/**
* Unzip the exercise in the temp folder
* @param string The path of the temporary directory where the exercise was uploaded and unzipped
* @param string
* @return bool
*/
function get_and_unzip_uploaded_exercise($baseWorkDir, $uploadPath)
{
$_course = api_get_course_info();
$_user = api_get_user_info();
//Check if the file is valid (not to big and exists)
if (!isset($_FILES['userFile']) || !is_uploaded_file($_FILES['userFile']['tmp_name'])) {
// upload failed
return false;
}
if (preg_match('/.zip$/i', $_FILES['userFile']['name']) && handle_uploaded_document($_course, $_FILES['userFile'], $baseWorkDir, $uploadPath, $_user['user_id'], 0, null, 1)) {
return true;
}
return false;
}
/**
* Gets the uploaded file (from $_FILES) and unzip it to the given directory
* @param string The directory where to do the work
* @param string The path of the temporary directory where the exercise was uploaded and unzipped
* @return bool True on success, false on failure
*/
function get_and_unzip_uploaded_exercise($baseWorkDir, $uploadPath)
{
global $_course, $_user;
//Check if the file is valid (not to big and exists)
if (!isset($_FILES['userFile']) || !is_uploaded_file($_FILES['userFile']['tmp_name'])) {
// upload failed
return false;
}
if (preg_match('/.zip$/i', $_FILES['userFile']['name']) && handle_uploaded_document($_course, $_FILES['userFile'], $baseWorkDir, $uploadPath, $_user['user_id'], 0, null, 1, 'overwrite', false)) {
if (!function_exists('gzopen')) {
return false;
}
// upload successful
return true;
} elseif (preg_match('/.txt/i', $_FILES['userFile']['name']) && handle_uploaded_document($_course, $_FILES['userFile'], $baseWorkDir, $uploadPath, $_user['user_id'], 0, null, 0, 'overwrite', false)) {
return true;
} else {
return false;
}
}
/**
* @param array $values
* @param array $file $_FILES['uploaded_file']
* @param bool $deleteFile
*/
public function save($values, $file = array(), $deleteFile = false)
{
$table = Database::get_main_table('session_rel_course_legal');
$courseId = $values['c_id'];
$sessionId = $values['session_id'];
$conditions = array('c_id' => $courseId, 'session_id' => $sessionId);
$course = api_get_course_info_by_id($courseId);
$legalData = $this->getData($courseId, $sessionId);
$coursePath = api_get_path(SYS_COURSE_PATH) . $course['directory'] . '/courselegal';
$uploadResult = $coursePath . '/' . $legalData['filename'];
if (!is_dir($coursePath)) {
mkdir($coursePath, api_get_permissions_for_new_directories());
}
$uploadOk = process_uploaded_file($file, false);
$fileName = null;
if ($uploadOk) {
$uploadResult = handle_uploaded_document($course, $file, $coursePath, '/', api_get_user_id(), api_get_group_id(), null, false, false, false, true);
if ($uploadResult) {
$fileName = basename($uploadResult);
// Delete old one if exists.
if ($legalData) {
if (!empty($legalData['filename'])) {
$fileToDelete = $coursePath . '/' . $legalData['filename'];
if (file_exists($fileToDelete)) {
unlink($fileToDelete);
}
}
}
}
}
$conditions['content'] = $values['content'];
$conditions['filename'] = $fileName;
if (empty($legalData)) {
$id = Database::insert($table, $conditions);
} else {
$id = $legalData['id'];
$updateParams = array('content' => $values['content']);
if (!empty($fileName)) {
$updateParams['filename'] = $fileName;
}
Database::update($table, $updateParams, array('id = ? ' => $id));
}
if ($deleteFile) {
Database::update($table, array('filename' => ''), array('id = ? ' => $id));
if (!empty($legalData['filename'])) {
$fileToDelete = $coursePath . '/' . $legalData['filename'];
if (file_exists($fileToDelete)) {
unlink($fileToDelete);
}
}
}
if (isset($values['remove_previous_agreements']) && !empty($values['remove_previous_agreements'])) {
$this->removePreviousAgreements($courseId, $sessionId);
}
$warnUsers = isset($values['warn_users_by_email']) ? $values['warn_users_by_email'] : null;
switch ($warnUsers) {
case '1':
// Nothing
break;
case '2':
// Send mail
$this->warnUsersByEmail($courseId, $sessionId);
break;
case '3':
// Send mail + attachment if exists.
if (!empty($legalData['filename'])) {
$this->warnUsersByEmail($courseId, $sessionId, $uploadResult);
}
break;
}
}
/**
* Updates an item's content in place
* @param integer Element ID
* @param integer Parent item ID
* @param integer Previous item ID
* @param string Item title
* @param string Item description
* @param string Prerequisites (optional)
* @param string Indexing terms (optional)
* @param array The array resulting of the $_FILES[mp3] element
* @return boolean True on success, false on error
*/
function edit_item($id, $parent, $previous, $title, $description, $prerequisites = 0, $audio = NULL, $max_time_allowed = 0)
{
global $charset;
if ($this->debug > 0) {
error_log('New LP - In learnpath::edit_item()', 0);
}
if (empty($max_time_allowed)) {
$max_time_allowed = 0;
}
if (empty($id) or $id != strval(intval($id)) or empty($title)) {
return false;
}
$title = api_convert_encoding($title, $this->encoding, $charset);
$description = api_convert_encoding($description, $this->encoding, $charset);
$tbl_lp_item = Database::get_course_table(TABLE_LP_ITEM);
$sql_select = "SELECT * FROM " . $tbl_lp_item . " WHERE id = " . $id;
$res_select = Database::query($sql_select, __FILE__, __LINE__);
$row_select = Database::fetch_array($res_select);
$audio_update_sql = '';
if (is_array($audio) && !empty($audio['tmp_name']) && $audio['error'] === 0) {
// create the audio folder if it does not exist yet
global $_course;
$filepath = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/document/';
if (!is_dir($filepath . 'audio')) {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm) ? $perm : '0770');
mkdir($filepath . 'audio', $perm);
$audio_id = add_document($_course, '/audio', 'folder', 0, 'audio');
api_item_property_update($_course, TOOL_DOCUMENT, $audio_id, 'FolderCreated', api_get_user_id(), null, null, null, null, api_get_session_id());
}
//upload file in documents
$pi = pathinfo($audio['name']);
if ($pi['extension'] == 'mp3') {
$c_det = api_get_course_info($this->cc);
$bp = api_get_path(SYS_COURSE_PATH) . $c_det['path'] . '/document';
$path = handle_uploaded_document($c_det, $audio, $bp, '/audio', api_get_user_id(), 0, null, '', 0, 'rename', false, 0);
$path = substr($path, 7);
//update reference in lp_item - audio path is the path from inside de document/audio/ dir
$audio_update_sql = ", audio = '" . Database::escape_string($path) . "' ";
}
}
$same_parent = $row_select['parent_item_id'] == $parent ? true : false;
$same_previous = $row_select['previous_item_id'] == $previous ? true : false;
//TODO: htmlspecialchars to be checked for encoding related problems.
if ($same_parent && $same_previous) {
//only update title and description
$sql_update = " UPDATE " . $tbl_lp_item . "\n\t\t\t \t\t\tSET title = '" . $this->escape_string($title) . "',\n\t\t\t\t\t\t\t\tprerequisite = '" . $prerequisites . "',\n\t\t\t \t\t\t\tdescription = '" . $this->escape_string($description) . "'\n\t\t\t " . $audio_update_sql . ",\n\t\t\t max_time_allowed = '" . $this->escape_string($max_time_allowed) . "'\n\t\t\t \t\t\tWHERE id = " . $id;
$res_update = Database::query($sql_update, __FILE__, __LINE__);
} else {
$old_parent = $row_select['parent_item_id'];
$old_previous = $row_select['previous_item_id'];
$old_next = $row_select['next_item_id'];
$old_order = $row_select['display_order'];
$old_prerequisite = $row_select['prerequisite'];
$old_max_time_allowed = $row_select['max_time_allowed'];
/* BEGIN -- virtually remove the current item id */
/* for the next and previous item it is like the current item doesn't exist anymore */
if ($old_previous != 0) {
$sql_update_next = "\n\t\t\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t \t\tSET next_item_id = " . $old_next . "\n\t\t\t\t\t\t \t\tWHERE id = " . $old_previous;
$res_update_next = Database::query($sql_update_next, __FILE__, __LINE__);
//echo '<p>' . $sql_update_next . '</p>';
}
if ($old_next != 0) {
$sql_update_previous = "\n\t\t\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t \t\tSET previous_item_id = " . $old_previous . "\n\t\t\t\t\t\t \t\tWHERE id = " . $old_next;
$res_update_previous = Database::query($sql_update_previous, __FILE__, __LINE__);
//echo '<p>' . $sql_update_previous . '</p>';
}
//display_order - 1 for every item with a display_order bigger then the display_order of the current item
$sql_update_order = "\n\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t \t\tSET display_order = display_order - 1\n\t\t\t\t \t\tWHERE\n\t\t\t\t \t\t\tdisplay_order > " . $old_order . " AND lp_id = " . $this->lp_id . " AND\n\t\t\t\t \t\t\tparent_item_id = " . $old_parent;
$res_update_order = Database::query($sql_update_order, __FILE__, __LINE__);
//echo '<p>' . $sql_update_order . '</p>';
/* END -- virtually remove the current item id */
/* BEGIN -- update the current item id to his new location */
if ($previous == 0) {
//select the data of the item that should come after the current item
$sql_select_old = "\n\t\t\t\t\t \t\t\tSELECT\n\t\t\t\t\t \t\t\t\tid,\n\t\t\t\t\t \t\t\t\tdisplay_order\n\t\t\t\t\t \t\t\tFROM " . $tbl_lp_item . "\n\t\t\t\t\t \t\t\tWHERE\n\t\t\t\t\t \t\t\t\tlp_id = " . $this->lp_id . " AND\n\t\t\t\t\t \t\t\t\tparent_item_id = " . $parent . " AND\n\t\t\t\t\t \t\t\t\tprevious_item_id = " . $previous;
$res_select_old = Database::query($sql_select_old, __FILE__, __LINE__);
$row_select_old = Database::fetch_array($res_select_old);
//echo '<p>' . $sql_select_old . '</p>';
//if the new parent didn't have children before
if (Database::num_rows($res_select_old) == 0) {
$new_next = 0;
$new_order = 1;
} else {
$new_next = $row_select_old['id'];
$new_order = $row_select_old['display_order'];
}
//echo 'New next_item_id of current item: ' . $new_next . '<br />';
//echo 'New previous_item_id of current item: ' . $previous . '<br />';
//echo 'New display_order of current item: ' . $new_order . '<br />';
} else {
//select the data of the item that should come before the current item
$sql_select_old = "\n\t\t\t\t\t \t\t\tSELECT\n\t\t\t\t\t \t\t\t\tnext_item_id,\n\t\t\t\t\t \t\t\t\tdisplay_order\n\t\t\t\t\t \t\t\tFROM " . $tbl_lp_item . "\n\t\t\t\t\t \t\t\tWHERE id = " . $previous;
$res_select_old = Database::query($sql_select_old, __FILE__, __LINE__);
$row_select_old = Database::fetch_array($res_select_old);
//echo '<p>' . $sql_select_old . '</p>';
//echo 'New next_item_id of current item: ' . $row_select_old['next_item_id'] . '<br />';
//echo 'New previous_item_id of current item: ' . $previous . '<br />';
//echo 'New display_order of current item: ' . ($row_select_old['display_order'] + 1) . '<br />';
$new_next = $row_select_old['next_item_id'];
$new_order = $row_select_old['display_order'] + 1;
}
//TODO: htmlspecialchars to be checked for encoding related problems.
//update the current item with the new data
$sql_update = "\n\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t \t\tSET\n\t\t\t\t \t\t\ttitle = '" . $this->escape_string($title) . "',\n\t\t\t\t \t\t\tdescription = '" . $this->escape_string($description) . "',\n\t\t\t\t \t\t\tparent_item_id = " . $parent . ",\n\t\t\t\t \t\t\tprevious_item_id = " . $previous . ",\n\t\t\t\t \t\t\tnext_item_id = " . $new_next . ",\n\t\t\t\t \t\t\tdisplay_order = " . $new_order . "\n\t\t\t " . $audio_update_sql . "\n\t\t\t\t \t\tWHERE id = " . $id;
$res_update_next = Database::query($sql_update, __FILE__, __LINE__);
//echo '<p>' . $sql_update . '</p>';
if ($previous != 0) {
//update the previous item's next_item_id
$sql_update_previous = "\n\t\t\t\t\t\t\t \tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t\t \tSET next_item_id = " . $id . "\n\t\t\t\t\t\t\t \tWHERE id = " . $previous;
$res_update_next = Database::query($sql_update_previous, __FILE__, __LINE__);
//echo '<p>' . $sql_update_previous . '</p>';
}
if ($new_next != 0) {
//update the next item's previous_item_id
$sql_update_next = "\n\t\t\t\t\t\t\t \tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t\t \tSET previous_item_id = " . $id . "\n\t\t\t\t\t\t\t \tWHERE id = " . $new_next;
$res_update_next = Database::query($sql_update_next, __FILE__, __LINE__);
//echo '<p>' . $sql_update_next . '</p>';
}
if ($old_prerequisite != $prerequisites) {
$sql_update_next = "\n\t\t\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t \t\tSET prerequisite = " . $prerequisites . "\n\t\t\t\t\t\t \t\tWHERE id = " . $id;
$res_update_next = Database::query($sql_update_next, __FILE__, __LINE__);
}
if ($old_max_time_allowed != $max_time_allowed) {
$sql_update_max_time_allowed = "\n\t\t\t\t\t\t \t\tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t \t\tSET max_time_allowed = " . $max_time_allowed . "\n\t\t\t\t\t\t \t\tWHERE id = " . $id;
$res_update_max_time_allowed = Database::query($sql_update_max_time_allowed, __FILE__, __LINE__);
}
//update all the items with the same or a bigger display_order than
//the current item
$sql_update_order = "\n\t\t\t\t\t\t \tUPDATE " . $tbl_lp_item . "\n\t\t\t\t\t\t \tSET display_order = display_order + 1\n\t\t\t\t\t\t \tWHERE\n\t\t\t\t\t\t \t\tlp_id = " . $this->get_id() . " AND\n\t\t\t\t\t\t \t\tid <> " . $id . " AND\n\t\t\t\t\t\t \t\tparent_item_id = " . $parent . " AND\n\t\t\t\t\t\t \t\tdisplay_order >= " . $new_order;
$res_update_next = Database::query($sql_update_order, __FILE__, __LINE__);
//echo '<p>' . $sql_update_order . '</p>';
/* END -- update the current item id to his new location */
}
}
/**
* @param string $filePath
* @param string $path
* @param array $courseInfo
* @param int $sessionId
* @param string $whatIfFileExists overwrite|rename
* @param int $userId
* @param int $groupId
* @param int $toUserId
* @param string $comment
* @return bool|path
*/
public static function addFileToDocumentTool($filePath, $path, $courseInfo, $sessionId, $userId, $whatIfFileExists = 'overwrite', $groupId = null, $toUserId = null, $comment = null)
{
if (!file_exists($filePath)) {
return false;
}
$fileInfo = pathinfo($filePath);
$file = array('name' => $fileInfo['basename'], 'tmp_name' => $filePath, 'size' => filesize($filePath), 'from_file' => true);
$course_dir = $courseInfo['path'] . '/document';
$baseWorkDir = api_get_path(SYS_COURSE_PATH) . $course_dir;
$filePath = handle_uploaded_document($courseInfo, $file, $baseWorkDir, $path, $userId, $groupId, $toUserId, false, $whatIfFileExists, false, false, $comment, $sessionId);
if ($filePath) {
return DocumentManager::get_document_id($courseInfo, $filePath, $sessionId);
}
return false;
}
* Header
*/
$nameTools = get_lang('UplUploadDocument');
$interbreadcrumb[] = array("url" => "./document.php?curdirpath=" . urlencode($path) . $req_gid, "name" => $langDocuments);
Display::display_header($nameTools, "Doc");
//show the title
api_display_tool_title($nameTools . $add_group_to_title);
/**
* Process
*/
//user has submitted a file
if (isset($_FILES['user_upload'])) {
$upload_ok = process_uploaded_file($_FILES['user_upload']);
if ($upload_ok) {
//file got on the server without problems, now process it
$new_path = handle_uploaded_document($_course, $_FILES['user_upload'], $base_work_dir, $_POST['curdirpath'], $_user['user_id'], $to_group_id, $to_user_id, $_POST['unzip'], $_POST['if_exists']);
$new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : '';
$new_title = isset($_POST['title']) ? trim($_POST['title']) : '';
if ($new_path && ($new_comment || $new_title)) {
if ($docid = DocumentManager::get_document_id($_course, $new_path)) {
$table_document = Database::get_course_table(TABLE_DOCUMENT);
$ct = '';
if ($new_comment) {
$ct .= ", comment='{$new_comment}'";
}
if ($new_title) {
$ct .= ", title='{$new_title}'";
}
Database::query("UPDATE {$table_document} SET" . substr($ct, 1) . " WHERE id = '{$docid}'");
}
}
/**
* This recursive function can be used during the upgrade process form older
* versions of Chamilo
* It crawls the given directory, checks if the file is in the DB and adds
* it if it's not
*
* @param array $courseInfo
* @param array $userInfo
* @param string $base_work_dir
* @param string $folderPath
* @param int $sessionId
* @param int $groupId
* @param bool $output
* @param array $parent
* @param string $uploadPath
*
*/
function add_all_documents_in_folder_to_database($courseInfo, $userInfo, $base_work_dir, $folderPath, $sessionId = 0, $groupId = 0, $output = false, $parent = array())
{
if (empty($userInfo) || empty($courseInfo)) {
return false;
}
$userId = $userInfo['user_id'];
// Open dir
$handle = opendir($folderPath);
$files = array();
if (is_dir($folderPath)) {
// Run trough
while ($file = readdir($handle)) {
if ($file == '.' || $file == '..') {
continue;
}
$parentPath = null;
if (!empty($parent) && isset($parent['path'])) {
$parentPath = $parent['path'];
if ($parentPath == '/') {
$parentPath = null;
}
}
$completePath = $parentPath . '/' . $file;
$sysFolderPath = $folderPath . '/' . $file;
// Is directory?
if (is_dir($sysFolderPath)) {
$newFolderData = create_unexisting_directory($courseInfo, $userId, $sessionId, $groupId, null, $base_work_dir, $completePath, null, null, true);
$files[$file] = $newFolderData;
// Recursive
add_all_documents_in_folder_to_database($courseInfo, $userInfo, $base_work_dir, $sysFolderPath, $sessionId, $groupId, $output, $newFolderData);
} else {
// Rename
$uploadedFile = array('name' => $file, 'tmp_name' => $sysFolderPath, 'size' => filesize($sysFolderPath), 'type' => null, 'from_file' => true, 'move_file' => true);
handle_uploaded_document($courseInfo, $uploadedFile, $base_work_dir, $parentPath, $userId, $groupId, null, 0, 'overwrite', $output, false, null, $sessionId);
}
}
}
}
$clean_name = disable_dangerous_file($clean_name);
$check_file_path = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document/audio/' . $clean_name;
// If the file exists we generate a new name.
if (file_exists($check_file_path)) {
$filename_components = explode('.', $clean_name);
// Gettting the extension of the file.
$file_extension = $filename_components[count($filename_components) - 1];
// Adding something random to prevent overwriting.
$filename_components[count($filename_components) - 1] = time();
// Reconstructing the new filename.
$clean_name = implode($filename_components) . '.' . $file_extension;
// Using the new name in the $_FILES superglobal.
$_FILES[$key]['name'] = $clean_name;
}
// Upload the file in the documents tool.
$file_path = handle_uploaded_document($_course, $_FILES[$key], api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document', '/audio', api_get_user_id(), '', '', '', '', false);
// Getting the filename only.
$file_components = explode('/', $file_path);
$file = $file_components[count($file_components) - 1];
// Store the mp3 file in the lp_item table.
$tbl_lp_item = Database::get_course_table(TABLE_LP_ITEM);
$sql_insert_audio = "UPDATE {$tbl_lp_item} SET audio = '" . Database::escape_string($file) . "'\n WHERE c_id = {$course_id} AND id = '" . Database::escape_string($lp_item_id) . "'";
Database::query($sql_insert_audio);
}
}
//Display::display_confirmation_message(get_lang('ItemUpdated'));
$url = api_get_self() . '?action=add_item&type=step&lp_id=' . intval($learnpath->lp_id);
header('Location: ' . $url);
exit;
}
Display::display_header(null, 'Path');
/**
* Updates an item's content in place
* @param integer $id Element ID
* @param integer $parent Parent item ID
* @param integer $previous Previous item ID
* @param string $title Item title
* @param string $description Item description
* @param string $prerequisites Prerequisites (optional)
* @param array $audio The array resulting of the $_FILES[mp3] element
* @param int $max_time_allowed
* @param string $url
* @return boolean True on success, false on error
*/
public function edit_item($id, $parent, $previous, $title, $description, $prerequisites = '0', $audio = array(), $max_time_allowed = 0, $url = '')
{
$course_id = api_get_course_int_id();
$_course = api_get_course_info();
if ($this->debug > 0) {
error_log('New LP - In learnpath::edit_item()', 0);
}
if (empty($max_time_allowed)) {
$max_time_allowed = 0;
}
if (empty($id) || $id != strval(intval($id)) || empty($title)) {
return false;
}
$tbl_lp_item = Database::get_course_table(TABLE_LP_ITEM);
$sql_select = "SELECT * FROM " . $tbl_lp_item . " WHERE c_id = " . $course_id . " AND id = " . $id;
$res_select = Database::query($sql_select);
$row_select = Database::fetch_array($res_select);
$audio_update_sql = '';
if (is_array($audio) && !empty($audio['tmp_name']) && $audio['error'] === 0) {
// Create the audio folder if it does not exist yet.
$filepath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document/';
if (!is_dir($filepath . 'audio')) {
mkdir($filepath . 'audio', api_get_permissions_for_new_directories());
$audio_id = add_document($_course, '/audio', 'folder', 0, 'audio');
api_item_property_update($_course, TOOL_DOCUMENT, $audio_id, 'FolderCreated', api_get_user_id(), null, null, null, null, api_get_session_id());
api_item_property_update($_course, TOOL_DOCUMENT, $audio_id, 'invisible', api_get_user_id(), null, null, null, null, api_get_session_id());
}
// Upload file in documents.
$pi = pathinfo($audio['name']);
if ($pi['extension'] == 'mp3') {
$c_det = api_get_course_info($this->cc);
$bp = api_get_path(SYS_COURSE_PATH) . $c_det['path'] . '/document';
$path = handle_uploaded_document($c_det, $audio, $bp, '/audio', api_get_user_id(), 0, null, 0, 'rename', false, 0);
$path = substr($path, 7);
// Update reference in lp_item - audio path is the path from inside de document/audio/ dir.
$audio_update_sql = ", audio = '" . Database::escape_string($path) . "' ";
}
}
$same_parent = $row_select['parent_item_id'] == $parent ? true : false;
$same_previous = $row_select['previous_item_id'] == $previous ? true : false;
// TODO: htmlspecialchars to be checked for encoding related problems.
if ($same_parent && $same_previous) {
// Only update title and description.
$sql = "UPDATE " . $tbl_lp_item . "\n SET title = '" . Database::escape_string($title) . "',\n prerequisite = '" . $prerequisites . "',\n description = '" . Database::escape_string($description) . "'\n " . $audio_update_sql . ",\n max_time_allowed = '" . Database::escape_string($max_time_allowed) . "'\n WHERE c_id = " . $course_id . " AND id = " . $id;
Database::query($sql);
} else {
$old_parent = $row_select['parent_item_id'];
$old_previous = $row_select['previous_item_id'];
$old_next = $row_select['next_item_id'];
$old_order = $row_select['display_order'];
$old_prerequisite = $row_select['prerequisite'];
$old_max_time_allowed = $row_select['max_time_allowed'];
/* BEGIN -- virtually remove the current item id */
/* for the next and previous item it is like the current item doesn't exist anymore */
if ($old_previous != 0) {
// Next
$sql = "UPDATE " . $tbl_lp_item . "\n SET next_item_id = " . $old_next . "\n WHERE c_id = " . $course_id . " AND id = " . $old_previous;
Database::query($sql);
}
if ($old_next != 0) {
// Previous
$sql = "UPDATE " . $tbl_lp_item . "\n SET previous_item_id = " . $old_previous . "\n WHERE c_id = " . $course_id . " AND id = " . $old_next;
Database::query($sql);
}
// display_order - 1 for every item with a display_order bigger then the display_order of the current item.
$sql = "UPDATE " . $tbl_lp_item . "\n SET display_order = display_order - 1\n WHERE\n c_id = " . $course_id . " AND\n display_order > " . $old_order . " AND\n lp_id = " . $this->lp_id . " AND\n parent_item_id = " . $old_parent;
Database::query($sql);
/* END -- virtually remove the current item id */
/* BEGIN -- update the current item id to his new location */
if ($previous == 0) {
// Select the data of the item that should come after the current item.
$sql = "SELECT id, display_order\n FROM " . $tbl_lp_item . "\n WHERE\n c_id = " . $course_id . " AND\n lp_id = " . $this->lp_id . " AND\n parent_item_id = " . $parent . " AND\n previous_item_id = " . $previous;
$res_select_old = Database::query($sql);
$row_select_old = Database::fetch_array($res_select_old);
// If the new parent didn't have children before.
if (Database::num_rows($res_select_old) == 0) {
$new_next = 0;
$new_order = 1;
} else {
$new_next = $row_select_old['id'];
$new_order = $row_select_old['display_order'];
}
} else {
// Select the data of the item that should come before the current item.
$sql = "SELECT next_item_id, display_order\n FROM " . $tbl_lp_item . "\n WHERE c_id = " . $course_id . " AND id = " . $previous;
$res_select_old = Database::query($sql);
$row_select_old = Database::fetch_array($res_select_old);
$new_next = $row_select_old['next_item_id'];
$new_order = $row_select_old['display_order'] + 1;
}
// TODO: htmlspecialchars to be checked for encoding related problems.
// Update the current item with the new data.
$sql = "UPDATE " . $tbl_lp_item . "\n SET\n title = '" . Database::escape_string($title) . "',\n description = '" . Database::escape_string($description) . "',\n parent_item_id = " . $parent . ",\n previous_item_id = " . $previous . ",\n next_item_id = " . $new_next . ",\n display_order = " . $new_order . "\n " . $audio_update_sql . "\n WHERE c_id = " . $course_id . " AND id = " . $id;
Database::query($sql);
if ($previous != 0) {
// Update the previous item's next_item_id.
$sql = "UPDATE " . $tbl_lp_item . "\n SET next_item_id = " . $id . "\n WHERE c_id = " . $course_id . " AND id = " . $previous;
Database::query($sql);
}
if ($new_next != 0) {
// Update the next item's previous_item_id.
$sql = "UPDATE " . $tbl_lp_item . "\n SET previous_item_id = " . $id . "\n WHERE c_id = " . $course_id . " AND id = " . $new_next;
Database::query($sql);
}
if ($old_prerequisite != $prerequisites) {
$sql = "UPDATE " . $tbl_lp_item . "\n SET prerequisite = '" . $prerequisites . "'\n WHERE c_id = " . $course_id . " AND id = " . $id;
Database::query($sql);
}
if ($old_max_time_allowed != $max_time_allowed) {
// update max time allowed
$sql = "UPDATE " . $tbl_lp_item . "\n SET max_time_allowed = " . $max_time_allowed . "\n WHERE c_id = " . $course_id . " AND id = " . $id;
Database::query($sql);
}
// Update all the items with the same or a bigger display_order than the current item.
$sql = "UPDATE " . $tbl_lp_item . "\n SET display_order = display_order + 1\n WHERE\n c_id = " . $course_id . " AND\n lp_id = " . $this->get_id() . " AND\n id <> " . $id . " AND\n parent_item_id = " . $parent . " AND\n display_order >= " . $new_order;
Database::query($sql);
}
if ($row_select['item_type'] == 'link') {
$link = new Link();
$linkId = $row_select['path'];
$link->updateLink($linkId, $url);
}
}
//if it's a zip, allow zip upload
$unzip = 1;
}
if ($finish == 0) {
// Generate new test folder if on first step of file upload.
$filename = api_replace_dangerous_char(trim($_FILES['userFile']['name']));
$fld = GenerateHpFolder($document_sys_path . $uploadPath . '/');
@mkdir($document_sys_path . $uploadPath . '/' . $fld, api_get_permissions_for_new_directories());
$doc_id = add_document($_course, '/HotPotatoes_files/' . $fld, 'folder', 0, $fld);
api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderCreated', api_get_user_id());
} else {
// It is not the first step... get the filename directly from the system params.
$filename = $_FILES['userFile']['name'];
}
$allow_output_on_success = false;
if (handle_uploaded_document($_course, $_FILES['userFile'], $document_sys_path, $uploadPath . '/' . $fld, api_get_user_id(), null, null, $unzip, '', $allow_output_on_success)) {
if ($finish == 2) {
$imgparams = $_POST['imgparams'];
$checked = CheckImageName($imgparams, $filename);
if ($checked) {
$imgcount = $imgcount - 1;
} else {
$dialogBox .= $filename . ' ' . get_lang('NameNotEqual');
my_delete($document_sys_path . $uploadPath . '/' . $fld . '/' . $filename);
update_db_info('delete', $uploadPath . '/' . $fld . '/' . $filename);
}
if ($imgcount == 0) {
// all image uploaded
$finish = 1;
}
} else {
