if (isset($_SESSION['oLP'])) {
$obj = $_SESSION['oLP'];
} else {
api_not_allowed();
}
//If is visible for the current user
if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id())) {
api_not_allowed();
}
$doc_url = isset($_GET['doc_url']) ? $_GET['doc_url'] : null;
// Change the '&' that got rewritten to '///' by mod_rewrite back to '&'
$doc_url = str_replace('///', '&', $doc_url);
// Still a space present? it must be a '+' (that got replaced by mod_rewrite)
$doc_url = str_replace(' ', '+', $doc_url);
$doc_url = str_replace(array('../', '\\..', '\\0', '..\\'), array('', '', '', ''), $doc_url);
//echo $doc_url;
if (strpos($doc_url, '../') or strpos($doc_url, '/..')) {
$doc_url = '';
}
$sys_course_path = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/scorm';
//var_dump($sys_course_path);
if (is_dir($sys_course_path . $doc_url)) {
api_not_allowed();
}
if (Security::check_abs_path($sys_course_path . $doc_url, $sys_course_path . '/')) {
$full_file_name = $sys_course_path . $doc_url;
// Launch event
Event::event_download($doc_url);
DocumentManager::file_send_for_download($full_file_name);
}
exit;
// Compare the array with visible files and the array with files in invisible folders
// and keep the difference (= all visible files that are not in an invisible folder)
$files_for_zipfile = diff((array) $all_visible_files_path, (array) $files_in_invisible_folder_path);
} else {
// No invisible folders found, so all visible files can be added to the zipfile
$files_for_zipfile = $all_visible_files_path;
}
Session::write('doc_files_to_download', $files);
// Add all files in our final array to the zipfile
for ($i = 0; $i < count($files_for_zipfile); $i++) {
$zip->add($sysCoursePath . $courseInfo['path'] . '/document' . $files_for_zipfile[$i], PCLZIP_OPT_REMOVE_PATH, $sysCoursePath . $courseInfo['path'] . '/document' . $remove_dir, PCLZIP_CB_PRE_ADD, 'fixDocumentNameCallback');
}
Session::erase('doc_files_to_download');
}
// Launch event
Event::event_download($path == '/' ? 'documents.zip (folder)' : basename($path) . '.zip (folder)');
// Start download of created file
$name = $path == '/' ? 'documents.zip' : $documentInfo['title'] . '.zip';
if (Security::check_abs_path($tempZipFile, api_get_path(SYS_ARCHIVE_PATH))) {
$result = DocumentManager::file_send_for_download($tempZipFile, true, $name);
@unlink($tempZipFile);
exit;
} else {
api_not_allowed(true);
}
/**
* Returns the difference between two arrays, as an array of those key/values
* Use this as array_diff doesn't give the
*
* @param array $arr1 first array
* @param array $arr2 second array
function rename_zip($FileZip)
{
Event::event_download($FileZip['PATH'] == '/' ? 'full_export_' . date('Ymd') . '.zip (folder)' : basename($FileZip['PATH']) . '.zip (folder)');
$name = $FileZip['PATH'] == '/' ? 'full_export_' . date('Ymd') . '.zip' : basename($FileZip['PATH']) . '.zip';
if (file_exists($FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name)) {
unlink($FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name);
}
if (file_exists($FileZip['TEMP_FILE_ZIP'])) {
rename($FileZip['TEMP_FILE_ZIP'], $FileZip['PATH_TEMP_ARCHIVE'] . '/' . $name);
return $name;
} else {
return false;
}
}
if ($sessionId != 0 && !$document_data) {
// If there is a session defined and asking for the
// document * from the session* didn't work, try it from the
// course (out of a session context)
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), false, 0);
}
//filter when I am into shared folder, I can download only my shared folder
if (DocumentManager::is_any_user_shared_folder($document_data['path'], $sessionId)) {
if (DocumentManager::is_my_shared_folder(api_get_user_id(), $document_data['path'], $sessionId) || api_is_allowed_to_edit() || api_is_platform_admin()) {
require 'downloadfolder.inc.php';
}
} else {
require 'downloadfolder.inc.php';
}
// Launch event
Event::event_download($document_data['url']);
exit;
}
break;
case 'export_to_pdf':
if (api_get_setting('students_export2pdf') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) {
DocumentManager::export_to_pdf($document_id, $course_code);
}
break;
case 'copytomyfiles':
// Copy a file to general my files user's
if (api_get_setting('social.allow_social_tool') == 'true' && api_get_setting('document.users_copy_files') == 'true' && api_get_user_id() != 0 && !api_is_anonymous()) {
// Get the document data from the ID
$document_info = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true, $sessionId);
if ($sessionId != 0 && !$document_info) {
/* If there is a session defined and asking for the document
$addStatus = $zip_folder->add($sys_course_path . $_course['path'] . '/' . $not_deleted_file['url'], PCLZIP_OPT_REMOVE_PATH, $sys_course_path . $_course['path'] . '/work', PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
} else {
// Convert texts in html files
//if ($not_deleted_file['contains_file'] == 0) {
$filename = trim($filename) . ".html";
$work_temp = api_get_path(SYS_ARCHIVE_PATH) . api_get_unique_id() . '_' . $filename;
file_put_contents($work_temp, $not_deleted_file['description']);
$files[basename($work_temp)] = $filename;
$addStatus = $zip_folder->add($work_temp, PCLZIP_OPT_REMOVE_PATH, api_get_path(SYS_ARCHIVE_PATH), PCLZIP_CB_PRE_ADD, 'my_pre_add_callback');
@unlink($work_temp);
}
}
if (!empty($files)) {
$fileName = api_replace_dangerous_char($work_data['title']);
// Logging
Event::event_download($fileName . '.zip (folder)');
//start download of created file
$name = $fileName . '.zip';
if (Security::check_abs_path($temp_zip_file, api_get_path(SYS_ARCHIVE_PATH))) {
DocumentManager::file_send_for_download($temp_zip_file, true, $name);
@unlink($temp_zip_file);
exit;
}
} else {
exit;
}
/* Extra function (only used here) */
function my_pre_add_callback($p_event, &$p_header)
{
global $files;
if (isset($files[basename($p_header['stored_filename'])])) {
}
// allow to the correct user for download this file
$not_allowed_to_edit = false;
$userGroup = new UserGroup();
if (!empty($row_users['group_id'])) {
$users_group = $userGroup->get_all_users_by_group($row_users['group_id']);
if (!in_array($current_uid, array_keys($users_group))) {
$not_allowed_to_edit = true;
}
} else {
if ($current_uid != $message_uid) {
$not_allowed_to_edit = true;
}
}
if ($not_allowed_to_edit) {
api_not_allowed();
exit;
}
// set the path directory file
if (!empty($row_users['group_id'])) {
$path_user_info = $userGroup->get_group_picture_path_by_id($row_users['group_id'], 'system', true);
} else {
$path_user_info['dir'] = UserManager::getUserPathById($message_uid, 'system');
}
$full_file_name = $path_user_info['dir'] . 'message_attachments/' . $file_url;
if (Security::check_abs_path($full_file_name, $path_user_info['dir'] . 'message_attachments/')) {
// launch event
Event::event_download($file_url);
DocumentManager::file_send_for_download($full_file_name, TRUE, $title);
}
exit;
/**
* Downloads all user files per user
* @param int $userId
* @param array $courseInfo
* @return bool
*/
function downloadAllFilesPerUser($userId, $courseInfo)
{
$userInfo = api_get_user_info($userId);
if (empty($userInfo) || empty($courseInfo)) {
return false;
}
$tempZipFile = api_get_path(SYS_ARCHIVE_PATH) . api_get_unique_id() . ".zip";
$coursePath = api_get_path(SYS_COURSE_PATH) . $courseInfo['path'] . '/work/';
$zip = new PclZip($tempZipFile);
$workPerUser = getWorkPerUser($userId);
if (!empty($workPerUser)) {
$files = array();
foreach ($workPerUser as $work) {
$work = $work['work'];
foreach ($work->user_results as $userResult) {
if (empty($userResult['url']) || empty($userResult['contains_file'])) {
continue;
}
$data = getFileContents($userResult['id'], $courseInfo);
if (!empty($data) && isset($data['path'])) {
$files[basename($data['path'])] = array('title' => $data['title'], 'path' => $data['path']);
}
}
}
if (!empty($files)) {
Session::write('files', $files);
foreach ($files as $data) {
$zip->add($data['path'], PCLZIP_OPT_REMOVE_PATH, $coursePath, PCLZIP_CB_PRE_ADD, 'preAddAllWorkStudentCallback');
}
}
// Start download of created file
$name = basename(api_replace_dangerous_char($userInfo['complete_name'])) . '.zip';
Event::event_download($name . '.zip (folder)');
if (Security::check_abs_path($tempZipFile, api_get_path(SYS_ARCHIVE_PATH))) {
DocumentManager::file_send_for_download($tempZipFile, true, $name);
@unlink($tempZipFile);
exit;
}
}
exit;
}