Home Explore Help
Register Sign In
aj
/
chamilo-lms2
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e7c246f349
Branches Tags
chamilo-lms2
/
main
/
inc
/
lib
/
jpegcam
/
webcam_receiver.php

webcam_receiver.php 3.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122 
  1. <?php
    2. 

  2. 

  3. /* JPEGCam Script */
    4. 

  4. /* Receives JPEG webcam submission and saves to local file. */
    5. 

  5. /* Make sure your directory has permission to write files as your web server user! */
    6. 

  6. require_once '../../../inc/global.inc.php';
    7. 

  7. //Add security from Chamilo
    8. 

  8. api_protect_course_script();
    9. 

  9. api_block_anonymous_users();
    10. 

  10. 

  11. # Save the audio to a URL-accessible directory for playback.
    12. 

  12. parse_str($_SERVER['QUERY_STRING'], $params);
    13. 

  13. 

  14. if (isset($params['webcamname']) && isset($params['webcamdir']) && isset($params['webcamuserid'])) {
    15. 

  15.     $webcamname = $params['webcamname'];
    16. 

  16.     $webcamdir = $params['webcamdir'];
    17. 

  17.     $webcamuserid = $params['webcamuserid'];
    18. 

  18. } else {
    19. 

  19.     api_not_allowed();
    20. 

  20.     die();
    21. 

  21. }
    22. 

  22. 

  23. if ($webcamuserid != api_get_user_id() || api_get_user_id() == 0 || $webcamuserid == 0) {
    24. 

  24.     api_not_allowed();
    25. 

  25.     die();
    26. 

  26. }
    27. 

  27. 

  28. 

  29. //clean
    30. 

  30. $webcamname = Security::remove_XSS($webcamname);
    31. 

  31. $webcamname = Database::escape_string($webcamname);
    32. 

  32. $webcamname = addslashes(trim($webcamname));
    33. 

  33. $webcamname = api_replace_dangerous_char($webcamname, 'strict');
    34. 

  34. $webcamname = FileManager::disable_dangerous_file($webcamname);
    35. 

  35. $webcamdir = Security::remove_XSS($webcamdir);
    36. 

  36. 

  37. //security extension
    38. 

  38. $ext = explode('.', $webcamname);
    39. 

  39. $ext = strtolower($ext[sizeof($ext) - 1]);
    40. 

  40. 

  41. if ($ext != 'jpg') {
    42. 

  42.     die();
    43. 

  43. }
    44. 

  44. 

  45. //Do not use here check Fileinfo method because return: text/plain                //CHECK THIS BEFORE COMMIT
    46. 

  46. 

  47. $dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
    48. 

  48. $saveDir = $dirBaseDocuments.$webcamdir;
    49. 

  49. $current_session_id = api_get_session_id();
    50. 

  50. $groupId = $_SESSION['_gid'];
    51. 

  51. 

  52. //avoid duplicates
    53. 

  53. $webcamname_to_save = $webcamname;
    54. 

  54. $title_to_save = str_replace('_', ' ', $webcamname);
    55. 

  55. $webcamname_noex = basename($webcamname, ".jpg");
    56. 

  56. if (file_exists($saveDir.'/'.$webcamname_noex.'.'.$ext)) {
    57. 

  57.     $i = 1;
    58. 

  58.     while (file_exists($saveDir.'/'.$webcamname_noex.'_'.$i.'.'.$ext)) {
    59. 

  59.         $i++;
    60. 

  60.     }
    61. 

  61.     $webcamname_to_save = $webcamname_noex.'_'.$i.'.'.$ext;
    62. 

  62.     $title_to_save = $webcamname_noex.'_'.$i.'.'.$ext;
    63. 

  63.     $title_to_save = str_replace('_', ' ', $title_to_save);
    64. 

  64. }
    65. 

  65. 

  66. 

  67. $documentPath = $saveDir.'/'.$webcamname_to_save;
    68. 

  68. 

  69. 

  70. //read content
    71. 

  71. $content = file_get_contents('php://input');
    72. 

  72. if (!$content) {
    73. 

  73.     print "ERROR: Failed to read data\n";
    74. 

  74.     exit();
    75. 

  75. }
    76. 

  76. 

  77. 

  78. //make a temporal file for get the file size
    79. 

  79. $tmpfname = tempnam("/tmp", "CTF");
    80. 

  80. $handle = fopen($tmpfname, "w");
    81. 

  81. fwrite($handle, $content);
    82. 

  82. fclose($handle);
    83. 

  83. 

  84. // Check if there is enough space in the course to save the file
    85. 

  85. if (!DocumentManager::enough_space(filesize($tmpfname), DocumentManager::get_course_quota())) {
    86. 

  86.     unlink($tmpfname);
    87. 

  87.     die(get_lang('UplNotEnoughSpace'));
    88. 

  88. }
    89. 

  89. 

  90. //erase temporal file
    91. 

  91. unlink($tmpfname);
    92. 

  92. 

  93. //add to disk
    94. 

  94. $fh = fopen($documentPath, 'w') or die("can't open file");
    95. 

  95. fwrite($fh, $content);
    96. 

  96. fclose($fh);
    97. 

  97. 

  98. //add document to database
    99. 

  99. $doc_id = FileManager::add_document(
    100. 

  100.     $_course,
    101. 

  101.     $webcamdir.'/'.$webcamname_to_save,
    102. 

  102.     'file',
    103. 

  103.     filesize($documentPath),
    104. 

  104.     $title_to_save
    105. 

  105. );
    106. 

  106. api_item_property_update(
    107. 

  107.     $_course,
    108. 

  108.     TOOL_DOCUMENT,
    109. 

  109.     $doc_id,
    110. 

  110.     'DocumentAdded',
    111. 

  111.     $_user['user_id'],
    112. 

  112.     $groupId,
    113. 

  113.     null,
    114. 

  114.     null,
    115. 

  115.     null,
    116. 

  116.     $current_session_id
    117. 

  117. );
    118. 

  118. ///
    119. 

  119. $url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$documentPath;
    120. 

  120. print "$url\n";
    121. 

  121. 

  122. ?>
    123.