// $wrkForm['filename'] , $wrkForm['wrkTitle'] , $wrkForm['authors'] ...
if ($cmd == 'exDownload') {
$workId = isset($_REQUEST['workId']) ? $_REQUEST['workId'] : null;
$submission = new Submission();
if ($submission->load($workId)) {
$submissionUserId = $submission->getUserId();
$submissionGroupId = $submission->getGroupId();
$userGroupList = array();
if ($assignment->getAssignmentType() == 'GROUP') {
$userGroupList = get_user_group_list(claro_get_current_user_id());
}
$is_allowedToDownload = (bool) $is_allowedToEditAll || $submissionUserId == claro_get_current_user_id() || isset($userGroupList[$submissionGroupId]);
// check permission
if ($submission->getVisibility() == 'VISIBLE' || $is_allowedToDownload) {
// read file
$filePath = $assignment->getAssigDirSys() . $submission->getSubmittedFilename();
if (claro_send_file($filePath)) {
die;
} else {
$dialogBox->error(get_lang('Not found'));
}
} else {
$dialogBox->error(get_lang('Not allowed'));
}
} else {
$dialogBox->error(get_lang('Not found'));
}
// Submission not found or not allowed
header('HTTP/1.1 404 Not Found');
$interbredcrump[] = array('url' => Url::Contextualize("../work/work.php"), 'name' => get_lang('Assignments'));
$interbredcrump[] = array('url' => Url::Contextualize("../work/work_list.php?authId=" . $_REQUEST['authId'] . "&assigId=" . $assignmentId), 'name' => get_lang('Assignment'));
$dialogBox->error(get_lang('You didnt choose any file to send, or file is too big'));
$formCorrectlySent = false;
$autoFeedbackFilename = $assignment->getAutoFeedbackFilename();
} else {
// add file extension if it doesn't have one
$newFileName = $_FILES['autoFeedbackFilename']['name'];
$newFileName .= add_extension_for_uploaded_file($_FILES['autoFeedbackFilename']);
// Replace dangerous characters
$newFileName = replace_dangerous_char($newFileName);
// Transform any .php file in .phps fo security
$newFileName = get_secure_file_name($newFileName);
// -- create a unique file name to avoid any conflict
// there can be only one automatic feedback but the file is put in the
// assignments directory
$autoFeedbackFilename = $assignment->createUniqueFilename($newFileName);
$tmpWorkUrl = $assignment->getAssigDirSys() . $autoFeedbackFilename;
if (move_uploaded_file($_FILES['autoFeedbackFilename']['tmp_name'], $tmpWorkUrl)) {
chmod($tmpWorkUrl, CLARO_FILE_PERMISSIONS);
} else {
$dialogBox->error(get_lang('Cannot copy the file'));
$formCorrectlySent = false;
}
// remove the previous file if there was one
if ($assignment->getAutoFeedbackFilename() != '') {
if (file_exists($assignment->getAssigDirSys() . $assignment->getAutoFeedbackFilename())) {
claro_delete_file($assignment->getAssigDirSys() . $assignment->getAutoFeedbackFilename());
}
}
// else : file sending shows no error
// $formCorrectlySent stay true;
}
