<?php include __DIR__ . "/include.php"; check_access(ADMIN); list($challenge, $type) = apiCheckParams("challenge", "type"); $file = $_FILES["file"]; apiCheck(dbExists("SELECT id FROM challenge WHERE id = :challenge", ['challenge' => $challenge]), "Challenge existiert nicht!"); apiCheck(pathinfo($file["name"], PATHINFO_EXTENSION) === "pdf", "Nur pdf-Dateien erlaubt"); apiCheck($file["size"] < MAX_PDF_SIZE, "Datei zu groß!"); apiCheck($type === TEACHER_PDF || $type === PUPIL_PDF, "Ungütiger Typ"); apiAction(function () use($challenge, $file, $type) { move_uploaded_file($file["tmp_name"], getPDFPath($challenge, $type)); });
function printChallenge($row) { global $db; # finc classes for challenge $classStmt = $db->prepare("SELECT cl.id FROM challenge as c\nJOIN solved_challenge as sc ON c.id=sc.challenge\nJOIN class as cl ON cl.id = sc.class\nWHERE c.id = :id"); $classStmt->execute(['id' => $row->id]); $classes = ""; foreach ($classStmt->fetchAll(PDO::FETCH_OBJ) as $classRow) { $classes = $classes . " class-" . e($classRow->id); } ?> <div class=" challenge-location" > <img src="symbols/<?php echo e($row->location); ?> .png" alt="<?php echo e($row->location); ?> " height="35px" width="35px"> </div> <div class="<?php echo e($row->category); ?> challenge-points" > <span title="Punktzahl"><b style="font-family: Titillium Web;"><?php echo e($row->points); ?> </b></span> </div> <u></b><span><a class="<?php echo $classes; ?> challenge-title greenindexlink" onclick="return toggleMe('challenge-<?php echo e($row->id); ?> ')" href="javascript:void(0)" style="font-family: Lobster; font-size: 18px; background-color: #17A33A;"><span data-title="<?php echo e($row->name); ?> "><?php echo e($row->name); ?> </span></a></span></u></b> <span title="Extrapunkte für Zusatzaufgabe"> <div style="font-family: Titillium Web; font-size: 11px; margin-left: 94%; margin-top: 3px; float: left; position: relative; background-color: #0F9C2E;"> <?php if ($row->extrapoints) { echo "+" . e($row->extrapoints); } ?> </div></span> <br> <div style="display:none;" class="dbox" id="challenge-<?php echo e($row->id); ?> "> <br> <?php echo e($row->description); ?> <br> <?php if ($row->author) { ?> <div style="color: black; font-family: Titillium Web;">Von: <b><?php echo e($row->author); ?> </b></div> <?php } // pdfs if (file_exists(getPDFPath($row->id, PUPIL_PDF))) { ?> <div> <span><a href="#" class="indexlink" onclick="downloadPDF(<?php echo e($row->id); ?> , '<?php echo e(PUPIL_PDF); ?> ')" style="color: black; font-family: Titillium Web; font-size: 13px; background-color: #17A33A"><span data-title="Mehr Infos zur Aufgabe [PDF]"><b>Challenge-Beschreibung [PDF]</b> </span></a></span> </div> <?php } if (isLoggedIn() && file_exists(getPDFPath($row->id, TEACHER_PDF))) { ?> <div> <span><a href="#" class="indexlink" onclick="downloadPDF(<?php echo e($row->id); ?> , '<?php echo e(TEACHER_PDF); ?> ')" style="color: black; font-family: Titillium Web; font-size: 13px; background-color: #17A33A"><span data-title="Mehr Infos zur Aufgabe [PDF]"><b>Hinweise für Lehrkräfte [PDF]</b></span></a></span> </div> <?php } ?> </div> <?php if (isLoggedIn()) { ?> <div class="solve-link <?php echo $classes; ?> " > <a href="#" onclick="if(classNames[selectedClass] && confirm('Challenge \'<?php echo e($row->name); ?> \' für Klasse \'' + classNames[selectedClass] + '\' abschließen (keine Extrapunkte)?'))callApi('solveChallenge', {'class': selectedClass, 'challenge': <?php echo e($row->id); ?> })" style="color: black; font-family: Titillium Web;">Challenge abschließen!</a> </div> <?php } ?> <br><br> <?php }
<?php include __DIR__ . "/include.php"; list($challenge, $type) = apiCheckParams("challenge", "type"); $challengeRow = fetch("SELECT name FROM challenge WHERE id = :challenge", ['challenge' => $challenge]); apiCheck($challengeRow !== false, "Challenge existiert nicht!"); if ($type !== TEACHER_PDF && $type !== PUPIL_PDF) { apiAddError("Ungültiger Typ"); } else { if ($type == TEACHER_PDF && !isLoggedIn()) { apiAddError("Nicht erlaubt!"); } else { $file = getPDFPath($challenge, $type); apiCheck(file_exists($file), "Datei existiert nicht!"); } } apiAction(function () use($file, $challengeRow, $type) { $filename = $challengeRow->name; // normalize filename // idea from http://stackoverflow.com/questions/2021624/string-sanitizer-for-filename $filename = mb_ereg_replace("(ä)", 'a', $filename); $filename = mb_ereg_replace("(ü)", 'u', $filename); $filename = mb_ereg_replace("(ö)", 'o', $filename); $filename = mb_ereg_replace("(Ä)", 'A', $filename); $filename = mb_ereg_replace("(Ü)", 'U', $filename); $filename = mb_ereg_replace("(Ö)", 'O', $filename); $filename = mb_ereg_replace("([^A-Za-z_0-9])", '', $filename); if ($type === TEACHER_PDF) { $filename .= "_Lehrer"; } // see http://stackoverflow.com/a/27805443