function studynotes_handle_session($action, $auth)
{
global $CFG, $cm;
require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "data_handling.php";
require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "filterlib" . DIRECTORY_SEPARATOR . "HTMLPurifier.standalone.php";
require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "equationsupport" . DIRECTORY_SEPARATOR . "LaTeXrender.php";
require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "session_handler.php";
$data = $action == "upload" ? $_POST : $_POST['data'];
$ignoreQuotes = true;
foreach ($_POST['data'] as $key => $value) {
if (!get_magic_quotes_gpc()) {
$data[$key] = stripslashes($value);
}
}
if ($action == "upload") {
$topic = $data['topic'];
$hasAccess = MediabirdUtility::checkAccess($topic, $auth->userId);
if ($hasAccess) {
$userQuota = MediabirdUtility::getUserQuota($auth->userId);
$quotaLeft = MediabirdUtility::quotaLeft($auth->userId, $userQuota);
//determine folder path
$folder = MediabirdConfig::$uploads_folder . $auth->userId . DIRECTORY_SEPARATOR;
$prefix = MediabirdConfig::$uploads_folder;
$key = "file";
$name = $_FILES[$key]['name'];
$_FILES[$key]['name'] = MediabirdUtility::getFreeFilename($folder);
$info = MediabirdUtility::storeUpload($key, $folder, $quotaLeft, $prefix);
if (isset($info['filename']) && strlen($info['filename']) > 0) {
if ($id = MediabirdUtility::recordFile($info['filename'], 0, $auth->userId, $topic)) {
$info['filename'] = 'view.php?action=download&id=' . $cm->id . '&did=' . $id;
} else {
$info['filename'] = null;
$info['error'] = "database error";
}
} else {
$info['filename'] = null;
}
} else {
$info['filename'] = null;
$info['error'] = "invalidtopic";
}
echo MediabirdUtility::generateUploadHtml($info['filename'], $info['error']);
exit;
}
if ($action == "download") {
$id = $_GET['did'];
if (isset($id)) {
if ($upload_info = get_record("studynotes_uploads", "id", $id)) {
$topicId = $upload_info->topic_id;
$hasAccess = MediabirdUtility::checkAccess($topicId, $auth->userId);
if ($hasAccess) {
MediabirdUtility::readUpload($upload_info->filename, $upload_info->type);
}
}
}
exit;
}
$handler = new MediabirdSessionHandler();
$reply = $handler->process($action, $auth, $data);
if (isset($reply->filename) && isset($reply->success) && isset($reply->topic)) {
if ($id = MediabirdUtility::recordFile($reply->filename, 0, $auth->userId, $reply->topic)) {
$reply->filename = 'view.php?action=download&id=' . $cm->id . '&did=' . $id;
} else {
$reply->success = false;
$reply->error = "database error";
}
}
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate;");
header("Pragma: no-cache;");
header('Content-Type: application/json;');
return json_encode($reply);
}
