}
//clean
$nano_user_id = Security::remove_XSS($_GET['nano_user_id']);
$nano_group_id = Security::remove_XSS($_GET['nano_group_id']);
$nano_session_id = Security::remove_XSS($_GET['nano_session_id']);
$filename = Security::remove_XSS($_GET['filename']);
$filename = urldecode($filename);
$filepath = Security::remove_XSS(urldecode($_GET['filepath']));
$dir = Security::remove_XSS(urldecode($_GET['dir']));
$course_code = Security::remove_XSS(urldecode($_GET['course_code']));
$_course = api_get_course_info($course_code);
$filename = trim($_GET['filename']);
$filename = Security::remove_XSS($filename);
$filename = Database::escape_string($filename);
$filename = api_replace_dangerous_char($filename);
$filename = disable_dangerous_file($filename);
$title = trim(str_replace('_chnano_.', '.', $filename));
//hide nanogong wav tag at title
$title = str_replace('_', ' ', $title);
$documentPath = $filepath . $filename;
if ($nano_user_id != api_get_user_id() || api_get_user_id() == 0 || $nano_user_id == 0) {
echo 'Not allowed';
exit;
}
// Do not use here check Fileinfo method because return: text/plain
if (!file_exists($documentPath)) {
//add document to disk
move_uploaded_file($_FILES['voicefile']['tmp_name'], $documentPath);
//add document to database
$current_session_id = $nano_session_id;
$groupId = $nano_group_id;
} else {
// dir_id is the parent folder id.
if (!empty($_POST['dir_id'])) {
// Get the document data from the ID
$document_data = DocumentManager::get_document_data_by_id($_POST['dir_id'], api_get_course_id(), false, $sessionId);
if ($sessionId != 0 && !$document_data) {
// If there is a session defined and asking for the
// document * from the session* didn't work, try it from
// the course (out of a session context)
$document_data = DocumentManager::get_document_data_by_id($_POST['dir_id'], api_get_course_id(), false, 0);
}
$curdirpath = $document_data['path'];
}
$added_slash = $curdirpath == '/' ? '' : '/';
$dir_name = $curdirpath . $added_slash . api_replace_dangerous_char($post_dir_name);
$dir_name = disable_dangerous_file($dir_name);
$dir_check = $base_work_dir . $dir_name;
$visibility = empty($groupId) ? null : 1;
$newFolderData = create_unexisting_directory($courseInfo, api_get_user_id(), $sessionId, $groupId, $to_user_id, $base_work_dir, $dir_name, $post_dir_name, $visibility);
if (!empty($newFolderData)) {
$message = Display::return_message(get_lang('DirCr') . ' ' . $newFolderData['title'], 'confirmation');
} else {
$message = Display::return_message(get_lang('CannotCreateDir'), 'error');
}
}
Display::addFlash($message);
}
// Show them the form for the directory name
if (isset($_GET['createdir'])) {
$dirForm = DocumentManager::create_dir_form($document_id);
}
$form->addElement('checkbox', 'type1', null, get_lang('EnableExpiryDate'), array('id' => 'make_calification_id', 'onclick' => "javascript: if(this.checked){document.getElementById('option2').style.display='block';}else{document.getElementById('option2').style.display='none';}"));
$form->addElement('html', '<div id="option2" style="display: none;">');
$form->addElement('advanced_settings', draw_date_picker('expires'));
$form->addElement('html', '</div>');
$form->addElement('checkbox', 'type2', null, get_lang('EnableEndDate'), array('id' => 'make_calification_id', 'onclick' => "javascript: if(this.checked){document.getElementById('option3').style.display='block';}else{document.getElementById('option3').style.display='none';}"));
$form->addElement('html', '<div id="option3" style="display: none;">');
$form->addElement('advanced_settings', draw_date_picker('ends'));
$form->addElement('html', '</div>');
$form->addElement('checkbox', 'add_to_calendar', null, get_lang('AddToCalendar'));
$form->addElement('checkbox', 'allow_text_assignment', null, get_lang('AllowTextAssignments'));
$form->addElement('html', '</div>');
$form->addElement('style_submit_button', 'submit', get_lang('CreateDirectory'));
if ($form->validate()) {
$directory = Security::remove_XSS($_POST['new_dir']);
$directory = replace_dangerous_char($directory);
$directory = disable_dangerous_file($directory);
$dir_name = $curdirpath . $directory;
$created_dir = create_unexisting_work_directory($base_work_dir, $dir_name);
// we insert here the directory in the table $work_table
$dir_name_sql = '';
if (!empty($created_dir)) {
if ($curdirpath == '/') {
$dir_name_sql = $created_dir;
} else {
$dir_name_sql = '/' . $created_dir;
}
$time = time();
$today = api_get_utc_datetime($time);
$sql_add_publication = "INSERT INTO " . $work_table . " SET\n c_id\t\t\t\t= {$course_id},\n url \t\t= '" . Database::escape_string($dir_name_sql) . "',\n title = '" . Database::escape_string($_POST['new_dir']) . "',\n description \t\t= '" . Database::escape_string($_POST['description']) . "',\n author \t\t= '',\n active = '1',\n accepted\t\t\t= '1',\n filetype = 'folder',\n post_group_id = '" . $group_id . "',\n sent_date = '" . $today . "',\n qualification = '" . ($_POST['qualification_value'] != '' ? Database::escape_string($_POST['qualification_value']) : '') . "',\n parent_id = '',\n qualificator_id = '',\n date_of_qualification\t= '0000-00-00 00:00:00',\n weight = '" . Database::escape_string($_POST['weight']) . "',\n session_id = '" . intval($id_session) . "',\n allow_text_assignment = '" . Database::escape_string($_POST['allow_text_assignment']) . "',\n contains_file = 0,\n user_id \t\t\t= '" . $user_id . "'";
Database::query($sql_add_publication);
// add the directory
/**
* Check if a document width the chosen filename already exists
*/
function document_exists($filename)
{
global $dir;
$cleanName = api_replace_dangerous_char($filename);
// No "dangerous" files
$cleanName = disable_dangerous_file($cleanName);
return !DocumentManager::documentExists($dir . $cleanName . '.html', api_get_course_info(), api_get_session_id(), api_get_group_id());
}
/**
* Upload a submitted user production.
*
* @param $user_id User id
* @return The filename of the new production or FALSE if the upload has failed
*/
function upload_user_production($user_id)
{
$production_repository = UserManager::getUserPathById($user_id, 'system');
if (!file_exists($production_repository)) {
@mkdir($production_repository, api_get_permissions_for_new_directories(), true);
}
$filename = api_replace_dangerous_char($_FILES['production']['name']);
$filename = disable_dangerous_file($filename);
if (filter_extension($filename)) {
if (@move_uploaded_file($_FILES['production']['tmp_name'], $production_repository . $filename)) {
return $filename;
}
}
return false;
// this should be returned if anything went wrong with the upload
}
/**
* Check if a document width the chosen filename already exists
*/
function document_exists($filename)
{
global $dir;
// Clean up the name, only ASCII characters should stay. (and strict)
$cleanName = replace_dangerous_char($filename, 'strict');
// No "dangerous" files
$cleanName = disable_dangerous_file($cleanName);
return !DocumentManager::documentExists($dir . $cleanName . '.html', api_get_course_info(), api_get_session_id(), api_get_group_id());
/*$filename = addslashes(trim($filename));
$filename = Security::remove_XSS($filename);
$filename = replace_dangerous_char($filename);
$filename = disable_dangerous_file($filename);
return !file_exists($filepath.$filename.'.html');*/
}
/**
This function changes the name of a certain file.
It needs no global variables, it takes all info from parameters.
It returns nothing.
@todo check if this function is used
*/
function change_name($base_work_dir, $source_file, $rename_to, $dir, $doc)
{
$file_name_for_change = $base_work_dir . $dir . $source_file;
//api_display_debug_info("call my_rename: params $file_name_for_change, $rename_to");
$rename_to = disable_dangerous_file($rename_to);
// Avoid renaming to .htaccess file
$rename_to = my_rename($file_name_for_change, stripslashes($rename_to));
// fileManage API
if ($rename_to) {
if (isset($dir) && $dir != '') {
$source_file = $dir . $source_file;
$new_full_file_name = dirname($source_file) . '/' . $rename_to;
} else {
$source_file = '/' . $source_file;
$new_full_file_name = '/' . $rename_to;
}
update_db_info('update', $source_file, $new_full_file_name);
// fileManage API
$name_changed = get_lang('ElRen');
$info_message = get_lang('fileModified');
$GLOBALS['file_name'] = $rename_to;
$GLOBALS['doc'] = $rename_to;
return $info_message;
} else {
$dialogBox = get_lang('FileExists');
// TODO: This variable is not used.
/* Return to step 1 */
$rename = $source_file;
unset($source_file);
}
}
/**
This function changes the name of a certain file.
It needs no global variables, it takes all info from parameters.
It returns nothing.
@todo check if this function is used
*/
function change_name($base_work_dir, $source_file, $rename_to, $dir, $doc)
{
$file_name_for_change = $base_work_dir . $dir . $source_file;
$rename_to = disable_dangerous_file($rename_to);
// Avoid renaming to .htaccess file
$rename_to = my_rename($file_name_for_change, stripslashes($rename_to));
// fileManage API
if ($rename_to) {
if (isset($dir) && $dir != '') {
$source_file = $dir . $source_file;
$new_full_file_name = dirname($source_file) . '/' . $rename_to;
} else {
$source_file = '/' . $source_file;
$new_full_file_name = '/' . $rename_to;
}
update_db_info('update', $source_file, $new_full_file_name);
// fileManage API
Display::addFlash(Display::return_message(get_lang('fileModified')));
return true;
} else {
Display::addFlash(Display::return_message(get_lang('FileExists')));
}
}
}
// Uploading the audio files.
foreach ($_FILES as $key => $value) {
if (substr($key, 0, 7) == 'mp3file' and !empty($_FILES[$key]['tmp_name'])) {
// The id of the learning path item.
$lp_item_id = str_ireplace('mp3file', '', $key);
// Create the audio folder if it does not exist yet.
DocumentManager::createDefaultAudioFolder($_course);
// Check if file already exits into document/audio/
$file_name = $_FILES[$key]['name'];
$file_name = stripslashes($file_name);
// Add extension to files without one (if possible).
$file_name = add_ext_on_mime($file_name, $_FILES[$key]['type']);
$clean_name = api_replace_dangerous_char($file_name);
// No "dangerous" files.
$clean_name = disable_dangerous_file($clean_name);
$check_file_path = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document/audio/' . $clean_name;
// If the file exists we generate a new name.
if (file_exists($check_file_path)) {
$filename_components = explode('.', $clean_name);
// Gettting the extension of the file.
$file_extension = $filename_components[count($filename_components) - 1];
// Adding something random to prevent overwriting.
$filename_components[count($filename_components) - 1] = time();
// Reconstructing the new filename.
$clean_name = implode($filename_components) . '.' . $file_extension;
// Using the new name in the $_FILES superglobal.
$_FILES[$key]['name'] = $clean_name;
}
// Upload the file in the documents tool.
$file_path = handle_uploaded_document($_course, $_FILES[$key], api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document', '/audio', api_get_user_id(), '', '', '', '', false);
/**
* Update the url of a dir in the student_publication table
* @param string old path
* @param string new path
*/
function update_dir_name($work_data, $new_name, $title)
{
$course_id = api_get_course_int_id();
$work_id = intval($work_data['id']);
$path = $work_data['url'];
if ($work_data['title'] == $title) {
return true;
}
$title = Database::escape_string($title);
if (!empty($new_name)) {
global $base_work_dir;
$new_name = Security::remove_XSS($new_name);
$new_name = replace_dangerous_char($new_name);
$new_name = disable_dangerous_file($new_name);
my_rename($base_work_dir . '/' . $path, $new_name);
$table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
//update all the files in the other directories according with the next query
$sql = "SELECT id, url FROM {$table} WHERE c_id = {$course_id} AND parent_id = {$work_id}";
// like binary (Case Sensitive)
$rs = Database::query($sql);
$work_len = strlen('work/' . $path);
while ($work = Database::fetch_array($rs)) {
$new_dir = $work['url'];
$name_with_directory = substr($new_dir, $work_len, strlen($new_dir));
$name = Database::escape_string('work/' . $new_name . '/' . $name_with_directory);
$sql = 'UPDATE ' . $table . ' SET url= "' . $name . '" WHERE c_id = ' . $course_id . ' AND id= ' . $work['id'];
Database::query($sql);
}
$sql = "UPDATE {$table} SET url= '/" . $new_name . "' , title = '" . $title . "' WHERE c_id = {$course_id} AND id = {$work_id}";
Database::query($sql);
}
}
/**
* Create a new document //still needs some finetuning
* @param array $_course
* @return string
*/
public function create_document($_course)
{
$course_id = api_get_course_int_id();
global $charset;
$dir = isset($_GET['dir']) ? $_GET['dir'] : $_POST['dir'];
// Please, do not modify this dirname formatting.
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/' . $dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document' . $dir;
if (empty($_POST['dir']) && empty($_GET['dir'])) {
//Generates folder
$result = $this->generate_lp_folder($_course);
$dir = $result['dir'];
$filepath = $result['filepath'];
}
if (!is_dir($filepath)) {
$filepath = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document/';
$dir = '/';
}
// stripslashes() before calling api_replace_dangerous_char() because $_POST['title']
// is already escaped twice when it gets here.
$title = api_replace_dangerous_char(stripslashes($_POST['title']));
$title = disable_dangerous_file($title);
$filename = $title;
$content = $_POST['content_lp'];
$tmp_filename = $filename;
$i = 0;
while (file_exists($filepath . $tmp_filename . '.html')) {
$tmp_filename = $filename . '_' . ++$i;
}
$filename = $tmp_filename . '.html';
$content = stripslashes($content);
$content = str_replace(api_get_path(WEB_COURSE_PATH), api_get_path(REL_PATH) . 'courses/', $content);
// Change the path of mp3 to absolute.
// The first regexp deals with :// urls.
$content = preg_replace("|(flashvars=\"file=)([^:/]+)/|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/', $content);
// The second regexp deals with audio/ urls.
$content = preg_replace("|(flashvars=\"file=)([^/]+)/|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/$2/', $content);
// For flv player: To prevent edition problem with firefox, we have to use a strange tip (don't blame me please).
$content = str_replace('</body>', '<style type="text/css">body{}</style></body>', $content);
if (!file_exists($filepath . $filename)) {
if ($fp = @fopen($filepath . $filename, 'w')) {
fputs($fp, $content);
fclose($fp);
$file_size = filesize($filepath . $filename);
$save_file_path = $dir . $filename;
$document_id = add_document($_course, $save_file_path, 'file', $file_size, $tmp_filename);
if ($document_id) {
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentAdded', api_get_user_id(), null, null, null, null, api_get_session_id());
$new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : '';
$new_title = isset($_POST['title']) ? trim($_POST['title']) : '';
if ($new_comment || $new_title) {
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$ct = '';
if ($new_comment) {
$ct .= ", comment='" . Database::escape_string($new_comment) . "'";
}
if ($new_title) {
$ct .= ", title='" . Database::escape_string(htmlspecialchars($new_title, ENT_QUOTES, $charset)) . "' ";
}
$sql_update = "UPDATE " . $tbl_doc . " SET " . substr($ct, 1) . " WHERE c_id = " . $course_id . " AND id = " . $document_id;
Database::query($sql_update);
}
}
return $document_id;
}
}
}
/**
* move the uploaded file to a specific location
*
* @param string $dest the path to the directory which the uploaded file will be moved to
* @param string $fileBaseName the base name which the uploaded file will be renamed to
* @param unknown_type $overwrite
* @return unknown
*/
function moveUploadedFile($dest, $fileBaseName = '', $overwrite = false)
{
//ensure the directory path ending with /
if ($dest != '' && substr($dest, -1) != '/') {
$dest .= '/';
}
$this->dirPath = $dest;
$fileName = basename($this->_value['name']);
$dotIndex = strrpos($fileName, '.');
$this->fileExtension = '';
if (is_int($dotIndex)) {
$this->fileExtension = substr($fileName, $dotIndex);
$this->fileBaseName = substr($fileName, 0, $dotIndex);
}
if (!empty($fileBaseName)) {
$this->fileBaseName = $fileBaseName;
}
$this->fileBaseName = disable_dangerous_file(replace_dangerous_char(str_replace(' ', '_', $this->fileBaseName), 'strict'));
// Juan Carlos Raña replace space by _ because fix long names. See: ajaxfilemanager/inc/class.manager.php. And add cleaning from Chamilo replace_dangerous_char() and disable_dangerous_file()
$fileName = $this->fileBaseName . $this->fileExtension;
$filePath = $dest . $fileName;
if (!$overwrite && file_exists($filePath) && is_file($filePath)) {
//rename
$counter = 0;
while (file_exists($dest . $fileName) && is_file($dest . $fileName)) {
$counter++;
$fileName = $this->fileBaseName . '_' . $counter . $this->fileExtension;
}
$this->fileBaseName .= "_" . $counter;
}
if (@move_uploaded_file($this->_value['tmp_name'], $dest . $fileName)) {
@chmod($dest . $fileName, $this->uploadFileMode);
$this->fileName = $fileName;
$this->filePath = $dest . $fileName;
return true;
} else {
return false;
}
}
$webcamdir = $params['webcamdir'];
$webcamuserid = $params['webcamuserid'];
} else {
api_not_allowed();
die;
}
if ($webcamuserid != api_get_user_id() || api_get_user_id() == 0 || $webcamuserid == 0) {
api_not_allowed();
die;
}
//clean
$webcamname = Security::remove_XSS($webcamname);
$webcamname = Database::escape_string($webcamname);
$webcamname = addslashes(trim($webcamname));
$webcamname = api_replace_dangerous_char($webcamname);
$webcamname = disable_dangerous_file($webcamname);
$webcamdir = Security::remove_XSS($webcamdir);
//security extension
$ext = explode('.', $webcamname);
$ext = strtolower($ext[sizeof($ext) - 1]);
if ($ext != 'jpg') {
die;
}
//Do not use here check Fileinfo method because return: text/plain //CHECK THIS BEFORE COMMIT
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH) . $_course['path'] . '/document';
$saveDir = $dirBaseDocuments . $webcamdir;
$current_session_id = api_get_session_id();
$groupId = api_get_group_id();
//Avoid duplicates
$webcamname_to_save = $webcamname;
$title_to_save = str_replace('_', ' ', $webcamname);
/**
* Creates a new task (directory) in the assignment tool
* @param array $params
* @param int $user_id
* @param array $courseInfo
* @param int $group_id
* @param int $session_id
* @return bool|int
* @note $params can have the following elements, but should at least have the 2 first ones: (
* 'new_dir' => 'some-name',
* 'description' => 'some-desc',
* 'qualification' => 20 (e.g. 20),
* 'weight' => 50 (percentage) to add to gradebook (e.g. 50),
* 'allow_text_assignment' => 0/1/2,
* @todo Rename createAssignment or createWork, or something like that
*/
function addDir($formValues, $user_id, $courseInfo, $group_id, $session_id)
{
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
$user_id = intval($user_id);
$group_id = intval($group_id);
$session_id = intval($session_id);
$base_work_dir = api_get_path(SYS_COURSE_PATH) . $courseInfo['path'] . '/work';
$course_id = $courseInfo['real_id'];
$directory = api_replace_dangerous_char($formValues['new_dir']);
$directory = disable_dangerous_file($directory);
$created_dir = create_unexisting_work_directory($base_work_dir, $directory);
if (!empty($created_dir)) {
$dirName = '/' . $created_dir;
$today = api_get_utc_datetime();
$params = ['c_id' => $course_id, 'url' => $dirName, 'title' => $formValues['new_dir'], 'description' => $formValues['description'], 'author' => '', 'active' => '1', 'accepted' => '1', 'filetype' => 'folder', 'post_group_id' => $group_id, 'sent_date' => $today, 'qualification' => $formValues['qualification'] != '' ? $formValues['qualification'] : '', 'parent_id' => '', 'qualificator_id' => '', 'weight' => $formValues['weight'], 'session_id' => $session_id, 'allow_text_assignment' => $formValues['allow_text_assignment'], 'contains_file' => 0, 'user_id' => $user_id];
$id = Database::insert($work_table, $params);
if ($id) {
$sql = "UPDATE {$work_table} SET id = iid WHERE iid = {$id}";
Database::query($sql);
// Folder created
api_item_property_update($courseInfo, 'work', $id, 'DirectoryCreated', $user_id, $group_id);
updatePublicationAssignment($id, $formValues, $courseInfo, $group_id);
if (api_get_course_setting('email_alert_students_on_new_homework') == 1) {
send_email_on_homework_creation($course_id, $session_id, $id);
}
return $id;
}
}
return false;
}
/**
* Filters dangerous filenames (*.php[.]?* and .htaccess) and returns it in
* a non-executable form (for PHP and htaccess, this is still vulnerable to
* other languages' files extensions)
* @param string Unfiltered filename
* @param string Filtered filename
* @return string
*/
public static function filter_filename($filename)
{
return disable_dangerous_file($filename);
}
/**
* Creates a new task (directory) in the assignment tool
* @param array $params
* @param int $user_id
* @param array $courseInfo
* @param int $group_id
* @param int $session_id
* @return bool|int
* @note $params can have the following elements, but should at least have the 2 first ones: (
* 'new_dir' => 'some-name',
* 'description' => 'some-desc',
* 'qualification' => 20 (e.g. 20),
* 'weight' => 50 (percentage) to add to gradebook (e.g. 50),
* 'allow_text_assignment' => 0/1/2,
* @todo Rename createAssignment or createWork, or something like that
*/
function addDir($params, $user_id, $courseInfo, $group_id, $session_id)
{
$work_table = Database :: get_course_table(TABLE_STUDENT_PUBLICATION);
$user_id = intval($user_id);
$group_id = intval($group_id);
$session_id = intval($session_id);
$base_work_dir = api_get_path(SYS_COURSE_PATH).$courseInfo['path'].'/work';
$course_id = $courseInfo['real_id'];
$directory = replace_dangerous_char($params['new_dir']);
$directory = disable_dangerous_file($directory);
$created_dir = create_unexisting_work_directory($base_work_dir, $directory);
if (!empty($created_dir)) {
$dirName = '/'.$created_dir;
$today = api_get_utc_datetime();
$sql = "INSERT INTO " . $work_table . " SET
c_id = $course_id,
url = '".Database::escape_string($dirName)."',
title = '".Database::escape_string($params['new_dir'])."',
description = '".Database::escape_string($params['description'])."',
author = '',
active = '1',
accepted = '1',
filetype = 'folder',
post_group_id = '".$group_id."',
sent_date = '".$today."',
qualification = '".(($params['qualification'] != '') ? Database::escape_string($params['qualification']) : '') ."',
parent_id = '',
qualificator_id = '',
date_of_qualification = '0000-00-00 00:00:00',
weight = '".Database::escape_string($params['weight'])."',
session_id = '".$session_id."',
allow_text_assignment = '".Database::escape_string($params['allow_text_assignment'])."',
contains_file = 0,
user_id = '".$user_id."'";
Database::query($sql);
// Add the directory
$id = Database::insert_id();
if ($id) {
// Folder created
api_item_property_update(
$courseInfo,
'work',
$id,
'DirectoryCreated',
$user_id,
$group_id
);
updatePublicationAssignment($id, $params, $courseInfo, $group_id);
if (api_get_course_setting('email_alert_students_on_new_homework') == 1) {
send_email_on_homework_creation(api_get_course_id());
}
return $id;
}
}
return false;
}
$wamiuserid = $params['wamiuserid'];
} else {
api_not_allowed();
die();
}
if ($wamiuserid != api_get_user_id() || api_get_user_id() == 0 || $wamiuserid == 0) {
api_not_allowed();
die();
}
// Clean
$waminame = Security::remove_XSS($waminame);
$waminame = Database::escape_string($waminame);
$waminame = replace_dangerous_char($waminame, 'strict');
$waminame = disable_dangerous_file($waminame);
$wamidir = Security::remove_XSS($wamidir);
$content = file_get_contents('php://input');
if (empty($content)) {
exit;
}
$ext = explode('.', $waminame);
$ext = strtolower($ext[sizeof($ext) - 1]);
if ($ext != 'wav') {
die();
}
// Do not use here check Fileinfo method because return: text/plain
/**
* This function cleans up a given path
* by eliminating dangerous file names and cleaning them
*
* @param string $path
* @return $path
* @see disable_dangerous_file()
* @see api_replace_dangerous_char()
*/
function clean_up_path(&$path)
{
// Split the path in folders and files
$path_array = explode('/', $path);
// Clean up every foler and filename in the path
foreach ($path_array as $key => &$val) {
// We don't want to lose the dots in ././folder/file (cfr. zipfile)
if ($val != '.') {
$val = disable_dangerous_file(api_replace_dangerous_char($val));
}
}
// Join the "cleaned" path (modified in-place as passed by reference)
$path = implode('/', $path_array);
$res = filter_extension($path);
return $res;
}
/**
* Create a new document //still needs some finetuning
*
* @param array $_course
* @return string
*/
function create_document($_course)
{
global $charset;
$dir = isset($_GET['dir']) ? $_GET['dir'] : $_POST['dir'];
// please do not modify this dirname formatting
if (strstr($dir, '..')) {
$dir = '/';
}
if ($dir[0] == '.') {
$dir = substr($dir, 1);
}
if ($dir[0] != '/') {
$dir = '/' . $dir;
}
if ($dir[strlen($dir) - 1] != '/') {
$dir .= '/';
}
$filepath = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/document' . $dir;
if (!is_dir($filepath)) {
$filepath = api_get_path('SYS_COURSE_PATH') . $_course['path'] . '/document/';
$dir = '/';
}
//stripslashes before calling replace_dangerous_char() because $_POST['title']
//is already escaped twice when it gets here
$tmp_title = stripslashes($_POST['title']);
$title = replace_dangerous_char(stripslashes($_POST['title']));
$title = disable_dangerous_file($title);
$filename = $title;
$content = $_POST['content_lp'];
$tmp_filename = $filename;
$i = 0;
while (file_exists($filepath . $tmp_filename . '.html')) {
$tmp_filename = $filename . '_' . ++$i;
}
$filename = $tmp_filename . '.html';
$content = stripslashes(text_filter($content));
$content = str_replace(api_get_path('WEB_COURSE_PATH'), api_get_path(REL_PATH) . 'courses/', $content);
// change the path of mp3 to absolute
// first regexp deals with ../../../ urls
$content = preg_replace("|(flashvars=\"file=)(\\.+/)+|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/', $content);
//second regexp deals with audio/ urls
$content = preg_replace("|(flashvars=\"file=)([^/]+)/|", "\$1" . api_get_path(REL_COURSE_PATH) . $_course['path'] . '/document/$2/', $content);
// for flv player : to prevent edition problem with firefox, we have to use a strange tip (don't blame me please)
$content = str_replace('</body>', '<style type="text/css">body{}</style></body>', $content);
if (!file_exists($filepath . $filename)) {
if ($fp = @fopen($filepath . $filename, 'w')) {
fputs($fp, $content);
fclose($fp);
$file_size = filesize($filepath . $filename);
$save_file_path = $dir . $filename;
$document_id = add_document($_course, $save_file_path, 'file', $file_size, $tmp_title . '.html');
if ($document_id) {
api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentAdded', api_get_user_id(), null, null, null, null, api_get_session_id());
//update parent folders
//item_property_update_on_folder($_course, $_GET['dir'], $_user['user_id']);
$new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : '';
$new_title = isset($_POST['title']) ? trim($_POST['title']) : '';
if ($new_comment || $new_title) {
$tbl_doc = Database::get_course_table(TABLE_DOCUMENT);
$ct = '';
if ($new_comment) {
$ct .= ", comment='" . $new_comment . "'";
}
if ($new_title) {
$ct .= ", title='" . Database::escape_string(htmlspecialchars($new_title, ENT_QUOTES, $charset)) . ".html\t'";
}
$sql_update = "\n\t\t\t\t\t\t\t\t\t\t\t\t\tUPDATE " . $tbl_doc . "\n\t\t\t\t\t\t\t\t\t\t\t\t\tSET " . substr($ct, 1) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE id = " . $document_id;
Database::query($sql_update, __FILE__, __LINE__);
}
}
return $document_id;
}
}
}
/**
* Filters dangerous filenames (*.php[.]?* and .htaccess) and returns it in
* a non-executable form (for PHP and htaccess, this is still vulnerable to
* other languages' files extensions)
* @param string Unfiltered filename
* @param string Filtered filename
* @return string
*/
public static function filter_filename($filename)
{
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
return disable_dangerous_file($filename);
}