webcam_receiver.php 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
  1. <?php
  2. /* JPEGCam Script *****UPDATED to lib webcamJS 2015-09-04***** */
  3. /* Receives JPEG webcam submission and saves to local file. */
  4. /* Make sure your directory has permission to write files as your web server user! */
  5. //Changes on directory because move the proper script to the new lib upgrade directory
  6. require_once __DIR__.'/../inc/global.inc.php';
  7. ////Add security from Chamilo
  8. api_protect_course_script();
  9. api_block_anonymous_users();
  10. ///
  11. # Save the audio to a URL-accessible directory for playback.
  12. parse_str($_SERVER['QUERY_STRING'], $params);
  13. if (isset($params['webcamname']) && isset($params['webcamdir']) && isset($params['webcamuserid'])) {
  14. $webcamname = $params['webcamname'];
  15. $webcamdir = $params['webcamdir'];
  16. $webcamuserid = $params['webcamuserid'];
  17. }
  18. else {
  19. api_not_allowed();
  20. die();
  21. }
  22. if ($webcamuserid != api_get_user_id() || api_get_user_id() == 0 || $webcamuserid == 0) {
  23. api_not_allowed();
  24. die();
  25. }
  26. //clean
  27. $webcamname = Security::remove_XSS($webcamname);
  28. $webcamname = Database::escape_string($webcamname);
  29. $webcamname = addslashes(trim($webcamname));
  30. $webcamname = api_replace_dangerous_char($webcamname);
  31. $webcamname = disable_dangerous_file($webcamname);
  32. $webcamdir = Security::remove_XSS($webcamdir);
  33. //security extension
  34. $ext = explode('.', $webcamname);
  35. $ext = strtolower($ext[sizeof($ext) - 1]);
  36. if ($ext != 'jpg') {
  37. die();
  38. }
  39. //Do not use here check Fileinfo method because return: text/plain //CHECK THIS BEFORE COMMIT
  40. $dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
  41. $saveDir = $dirBaseDocuments.$webcamdir;
  42. $current_session_id = api_get_session_id();
  43. $groupId = api_get_group_id();
  44. $groupInfo = GroupManager::get_group_properties($groupId);
  45. //Avoid duplicates
  46. $webcamname_to_save = $webcamname;
  47. $title_to_save = str_replace('_', ' ', $webcamname);
  48. $webcamname_noex = basename($webcamname, ".jpg");
  49. if (file_exists($saveDir.'/'.$webcamname_noex.'.'.$ext)) {
  50. $i = 1;
  51. while (file_exists($saveDir.'/'.$webcamname_noex.'_'.$i.'.'.$ext)) {
  52. $i++;
  53. }
  54. $webcamname_to_save = $webcamname_noex.'_'.$i.'.'.$ext;
  55. $title_to_save = $webcamname_noex.'_'.$i.'.'.$ext;
  56. $title_to_save = str_replace('_', ' ', $title_to_save);
  57. }
  58. $documentPath = $saveDir.'/'.$webcamname_to_save;
  59. //read content
  60. //Change to move_uploaded_file() function instead file_get_contents() to adapt the new lib
  61. $content = move_uploaded_file($_FILES['webcam']['tmp_name'], $documentPath);
  62. if (!$content) {
  63. print "PHP ERROR: Failed to read data\n";
  64. exit();
  65. }
  66. //add document to database
  67. $doc_id = add_document(
  68. $_course,
  69. $webcamdir.'/'.$webcamname_to_save,
  70. 'file',
  71. filesize($documentPath),
  72. $title_to_save
  73. );
  74. api_item_property_update(
  75. $_course,
  76. TOOL_DOCUMENT,
  77. $doc_id,
  78. 'DocumentAdded',
  79. $_user['user_id'],
  80. $groupInfo,
  81. null,
  82. null,
  83. null,
  84. $current_session_id
  85. );
  86. ///
  87. $url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$documentPath;
  88. print get_lang('ClipSent');