Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
aj
/
chamilo-lms2
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: e7c246f349
Haarat Tagit
chamilo-lms2
/
main
/
dropbox
/
dropbox_download.php

dropbox_download.php 6.2 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt */
    3. 

  3. /**
    4. 

  4.  * @package chamilo.dropbox
    5. 

  5.  */
    6. 

  6. /**
    7. 

  7.  * Code
    8. 

  8.  */
    9. 

  9. /*	INIT SECTION */
    10. 

  10. 

  11. // We cannot use dropbox_init.inc.php because this one already outputs data.
    12. 

  12. 

  13. $language_file = 'dropbox';
    14. 

  14. 

  15. // including the basic Chamilo initialisation file
    16. 

  16. require_once '../inc/global.inc.php';
    17. 

  17. 

  18. // the dropbox configuration parameters
    19. 

  19. require_once 'dropbox_config.inc.php';
    20. 

  20. 

  21. // the dropbox file that contains additional functions
    22. 

  22. require_once 'dropbox_functions.inc.php';
    23. 

  23. 

  24. // the dropbox class
    25. 

  25. require_once 'dropbox_class.inc.php';
    26. 

  26. 

  27. /*	DOWNLOAD A FOLDER */
    28. 

  28. $course_id = api_get_course_int_id();
    29. 

  29. 

  30. $user_id = api_get_user_id();
    31. 

  31. 

  32. if (isset($_GET['cat_id']) AND is_numeric($_GET['cat_id']) AND $_GET['action'] == 'downloadcategory' AND isset($_GET['sent_received'])) {
    33. 

  33. 	// step 1: constructingd' the sql statement. Due to the nature off the classes of the dropbox the categories for sent files are stored in the table
    34. 

  34. 	// dropbox_file while the categories for the received files are stored in dropbox_post. It would have been more elegant if these could be stored
    35. 

  35. 	// in dropbox_person (which stores the link file-person)
    36. 

  36. 	// Therefore we have to create to separate sql statements to find which files are in the categorie (depending if we zip-download a sent category or a
    37. 

  37. 	// received category)
    38. 

  38. 

  39. 	if ($_GET['sent_received'] == 'sent') {
    40. 

  40. 		// here we also incorporate the person table to make sure that deleted sent documents are not included.
    41. 

  41. 		$sql = "SELECT DISTINCT file.id, file.filename, file.title
    42. 

  42.                 FROM ".$dropbox_cnf['tbl_file']." file INNER JOIN ".$dropbox_cnf['tbl_person']." person
    43. 

  43.                 ON (person.file_id=file.id AND file.c_id = $course_id AND person.c_id = $course_id)
    44. 

  44. 				WHERE
    45. 

  45.                     file.uploader_id = $user_id AND
    46. 

  46.                     file.cat_id='".intval($_GET['cat_id'])."'  AND
    47. 

  47.                     person.user_id = $user_id";
    48. 

  48. 	}
    49. 

  49. 

  50. 	if ($_GET['sent_received'] == 'received') {
    51. 

  51. 		$sql = "SELECT DISTINCT file.id, file.filename, file.title
    52. 

  52.                 FROM ".$dropbox_cnf['tbl_file']." file INNER JOIN ".$dropbox_cnf['tbl_person']." person
    53. 

  53.                 ON (person.file_id=file.id AND file.c_id = $course_id AND person.c_id = $course_id)
    54. 

  54.                 INNER JOIN ".$dropbox_cnf['tbl_post']." post
    55. 

  55.                 ON (post.file_id = file.id AND post.c_id = $course_id AND file.c_id = $course_id)
    56. 

  56. 				WHERE
    57. 

  57.                     post.cat_id = ".intval($_GET['cat_id'])." AND
    58. 

  58.                     post.dest_user_id = $user_id" ;
    59. 

  59. 	}
    60. 

  60. 

  61. 	$result = Database::query($sql);
    62. 

  62. 	while ($row = Database::fetch_array($result)) {
    63. 

  63. 		$files_to_download[] = $row['id'];
    64. 

  64. 	}
    65. 

  65. 	if (!is_array($files_to_download) OR empty($files_to_download)) {
    66. 

  66. 		header('location: index.php?view='.Security::remove_XSS($_GET['sent_received']).'&error=ErrorNoFilesInFolder');
    67. 

  67. 		exit;
    68. 

  68. 	}
    69. 

  69. 	zip_download($files_to_download);
    70. 

  70. 	exit;
    71. 

  71. }
    72. 

  72. 

  73. 

  74. /*	DOWNLOAD A FILE */
    75. 

  75. 

  76. /*		AUTHORIZATION */
    77. 

  77. 

  78. // Check if the id makes sense
    79. 

  79. if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
    80. 

  80. 	Display::display_header($nameTools, 'Dropbox');
    81. 

  81. 	Display :: display_error_message(get_lang('Error'));
    82. 

  82. 	Display::display_footer();
    83. 

  83. 	exit;
    84. 

  84. }
    85. 

  85. 

  86. // Check if the user is allowed to download the file
    87. 

  87. $allowed_to_download = false;
    88. 

  88. if (user_can_download_file($_GET['id'], api_get_user_id())) {
    89. 

  89. 	$allowed_to_download = true;
    90. 

  90. }
    91. 

  91. 

  92. /*		ERROR IF NOT ALLOWED TO DOWNLOAD */
    93. 

  93. 

  94. 

  95. if (!$allowed_to_download) {
    96. 

  96. 	Display::display_header($nameTools, 'Dropbox');
    97. 

  97. 	Display::display_error_message(get_lang('YouAreNotAllowedToDownloadThisFile'));
    98. 

  98. 	Display::display_footer();
    99. 

  99. 	exit;
    100. 

  100. } else {
    101. 

  101.     /*      DOWNLOAD THE FILE */
    102. 

  102.     // the user is allowed to download the file
    103. 

  103. 	$_SESSION['_seen'][$_course['id']][TOOL_DROPBOX][] = intval($_GET['id']);
    104. 

  104. 

  105. 	$work = new Dropbox_work($_GET['id']);
    106. 

  106. 	$path = dropbox_cnf('sysPath') . '/' . $work -> filename; //path to file as stored on server
    107. 

  107. 

  108.     if (!Security::check_abs_path($path, dropbox_cnf('sysPath').'/')) {
    109. 

  109.     	exit;
    110. 

  110.     }
    111. 

  111. 	$file = $work->title;
    112. 

  112. 	$mimetype = DocumentManager::file_get_mime_type(true);
    113. 

  113. 	$fileinfo = pathinfo($file);
    114. 

  114. 	$extension = $fileinfo['extension'];
    115. 

  115. 

  116. 	if (!empty($extension) && isset($mimetype[$extension]) && $_GET['action'] != 'download') {
    117. 

  117. 	    // give hint to browser about filetype
    118. 

  118.     	header( 'Content-type: ' . $mimetype[$extension] . "\n");
    119. 

  119. 	} else {
    120. 

  120. 		//no information about filetype: force a download dialog window in browser
    121. 

  121. 		header( "Content-type: application/octet-stream\n");
    122. 

  122. 	}
    123. 

  123. 

  124. 	/*if (!in_array(strtolower($extension), array('doc', 'xls', 'ppt', 'pps', 'sxw', 'sxc', 'sxi'))) {
    125. 

  125. 		header('Content-Disposition: inline; filename='.$file); // bugs with open office
    126. 

  126. 	} else {
    127. 

  127. 		header('Content-Disposition: attachment; filename='.$file);
    128. 

  128. 	}*/
    129. 

  129. 

  130. 	header('Content-Disposition: attachment; filename='.$file);
    131. 

  131. 

  132. 	/**
    133. 

  133. 	 * Note that if you use these two headers from a previous example:
    134. 

  134. 	 * header('Cache-Control: no-cache, must-revalidate');
    135. 

  135. 	 * header('Pragma: no-cache');
    136. 

  136. 	 * before sending a file to the browser, the "Open" option on Internet Explorer's file download dialog will not work properly. If the user clicks "Open" instead of "Save," the target application will open an empty file, because the downloaded file was not cached. The user will have to save the file to their hard drive in order to use it.
    137. 

  137. 	 * Make sure to leave these headers out if you'd like your visitors to be able to use IE's "Open" option.
    138. 

  138. 	 */
    139. 

  139. 	header("Pragma: \n");
    140. 

  140. 	header("Cache-Control: \n");
    141. 

  141. 	header("Cache-Control: public\n"); // IE cannot download from sessions without a cache
    142. 

  142. 

  143. 	/*if (isset($_SERVER['HTTPS'])) {
    144. 

  144. 	    /**
    145. 

  145. 	     * We need to set the following headers to make downloads work using IE in HTTPS mode.
    146. 

  146. 	     *
    147. 

  147. 	    //header('Pragma: ');
    148. 

  148. 	    //header('Cache-Control: ');
    149. 

  149. 	    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n");
    150. 

  150. 	    header("Last-Modified: " . gmdate( "D, d M Y H:i:s") . " GMT\n");
    151. 

  151. 	    header("Cache-Control: no-store, no-cache, must-revalidate\n"); // HTTP/1.1
    152. 

  152. 	    header("Cache-Control: post-check=0, pre-check=0\n", false);
    153. 

  153. 	}*/
    154. 

  154. 

  155. 	header('Content-Description: '.trim(htmlentities($file)));
    156. 

  156. 	header('Content-transfer-encoding: binary');
    157. 

  157. 

  158. 	header("Content-Length: " . filesize($path)."\n" );
    159. 

  159. 

  160. 	$fp = fopen( $path, 'rb');
    161. 

  161. 	fpassthru($fp);
    162. 

  162. 	exit();
    163. 

  163. }
    164. 

  164. 

  165. //@todo clean this file the code below is useless there are 2 exits in previous conditions ... maybe a bad copy/paste/merge?
    166. 

  166. exit;
    167.