Esempio n. 1
0
if (isset($_SESSION['oLP'])) {
    $obj = $_SESSION['oLP'];
} else {
    api_not_allowed();
}
//If is visible for the current user
if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id())) {
    api_not_allowed();
}
$doc_url = isset($_GET['doc_url']) ? $_GET['doc_url'] : null;
// Change the '&' that got rewritten to '///' by mod_rewrite back to '&'
$doc_url = str_replace('///', '&', $doc_url);
// Still a space present? it must be a '+' (that got replaced by mod_rewrite)
$doc_url = str_replace(' ', '+', $doc_url);
$doc_url = str_replace(array('../', '\\..', '\\0', '..\\'), array('', '', '', ''), $doc_url);
//echo $doc_url;
if (strpos($doc_url, '../') or strpos($doc_url, '/..')) {
    $doc_url = '';
}
$sys_course_path = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/scorm';
//var_dump($sys_course_path);
if (is_dir($sys_course_path . $doc_url)) {
    api_not_allowed();
}
if (Security::check_abs_path($sys_course_path . $doc_url, $sys_course_path . '/')) {
    $full_file_name = $sys_course_path . $doc_url;
    // Launch event
    Event::event_download($doc_url);
    DocumentManager::file_send_for_download($full_file_name);
}
exit;
        // Compare the array with visible files and the array with files in invisible folders
        // and keep the difference (= all visible files that are not in an invisible folder)
        $files_for_zipfile = diff((array) $all_visible_files_path, (array) $files_in_invisible_folder_path);
    } else {
        // No invisible folders found, so all visible files can be added to the zipfile
        $files_for_zipfile = $all_visible_files_path;
    }
    Session::write('doc_files_to_download', $files);
    // Add all files in our final array to the zipfile
    for ($i = 0; $i < count($files_for_zipfile); $i++) {
        $zip->add($sysCoursePath . $courseInfo['path'] . '/document' . $files_for_zipfile[$i], PCLZIP_OPT_REMOVE_PATH, $sysCoursePath . $courseInfo['path'] . '/document' . $remove_dir, PCLZIP_CB_PRE_ADD, 'fixDocumentNameCallback');
    }
    Session::erase('doc_files_to_download');
}
// Launch event
Event::event_download($path == '/' ? 'documents.zip (folder)' : basename($path) . '.zip (folder)');
// Start download of created file
$name = $path == '/' ? 'documents.zip' : $documentInfo['title'] . '.zip';
if (Security::check_abs_path($tempZipFile, api_get_path(SYS_ARCHIVE_PATH))) {
    $result = DocumentManager::file_send_for_download($tempZipFile, true, $name);
    @unlink($tempZipFile);
    exit;
} else {
    api_not_allowed(true);
}
/**
 * Returns the difference between two arrays, as an array of those key/values
 * Use this as array_diff doesn't give the
 *
 * @param array $arr1 first array
 * @param array $arr2 second array
function rename_zip($FileZip)
{
    Event::event_download($FileZip['PATH'] == '/' ? 'full_export_' . date('Ymd') . '.zip (folder)' : basename($FileZip['PATH']) . '.zip (folder)');
    $name = $FileZip['PATH'] == '/' ? 'full_export_' . date('Ymd') . '.zip' : basename($FileZip['PATH']) . '.zip';
    if (file_exists($FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name)) {
        unlink($FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name);
    }
    if (file_exists($FileZip['TEMP_FILE_ZIP'])) {
        rename($FileZip['TEMP_FILE_ZIP'], $FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name);
        return $name;
    } else {
        return false;
    }
}
Esempio n. 4
0
         if ($sessionId != 0 && !$document_data) {
             // If there is a session defined and asking for the
             // document * from the session* didn't work, try it from the
             // course (out of a session context)
             $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), false, 0);
         }
         //filter when I am into shared folder, I can download only my shared folder
         if (DocumentManager::is_any_user_shared_folder($document_data['path'], $sessionId)) {
             if (DocumentManager::is_my_shared_folder(api_get_user_id(), $document_data['path'], $sessionId) || api_is_allowed_to_edit() || api_is_platform_admin()) {
                 require 'downloadfolder.inc.php';
             }
         } else {
             require 'downloadfolder.inc.php';
         }
         // Launch event
         Event::event_download($document_data['url']);
         exit;
     }
     break;
 case 'export_to_pdf':
     if (api_get_setting('students_export2pdf') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) {
         DocumentManager::export_to_pdf($document_id, $course_code);
     }
     break;
 case 'copytomyfiles':
     // Copy a file to general my files user's
     if (api_get_setting('social.allow_social_tool') == 'true' && api_get_setting('document.users_copy_files') == 'true' && api_get_user_id() != 0 && !api_is_anonymous()) {
         // Get the document data from the ID
         $document_info = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true, $sessionId);
         if ($sessionId != 0 && !$document_info) {
             /* If there is a session defined and asking for the document
        $addStatus = $zip_folder->add($sys_course_path . $_course['path'] . '/' . $not_deleted_file['url'], PCLZIP_OPT_REMOVE_PATH, $sys_course_path . $_course['path'] . '/work', PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
    } else {
        // Convert texts in html files
        //if ($not_deleted_file['contains_file'] == 0) {
        $filename = trim($filename) . ".html";
        $work_temp = api_get_path(SYS_ARCHIVE_PATH) . api_get_unique_id() . '_' . $filename;
        file_put_contents($work_temp, $not_deleted_file['description']);
        $files[basename($work_temp)] = $filename;
        $addStatus = $zip_folder->add($work_temp, PCLZIP_OPT_REMOVE_PATH, api_get_path(SYS_ARCHIVE_PATH), PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
        @unlink($work_temp);
    }
}
if (!empty($files)) {
    $fileName = api_replace_dangerous_char($work_data['title']);
    // Logging
    Event::event_download($fileName . '.zip (folder)');
    //start download of created file
    $name = $fileName . '.zip';
    if (Security::check_abs_path($temp_zip_file, api_get_path(SYS_ARCHIVE_PATH))) {
        DocumentManager::file_send_for_download($temp_zip_file, true, $name);
        @unlink($temp_zip_file);
        exit;
    }
} else {
    exit;
}
/*	Extra function (only used here) */
function my_pre_add_callback($p_event, &$p_header)
{
    global $files;
    if (isset($files[basename($p_header['stored_filename'])])) {
Esempio n. 6
0
}
// allow to the correct user for download this file
$not_allowed_to_edit = false;
$userGroup = new UserGroup();
if (!empty($row_users['group_id'])) {
    $users_group = $userGroup->get_all_users_by_group($row_users['group_id']);
    if (!in_array($current_uid, array_keys($users_group))) {
        $not_allowed_to_edit = true;
    }
} else {
    if ($current_uid != $message_uid) {
        $not_allowed_to_edit = true;
    }
}
if ($not_allowed_to_edit) {
    api_not_allowed();
    exit;
}
// set the path directory file
if (!empty($row_users['group_id'])) {
    $path_user_info = $userGroup->get_group_picture_path_by_id($row_users['group_id'], 'system', true);
} else {
    $path_user_info['dir'] = UserManager::getUserPathById($message_uid, 'system');
}
$full_file_name = $path_user_info['dir'] . 'message_attachments/' . $file_url;
if (Security::check_abs_path($full_file_name, $path_user_info['dir'] . 'message_attachments/')) {
    // launch event
    Event::event_download($file_url);
    DocumentManager::file_send_for_download($full_file_name, TRUE, $title);
}
exit;
Esempio n. 7
0
/**
 * Downloads all user files per user
 * @param int $userId
 * @param array $courseInfo
 * @return bool
 */
function downloadAllFilesPerUser($userId, $courseInfo)
{
    $userInfo = api_get_user_info($userId);
    if (empty($userInfo) || empty($courseInfo)) {
        return false;
    }
    $tempZipFile = api_get_path(SYS_ARCHIVE_PATH) . api_get_unique_id() . ".zip";
    $coursePath = api_get_path(SYS_COURSE_PATH) . $courseInfo['path'] . '/work/';
    $zip = new PclZip($tempZipFile);
    $workPerUser = getWorkPerUser($userId);
    if (!empty($workPerUser)) {
        $files = array();
        foreach ($workPerUser as $work) {
            $work = $work['work'];
            foreach ($work->user_results as $userResult) {
                if (empty($userResult['url']) || empty($userResult['contains_file'])) {
                    continue;
                }
                $data = getFileContents($userResult['id'], $courseInfo);
                if (!empty($data) && isset($data['path'])) {
                    $files[basename($data['path'])] = array('title' => $data['title'], 'path' => $data['path']);
                }
            }
        }
        if (!empty($files)) {
            Session::write('files', $files);
            foreach ($files as $data) {
                $zip->add($data['path'], PCLZIP_OPT_REMOVE_PATH, $coursePath, PCLZIP_CB_PRE_ADD, 'preAddAllWorkStudentCallback');
            }
        }
        // Start download of created file
        $name = basename(api_replace_dangerous_char($userInfo['complete_name'])) . '.zip';
        Event::event_download($name . '.zip (folder)');
        if (Security::check_abs_path($tempZipFile, api_get_path(SYS_ARCHIVE_PATH))) {
            DocumentManager::file_send_for_download($tempZipFile, true, $name);
            @unlink($tempZipFile);
            exit;
        }
    }
    exit;
}