function unpack_zip_inner($zipfile, $clone) {
global $webDir, $uid;
require_once 'include/lib/fileUploadLib.inc.php';
$zip = new pclZip($zipfile);
if (!$clone) {
validateUploadedZipFile($zip->listContent(), 3);
}
$destdir = $webDir . '/courses/tmpUnzipping/' . $uid;
if (!is_dir($destdir)) {
mkdir($destdir, 0755);
}
chdir($destdir);
$zip->extract();
$retArr = array();
foreach (find_backup_folders($destdir) as $folder) {
$retArr[] = array(
'path' => $folder['path'] . '/' . $folder['dir'],
'file' => $folder['dir'],
'course' => preg_replace('|^.*/|', '', $folder['path'])
);
}
chdir($webDir);
return $retArr;
}
$action_message = $dialogBox = '';
if (isset($_FILES['userFile']) and is_uploaded_file($_FILES['userFile']['tmp_name'])) {
validateUploadedFile($_FILES['userFile']['name'], $menuTypeID);
$extra_path = '';
$userFile = $_FILES['userFile']['tmp_name'];
// check for disk quotas
$diskUsed = dir_total_space($basedir);
if ($diskUsed + @$_FILES['userFile']['size'] > $diskQuotaDocument) {
$action_message .= "<div class='alert alert-danger'>{$langNoSpace}</div>";
} else {
if (unwanted_file($_FILES['userFile']['name'])) {
$action_message .= "<div class='alert alert-danger'>{$langUnwantedFiletype}: " . q($_FILES['userFile']['name']) . "</div>";
} elseif (isset($_POST['uncompress']) and $_POST['uncompress'] == 1 and preg_match('/\\.zip$/i', $_FILES['userFile']['name'])) {
/* ** Unzipping stage ** */
$zipFile = new pclZip($userFile);
validateUploadedZipFile($zipFile->listContent(), $menuTypeID);
$realFileSize = 0;
$zipFile->extract(PCLZIP_CB_PRE_EXTRACT, 'process_extracted_file');
if ($diskUsed + $realFileSize > $diskQuotaDocument) {
$action_message .= "<div class='alert alert-danger'>{$langNoSpace}</div>";
} else {
$action_message .= "<div class='alert alert-success'>{$langDownloadAndZipEnd}</div><br />";
}
} else {
$fileName = canonicalize_whitespace($_FILES['userFile']['name']);
$uploaded = true;
}
}
} elseif (isset($_POST['fileURL']) and $fileURL = trim($_POST['fileURL'])) {
$extra_path = canonicalize_url($fileURL);
if (preg_match('/^javascript/', $extra_path)) {
if (!$is_editor) {
redirect_to_home_page();
} else {
$title = trim(@$_POST['title']);
if (empty($title)) {
Session::Messages($langFieldsMissing, 'alert-danger');
redirect_to_home_page("modules/ebook/index.php?course=$course_code&create=1");
}
if (isset($_FILES['file']['name']) and !$_FILES['file']['error']) {
if (!preg_match('/\.zip$/i', $_FILES['file']['name'])) {
Session::Messages("$langUnwantedFiletype: " . $_FILES['file']['name'], 'alert-danger');
redirect_to_home_page("modules/ebook/index.php?course=$course_code&create=1");
}
validateUploadedFile($_FILES['file']['name'], 2);
$zipFile = new pclZip($_FILES['file']['tmp_name']);
validateUploadedZipFile($zipFile->listContent(), 2);
}
$order = Database::get()->querySingle("SELECT COALESCE(MAX(`order`), 1) AS `order` FROM ebook WHERE course_id = ?d", $course_id)->order;
$ebook_id = Database::get()->query("INSERT INTO ebook SET `order` = ?d, `course_id` = ?d, `title` = ?s, `visible` = 1", $order + 1, $course_id, $title)->lastInsertID;
Database::get()->query("INSERT INTO ebook_section SET ebook_id = ?d,
public_id = ?s,
title = ?s"
, $ebook_id, '1', $langSection.' 1');
// Initialize document subsystem global variables
require_once 'modules/document/doc_init.php';
require_once 'include/log.php';
if (!mkdir($basedir, 0775, true)) {
Database::get()->query("DELETE FROM ebook WHERE course_id = ?d AND id = ?d", $course_id, $ebook_id);
Session::Messages($langImpossible, 'alert-danger');
