コード例 #1
0
function studynotes_handle_session($action, $auth)
{
    global $CFG, $cm;
    require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "data_handling.php";
    require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "filterlib" . DIRECTORY_SEPARATOR . "HTMLPurifier.standalone.php";
    require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "equationsupport" . DIRECTORY_SEPARATOR . "LaTeXrender.php";
    require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "session_handler.php";
    $data = $action == "upload" ? $_POST : $_POST['data'];
    $ignoreQuotes = true;
    foreach ($_POST['data'] as $key => $value) {
        if (!get_magic_quotes_gpc()) {
            $data[$key] = stripslashes($value);
        }
    }
    if ($action == "upload") {
        $topic = $data['topic'];
        $hasAccess = MediabirdUtility::checkAccess($topic, $auth->userId);
        if ($hasAccess) {
            $userQuota = MediabirdUtility::getUserQuota($auth->userId);
            $quotaLeft = MediabirdUtility::quotaLeft($auth->userId, $userQuota);
            //determine folder path
            $folder = MediabirdConfig::$uploads_folder . $auth->userId . DIRECTORY_SEPARATOR;
            $prefix = MediabirdConfig::$uploads_folder;
            $key = "file";
            $name = $_FILES[$key]['name'];
            $_FILES[$key]['name'] = MediabirdUtility::getFreeFilename($folder);
            $info = MediabirdUtility::storeUpload($key, $folder, $quotaLeft, $prefix);
            if (isset($info['filename']) && strlen($info['filename']) > 0) {
                if ($id = MediabirdUtility::recordFile($info['filename'], 0, $auth->userId, $topic)) {
                    $info['filename'] = 'view.php?action=download&id=' . $cm->id . '&did=' . $id;
                } else {
                    $info['filename'] = null;
                    $info['error'] = "database error";
                }
            } else {
                $info['filename'] = null;
            }
        } else {
            $info['filename'] = null;
            $info['error'] = "invalidtopic";
        }
        echo MediabirdUtility::generateUploadHtml($info['filename'], $info['error']);
        exit;
    }
    if ($action == "download") {
        $id = $_GET['did'];
        if (isset($id)) {
            if ($upload_info = get_record("studynotes_uploads", "id", $id)) {
                $topicId = $upload_info->topic_id;
                $hasAccess = MediabirdUtility::checkAccess($topicId, $auth->userId);
                if ($hasAccess) {
                    MediabirdUtility::readUpload($upload_info->filename, $upload_info->type);
                }
            }
        }
        exit;
    }
    $handler = new MediabirdSessionHandler();
    $reply = $handler->process($action, $auth, $data);
    if (isset($reply->filename) && isset($reply->success) && isset($reply->topic)) {
        if ($id = MediabirdUtility::recordFile($reply->filename, 0, $auth->userId, $reply->topic)) {
            $reply->filename = 'view.php?action=download&id=' . $cm->id . '&did=' . $id;
        } else {
            $reply->success = false;
            $reply->error = "database error";
        }
    }
    header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate;");
    header("Pragma: no-cache;");
    header('Content-Type: application/json;');
    return json_encode($reply);
}