/**
*
* Function sort out paramaters
* This function creates folders needed when duplicating a template
* @param number $folder_name_id - the id of this template
* @param number $tutorial_id_from_post - the parent template name for the new tutorial
* @version 1.0
* @author Patrick Lockley
*/
function create_new_template($folder_name_id, $parent_template_name)
{
global $dir_path, $new_path, $temp_dir_path, $temp_new_path, $xerte_toolkits_site;
$row_framework = db_query_one("SELECT template_framework from {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails WHERE template_name = ?", array($parent_template_name));
// I think this is wrong, currently looking like : /home/david/src/xerteonlinetoolkits/modules//templates/0 should presumably be home/david/src/xerteonlinetoolkits/modules/xerte/templates/Nottingham
$dir_path = $xerte_toolkits_site->basic_template_path . $row_framework['template_framework'] . "/templates/" . $parent_template_name;
/**
* Get the id of the folder we are looking to copy into
*/
_debug("Creating new template : {$folder_name_id}, {$parent_template_name}");
$new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $parent_template_name;
$path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $parent_template_name;
if (is_dir($path)) {
_debug("Trying to create new template at location - {$path} - it's already in use. Aborting");
die("Template directory already exists; will not overwrite/re-create.");
}
if (mkdir($path)) {
_debug("Created {$path} ok");
if (@chmod($path, 0777)) {
$ok = copy_r($dir_path, $path);
_debug("Copy_r returned " . print_r($ok, true));
return $ok;
} else {
_debug("Failed to set rights ");
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "MAJOR", "Failed to set rights on parent folder for template", "Failed to set rights on parent folder " . $path);
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "CRITICAL", "Failed to create parent folder for template", "Failed to create parent folder " . $path);
return false;
}
}
/**
*
* Function database connect
* This function checks http security settings
* @param string $success_string = Successful message for the error log
* @param string $error_string = Error message for the error log
* @version 1.0
* @author Patrick Lockley
*/
function database_connect($success_string, $error_string)
{
global $xerte_toolkits_site;
/*
* Try to connect
*/
$mysql_connect_id = @mysql_connect($xerte_toolkits_site->database_host, $xerte_toolkits_site->database_username, $xerte_toolkits_site->database_password);
/*
* Check for connection and error if failed
*/
if (!$mysql_connect_id) {
die("<h2>Xerte Online Toolkits</h2>\r\n <p><strong>Sorry, the system cannot connect to the database at present</strong></p>\r\n <p>This may be because the database server is offline, or this instance of Xerte has not been setup (see <a href='setup'>/setup</a>). </p>\r\n <p>The mysql error is <strong>" . mysql_error() . "</strong></p>");
}
$database_fail = false;
mysql_select_db($xerte_toolkits_site->database_name) or $database_fail = true;
/*
* database failing code
*/
$username = '******';
if (isset($_SESSION['toolkits_logon_username'])) {
$username = $_SESSION['toolkits_logon_username'];
}
if ($database_fail) {
receive_message($username, "ADMIN", "CRITICAL", "DATABASE FAILED AT " . $error_string, "MYSQL ERROR MESSAGE IS " . mysql_error());
die("Sorry, the system cannot connect to the database at present. The mysql error is " . mysql_error());
} else {
receive_message($username, "ADMIN", "SUCCESS", "DATABASE CONNECTED", $success_string);
}
/*
* if all worked returned the mysql ID
*/
return $mysql_connect_id;
}
function get_default_engine($template_id)
{
global $xerte_toolkits_site;
$row = db_query_one("SELECT td.extra_flags FROM {$xerte_toolkits_site->database_table_prefix}templatedetails td WHERE td.template_id = ?", array($template_id));
if ($row == false) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to get default template engine", "Failed to get the default template engine");
} else {
$engine = 'javascript';
$extra_flags = explode(";", $row['extra_flags']);
foreach ($extra_flags as $flag) {
$parameter = explode("=", $flag);
switch ($parameter[0]) {
case 'engine':
$engine = $parameter[1];
break;
}
}
return $engine;
}
}
function move_folder($folder_id, $destination)
{
global $xerte_toolkits_site;
$mysql_id = database_connect("Move file database connect success", "Move file database connect failure");
if ($destination != "") {
/*
* Move folder in database
*/
$prefix = $xerte_toolkits_site->database_table_prefix;
$query_folder = "UPDATE {$prefix}folderdetails SET folder_parent = ? WHERE (folder_id = ? )";
$params = array($destination, $folder_id);
$ok = db_query($query_folder, $params);
if ($ok) {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "Folder " . $folder_id . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $folder_id . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "Folder " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
}
}
}
echo "file has been corrupted<BR>";
//die();
}
$unescaped_data = $_POST['filedata'];
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$unescaped_data = stripslashes($_POST['filedata']);
}
$filedata = apply_filters("editor_save_data", $unescaped_data);
/**
* Save and play do slightly different things. Save sends an extra variable so we update data.xml as well as preview.xml
*/
if ($_POST['fileupdate'] == "true") {
$file_handle = fopen($xerte_toolkits_site->root_file_path . $savepath, 'w');
if (fwrite($file_handle, $filedata) != false) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Template " . $_POST['filename'] . " saved", $filedata);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Template " . $_POST['filename'] . " failed to save", $filedata);
}
fclose($file_handle);
}
/**
* Update preview.xml
*/
$filedata = apply_filters("editor_save_preview", $unescaped_data);
$file_handle = fopen($xerte_toolkits_site->root_file_path . $_POST['filename'], 'w');
if (fwrite($file_handle, $filedata) != false) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Template " . $_POST['filename'] . " saved", $filedata);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Template " . $_POST['filename'] . " failed to save", $filedata);
}
fclose($file_handle);
<?php
/**
*
* delete file template, allows the site to delete files from the media folder
*
* @author Patrick Lockley
* @version 1.0
* @copyright Copyright (c) 2008,2009 University of Nottingham
* @package
*/
include "../error_library.php";
/** XXX/ TODO SECURITY HOLE - NEED TO CHECK $_POST['file'] IS VALID */
if (unlink(urldecode($_POST['file']))) {
receive_message($_SESSION['toolkits_logon_username'], "FILE", "SUCCESS", "The file " . $_POST['file'] . "has been deleted", "User " . $_SESSION['toolkits_logon_username'] . " has deleted " . $_POST['file']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE", "MAJOR", "The file " . $_POST['file'] . "hasn't been deleted", "User " . $_SESSION['toolkits_logon_username'] . " was not deleted " . $_POST['file']);
}
/**
*
* Function get user root folder
* Get the id for the users root folder
* @author Patrick Lockley
* @version 1.0
* @copyright Copyright (c) 2008,2009 University of Nottingham
* @package
*/
function get_user_root_folder()
{
global $xerte_toolkits_site;
$query = "select folder_id from " . $xerte_toolkits_site->database_table_prefix . "folderdetails where login_id='" . $_SESSION['toolkits_logon_id'] . "' AND folder_name = '" . $_SESSION['toolkits_logon_username'] . "'";
$query_response = mysql_query($query);
if ($query_response != FALSE) {
$row = mysql_fetch_array($query_response);
return $row['folder_id'];
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to get users root folder", "Failed to get users root folder");
}
}
function valid_login($username, $password, $xerte_toolkits_site)
{
$link = mysql_connect($xerte_toolkits_site->database_host, $xerte_toolkits_site->database_username, $xerte_toolkits_site->database_password);
mysql_select_db($xerte_toolkits_site->database_name);
$ldap_hosts = mysql_query("select * from " . $xerte_toolkits_site->database_table_prefix . "ldap");
if (!$ldap_hosts) {
if (strpos($xerte_toolkits_site->ldap_host, "\$\$\$")) {
$login_check = false;
$host = explode("\$\$\$", $xerte_toolkits_site->ldap_host);
$port = explode("\$\$\$", $xerte_toolkits_site->ldap_port);
$bind_pwd = explode("\$\$\$", $xerte_toolkits_site->bind_pwd);
$basedn = explode("\$\$\$", $xerte_toolkits_site->basedn);
$bind_dn = explode("\$\$\$", $xerte_toolkits_site->bind_dn);
for ($x = 0; $x < count($host); $x++) {
$login_check = authenticate_to_host($host[$x], $port[$x], $bind_pwd[$x], $basedn[$x], $bind_dn[$x], $username, $password, $xerte_toolkits_site);
if ($login_check) {
break;
}
}
if ($login_check) {
receive_message($username, "USER", "SUCCESS", "Logging in succeeded for " . $username, "Logging in succeeded for " . $username);
return $login_check;
} else {
receive_message($username, "USER", "CRITICAL", "Login failed for " . $username, "Login failed for " . $username);
return $login_check;
}
} else {
$host = $xerte_toolkits_site->ldap_host;
$port = $xerte_toolkits_site->ldap_port;
$bind_pwd = $xerte_toolkits_site->bind_pwd;
$basedn = $xerte_toolkits_site->basedn;
$bind_dn = $xerte_toolkits_site->bind_dn;
$result = authenticate_to_host($host, $port, $bind_pwd, $basedn, $bind_dn, $username, $password, $xerte_toolkits_site);
if ($result) {
receive_message($username, "USER", "SUCCESS", "Logging in succeeded for " . $username, "Logging in succeeded for " . $username);
return $result;
} else {
receive_message($username, "USER", "CRITICAL", "Login failed for " . $username, "Login failed for " . $username);
return $result;
}
}
} else {
while ($host = mysql_fetch_array($ldap_hosts)) {
$result = authenticate_to_host($host['ldap_host'], $host['ldap_port'], $host['ldap_password'], $host['ldap_username'], $host['ldap_basedn'], $host['ldap_filter'], $host['ldap_filter_attr'], $username, $password, $xerte_toolkits_site);
if ($result[0]) {
return true;
}
}
}
return false;
}
if (!empty($_FILES)) {
if (!apply_filters('editor_upload_file', $_FILES)) {
_debug("file upload for " . print_r($_FILES, true) . " failed. ");
die("File upload failed; check server logs.");
}
} else {
die("No file(s) uploaded");
}
/**
* These checks remain from R708
*/
$pass = true;
if (strpos($_FILES['Filedata']['name'], '../') !== false) {
$pass = false;
}
if (strpos($_FILES['Filedata']['name'], '...') !== false) {
$pass = false;
}
if ($pass === false) {
receive_message($_SESSION['toolkits_logon_username'], "UPLOAD", "CRITICAL", "Invalid filename: " . $_FILES['Filedata']['name'], "Invalid filename: " . $_FILES['Filedata']['name']);
exit;
}
/**
* Passed all the checks so lets try to write the file
*/
$new_file_name = $xerte_toolkits_site->root_file_path . $_GET['path'] . $_FILES['Filedata']['name'];
if (!move_uploaded_file($_FILES['Filedata']['tmp_name'], $new_file_name)) {
receive_message($_SESSION['toolkits_logon_username'], "UPLOAD", "CRITICAL", "Error saving file: " . $new_file_name, "Error saving file: " . error_get_last());
die("Couldn't move uploaded file into place.");
}
apply_filters('editor_post_upload_file', $new_file_name);
/**
*
* Function make new template
* This function checks http security settings
* @param string $type = type of template
* @param string $zip_path = the path we are zipping
* @version 1.0
* @author Patrick Lockley
*/
function make_new_template($type, $zip_path)
{
global $xerte_toolkits_site, $delete_folder_array, $folder_id;
$database_connect_id = database_connect("new_template(import) database connect success", "new_template(import) database connect fail");
/*
*get the root folder for this user
*/
$root_folder_id = get_user_root_folder();
/*
* get the maximum id number from templates, as the id for this template
*/
$maximum_template_id = get_maximum_template_number();
$root_folder = get_user_root_folder();
$prefix = $xerte_toolkits_site->database_table_prefix;
$query_for_template_type_id = "select template_type_id, template_framework from {$prefix}originaltemplatesdetails where template_name = ?";
$params = array($type);
$row_template_type = db_query_one($query_for_template_type_id, $params);
/*
* create the new template record in the database
*/
/*
* See if we have been given a name, if not, use a fixed one.
*/
if ($_POST['templatename'] != "") {
$template_name = $_POST['templatename'];
} else {
$template_name = IMPORT_NAME_IF_EMPTY;
}
$query_for_new_template = "INSERT INTO {$prefix}templatedetails " . "(template_id, creator_id, template_type_id, date_created, date_modified, access_to_whom, template_name, extra_flags) " . "VALUES (?,?,?,?,?,?,?,?)";
$params = array($maximum_template_id + 1, $_SESSION['toolkits_logon_id'], $row_template_type['template_type_id'], date('Y-m-d'), date('Y-m-d'), "Private", $template_name, "engine=javascript");
$ok = db_query($query_for_new_template, $params);
if ($ok !== false) {
/*
* Are we importing into a folder
*/
if ($folder_id == "") {
$folder_id = $root_folder_id;
}
$query_for_template_rights = "INSERT INTO {$prefix}templaterights" . " (template_id,user_id,role, folder)" . "VALUES (?,?,?,?)";
$params = array($maximum_template_id + 1, $_SESSION['toolkits_logon_id'], "creator", $folder_id);
$ok = db_query($query_for_template_rights, $params);
if ($ok !== false) {
/*
* Make the folders and copy the files in
*/
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Created new template record for the database", $query_for_new_template . " " . $query_for_template_rights);
mkdir($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type);
chmod($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type, 0777);
copy_loop($zip_path, $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type . "/");
echo IMPORT_SUCCESS . "****";
/*
* Remove the files
*/
array_splice($delete_folder_array, 0);
delete_loop($zip_path);
foreach ($delete_folder_array as $delete_folder) {
rmdir($delete_folder);
}
$delete_folder_array = null;
rmdir($zip_path);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_template_rights);
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_new_template);
echo "FAILED-" . $_SESSION['toolkits_most_recent_error'];
}
}
foreach ($files_to_move as $file) {
@rename($file, $destination . $file);
}
// Now remove all the (media|thumbs|common|models) files.
recursive_delete($toplevel_src_path, true);
}
$template_src = $temp_dir . DIRECTORY_SEPARATOR . $folder . DIRECTORY_SEPARATOR;
rename($template_src . "template.rlt", $xerte_module_path . "xerte/parent_templates/" . $folder . "/" . $folder . ".rlt");
rename($template_src . "template.xml", $xerte_module_path . "xerte/templates/" . $folder . "/data.xml");
rename($template_src . "template.xwd", $xerte_module_path . "xerte/parent_templates/" . $folder . "/data.xwd");
// Remove anything now left.
recursive_delete($temp_dir, true);
if ($_POST['folder'] == "") {
/*
* No folder was posted, so add records to the database id.
*/
_debug("Adding template to database ({$folder}/ {$desc}/ {$name} etc)");
$prefix = $xerte_toolkits_site->database_table_prefix;
$sql = "INSERT INTO {$prefix}originaltemplatedetails \n (template_framework, template_name, description, date_uploaded, display_name, display_id, access_rights, active)\n VALUES (?,?,?,?,?,?,?,?)";
$parameters = array('xerte', $folder, $desc, date('Y-m-d'), $name, '0', '', 'false');
$ok = db_query($sql, $parameters);
if ($ok) {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "Folder creation succeeded for " . $_SESSION['toolkits_logon_username'], "Folder creation succeeded for " . $_SESSION['toolkits_logon_username']);
echo IMPORT_TEMPLATE_FOLDER_CREATE . "****";
_debug("template saved to db ok; import presumably ok.");
} else {
receive_message($_SESSION['toolkits_logon_username'], "USER", "CRITICAL", "Folder creation failed for " . $_SESSION['toolkits_logon_username'], "Folder creation failed for " . $_SESSION['toolkits_logon_username']);
echo IMPORT_TEMPLATE_FOLDER_FAIL . "****";
_debug("template failed to save to db");
}
}
/**
*
* Function move file
* This function is used to move files and folders
* @param array $files_to_move = an array of files and folders to move
* @param string $destination = Name of the new folder
* @version 1.0
* @author Patrick Lockley
*/
function move_file($files_to_move, $destination)
{
global $xerte_toolkits_site;
$mysql_id = database_connect("Move file database connect success", "Move file database connect failure");
$new_files_array = explode(",", $files_to_move);
/*
* Files array can be complicated, and this thread can lock the system, so limit max files to 50
*/
if (count($new_files_array) != 0 && count($new_files_array) <= 50) {
/*
* check their is a destination
*/
if ($destination != "") {
for ($x = 0; $x != count($new_files_array); $x++) {
// check there are files
if ($new_files_array[$x] != "") {
if ($new_files_array[$x + 1] == "file") {
if ($new_files_array[$x + 2] == "folder_workspace") {
$parent = get_user_root_folder();
}
if ($destination == "folder_workspace") {
$destination = get_user_root_folder();
}
if ($destination == "recyclebin") {
$destination = get_recycle_bin();
}
/*
* Move files in the database
*/
$query_file = "UPDATE " . $xerte_toolkits_site->database_table_prefix . "templaterights SET folder = \"" . $destination . "\" where (template_id=\"" . $new_files_array[$x] . "\" AND user_id =\"" . $_SESSION['toolkits_logon_id'] . "\")";
if (mysql_query($query_file)) {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
}
} else {
/*
* destination is the root folder
*/
if ($destination == "folder_workspace") {
$destination = get_user_root_folder();
}
$query_folder = "UPDATE " . $xerte_toolkits_site->database_table_prefix . "folderdetails SET folder_parent = \"" . $destination . "\" where (folder_id=\"" . $new_files_array[$x] . "\")";
if (mysql_query($query_folder)) {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "Folder " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "File " . $new_files_array[$x] . " moved into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "USER", "SUCCESS", "File " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username'], "Folder " . $new_files_array[$x] . " failed to move into " . $destination . " for " . $_SESSION['toolkits_logon_username']);
}
}
$x += 2;
}
}
}
}
mysql_close($mysql_id);
}
/**
*
* Function make new template
* This function checks http security settings
* @param string $type = type of template
* @param string $zip_path = the path we are zipping
* @version 1.0
* @author Patrick Lockley
*/
function make_new_template($type, $zip_path)
{
global $xerte_toolkits_site, $delete_folder_array, $folder_id;
$database_connect_id = database_connect("new_template(import) database connect success", "new_template(import) database connect fail");
/*
*get the root folder for this user
*/
$root_folder_id = get_user_root_folder();
/*
* get the maximum id number from templates, as the id for this template
*/
$maximum_template_id = get_maximum_template_number();
$root_folder = get_user_root_folder();
$query_for_template_type_id = "select template_type_id, template_framework from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails where template_name = '" . $type . "'";
$query_for_template_type_id_response = mysql_query($query_for_template_type_id);
$row_template_type = mysql_fetch_array($query_for_template_type_id_response);
/*
* create the new template record in the database
*/
/*
* See if we have been given a name, if not, use a fixed one.
*/
if ($_POST['templatename'] != "") {
$template_name = mysql_real_escape_string($_POST['templatename']);
} else {
$template_name = IMPORT_NAME_IF_EMPTY;
}
$query_for_new_template = "INSERT INTO " . $xerte_toolkits_site->database_table_prefix . "templatedetails (template_id, creator_id, template_type_id, date_created, date_modified, access_to_whom, template_name) VALUES (\"" . ($maximum_template_id + 1) . "\",\"" . $_SESSION['toolkits_logon_id'] . "\", \"" . $row_template_type['template_type_id'] . "\",\"" . date('Y-m-d') . "\",\"" . date('Y-m-d') . "\",\"Private\",\"" . $template_name . "\")";
if (mysql_query($query_for_new_template)) {
/*
* Are we importing into a folder
*/
if ($folder_id == "") {
$folder_id = $root_folder_id;
}
$query_for_template_rights = "INSERT INTO " . $xerte_toolkits_site->database_table_prefix . "templaterights (template_id,user_id,role, folder) VALUES (\"" . ($maximum_template_id + 1) . "\",\"" . $_SESSION['toolkits_logon_id'] . "\", \"creator\" ,\"" . $folder_id . "\")";
if (mysql_query($query_for_template_rights)) {
/*
* Make the folders and copy the files in
*/
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Created new template record for the database", $query_for_new_template . " " . $query_for_template_rights);
mkdir($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type);
chmod($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type, 0777);
mkdir($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type . "/media/");
chmod($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type . "/media/", 0777);
copy_loop($zip_path, $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . ($maximum_template_id + 1) . "-" . $_SESSION['toolkits_logon_username'] . "-" . $type . "/");
echo IMPORT_SUCCESS . "****";
/*
* Remove the files
*/
array_splice($delete_folder_array, 0);
delete_loop($zip_path);
while ($delete_folder = array_pop($delete_folder_array)) {
rmdir($delete_folder);
}
rmdir($zip_path);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_template_rights);
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_new_template);
echo "FAILED-" . $_SESSION['toolkits_most_recent_error'];
}
mysql_close($database_connect_id);
}
/**
*
* Function get user root folder
* Get the id for the users root folder
* @author Patrick Lockley
* @version 1.0
* @package
*/
function get_user_root_folder()
{
global $xerte_toolkits_site;
$prefix = $xerte_toolkits_site->database_table_prefix;
$query = "select folder_id from {$prefix}folderdetails where login_id= ? AND folder_name = ?";
$params = array($_SESSION['toolkits_logon_id'], $_SESSION['toolkits_logon_username']);
$query_response = db_query($query, $params);
if ($query_response != FALSE) {
$row = $query_response[0];
return $row['folder_id'];
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to get users root folder", "Failed to get users root folder");
}
}
require_once "../../../config.php";
include "../user_library.php";
include "../deletion_library.php";
include "../template_status.php";
_load_language_file("/website_code/php/templates/delete_template.inc");
$database_id = database_connect("delete template database connect success", "delete template database connect failed");
/*
* get the folder id to delete
*/
if (is_numeric($_POST['template_id'])) {
$safe_template_id = mysql_real_escape_string($_POST['template_id']);
if (!is_template_syndicated($safe_template_id)) {
if (is_user_creator($safe_template_id)) {
$query_for_folder_id = "select * from " . $xerte_toolkits_site->database_table_prefix . "templaterights where template_id=\"" . $safe_template_id . "\"";
$query_for_folder_id_response = mysql_query($query_for_folder_id);
$row = mysql_fetch_array($query_for_folder_id_response);
// delete from the database
$query_to_delete_template = "update " . $xerte_toolkits_site->database_table_prefix . "templaterights set folder=\"" . get_recycle_bin() . "\" where template_id=\"" . $safe_template_id . "\" and user_id=\"" . $_SESSION['toolkits_logon_id'] . "\"";
if (mysql_query($query_to_delete_template)) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Moved file to users recycle bin", "Moved file to users recycle bin");
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to move file to the recycle bin", "Failed to move file to the recycle bin");
}
} else {
echo DELETE_TEMPLATE_NOT_CREATOR;
}
} else {
echo DELETE_TEMPLATE_SYNDICATED;
}
mysql_close($database_id);
}
/**
*
* Function create folder loop
* This function creates folders needed when duplicating a template
* @param string $folder_name_id - the id of the new template
* @param number $id_to_copy - the id of the old template
* @param string $tutorial_id_from_post - The name of this tutorial type i.e Nottingham
* @version 1.0
* @author Patrick Lockley
*/
function duplicate_template($folder_name_id, $id_to_copy, $tutorial_id_from_post)
{
global $dir_path, $new_path, $temp_dir_path, $temp_new_path, $xerte_toolkits_site;
$database_id = database_connect("file_library database connect success", "file_library database connect fail");
$query_for_framework = "select template_framework from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails where template_name =\"" . $tutorial_id_from_post . "\"";
$query_for_framework_response = mysql_query($query_for_framework);
$row_framework = mysql_fetch_array($query_for_framework_response);
$dir_path = $xerte_toolkits_site->users_file_area_full . $id_to_copy . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
/*
* Get the id of the folder we are looking to copy into
*/
$new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
$path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
if (mkdir($path)) {
if (@chmod($path, 0777)) {
$d = opendir($dir_path);
if (create_folder_loop($d, -1)) {
if (file_exists($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt")) {
unlink($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt");
}
return true;
} else {
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "MAJOR", "Failed to set rights on parent folder for template", "Failed to set rights on parent folder " . $path);
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "CRITICAL", "Failed to create parent folder for template", "Failed to create parent folder " . $path);
return false;
}
}
*/
$maximum_template_id = get_maximum_template_number();
//$query_for_root_folder = "select folder_id from " . $xerte_toolkits_site->database_table_prefix . "folderdetails where login_id = '" . $_SESSION['toolkits_logon_id'] . "' and folder_parent='0'";
//$query_for_root_folder_response = mysql_query($query_for_root_folder);
//$row_root = mysql_fetch_array($query_for_root_folder_response);
$query_for_template_type_id = "select otd.template_type_id, otd.template_name, otd.template_framework, td.extra_flags from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails otd, " . $xerte_toolkits_site->database_table_prefix . "templatedetails td where otd.template_type_id = td.template_type_id AND td.template_id = '" . mysql_real_escape_string($_POST['template_id']) . "'";
$query_for_template_type_id_response = mysql_query($query_for_template_type_id);
$row_template_type = mysql_fetch_array($query_for_template_type_id_response);
/*
* create the new template record in the database
*/
$query_for_new_template = "INSERT INTO " . $xerte_toolkits_site->database_table_prefix . "templatedetails (template_id, creator_id, template_type_id, date_created, date_modified, access_to_whom, template_name, extra_flags) VALUES (\"" . ($maximum_template_id + 1) . "\",\"" . $_SESSION['toolkits_logon_id'] . "\", \"" . $row_template_type['template_type_id'] . "\",\"" . date('Y-m-d') . "\",\"" . date('Y-m-d') . "\",\"Private\",\"Copy of " . mysql_real_escape_string($_POST['template_name']) . "\", \"" . mysql_real_escape_string($row_template_type['extra_flags']) . "\")";
if (mysql_query($query_for_new_template)) {
$query_for_template_rights = "INSERT INTO " . $xerte_toolkits_site->database_table_prefix . "templaterights (template_id,user_id,role, folder) VALUES (\"" . ($maximum_template_id + 1) . "\",\"" . $_SESSION['toolkits_logon_id'] . "\", \"creator\" ,\"" . mysql_real_escape_string($folder_id) . "\")";
if (mysql_query($query_for_template_rights)) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Created new template record for the database", $query_for_new_template . " " . $query_for_template_rights);
include $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->module_path . $row_template_type['template_framework'] . "/duplicate_template.php";
duplicate_template($maximum_template_id + 1, $_POST['template_id'], $row_template_type['template_name']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_template_rights);
echo "FAILED-" . $_SESSION['toolkits_most_recent_error'];
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_new_template);
echo "FAILED-" . $_SESSION['toolkits_most_recent_error'];
}
mysql_close($database_connect_id);
} else {
echo DUPLICATE_TEMPLATE_NOT_CREATOR;
}
}
/**
*
* Function create folder loop
* This function creates folders needed when duplicating a template
* @param string $folder_name_id - the id of the new template
* @param number $id_to_copy - the id of the old template
* @param string $tutorial_id_from_post - The name of this tutorial type i.e Nottingham
* @version 1.0
* @author Patrick Lockley
*/
function duplicate_template($folder_name_id, $id_to_copy, $tutorial_id_from_post)
{
global $dir_path, $new_path, $temp_dir_path, $temp_new_path, $xerte_toolkits_site;
$dir_path = $xerte_toolkits_site->users_file_area_full . $id_to_copy . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
/*
* Get the id of the folder we are looking to copy into
*/
$new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/";
if (mkdir($new_path)) {
if (@chmod($new_path, 0777)) {
if (create_folder_loop($dir_path, $new_path)) {
if (file_exists($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt")) {
unlink($new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $tutorial_id_from_post . "/lockfile.txt");
}
return true;
} else {
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "MAJOR", "Failed to set rights on parent folder for template", "Failed to set rights on parent folder " . $path);
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "CRITICAL", "Failed to create parent folder for template", "Failed to create parent folder " . $new_path);
return false;
}
}
