/** * Determine the maximum size allowed to upload. This size is based on * the tool $maxFilledSpace regarding the space already opccupied * by previous uploaded files, and the php.ini upload_max_filesize * and post_max_size parameters. This value is diplayed on the upload * form. * * @param integer $maxFilledSpace local max allowed file size * e.g. remaining place in * an allocated course directory * * @return integer : lower value between php.ini values of upload_max_filesize * and post_max_size * and the claroline value of size left in directory * * @see - get_max_upload_size() uses dir_total_space() function */ function get_max_upload_size($maxFilledSpace, $baseWorkDir) { $php_uploadMaxFile = ini_get('upload_max_filesize'); if (strstr($php_uploadMaxFile, 'M')) { $php_uploadMaxFile = intval($php_uploadMaxFile) * 1048576; } $php_postMaxFile = ini_get('post_max_size'); if (strstr($php_postMaxFile, 'M')) { $php_postMaxFile = intval($php_postMaxFile) * 1048576; } $docRepSpaceAvailable = $maxFilledSpace - dir_total_space($baseWorkDir); $fileSizeLimitList = array($php_uploadMaxFile, $php_postMaxFile, $docRepSpaceAvailable); sort($fileSizeLimitList); list($maxFileSize) = $fileSizeLimitList; return $maxFileSize; }
} else { Database::get()->query("INSERT INTO document SET\n course_id = ?d ,\n subsystem = ?d ,\n subsystem_id = ?d ,\n path = ?s,\n filename = ?s ,\n visible = 0,\n creator = ?s,\n date = ?t ,\n date_modified = ?t ,\n format = ?s,\n language = ?s", $course_id, $subsystem, $subsystem_id, $metadataPath, $oldFilename, $_SESSION['givenname'] . " " . $_SESSION['surname'], $xml_date, $xml_date, $file_format, $_POST['meta_language']); } $action_message = "<div class='alert alert-success'>{$langMetadataMod}</div>"; } if (isset($_POST['replacePath']) and isset($_FILES['newFile']) and is_uploaded_file($_FILES['newFile']['tmp_name'])) { validateUploadedFile($_FILES['newFile']['name'], $menuTypeID); $replacePath = $_POST['replacePath']; // Check if file actually exists $result = Database::get()->querySingle("SELECT id, path, format FROM document WHERE\n {$group_sql} AND\n format <> '.dir' AND\n path=?s", $replacePath); if ($result) { $docId = $result->id; $oldpath = $result->path; $oldformat = $result->format; // check for disk quota $diskUsed = dir_total_space($basedir); if ($diskUsed - filesize($basedir . $oldpath) + $_FILES['newFile']['size'] > $diskQuotaDocument) { $action_message = "<div class='alert alert-danger'>{$langNoSpace}</div>"; } elseif (unwanted_file($_FILES['newFile']['name'])) { $action_message = "<div class='alert alert-danger'>{$langUnwantedFiletype}: " . q($_FILES['newFile']['name']) . "</div>"; } else { $newformat = get_file_extension($_FILES['newFile']['name']); $newpath = preg_replace("/\\.{$oldformat}\$/", '', $oldpath) . (empty($newformat) ? '' : '.' . $newformat); my_delete($basedir . $oldpath); $affectedRows = Database::get()->query("UPDATE document SET path = ?s, format = ?s, filename = ?s, date_modified = NOW()\n WHERE {$group_sql} AND path = ?s", $newpath, $newformat, $_FILES['newFile']['name'], $oldpath)->affectedRows; if (!copy($_FILES['newFile']['tmp_name'], $basedir . $newpath) or $affectedRows == 0) { $action_message = "<div class='alert alert-danger'>{$langGeneralError}</div>"; } else { if (hasMetaData($oldpath, $basedir, $group_sql)) { rename($basedir . $oldpath . ".xml", $basedir . $newpath . ".xml"); Database::get()->query("UPDATE document SET path = ?s, filename=?s WHERE {$group_sql} AND path = ?s", $newpath . ".xml", $_FILES['newFile']['name'] . ".xml", $oldpath . ".xml");
} $form .= '<tr>' . "\n" . '<td> </td>' . "\n" . '<td>' . "\n" . '<input type="submit" name="submitImage" value="' . get_lang("Ok") . '" /> ' . "\n" . claro_html_button(claro_htmlspecialchars(Url::Contextualize($_SERVER['PHP_SELF'] . '?cmd=exChDir&file=' . base64_encode($cwd))), get_lang("Cancel")) . '</td>' . "\n" . '</tr>' . "\n\n" . '</table>' . "\n" . '</form>' . "\n"; $dialogBox->form($form); } // end if ($imgFileNb > 0) } // end if (strrchr($fileName) == "htm" } // end if is_uploaded_file } // end if ($cmd == 'exUpload') if ($cmd == 'rqUpload') { /* * Prepare dialog box display */ $spaceAlreadyOccupied = dir_total_space($baseWorkDir); $remainingDiskSpace = $maxFilledSpace - $spaceAlreadyOccupied; $maxUploadSize = get_max_upload_size($maxFilledSpace, $baseWorkDir); if ($remainingDiskSpace < 0) { // Disk quota exceeded $remainingDiskSpace = 0; $adminEmailUrl = '<a href="mailto:' . get_conf('administrator_email') . '">' . get_lang('Platform administrator') . '</a>'; $dialogBox->error('<p>' . get_lang('Disk quota exceeded, please contact the %administrator', array('%administrator' => $adminEmailUrl)) . '<br />' . "\n" . '<small>' . get_lang('Maximum disk space : %size', array('%size' => format_file_size($maxFilledSpace))) . '</small><br />' . "\n" . '<small>' . get_lang('Disk space occupied : %size', array('%size' => format_file_size($spaceAlreadyOccupied))) . '</small><br />' . "\n" . '<small>' . get_lang('Disk space available : %size', array('%size' => format_file_size($remainingDiskSpace))) . '</small>' . '</p>'); } else { /* * Technical note: 'cmd=exUpload' is added into the 'action' * attributes of the form, rather than simply put in a post * hidden input. That way, this parameter is concatenated with * the URL, and it guarantees than it will be received by the * server. The reason of this trick, is because, sometimes, * when file upload fails, no form data are received at all by
/** * Computes the size already occupied by a directory and is subdirectories * * @author - Hugues Peeters <*****@*****.**> * @param - dir_path (string) - size of the file in byte * @return - int - return the directory size in bytes */ function dir_total_space($dir_path) { $save_dir = getcwd(); chdir($dir_path); $handle = opendir($dir_path); $sumSize = 0; $dirList = array(); while ($element = readdir($handle)) { if ($element == '.' || $element == '..') { continue; // Skip the current and parent directories } if (is_file($element)) { $sumSize += filesize($element); } if (is_dir($element)) { $dirList[] = $dir_path . '/' . $element; } } closedir($handle); if (sizeof($dirList) > 0) { foreach ($dirList as $j) { $sizeDir = dir_total_space($j); // Recursivity $sumSize += $sizeDir; } } chdir($save_dir); // Return to initial position return $sumSize; }
} } else { $recipients[] = $r; } } $recipients = array_unique($recipients); if (isset($_POST['message_title']) and $_POST['message_title'] != '') { $subject = $_POST['message_title']; } else { $subject = $langMessage; } $msg = new Msg($uid, $cid, $subject, $_POST['body'], $recipients, $filename, $real_filename, $filesize); } else { $cwd = getcwd(); if (is_dir($dropbox_dir)) { $dropbox_space = dir_total_space($dropbox_dir); } $filename = php2phps($_FILES['file']['name']); $filesize = $_FILES['file']['size']; $filetype = $_FILES['file']['type']; $filetmpname = $_FILES['file']['tmp_name']; validateUploadedFile($_FILES['file']['name'], 1); if ($filesize + $dropbox_space > $diskQuotaDropbox) { $errormsg = $langNoSpace; $error = TRUE; } elseif (!is_uploaded_file($filetmpname)) { // check user found : no clean error msg die($langBadFormData); } // set title if (isset($_POST['message_title']) and $_POST['message_title'] != '') {
$personal_msgs_allowed = get_config('dropbox_allow_personal_messages'); if (!isset($course_id)) { $course_id = 0; } if ($course_id != 0) { $dropbox_dir = $webDir . "/courses/" . $course_code . "/dropbox"; if (!is_dir($dropbox_dir)) { mkdir($dropbox_dir); } // get dropbox quotas from database $d = Database::get()->querySingle("SELECT dropbox_quota FROM course WHERE code = ?s", $course_code); $diskQuotaDropbox = $d->dropbox_quota; $diskUsed = dir_total_space($dropbox_dir); } // javascript functions $head_content = '<script type="text/javascript"> function checkForm (frm) { if (frm.elements["recipients[]"].selectedIndex < 0) { alert("' . $langNoUserSelected . '"); return false; } else { return true; } } </script>'; if ($course_id != 0) {
} } if (isset($_GET['id']) and isset($_GET['table_edit'])) { $pageName = $langEditChange; } $tool_content .= action_bar(array( array('title' => $langBack, 'url' => "$_SERVER[SCRIPT_NAME]?course=$course_code", 'icon' => 'fa-reply', 'level' => 'primary-label'))); } } $diskQuotaVideo = Database::get()->querySingle("SELECT video_quota FROM course WHERE code=?s", $course_code)->video_quota; $updir = "$webDir/video/$course_code"; //path to upload directory $diskUsed = dir_total_space($updir); if (isset($_GET['showQuota']) and $_GET['showQuota'] == TRUE) { $pageName = $langQuotaBar; $navigation[] = array('url' => "$_SERVER[SCRIPT_NAME]?course=$course_code", 'name' => $langVideo); $tool_content .= showquota($diskQuotaVideo, $diskUsed); draw($tool_content, $menuTypeID); exit; } // visibility commands if (isset($_GET['vis'])) { $table = select_table($_GET['table']); Database::get()->query("UPDATE $table SET visible = ?d WHERE id = ?d", $_GET['vis'], $_GET['vid']); $action_message = "<div class='alert alert-success'>$langViMod</div>"; }