work.ajax.php 7.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Responses to AJAX calls.
  5. */
  6. require_once __DIR__.'/../global.inc.php';
  7. require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';
  8. $action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
  9. $isAllowedToEdit = api_is_allowed_to_edit();
  10. $courseInfo = api_get_course_info();
  11. switch ($action) {
  12. case 'show_student_work':
  13. api_protect_course_script(true);
  14. if ($isAllowedToEdit) {
  15. $itemList = isset($_REQUEST['item_list']) ? $_REQUEST['item_list'] : [];
  16. $itemList = explode(',', $itemList);
  17. if (!empty($itemList)) {
  18. foreach ($itemList as $itemId) {
  19. makeVisible($itemId, $courseInfo);
  20. }
  21. echo '1';
  22. exit;
  23. }
  24. }
  25. echo '0';
  26. break;
  27. case 'hide_student_work':
  28. api_protect_course_script(true);
  29. if ($isAllowedToEdit) {
  30. $itemList = isset($_REQUEST['item_list']) ? $_REQUEST['item_list'] : [];
  31. $itemList = explode(',', $itemList);
  32. if (!empty($itemList)) {
  33. foreach ($itemList as $itemId) {
  34. makeInvisible($itemId, $courseInfo);
  35. }
  36. echo '1';
  37. exit;
  38. }
  39. }
  40. echo '0';
  41. break;
  42. case 'delete_student_work':
  43. api_protect_course_script(true);
  44. if ($isAllowedToEdit) {
  45. $itemId = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
  46. deleteWorkItem($itemId, $courseInfo);
  47. echo '1';
  48. exit;
  49. }
  50. echo '0';
  51. break;
  52. case 'upload_file':
  53. api_protect_course_script(true);
  54. $workId = isset($_REQUEST['id']) ? $_REQUEST['id'] : '';
  55. $workInfo = get_work_data_by_id($workId);
  56. $sessionId = api_get_session_id();
  57. $userId = api_get_user_id();
  58. $groupId = api_get_group_id();
  59. $onlyOnePublication = api_get_configuration_value('allow_only_one_student_publication_per_user');
  60. if ($onlyOnePublication) {
  61. $count = get_work_count_by_student($userId, $workId);
  62. if ($count >= 1) {
  63. exit;
  64. }
  65. }
  66. if (!empty($_FILES)) {
  67. $files = $_FILES['files'];
  68. $fileList = [];
  69. foreach ($files as $name => $array) {
  70. $counter = 0;
  71. foreach ($array as $data) {
  72. $fileList[$counter][$name] = $data;
  73. $counter++;
  74. }
  75. }
  76. $resultList = [];
  77. foreach ($fileList as $file) {
  78. $globalFile = [];
  79. $globalFile['files'] = $file;
  80. $values = [
  81. 'contains_file' => 1,
  82. 'title' => $file['name'],
  83. 'description' => '',
  84. ];
  85. $result = processWorkForm(
  86. $workInfo,
  87. $values,
  88. $courseInfo,
  89. $sessionId,
  90. $groupId,
  91. $userId,
  92. $file,
  93. api_get_configuration_value('assignment_prevent_duplicate_upload'),
  94. false
  95. );
  96. $json = [];
  97. if (!empty($result) && is_array($result) && empty($result['error'])) {
  98. $json['name'] = api_htmlentities($result['title']);
  99. $json['link'] = Display::url(
  100. api_htmlentities($result['title']),
  101. api_htmlentities($result['view_url']),
  102. ['target' => '_blank']
  103. );
  104. $json['url'] = $result['view_url'];
  105. $json['size'] = '';
  106. $json['type'] = api_htmlentities($result['filetype']);
  107. $json['result'] = Display::return_icon(
  108. 'accept.png',
  109. get_lang('Uploaded..')
  110. );
  111. } else {
  112. $json['url'] = '';
  113. $json['error'] = isset($result['error']) ? $result['error'] : get_lang('Error');
  114. }
  115. $resultList[] = $json;
  116. }
  117. echo json_encode(['files' => $resultList]);
  118. }
  119. break;
  120. case 'delete_work':
  121. if ($isAllowedToEdit) {
  122. if (empty($_REQUEST['id'])) {
  123. return false;
  124. }
  125. $workList = explode(',', $_REQUEST['id']);
  126. foreach ($workList as $workId) {
  127. deleteDirWork($workId);
  128. }
  129. }
  130. break;
  131. case 'upload_correction_file':
  132. api_protect_course_script(true);
  133. // User access same as upload.php
  134. $is_allowed_to_edit = api_is_allowed_to_edit(null, true);
  135. $itemId = isset($_GET['item_id']) ? intval($_GET['item_id']) : '';
  136. $result = [];
  137. if (!empty($_FILES) && !empty($itemId)) {
  138. $file = $_FILES['file'];
  139. $courseInfo = api_get_course_info();
  140. $workInfo = get_work_data_by_id($itemId);
  141. $workInfoParent = get_work_data_by_id($workInfo['parent_id']);
  142. $resultUpload = uploadWork($workInfoParent, $courseInfo, true, $workInfo);
  143. if (!$resultUpload) {
  144. echo 'false';
  145. break;
  146. }
  147. $work_table = Database::get_course_table(
  148. TABLE_STUDENT_PUBLICATION
  149. );
  150. if (isset($resultUpload['url']) && !empty($resultUpload['url'])) {
  151. $title = isset($resultUpload['filename']) && !empty($resultUpload['filename']) ? $resultUpload['filename'] : get_lang('Untitled');
  152. $url = Database::escape_string($resultUpload['url']);
  153. $title = Database::escape_string($title);
  154. $sql = "UPDATE $work_table SET
  155. url_correction = '".$url."',
  156. title_correction = '".$title."'
  157. WHERE iid = $itemId";
  158. Database::query($sql);
  159. $result['title'] = $resultUpload['filename'];
  160. $result['url'] = 'view.php?'.api_get_cidreq().'&id='.$itemId;
  161. $json = [];
  162. $json['name'] = Display::url(
  163. api_htmlentities($result['title']),
  164. api_htmlentities($result['url']),
  165. ['target' => '_blank']
  166. );
  167. $json['type'] = api_htmlentities($file['type']);
  168. $json['size'] = format_file_size($file['size']);
  169. }
  170. if (isset($result['url'])) {
  171. $json['result'] = Display::return_icon(
  172. 'accept.png',
  173. get_lang('Uploaded..'),
  174. [],
  175. ICON_SIZE_TINY
  176. );
  177. } else {
  178. $json['result'] = Display::return_icon(
  179. 'exclamation.png',
  180. get_lang('Error'),
  181. [],
  182. ICON_SIZE_TINY
  183. );
  184. }
  185. header('Content-Type: application/json');
  186. echo json_encode($json);
  187. }
  188. break;
  189. default:
  190. echo '';
  191. break;
  192. }
  193. exit;