Hpdownload.php 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * This script shows the list of exercises for administrators and students.
  5. * @package chamilo.exercise
  6. * @author Istvan Mandak
  7. * @version $Id: Hpdownload.php 22201 2009-07-17 19:57:03Z cfasanando $
  8. */
  9. /**
  10. * Code
  11. */
  12. session_cache_limiter('public');
  13. require_once '../inc/global.inc.php';
  14. $this_section = SECTION_COURSES;
  15. $tbl_document = Database::get_course_table(TABLE_DOCUMENT);
  16. $doc_url = str_replace(array('../', '\\..', '\\0', '..\\'), array('', '', '', ''), urldecode($_GET['doc_url']));
  17. $filename = basename($doc_url);
  18. // launch event
  19. //event_download($doc_url);
  20. if (isset($_course['path'])) {
  21. $course_path = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
  22. $full_file_name = $course_path.Security::remove_XSS($doc_url);
  23. } else {
  24. $course_path = api_get_path(SYS_COURSE_PATH).$cid.'/document';
  25. $full_file_name = $course_path.Security::remove_XSS($doc_url);
  26. }
  27. if (!is_file($full_file_name)) {
  28. exit;
  29. }
  30. if (!Security::check_abs_path($full_file_name, $course_path.'/')) {
  31. exit;
  32. }
  33. $extension = explode('.', $filename);
  34. $extension = strtolower($extension[sizeof($extension) - 1]);
  35. switch ($extension) {
  36. case 'gz':
  37. $content_type = 'application/x-gzip';
  38. break;
  39. case 'zip':
  40. $content_type = 'application/zip';
  41. break;
  42. case 'pdf':
  43. $content_type = 'application/pdf';
  44. break;
  45. case 'png':
  46. $content_type = 'image/png';
  47. break;
  48. case 'gif':
  49. $content_type = 'image/gif';
  50. break;
  51. case 'jpg':
  52. $content_type = 'image/jpeg';
  53. break;
  54. case 'txt':
  55. $content_type = 'text/plain';
  56. break;
  57. case 'htm':
  58. $content_type = 'text/html';
  59. break;
  60. case 'html':
  61. $content_type = 'text/html';
  62. break;
  63. default:
  64. $content_type = 'application/octet-stream';
  65. break;
  66. }
  67. header('Content-disposition: filename='.$filename);
  68. header('Content-Type: '.$content_type);
  69. header('Expires: '.gmdate('D, d M Y H:i:s', time() + 10).' GMT');
  70. header('Last-Modified: '.gmdate('D, d M Y H:i:s', time() + 10).' GMT');
  71. /*
  72. Dynamic parsing section
  73. is activated whenever a user views an html file
  74. work in progress
  75. - question: we could also parse per line,
  76. perhaps this would be faster.
  77. ($file_content = file($full_file_name) returns file in array)
  78. */
  79. if ($content_type == 'text/html') {
  80. $directory_name = dirname($full_file_name);
  81. $dir = str_replace(
  82. array('\\', api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'),
  83. array('/', ''),
  84. $directory_name
  85. );
  86. if ($dir[strlen($dir) - 1] != '/') {
  87. $dir .= '/';
  88. }
  89. //Parse whole file at one
  90. $fp = fopen($full_file_name, "r");
  91. $file_content = fread($fp, filesize($full_file_name));
  92. fclose($fp);
  93. $exercicePath = api_get_self();
  94. $exfile = explode('/', $exercicePath);
  95. $exfile = $exfile[sizeof($exfile) - 1];
  96. $exercicePath = substr($exercicePath, 0, strpos($exercicePath, $exfile));
  97. $exercicePath = $exercicePath;
  98. $content = $file_content;
  99. $mit = "function Finish(){";
  100. $js_content = "var SaveScoreVariable = 0; // This variable included by Dokeos System\n".
  101. "function mySaveScore() // This function included by Dokeos System\n".
  102. "{\n".
  103. " if (SaveScoreVariable==0)\n".
  104. " {\n".
  105. " SaveScoreVariable = 1;\n".
  106. " if (C.ie)\n".
  107. " {\n".
  108. " document.location.href = \"".$exercicePath."savescores.php?origin=$origin&time=$time&test=".$doc_url."&uid=".$_user['user_id']."&cid=".$cid."&score=\"+Score;\n".
  109. " //window.alert(Score);\n".
  110. " }\n".
  111. " else\n".
  112. " {\n".
  113. " }\n".
  114. " }\n".
  115. "}\n".
  116. "// Must be included \n".
  117. "function Finish(){\n".
  118. " mySaveScore();";
  119. $newcontent = str_replace($mit, $js_content, $content);
  120. $prehref = "javascript:void(0);";
  121. $posthref = $_configuration['root_web']."main/exercice/Hpdownload.php?doc_url=".$doc_url."&cid=".$cid."&uid=".$uid;
  122. $newcontent = str_replace($prehref, $posthref, $newcontent);
  123. $prehref = "class=\"GridNum\" onclick=";
  124. $posthref = "class=\"GridNum\" onMouseover=";
  125. $newcontent = str_replace($prehref, $posthref, $newcontent);
  126. header('Content-length: '.strlen($newcontent));
  127. // Dipsp.
  128. echo $newcontent;
  129. exit();
  130. }
  131. //normal case, all non-html files
  132. //header('Content-length: '.filesize($full_file_name));
  133. $fp = fopen($full_file_name, 'rb');
  134. fpassthru($fp);
  135. fclose($fp);
  136. ?>