. $cidReq = Security::remove_XSS($_GET['cidReq']);
  430. $id_session = Security::remove_XSS($_GET['id_session']);
  431. $gidReq = Security::remove_XSS($_GET['gidReq']);
  432. $id = Security::remove_XSS($_GET['id']);
  433. if (empty($parent_id)) {
  434. $parent_id = 0;
  435. }
  436. $file_link = Display::url(
  437. get_lang('See file'),
  438. api_get_path(WEB_CODE_PATH).'social/myfiles.php?'
  439. .api_get_cidreq_params($cidReq, $id_session, $gidReq).
  440. '&parent_id='.$parent_id
  441. );
  442. if (api_get_setting('allow_my_files') === 'false') {
  443. $file_link = '';
  444. }
  445. if (file_exists($copyfile)) {
  446. $message = get_lang('There are a file with the same name in your private user file area. Do you want replace it?').'</p><p>';
  447. $message .= '<a class = "btn btn-default" '
  448. .'href="'.api_get_self().'?'.api_get_cidreq().'&amp;id='
  449. .$parent_id.'">'
  450. .get_lang("No")
  451. .'</a>'
  452. .'&nbsp;&nbsp;|&nbsp;&nbsp;'
  453. .'<a class = "btn btn-default" href="'.api_get_self().'?'
  454. .api_get_cidreq().'&amp;action=copytomyfiles&amp;id='
  455. .$document_info['id']
  456. .'&amp;copy=yes">'
  457. .get_lang('Yes')
  458. .'</a></p>';
  459. if (!isset($_GET['copy'])) {
  460. Display::addFlash(Display::return_message($message, 'warning', false));
  461. }
  462. if (isset($_GET['copy']) && $_GET['copy'] === 'yes') {
  463. if (!copy($file, $copyfile)) {
  464. Display::addFlash(Display::return_message(get_lang('Copy failed'), 'error'));
  465. } else {
  466. Display::addFlash(Display::return_message(
  467. get_lang('File replaced').' '.$file_link,
  468. 'confirmation',
  469. false
  470. ));
  471. }
  472. }
  473. } else {
  474. if (!copy($file, $copyfile)) {
  475. Display::addFlash(Display::return_message(get_lang('Copy failed'), 'error'));
  476. } else {
  477. Display::addFlash(
  478. Display::return_message(get_lang('The copy has been made').' '.$file_link, 'confirmation', false)
  479. );
  480. }
  481. }
  482. }
  483. break;
  484. case 'convertToPdf':
  485. // PDF format as target by default
  486. $formatTarget = $_REQUEST['formatTarget']
  487. ? strtolower(Security::remove_XSS($_REQUEST['formatTarget']))
  488. : 'pdf';
  489. $formatType = $_REQUEST['formatType']
  490. ? strtolower(Security::remove_XSS($_REQUEST['formatType']))
  491. : 'text';
  492. // Get the document data from the ID
  493. $document_info = DocumentManager::get_document_data_by_id(
  494. $document_id,
  495. api_get_course_id(),
  496. true,
  497. $session_id
  498. );
  499. $file = $sys_course_path.$courseInfo['directory'].'/document'.$document_info['path'];
  500. $fileInfo = pathinfo($file);
  501. if ($fileInfo['extension'] == $formatTarget) {
  502. Display::addFlash(Display::return_message(
  503. get_lang('Conversion to same file format. Please choose another.'),
  504. 'warning'
  505. ));
  506. } elseif (
  507. !(in_array($fileInfo['extension'], DocumentManager::getJodconverterExtensionList('from', $formatType))) ||
  508. !(in_array($formatTarget, DocumentManager::getJodconverterExtensionList('to', $formatType)))
  509. ) {
  510. Display::addFlash(Display::return_message(
  511. get_lang('File format not supported'),
  512. 'warning'
  513. ));
  514. } else {
  515. $convertedFile = $fileInfo['dirname'].DIRECTORY_SEPARATOR
  516. .$fileInfo['filename'].'_from_'.$fileInfo['extension']
  517. .'.'.$formatTarget;
  518. $convertedTitle = $document_info['title'];
  519. $obj = new OpenofficePresentation(true);
  520. if (file_exists($convertedFile)) {
  521. Display::addFlash(Display::return_message(
  522. get_lang('The operation is impossible, a file with this name already exists.'),
  523. 'error'
  524. ));
  525. } else {
  526. $result = $obj->convertCopyDocument(
  527. $file,
  528. $convertedFile,
  529. $convertedTitle
  530. );
  531. if (empty($result)) {
  532. Display::addFlash(Display::return_message(
  533. get_lang('Copy failed'),
  534. 'error'
  535. ));
  536. } else {
  537. $cidReq = Security::remove_XSS($_GET['cidReq']);
  538. $id_session = api_get_session_id();
  539. $gidReq = Security::remove_XSS($_GET['gidReq']);
  540. $file_link = Display::url(
  541. get_lang('See file'),
  542. api_get_path(WEB_CODE_PATH)
  543. .'document/showinframes.php?'
  544. .api_get_cidreq_params($cidReq, $id_session, $gidReq)
  545. .'&id='.current($result)
  546. );
  547. Display::addFlash(Display::return_message(
  548. get_lang('The copy has been made').' '.$file_link,
  549. 'confirmation',
  550. false
  551. ));
  552. }
  553. }
  554. }
  555. break;
  556. }
  557. // If no actions we proceed to show the document (Hack in order to use document.php?id=X)
  558. if (isset($document_id) && empty($action)) {
  559. // Get the document data from the ID
  560. $document_data = DocumentManager::get_document_data_by_id(
  561. $document_id,
  562. api_get_course_id(),
  563. true,
  564. $sessionId
  565. );
  566. if ($sessionId != 0 && !$document_data) {
  567. // If there is a session defined and asking for the
  568. // document * from the session* didn't work, try it from the course
  569. // (out of a session context)
  570. $document_data = DocumentManager::get_document_data_by_id(
  571. $document_id,
  572. api_get_course_id(),
  573. true,
  574. 0
  575. );
  576. }
  577. // If the document is not a folder we show the document.
  578. if ($document_data) {
  579. $parent_id = $document_data['parent_id'];
  580. // Hack in order to clean the document id in case of false positive from links
  581. if ($document_data['filetype'] == 'link') {
  582. $document_id = null;
  583. }
  584. $visibility = DocumentManager::check_visibility_tree(
  585. $document_id,
  586. api_get_course_info(),
  587. $sessionId,
  588. api_get_user_id(),
  589. $groupIid
  590. );
  591. if (!empty($document_data['filetype']) &&
  592. ($document_data['filetype'] == 'file' || $document_data['filetype'] == 'link')
  593. ) {
  594. if ($visibility && api_is_allowed_to_session_edit()) {
  595. $url = api_get_path(WEB_COURSE_PATH).$courseInfo['path'].'/document'.$document_data['path'].'?'.api_get_cidreq();
  596. header("Location: $url");
  597. exit;
  598. }
  599. } else {
  600. if (!$visibility && !$isAllowedToEdit) {
  601. api_not_allowed(true);
  602. }
  603. }
  604. $_GET['curdirpath'] = $document_data['path'];
  605. }
  606. // What's the current path?
  607. // We will verify this a bit further down
  608. if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
  609. $curdirpath = Security::remove_XSS($_GET['curdirpath']);
  610. } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') {
  611. $curdirpath = Security::remove_XSS($_POST['curdirpath']);
  612. } else {
  613. $curdirpath = '/';
  614. }
  615. $curdirpathurl = urlencode($curdirpath);
  616. } else {
  617. // What's the current path?
  618. // We will verify this a bit further down
  619. if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
  620. $curdirpath = Security::remove_XSS($_GET['curdirpath']);
  621. } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') {
  622. $curdirpath = Security::remove_XSS($_POST['curdirpath']);
  623. } else {
  624. $curdirpath = '/';
  625. }
  626. $curdirpathurl = urlencode($curdirpath);
  627. // Check the path
  628. // If the path is not found (no document id), set the path to /
  629. $document_id = DocumentManager::get_document_id($courseInfo, $curdirpath);
  630. if (!$document_id) {
  631. $document_id = DocumentManager::get_document_id($courseInfo, $curdirpath, 0);
  632. }
  633. $document_data = DocumentManager::get_document_data_by_id(
  634. $document_id,
  635. api_get_course_id(),
  636. true
  637. );
  638. $parent_id = $document_data['parent_id'];
  639. }
  640. if (isset($document_data) && $document_data['path'] == '/certificates') {
  641. $is_certificate_mode = true;
  642. }
  643. if (!$parent_id) {
  644. $testParentId = 0;
  645. // Get parent id from current path
  646. if (!empty($document_data['path'])) {
  647. $testParentId = DocumentManager::get_document_id(
  648. api_get_course_info(),
  649. dirname($document_data['path']),
  650. 0
  651. );
  652. }
  653. $parent_id = 0;
  654. if (!empty($testParentId)) {
  655. $parent_id = $testParentId;
  656. }
  657. }
  658. $current_folder_id = $document_id;
  659. // Show preview
  660. if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' &&
  661. isset($_GET['set_preview']) &&
  662. $_GET['set_preview'] == strval(intval($_GET['set_preview']))
  663. ) {
  664. if (isset($_GET['set_preview'])) {
  665. // Generate document HTML
  666. $content_html = DocumentManager::replace_user_info_into_html(
  667. api_get_user_id(),
  668. api_get_course_info(),
  669. api_get_session_id(),
  670. true
  671. );
  672. $filename = 'certificate_preview/'.api_get_unique_id().'.png';
  673. $qr_code_filename = api_get_path(SYS_ARCHIVE_PATH).$filename;
  674. $temp_folder = api_get_path(SYS_ARCHIVE_PATH).'certificate_preview';
  675. if (!is_dir($temp_folder)) {
  676. mkdir($temp_folder, api_get_permissions_for_new_directories());
  677. }
  678. $qr_code_web_filename = api_get_path(WEB_ARCHIVE_PATH).$filename;
  679. $certificate = new Certificate();
  680. $text = $certificate->parseCertificateVariables($content_html['variables']);
  681. $result = $certificate->generateQRImage($text, $qr_code_filename);
  682. $new_content_html = $content_html['content'];
  683. $path_image = api_get_path(WEB_COURSE_PATH).api_get_course_path().'/document/images/gallery';
  684. $new_content_html = str_replace('../images/gallery', $path_image, $new_content_html);
  685. $path_image_in_default_course = api_get_path(WEB_CODE_PATH).'default_course_document';
  686. $new_content_html = str_replace(
  687. '/main/default_course_document',
  688. $path_image_in_default_course,
  689. $new_content_html
  690. );
  691. $new_content_html = str_replace(
  692. SYS_CODE_PATH.'img/',
  693. api_get_path(WEB_IMG_PATH),
  694. $new_content_html
  695. );
  696. // Remove media=screen to be available when printing a document
  697. $new_content_html = str_replace(
  698. ' media="screen"',
  699. '',
  700. $new_content_html
  701. );
  702. Display::display_reduced_header();
  703. echo '<style>body {background:none;}</style>
  704. <style media="print" type="text/css"> #print_div { visibility:hidden; } </style>';
  705. echo '<a href="javascript:window.print();" style="float:right; padding:4px;" id="print_div">';
  706. echo Display::return_icon('printmgr.gif', get_lang('Print'));
  707. echo '</a>';
  708. if (is_file($qr_code_filename) && is_readable($qr_code_filename)) {
  709. $new_content_html = str_replace(
  710. '((certificate_barcode))',
  711. Display::img($qr_code_web_filename),
  712. $new_content_html
  713. );
  714. }
  715. print_r($new_content_html);
  716. exit;
  717. }
  718. }
  719. $htmlHeadXtra[] = '<script>
  720. function confirmation (name) {
  721. if (confirm(" '.addslashes(get_lang('Are you sure to delete')).' "+ name + " ?")) {
  722. return true;
  723. } else {
  724. return false;
  725. }
  726. }
  727. $(function() {
  728. $(".convertAction").click(function() {
  729. var id = $(this).attr("data-documentId");
  730. var format = $(this).attr("data-formatType");
  731. convertModal(id, format);
  732. });
  733. });
  734. function convertModal (id, format) {
  735. $("#convertModal").modal("show");
  736. $("." + format + "FormatType").show();
  737. $("#convertSelect").change(function() {
  738. var formatTarget = $(this).val();
  739. window.location.href = "'
  740. .api_get_self().'?'.api_get_cidreq()
  741. .'&curdirpath='.$curdirpath
  742. .'&action=convertToPdf&formatTarget='
  743. .'" + formatTarget + "&id=" + id + "&'
  744. .api_get_cidreq().'&formatType=" + format;
  745. });
  746. $("#convertModal").on("hidden", function(){
  747. $("." + format + "FormatType").hide();
  748. });
  749. }
  750. </script>';
  751. // If they are looking at group documents they can't see the root
  752. if ($groupId != 0 && $curdirpath == '/') {
  753. $curdirpath = $group_properties['directory'];
  754. $curdirpathurl = urlencode($group_properties['directory']);
  755. }
  756. // Check visibility of the current dir path. Don't show anything if not allowed
  757. //@todo check this validation for coaches
  758. //if (!$isAllowedToEdit || api_is_coach()) { before
  759. if (!$isAllowedToEdit && api_is_coach()) {
  760. if ($curdirpath != '/' &&
  761. !(DocumentManager::is_visible($curdirpath, $courseInfo, $sessionId, 'folder'))
  762. ) {
  763. api_not_allowed(true);
  764. }
  765. }
  766. /* Create shared folders */
  767. DocumentManager::createUserSharedFolder(api_get_user_id(), $courseInfo, $sessionId);
  768. if ($is_certificate_mode) {
  769. $interbreadcrumb[] = [
  770. 'url' => '../gradebook/index.php?'.api_get_cidreq(),
  771. 'name' => get_lang('Assessments'),
  772. ];
  773. } else {
  774. if ((isset($_GET['id']) && $_GET['id'] != 0) || isset($_GET['curdirpath']) || isset($_GET['createdir'])) {
  775. $interbreadcrumb[] = [
  776. 'url' => 'document.php?'.api_get_cidreq(),
  777. 'name' => get_lang('Documents'),
  778. ];
  779. } else {
  780. $interbreadcrumb[] = [
  781. 'url' => '#',
  782. 'name' => get_lang('Documents'),
  783. ];
  784. }
  785. }
  786. // Interbreadcrumb for the current directory root path
  787. if (empty($document_data['parents'])) {
  788. if (isset($_GET['createdir'])) {
  789. $interbreadcrumb[] = [
  790. 'url' => $document_data['document_url'],
  791. 'name' => $document_data['title'],
  792. ];
  793. } else {
  794. // Hack in order to not add the document to the breadcrumb in case it is a link
  795. if ($document_data['filetype'] != 'link') {
  796. $interbreadcrumb[] = [
  797. 'url' => '#',
  798. 'name' => $document_data['title'],
  799. ];
  800. }
  801. }
  802. } else {
  803. $counter = 0;
  804. foreach ($document_data['parents'] as $document_sub_data) {
  805. //fixing double group folder in breadcrumb
  806. if ($groupId) {
  807. if ($counter == 0) {
  808. $counter++;
  809. continue;
  810. }
  811. }
  812. if (!isset($_GET['createdir']) && $document_sub_data['id'] == $document_data['id']) {
  813. $document_sub_data['document_url'] = '#';
  814. }
  815. $interbreadcrumb[] = [
  816. 'url' => $document_sub_data['document_url'],
  817. 'name' => $document_sub_data['title'],
  818. ];
  819. $counter++;
  820. }
  821. }
  822. if (isset($_GET['createdir'])) {
  823. $interbreadcrumb[] = ['url' => '#', 'name' => get_lang('Create folder')];
  824. }
  825. $documentAndFolders = DocumentManager::getAllDocumentData(
  826. $courseInfo,
  827. $curdirpath,
  828. $groupIid,
  829. null,
  830. $isAllowedToEdit || $groupMemberWithUploadRights,
  831. false
  832. );
  833. $count = 1;
  834. $jquery = null;
  835. if (!empty($documentAndFolders)) {
  836. foreach ($documentAndFolders as $file) {
  837. if ($file['filetype'] == 'file') {
  838. $path_info = pathinfo($file['path']);
  839. $extension = '';
  840. if (!empty($path_info['extension'])) {
  841. $extension = strtolower($path_info['extension']);
  842. }
  843. //@todo use a js loop to auto generate this code
  844. if (in_array($extension, ['ogg', 'mp3', 'wav'])) {
  845. // Get the document data from the ID
  846. $document_data = DocumentManager::get_document_data_by_id(
  847. $file['id'],
  848. api_get_course_id(),
  849. false,
  850. $sessionId
  851. );
  852. if ($sessionId != 0 && !$document_data) {
  853. /* If there is a session defined and asking for the document
  854. * from the session* didn't work, try it from the
  855. course (out of a session context) */
  856. $document_data = DocumentManager::get_document_data_by_id(
  857. $file['id'],
  858. api_get_course_id(),
  859. false,
  860. 0
  861. );
  862. }
  863. if ($extension == 'ogg') {
  864. $extension = 'oga';
  865. }
  866. $params = [
  867. 'url' => $document_data['direct_url'],
  868. 'extension' => $extension,
  869. 'count' => $count,
  870. ];
  871. $jquery .= DocumentManager::generateAudioJavascript($params);
  872. $count++;
  873. }
  874. }
  875. }
  876. }
  877. $htmlHeadXtra[] = '
  878. <script>
  879. $(function() {
  880. //Experimental changes to preview mp3, ogg files'
  881. .$jquery.'
  882. });
  883. </script>
  884. ';
  885. // Lib for event log, stats & tracking & record of the access
  886. Event::event_access_tool(TOOL_DOCUMENT);
  887. /* DISPLAY */
  888. if ($groupId != 0) { // Add group name after for group documents
  889. $add_group_to_title = ' ('.$group_properties['name'].')';
  890. }
  891. $moveForm = '';
  892. /* MOVE FILE OR DIRECTORY */
  893. //Only teacher and all users into their group and each user into his/her shared folder
  894. if ($isAllowedToEdit || $groupMemberWithUploadRights ||
  895. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) ||
  896. DocumentManager::is_my_shared_folder(api_get_user_id(), $moveTo, $sessionId)
  897. ) {
  898. if (isset($_GET['move']) && $_GET['move'] != '') {
  899. $my_get_move = intval($_REQUEST['move']);
  900. if (api_is_coach()) {
  901. if (!DocumentManager::is_visible_by_id($my_get_move, $courseInfo, $sessionId, api_get_user_id())) {
  902. api_not_allowed(true);
  903. }
  904. }
  905. if (!$isAllowedToEdit) {
  906. if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $my_get_move)) {
  907. api_not_allowed(true);
  908. }
  909. }
  910. // Get the document data from the ID
  911. $document_to_move = DocumentManager::get_document_data_by_id(
  912. $my_get_move,
  913. api_get_course_id(),
  914. false,
  915. $sessionId
  916. );
  917. GroupManager::allowUploadEditDocument(
  918. $userId,
  919. $courseId,
  920. $group_properties,
  921. $document_to_move,
  922. true
  923. );
  924. $move_path = $document_to_move['path'];
  925. if (!empty($document_to_move)) {
  926. $folders = DocumentManager::get_all_document_folders(
  927. $courseInfo,
  928. $groupIid,
  929. $isAllowedToEdit || $groupMemberWithUploadRights,
  930. false,
  931. $curdirpath
  932. );
  933. $moveForm .= '<legend>'.get_lang('Move').': '.$document_to_move['title'].'</legend>';
  934. // filter if is my shared folder. TODO: move this code to build_move_to_selector function
  935. if (DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) &&
  936. !$isAllowedToEdit
  937. ) {
  938. //only main user shared folder
  939. $main_user_shared_folder_main = '/shared_folder/sf_user_'.api_get_user_id();
  940. $main_user_shared_folder_sub = '/shared_folder\/sf_user_'.api_get_user_id().'\//'; //all subfolders
  941. $user_shared_folders = [];
  942. foreach ($folders as $fold) {
  943. if ($main_user_shared_folder_main == $fold ||
  944. preg_match($main_user_shared_folder_sub, $fold)
  945. ) {
  946. $user_shared_folders[] = $fold;
  947. }
  948. }
  949. $moveForm .= DocumentManager::build_move_to_selector(
  950. $user_shared_folders,
  951. $move_path,
  952. $my_get_move,
  953. $group_properties['directory']
  954. );
  955. } else {
  956. $moveForm .= DocumentManager::build_move_to_selector(
  957. $folders,
  958. $move_path,
  959. $my_get_move,
  960. $group_properties['directory']
  961. );
  962. }
  963. }
  964. }
  965. if (!empty($moveTo) && isset($moveFile)) {
  966. if (!$isAllowedToEdit) {
  967. if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $moveFile)) {
  968. api_not_allowed(true);
  969. }
  970. }
  971. if (api_is_coach()) {
  972. if (!DocumentManager::is_visible_by_id($moveFile, $courseInfo, $sessionId, api_get_user_id())) {
  973. api_not_allowed(true);
  974. }
  975. }
  976. // Get the document data from the ID
  977. $document_to_move = DocumentManager::get_document_data_by_id(
  978. $moveFile,
  979. api_get_course_id(),
  980. false,
  981. $sessionId
  982. );
  983. GroupManager::allowUploadEditDocument(
  984. $userId,
  985. $courseId,
  986. $group_properties,
  987. $document_to_move,
  988. true
  989. );
  990. // Security fix: make sure they can't move files that are not in the document table
  991. if (!empty($document_to_move)) {
  992. if ($document_to_move['filetype'] === 'link') {
  993. $real_path_target = $base_work_dir.$moveTo.'/';
  994. if (!DocumentManager::cloudLinkExists($_course, $moveTo, $document_to_move['comment'])) {
  995. DocumentManager::updateDbInfo(
  996. 'update',
  997. $document_to_move['path'],
  998. $moveTo.'/'.basename($document_to_move['path'])
  999. );
  1000. Display::addFlash(
  1001. Display::return_message(
  1002. get_lang('Cloud link moved'),
  1003. 'success'
  1004. )
  1005. );
  1006. } else {
  1007. Display::addFlash(
  1008. Display::return_message(
  1009. get_lang('This URL already exists'),
  1010. 'error'
  1011. )
  1012. );
  1013. }
  1014. // Set the current path
  1015. $curdirpath = $moveTo;
  1016. $curdirpathurl = urlencode($moveTo);
  1017. } else {
  1018. if ($moveTo === '/') {
  1019. // Move to course root
  1020. $newParent = api_get_course_entity();
  1021. } else {
  1022. // Move to folder
  1023. $moveTo = DocumentManager::get_document_id(
  1024. $courseInfo,
  1025. $moveTo
  1026. );
  1027. /** @var CDocument $newParent */
  1028. $newParent = $repo->find($moveTo);
  1029. }
  1030. /** @var CDocument $document */
  1031. $document = $repo->find($document_to_move['iid']);
  1032. if ($moveTo && $document && $newParent) {
  1033. DocumentManager::updateDbInfo(
  1034. 'update',
  1035. $document_to_move['path'],
  1036. $moveTo.'/'.basename($document_to_move['path'])
  1037. );
  1038. $document->getResourceNode()->setParent($newParent->getResourceNode());
  1039. $em->persist($document);
  1040. $em->flush();
  1041. Display::addFlash(Display::return_message(get_lang('Element moved'), 'confirmation'));
  1042. }
  1043. }
  1044. } else {
  1045. Display::addFlash(Display::return_message(get_lang('Operation impossible'), 'error'));
  1046. }
  1047. }
  1048. }
  1049. /* DELETE FILE OR DIRECTORY */
  1050. //Only teacher and all users into their group
  1051. if ($isAllowedToEdit ||
  1052. $groupMemberWithUploadRights ||
  1053. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1054. ) {
  1055. if (isset($_POST['action']) && isset($_POST['ids'])) {
  1056. $files = $_POST['ids'];
  1057. $readonlyAlreadyChecked = false;
  1058. $messages = '';
  1059. $items = [
  1060. '/audio',
  1061. '/flash',
  1062. '/images',
  1063. '/shared_folder',
  1064. '/video',
  1065. '/chat_files',
  1066. '/certificates',
  1067. ];
  1068. $defaultVisibility = ResourceLink::VISIBILITY_DRAFT;
  1069. // Make visible or invisible?
  1070. if ($_POST['action'] === 'set_visible') {
  1071. $defaultVisibility = ResourceLink::VISIBILITY_PUBLISHED;
  1072. }
  1073. foreach ($files as $documentId) {
  1074. $data = DocumentManager::get_document_data_by_id($documentId, $courseInfo['code']);
  1075. /** @var CDocument $document */
  1076. $document = $repo->find($documentId);
  1077. if (in_array($data['path'], $items)) {
  1078. // exclude system directories (do not allow deletion)
  1079. continue;
  1080. } else {
  1081. switch ($_POST['action']) {
  1082. case 'set_invisible':
  1083. $repo->updateVisibility($document, $defaultVisibility);
  1084. break;
  1085. case 'set_visible':
  1086. $repo->updateVisibility($document, $defaultVisibility);
  1087. $messages .= Display::return_message(
  1088. get_lang('The visibility has been changed.').': '.$data['title'],
  1089. 'confirmation'
  1090. );
  1091. break;
  1092. case 'delete':
  1093. // Check all documents scheduled for deletion
  1094. // If one of them is read-only, abandon deletion
  1095. // Note: this is only executed once
  1096. if (!$readonlyAlreadyChecked) {
  1097. foreach ($files as $id) {
  1098. if (!$isAllowedToEdit) {
  1099. if (DocumentManager::check_readonly(
  1100. $courseInfo,
  1101. api_get_user_id(),
  1102. null,
  1103. $id,
  1104. false,
  1105. $sessionId
  1106. )) {
  1107. $messages .= Display::return_message(
  1108. get_lang('Cannot delete files that are configured in read-only mode.'),
  1109. 'error'
  1110. );
  1111. break 2;
  1112. }
  1113. }
  1114. }
  1115. $readonlyAlreadyChecked = true;
  1116. }
  1117. if ($data['filetype'] != 'link') {
  1118. // Files and folders
  1119. $deleteDocument = DocumentManager::delete_document(
  1120. $courseInfo,
  1121. null,
  1122. $base_work_dir,
  1123. $sessionId,
  1124. $documentId,
  1125. $groupIid
  1126. );
  1127. if (!empty($deleteDocument)) {
  1128. $messages .= Display::return_message(
  1129. get_lang('Document deleted').': '.$data['title'],
  1130. 'confirmation'
  1131. );
  1132. }
  1133. } else {
  1134. // Cloud Links
  1135. if (DocumentManager::deleteCloudLink($_course, $documentId)) {
  1136. $messages .= Display::return_message(
  1137. get_lang('Cloud link deleted'),
  1138. 'confirmation'
  1139. );
  1140. } else {
  1141. $messages .= Display::return_message(
  1142. get_lang('Error deleting the cloud link.'),
  1143. 'error'
  1144. );
  1145. }
  1146. }
  1147. break;
  1148. }
  1149. }
  1150. } // endforeach
  1151. Display::addFlash($messages);
  1152. header('Location: '.$currentUrl);
  1153. exit;
  1154. }
  1155. }
  1156. $dirForm = '';
  1157. /* CREATE DIRECTORY */
  1158. //Only teacher and all users into their group and any user into his/her shared folder
  1159. if ($isAllowedToEdit ||
  1160. $groupMemberWithUploadRights ||
  1161. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1162. ) {
  1163. // Create directory with $_POST data
  1164. if (isset($_POST['create_dir']) && $_POST['dirname'] != '') {
  1165. // Needed for directory creation
  1166. $post_dir_name = $_POST['dirname'];
  1167. if ($post_dir_name == '../' || $post_dir_name == '.' || $post_dir_name == '..') {
  1168. $message = Display::return_message(get_lang('CannotCreate folder'), 'error');
  1169. } else {
  1170. // dir_id is the parent folder id.
  1171. if (!empty($_POST['dir_id'])) {
  1172. // Get the document data from the ID
  1173. $document_data = DocumentManager::get_document_data_by_id(
  1174. $_POST['dir_id'],
  1175. api_get_course_id(),
  1176. false,
  1177. $sessionId
  1178. );
  1179. if ($sessionId != 0 && !$document_data) {
  1180. // If there is a session defined and asking for the
  1181. // document * from the session* didn't work, try it from
  1182. // the course (out of a session context)
  1183. $document_data = DocumentManager::get_document_data_by_id(
  1184. $_POST['dir_id'],
  1185. api_get_course_id(),
  1186. false,
  1187. 0
  1188. );
  1189. }
  1190. $curdirpath = $document_data['path'];
  1191. }
  1192. $added_slash = $curdirpath == '/' ? '' : '/';
  1193. $dir_name = $curdirpath.$added_slash.api_replace_dangerous_char($post_dir_name);
  1194. $dir_name = disable_dangerous_file($dir_name);
  1195. $dir_check = $base_work_dir.$dir_name;
  1196. $visibility = empty($groupId) ? null : 1;
  1197. $newFolderData = create_unexisting_directory(
  1198. $courseInfo,
  1199. api_get_user_id(),
  1200. $sessionId,
  1201. api_get_group_id(),
  1202. $to_user_id,
  1203. $base_work_dir,
  1204. $dir_name,
  1205. $post_dir_name,
  1206. $visibility,
  1207. false,
  1208. true,
  1209. $document_data
  1210. );
  1211. if (!empty($newFolderData)) {
  1212. $message = Display::return_message(
  1213. get_lang('Folder created').' '.$newFolderData->getTitle(),
  1214. 'confirmation'
  1215. );
  1216. } else {
  1217. $message = Display::return_message(
  1218. get_lang('CannotCreate folder'),
  1219. 'error'
  1220. );
  1221. }
  1222. }
  1223. Display::addFlash($message);
  1224. header('Location: '.$currentUrl);
  1225. exit;
  1226. }
  1227. // Show them the form for the directory name
  1228. if (isset($_GET['createdir'])) {
  1229. $dirForm = DocumentManager::create_dir_form($document_id);
  1230. }
  1231. }
  1232. /* VISIBILITY COMMANDS */
  1233. if ($isAllowedToEdit) {
  1234. if ((isset($_GET['set_invisible']) && !empty($_GET['set_invisible'])) ||
  1235. (isset($_GET['set_visible']) && !empty($_GET['set_visible']))
  1236. ) {
  1237. $defaultVisibility = ResourceLink::VISIBILITY_DRAFT;
  1238. // Make visible or invisible?
  1239. if (isset($_GET['set_visible'])) {
  1240. $defaultVisibility = ResourceLink::VISIBILITY_PUBLISHED;
  1241. $update_id = intval($_GET['set_visible']);
  1242. $visibility_command = 'visible';
  1243. } else {
  1244. $update_id = intval($_GET['set_invisible']);
  1245. $visibility_command = 'invisible';
  1246. }
  1247. if (!$isAllowedToEdit) {
  1248. if (api_is_coach()) {
  1249. if (!DocumentManager::is_visible_by_id($update_id, $courseInfo, $sessionId, api_get_user_id())) {
  1250. api_not_allowed(true);
  1251. }
  1252. }
  1253. if (DocumentManager::check_readonly($courseInfo, api_get_user_id(), '', $update_id)) {
  1254. api_not_allowed(true);
  1255. }
  1256. }
  1257. /** @var CDocument $document */
  1258. $document = $repo->find($update_id);
  1259. $repo->updateVisibility($document, $defaultVisibility);
  1260. Display::addFlash(Display::return_message(get_lang('The visibility has been changed.'), 'confirmation'));
  1261. header('Location: '.$currentUrl);
  1262. exit;
  1263. }
  1264. }
  1265. $templateForm = '';
  1266. /* TEMPLATE ACTION */
  1267. //Only teacher and all users into their group
  1268. if ($isAllowedToEdit ||
  1269. $groupMemberWithUploadRights ||
  1270. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1271. ) {
  1272. if (isset($_GET['add_as_template']) && !isset($_POST['create_template'])) {
  1273. $document_id_for_template = intval($_GET['add_as_template']);
  1274. // Create the form that asks for the directory name
  1275. $templateForm .= '
  1276. <form name="set_document_as_new_template" class="form-horizontal" enctype="multipart/form-data"
  1277. action="'.api_get_self().'?add_as_template='.$document_id_for_template.'" method="post">
  1278. <fieldset>
  1279. <legend>'.get_lang('Add as a template').'</legend>
  1280. <div class="form-group">
  1281. <label for="template_title" class="col-sm-2 control-label">'.get_lang('Template name').'</label>
  1282. <div class="col-sm-10">
  1283. <input type="text" class="form-control" id="template_title" name="template_title">
  1284. </div>
  1285. </div>
  1286. <div class="form-group">
  1287. <label for="template_image" class="col-sm-2 control-label">'.get_lang("Template's icon").'</label>
  1288. <div class="col-sm-10">
  1289. <input type="file" name="template_image" id="template_image">
  1290. </div>
  1291. </div>
  1292. <div class="form-group">
  1293. <div class="col-sm-offset-2 col-sm-10">
  1294. <button type="submit" name="create_template" class="btn btn-primary">'
  1295. .get_lang('Create template').'
  1296. </button>
  1297. </div>
  1298. </div>
  1299. <input type="hidden" name="curdirpath" value="'.$curdirpath.'" />
  1300. </fieldset>
  1301. </form>
  1302. <hr>
  1303. ';
  1304. } elseif (isset($_GET['add_as_template']) && isset($_POST['create_template'])) {
  1305. $document_id_for_template = intval($_GET['add_as_template']);
  1306. $title = Security::remove_XSS($_POST['template_title']);
  1307. $user_id = api_get_user_id();
  1308. // Create the template_thumbnails folder in the upload folder (if needed)
  1309. if (!is_dir(api_get_path(SYS_COURSE_PATH).$courseInfo['directory'].'/upload/template_thumbnails/')) {
  1310. @mkdir(
  1311. api_get_path(SYS_COURSE_PATH).$courseInfo['directory'].'/upload/template_thumbnails/',
  1312. api_get_permissions_for_new_directories()
  1313. );
  1314. }
  1315. // Upload the file
  1316. if (!empty($_FILES['template_image']['name'])) {
  1317. $upload_ok = process_uploaded_file($_FILES['template_image']);
  1318. if ($upload_ok) {
  1319. // Try to add an extension to the file if it hasn't one
  1320. $new_file_name = $courseInfo['code'].'-'
  1321. .add_ext_on_mime(
  1322. stripslashes($_FILES['template_image']['name']),
  1323. $_FILES['template_image']['type']
  1324. );
  1325. // Upload dir
  1326. $upload_dir = api_get_path(SYS_COURSE_PATH).$courseInfo['directory'].'/upload/template_thumbnails/';
  1327. // Resize image to max default and end upload
  1328. $temp = new Image($_FILES['template_image']['tmp_name']);
  1329. $picture_info = $temp->get_image_info();
  1330. $max_width_for_picture = 100;
  1331. if ($picture_info['width'] > $max_width_for_picture) {
  1332. $temp->resize($max_width_for_picture);
  1333. }
  1334. $temp->send_image($upload_dir.$new_file_name);
  1335. }
  1336. }
  1337. DocumentManager::setDocumentAsTemplate(
  1338. $title,
  1339. '',
  1340. $document_id_for_template,
  1341. api_get_course_int_id(),
  1342. $user_id,
  1343. $new_file_name
  1344. );
  1345. Display::addFlash(
  1346. Display::return_message(get_lang('Document set as a new template'), 'confirmation')
  1347. );
  1348. }
  1349. if (isset($_GET['remove_as_template'])) {
  1350. $user_id = api_get_user_id();
  1351. DocumentManager::unsetDocumentAsTemplate(
  1352. $_GET['remove_as_template'],
  1353. api_get_course_int_id(),
  1354. $user_id
  1355. );
  1356. Display::addFlash(
  1357. Display::return_message(get_lang('Document unset as template'), 'confirmation')
  1358. );
  1359. }
  1360. }
  1361. // END ACTION MENU
  1362. // Attach certificate in the gradebook
  1363. if (isset($_GET['curdirpath']) &&
  1364. strpos($_GET['curdirpath'], '/certificates') !== false &&
  1365. isset($_GET['set_certificate']) &&
  1366. $_GET['set_certificate'] == strval(intval($_GET['set_certificate']))
  1367. ) {
  1368. if (isset($_GET['cidReq'])) {
  1369. $course_id = Security::remove_XSS($_GET['cidReq']); // course code
  1370. $document_id = Security::remove_XSS($_GET['set_certificate']); // document id
  1371. $courseInfoTemp = api_get_course_info($course_id);
  1372. DocumentManager::attach_gradebook_certificate($courseInfoTemp['real_id'], $document_id);
  1373. $message = Display::return_message(get_lang('Certificate set to default'), 'normal');
  1374. Display::addFlash(
  1375. $message
  1376. );
  1377. }
  1378. }
  1379. /* GET ALL DOCUMENT DATA FOR CURDIRPATH */
  1380. if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
  1381. $documentAndFolders = DocumentManager::getAllDocumentData(
  1382. $courseInfo,
  1383. $curdirpath,
  1384. $groupIid,
  1385. null,
  1386. $isAllowedToEdit || $groupMemberWithUploadRights,
  1387. true
  1388. );
  1389. } else {
  1390. $documentAndFolders = DocumentManager::getAllDocumentData(
  1391. $courseInfo,
  1392. $curdirpath,
  1393. $groupIid,
  1394. null,
  1395. $isAllowedToEdit || $groupMemberWithUploadRights,
  1396. false
  1397. );
  1398. }
  1399. if ($groupId != 0) {
  1400. $userAccess = GroupManager::user_has_access(
  1401. api_get_user_id(),
  1402. $groupIid,
  1403. GroupManager::GROUP_TOOL_DOCUMENTS
  1404. );
  1405. if ($userAccess) {
  1406. $folders = DocumentManager::get_all_document_folders(
  1407. $courseInfo,
  1408. $groupIid,
  1409. $isAllowedToEdit || $groupMemberWithUploadRights,
  1410. false,
  1411. $curdirpath
  1412. );
  1413. }
  1414. } else {
  1415. $folders = DocumentManager::get_all_document_folders(
  1416. $courseInfo,
  1417. 0,
  1418. $isAllowedToEdit || $groupMemberWithUploadRights,
  1419. false,
  1420. $curdirpath
  1421. );
  1422. }
  1423. if (!isset($folders) || $folders === false) {
  1424. $folders = [];
  1425. }
  1426. $btngroup = ['class' => 'btn btn-default'];
  1427. /* GO TO PARENT DIRECTORY */
  1428. $actionsLeft = '';
  1429. if ($curdirpath != '/' &&
  1430. $curdirpath != $group_properties['directory'] &&
  1431. !$is_certificate_mode
  1432. ) {
  1433. $actionsLeft = '<a href="'.api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.$certificateLink.'">';
  1434. $actionsLeft .= Display::return_icon('folder_up.png', get_lang('Up'), '', ICON_SIZE_MEDIUM);
  1435. $actionsLeft .= '</a>';
  1436. }
  1437. if ($is_certificate_mode && $curdirpath != '/certificates') {
  1438. $actionsLeft .= Display::url(
  1439. Display::return_icon('folder_up.png', get_lang('Up'), '', ICON_SIZE_MEDIUM),
  1440. api_get_self().'?'.api_get_cidreq().'&id='.$parent_id.$certificateLink
  1441. );
  1442. }
  1443. $column_show = [];
  1444. if ($isAllowedToEdit ||
  1445. $groupMemberWithUploadRights ||
  1446. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1447. ) {
  1448. // TODO:check enable more options for shared folders
  1449. /* CREATE NEW DOCUMENT OR NEW DIRECTORY / GO TO UPLOAD / DOWNLOAD ZIPPED FOLDER */
  1450. // Create new document
  1451. if (!$is_certificate_mode) {
  1452. $actionsLeft .= Display::url(
  1453. Display::return_icon(
  1454. 'new_document.png',
  1455. get_lang('Create a rich media page / activity'),
  1456. '',
  1457. ICON_SIZE_MEDIUM
  1458. ),
  1459. api_get_path(WEB_CODE_PATH).'document/create_document.php?'
  1460. .api_get_cidreq().'&id='.$document_id
  1461. );
  1462. // Create new draw
  1463. if (api_get_setting('enabled_support_svg') == 'true') {
  1464. if (api_browser_support('svg')) {
  1465. $actionsLeft .= Display::url(
  1466. Display::return_icon('new_draw.png', get_lang('Draw'), '', ICON_SIZE_MEDIUM),
  1467. api_get_path(WEB_CODE_PATH).'document/create_draw.php?'.api_get_cidreq().'&id='.$document_id
  1468. );
  1469. } else {
  1470. $actionsLeft .= Display::return_icon(
  1471. 'new_draw_na.png',
  1472. get_lang('Your browser does not support SVG files. To use the drawing tool you must have an advanced browser such as Firefox or Chrome'),
  1473. '',
  1474. ICON_SIZE_MEDIUM
  1475. );
  1476. }
  1477. }
  1478. // Create new paint
  1479. if (api_get_setting('enabled_support_pixlr') == 'true') {
  1480. $actionsLeft .= Display::url(
  1481. Display::return_icon(
  1482. 'new_paint.png',
  1483. get_lang('Photo retouching'),
  1484. '',
  1485. ICON_SIZE_MEDIUM
  1486. ),
  1487. api_get_path(WEB_CODE_PATH).'document/create_paint.php?'
  1488. .api_get_cidreq().'&id='.$document_id
  1489. );
  1490. }
  1491. // Record an image clip from my webcam
  1492. if (api_get_setting('enable_webcam_clip') == 'true') {
  1493. $actionsLeft .= Display::url(
  1494. Display::return_icon('webcam.png', get_lang('Webcam Clip'), '', ICON_SIZE_MEDIUM),
  1495. api_get_path(WEB_CODE_PATH).'document/webcam_clip.php?'.api_get_cidreq().'&id='.$document_id
  1496. );
  1497. }
  1498. // Record audio (nanogong)
  1499. if (api_get_setting('enable_record_audio') === 'true') {
  1500. $actionsLeft .= Display::url(
  1501. Display::return_icon('new_recording.png', get_lang('Record my voice'), '', ICON_SIZE_MEDIUM),
  1502. api_get_path(WEB_CODE_PATH).'document/record_audio.php?'.api_get_cidreq().'&id='.$document_id
  1503. );
  1504. }
  1505. // Create new audio from text
  1506. if (api_get_setting('enabled_text2audio') == 'true') {
  1507. $actionsLeft .= Display::url(
  1508. Display::return_icon('new_sound.png', get_lang('Create audio'), '', ICON_SIZE_MEDIUM),
  1509. api_get_path(WEB_CODE_PATH).'document/create_audio.php?'.api_get_cidreq().'&id='.$document_id
  1510. );
  1511. }
  1512. }
  1513. // Create new certificate
  1514. if ($is_certificate_mode) {
  1515. $actionsLeft .= Display::url(
  1516. Display::return_icon(
  1517. 'new_certificate.png',
  1518. get_lang('Create certificate'),
  1519. '',
  1520. ICON_SIZE_MEDIUM
  1521. ),
  1522. api_get_path(WEB_CODE_PATH).'document/create_document.php?'
  1523. .api_get_cidreq().'&id='.$document_id.'&certificate=true&selectcat='
  1524. .$selectcat
  1525. );
  1526. }
  1527. // File upload link
  1528. if ($is_certificate_mode) {
  1529. $actionsLeft .= Display::url(
  1530. Display::return_icon('upload_certificate.png', get_lang('Upload certificate'), '', ICON_SIZE_MEDIUM),
  1531. api_get_path(WEB_CODE_PATH).'document/upload.php?'.api_get_cidreq()
  1532. .'&id='.$current_folder_id.'&certificate=true'
  1533. );
  1534. } else {
  1535. $actionsLeft .= Display::url(
  1536. Display::return_icon('upload_file.png', get_lang('Upload documents'), '', ICON_SIZE_MEDIUM),
  1537. api_get_path(WEB_CODE_PATH).'document/upload.php?'.api_get_cidreq().'&id='.$current_folder_id
  1538. );
  1539. }
  1540. if ($capturePluginInstalled && !$is_certificate_mode) {
  1541. $actionsLeft .= '<span id="appletplace"></span>';
  1542. $actionsLeft .= Display::url(
  1543. Display::return_icon('capture.png', get_lang('Capture screenshot/screencast'), '', ICON_SIZE_MEDIUM),
  1544. '#',
  1545. ['id' => 'jcapture']
  1546. );
  1547. }
  1548. // Create directory
  1549. if (!$is_certificate_mode) {
  1550. $actionsLeft .= Display::url(
  1551. Display::return_icon('new_folder.png', get_lang('Create folder'), '', ICON_SIZE_MEDIUM),
  1552. api_get_path(WEB_CODE_PATH).'document/document.php?'.api_get_cidreq().'&id='.$document_id.'&createdir=1'
  1553. );
  1554. }
  1555. // "Add cloud link" icon
  1556. $fileLinkEnabled = api_get_configuration_value('enable_add_file_link');
  1557. if ($fileLinkEnabled && !$is_certificate_mode) {
  1558. $actionsLeft .= Display::url(
  1559. Display::return_icon('clouddoc_new.png', get_lang('Add link to Cloud file'), '', ICON_SIZE_MEDIUM),
  1560. api_get_path(WEB_CODE_PATH).'document/add_link.php?'.api_get_cidreq().'&id='.$document_id
  1561. );
  1562. }
  1563. }
  1564. if (!isset($_GET['keyword']) && !$is_certificate_mode) {
  1565. /*$actionsLeft .= Display::url(
  1566. Display::return_icon('slideshow.png', get_lang('View Slideshow'), '', ICON_SIZE_MEDIUM),
  1567. api_get_path(WEB_CODE_PATH).'document/slideshow.php?'.api_get_cidreq().'&curdirpath='.$curdirpathurl
  1568. );*/
  1569. }
  1570. if ($isAllowedToEdit && !$is_certificate_mode) {
  1571. $actionsLeft .= Display::url(
  1572. Display::return_icon('percentage.png', get_lang('Space Available'), '', ICON_SIZE_MEDIUM),
  1573. api_get_path(WEB_CODE_PATH).'document/document_quota.php?'.api_get_cidreq()
  1574. );
  1575. }
  1576. if (!$is_certificate_mode) {
  1577. /* BUILD SEARCH FORM */
  1578. $form = new FormValidator(
  1579. 'search_document',
  1580. 'get',
  1581. api_get_self().'?'.api_get_cidreq(),
  1582. '',
  1583. [],
  1584. FormValidator::LAYOUT_INLINE
  1585. );
  1586. $form->addText('keyword', '', false, ['class' => 'col-md-2']);
  1587. $form->addHidden('cidReq', api_get_course_id());
  1588. $form->addHidden('id_session', api_get_session_id());
  1589. $form->addHidden('gidReq', $groupId);
  1590. $form->addButtonSearch(get_lang('Search'));
  1591. $actionsRight = $form->returnForm();
  1592. }
  1593. $total_size = 0;
  1594. $getSizeURL = api_get_path(WEB_AJAX_PATH).'document.ajax.php?a=get_dir_size&'.api_get_cidreq();
  1595. $sortable_data = [];
  1596. if (!empty($documentAndFolders) && ($groupId === 0 || $userAccess)) {
  1597. $sortable_data = DocumentManager::processDocumentAndFolders(
  1598. $documentAndFolders,
  1599. $courseInfo,
  1600. $is_certificate_mode,
  1601. $groupMemberWithUploadRights,
  1602. $curdirpath
  1603. );
  1604. }
  1605. if (!empty($documentAndFolders)) {
  1606. // Show download zipped folder icon
  1607. if (!$is_certificate_mode && (
  1608. api_get_setting('students_download_folders') == 'true' ||
  1609. $isAllowedToEdit ||
  1610. api_is_platform_admin()
  1611. )
  1612. ) {
  1613. //for student does not show icon into other shared folder, and does not show into main path (root)
  1614. if (DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId) &&
  1615. $curdirpath != '/' ||
  1616. $isAllowedToEdit ||
  1617. api_is_platform_admin()
  1618. ) {
  1619. $actionsLeft .= Display::url(
  1620. Display::return_icon(
  1621. 'save_pack.png',
  1622. get_lang('Save').' (ZIP)',
  1623. '',
  1624. ICON_SIZE_MEDIUM
  1625. ),
  1626. api_get_path(WEB_CODE_PATH).'document/document.php?'
  1627. .api_get_cidreq().'&action=downloadfolder&id='.$document_id
  1628. );
  1629. }
  1630. }
  1631. }
  1632. if (api_is_platform_admin() && api_get_configuration_value('document_manage_deleted_files')) {
  1633. $actionsLeft .= Display::url(
  1634. get_lang('Recycle course'),
  1635. api_get_path(WEB_CODE_PATH).'document/recycle.php?'.api_get_cidreq(),
  1636. ['class' => 'btn btn-default']
  1637. );
  1638. }
  1639. if (!empty($moveTo)) {
  1640. $document_id = DocumentManager::get_document_id($courseInfo, $moveTo);
  1641. }
  1642. if (isset($_GET['createdir']) && isset($_POST['dirname']) && $_POST['dirname'] != '') {
  1643. $post_dir_name = $_POST['dirname'];
  1644. $document_id = DocumentManager::get_document_id($courseInfo, $_POST['dirname']);
  1645. }
  1646. $selector = '';
  1647. if (!$is_certificate_mode && !isset($_GET['move'])) {
  1648. $selector = DocumentManager::build_directory_selector(
  1649. $folders,
  1650. $document_id,
  1651. (isset($group_properties['directory']) ? $group_properties['directory'] : [])
  1652. );
  1653. }
  1654. $tableToString = '';
  1655. if (!empty($documentAndFolders)) {
  1656. $column_show = [];
  1657. if (($isAllowedToEdit || $groupMemberWithUploadRights) && count($documentAndFolders) > 1) {
  1658. $column_show[] = 1;
  1659. }
  1660. $column_show[] = 1;
  1661. $column_show[] = 1;
  1662. $column_show[] = 1;
  1663. $column_show[] = 1;
  1664. if ($isAllowedToEdit ||
  1665. $groupMemberWithUploadRights ||
  1666. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1667. ) {
  1668. $column_show[] = 1;
  1669. }
  1670. $column_show[] = 0;
  1671. $column_show[] = 0;
  1672. $column_order = [];
  1673. if (count(reset($sortable_data)) == 12) {
  1674. //teacher
  1675. $column_order[2] = 8; //name
  1676. $column_order[3] = 7;
  1677. $column_order[4] = 6;
  1678. } elseif (count(reset($sortable_data)) == 10) {
  1679. //student
  1680. $column_order[1] = 6;
  1681. $column_order[2] = 5;
  1682. $column_order[3] = 4;
  1683. }
  1684. $default_column = $isAllowedToEdit ? 2 : 1;
  1685. $tableName = $isAllowedToEdit ? 'teacher_table' : 'student_table';
  1686. $table = new SortableTableFromArrayConfig(
  1687. $sortable_data,
  1688. $default_column,
  1689. 20,
  1690. $tableName,
  1691. $column_show,
  1692. $column_order,
  1693. 'ASC',
  1694. true
  1695. );
  1696. $queryVars = [];
  1697. if (isset($_GET['keyword'])) {
  1698. $queryVars['keyword'] = Security::remove_XSS($_GET['keyword']);
  1699. } else {
  1700. $queryVars['curdirpath'] = $curdirpath;
  1701. }
  1702. if ($groupId) {
  1703. $queryVars['gidReq'] = $groupId;
  1704. }
  1705. $queryVars['cidReq'] = api_get_course_id();
  1706. $queryVars['id_session'] = api_get_session_id();
  1707. $queryVars['id'] = $document_id;
  1708. $table->set_additional_parameters($queryVars);
  1709. $column = 0;
  1710. if (($isAllowedToEdit || $groupMemberWithUploadRights) &&
  1711. count($documentAndFolders) > 1
  1712. ) {
  1713. $table->set_header($column++, '', false, ['style' => 'width:12px;']);
  1714. }
  1715. $table->set_header($column++, get_lang('Type'), true, ['style' => 'width:30px;']);
  1716. $table->set_header($column++, get_lang('Name'));
  1717. $table->set_header($column++, get_lang('Size'), true, ['style' => 'width:50px;']);
  1718. $table->set_header($column++, get_lang('Date'), true, ['style' => 'width:150px;']);
  1719. // Admins get an edit column
  1720. if ($isAllowedToEdit ||
  1721. $groupMemberWithUploadRights ||
  1722. DocumentManager::is_my_shared_folder(api_get_user_id(), $curdirpath, $sessionId)
  1723. ) {
  1724. $table->set_header($column++, get_lang('Detail'), false, ['class' => 'td_actions']);
  1725. }
  1726. // Detail on multiple selected documents
  1727. // TODO: Currently only delete action -> take only DELETE permission into account
  1728. if (count($documentAndFolders) > 1) {
  1729. if ($isAllowedToEdit || $groupMemberWithEditRights) {
  1730. $form_actions = [];
  1731. $form_action['set_invisible'] = get_lang('Set invisible');
  1732. $form_action['set_visible'] = get_lang('Set visible');
  1733. $form_action['delete'] = get_lang('Delete');
  1734. $table->set_form_actions($form_action, 'ids');
  1735. }
  1736. }
  1737. $tableToString = $table->return_table();
  1738. }
  1739. Display::display_header('', 'Doc');
  1740. /* Introduction section (editable by course admins) */
  1741. if (!empty($groupId)) {
  1742. Display::display_introduction_section(TOOL_DOCUMENT.$groupId);
  1743. } else {
  1744. Display::display_introduction_section(TOOL_DOCUMENT);
  1745. }
  1746. $toolbar = Display::toolbarAction(
  1747. 'toolbar-document',
  1748. [$actionsLeft, $actionsRight]
  1749. );
  1750. echo $toolbar;
  1751. echo $templateForm;
  1752. echo $moveForm;
  1753. echo $dirForm;
  1754. echo $selector;
  1755. echo $tableToString;
  1756. $ajaxURL = api_get_path(WEB_AJAX_PATH).'document.ajax.php?a=get_document_quota&'.api_get_cidreq();
  1757. if (count($documentAndFolders) > 1) {
  1758. echo '<script>
  1759. $(function() {
  1760. $.ajax({
  1761. url:"'.$ajaxURL.'",
  1762. success:function(data){
  1763. $("#course_quota").html(data);
  1764. }
  1765. });
  1766. $(".document_size").each(function(i, obj) {
  1767. var path = obj.getAttribute("data-path");
  1768. $.ajax({
  1769. url:"'.$getSizeURL.'&path="+path,
  1770. success:function(data){
  1771. $(obj).html(data);
  1772. }
  1773. });
  1774. });
  1775. });
  1776. </script>';
  1777. echo '<span id="course_quota"></span>';
  1778. }
  1779. if (empty($documentAndFolders)) {
  1780. echo Display::return_message(get_lang('There are no documents to be displayed.'), 'warning');
  1781. }
  1782. echo '
  1783. <div id="convertModal" class="modal fade" tabindex="-1" role="dialog" aria-hidden="true">
  1784. <div class="modal-dialog">
  1785. <div class="modal-content">
  1786. <div class="modal-header" style="text-align: center;">
  1787. <button type="button" class="close" data-dismiss="modal" aria-label="'.get_lang('Close').'">
  1788. <span aria-hidden="true">&times;</span>
  1789. </button>
  1790. <h4 class="modal-title">'.get_lang('Convert').'</h4>
  1791. </div>
  1792. <div class="modal-body">
  1793. <form action="#" class="form-horizontal">
  1794. <div class="form-group">
  1795. <label class="col-sm-4 control-label" for="convertSelect">'.get_lang('Convert format').'</label>
  1796. <div class="col-sm-8">
  1797. <select id="convertSelect">
  1798. <option value="">'.get_lang('Select').'</option>
  1799. <option value="pdf">
  1800. PDF - Portable Document File
  1801. </option>
  1802. <option value="odt" style="display:none;" class="textFormatType">
  1803. ODT - Open Document Text
  1804. </option>
  1805. <option value="odp" style="display:none;" class="presentationFormatType">
  1806. ODP - Open Document Portable
  1807. </option>
  1808. <option value="ods" style="display:none;" class="spreadsheetFormatType">
  1809. ODS - Open Document Spreadsheet
  1810. </option>
  1811. </select>
  1812. </div>
  1813. </div>
  1814. </form>
  1815. </div>
  1816. <div class="modal-footer">
  1817. <button type="button" class="btn btn-default" data-dismiss="modal">'.get_lang('Close').'</button>
  1818. </div>
  1819. </div>
  1820. </div>
  1821. ';
  1822. Session::erase('slideshow_'.api_get_course_id().api_get_session_id());
  1823. Display::display_footer();