private function change_img_url_for_pdf($str)
{
$pattern = '/(.*?)<img (.*?)src=(\'|")(.*?)url=(.*?)=&(.*?)(\'|")(.*?)>(.*?)/is';
if (!preg_match($pattern, urldecode($str), $matches)) {
return $str;
}
if (count($matches) != 10) {
return $str;
}
if (is_download_url_encoded($matches[5])) {
$matches[5] = download_url_decode($matches[5]);
}
$matches[5] = get_conf('rootWeb') . 'courses/' . claro_get_current_course_id() . '/document' . $matches[5];
//$replace = strip_tags( $matches[1] ) . '<img ' . /*$matches[2] .*/ ' src="' . $matches[5] .'" ' . /*$matches[8] .*/ '>' . strip_tags( $matches[9] );
$replace = strip_tags($matches[1]) . '<img src="' . $matches[5] . '" >' . strip_tags($matches[9]);
return $replace;
}
}
// XSS protection
$cwd = isset($_REQUEST['cwd']) ? strip_tags($_REQUEST['cwd']) : null;
// clean information submited by the user from antislash
if (isset($_REQUEST['cmd'])) {
$cmd = strip_tags($_REQUEST['cmd']);
} else {
$cmd = null;
}
if (isset($_REQUEST['docView'])) {
$docView = strip_tags($_REQUEST['docView']);
} else {
$docView = 'files';
}
if (isset($_REQUEST['file'])) {
$_REQUEST['file'] = strip_tags(download_url_decode($_REQUEST['file']));
}
/* > > > > > > MAIN SECTION < < < < < < <*/
if ($is_allowedToEdit) {
/*= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
UPLOAD FILE
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = */
/*
* check the request method in place of a variable from POST
* because if the file size exceed the maximum file upload
* size set in php.ini, all variables from POST are cleared !
*/
if ('exUpload' == $cmd) {
if (!isset($_FILES['userFile'])) {
$dialogBox->error(get_lang('No file uploaded'));
} else {
ClaroBreadCrumbs::getInstance()->prepend(get_lang('Documents and Links'), 'document.php');
}
$noPHP_SELF = true;
$baseWorkDir = get_path('coursesRepositorySys') . $courseDir;
if (!empty($_REQUEST['cmd'])) {
$cmd = $_REQUEST['cmd'];
} else {
$cmd = null;
}
if (!empty($_REQUEST['cwd'])) {
$cwd = $_REQUEST['cwd'];
} else {
$cwd = '';
}
if (isset($_REQUEST['file'])) {
$file = download_url_decode($_REQUEST['file']);
} else {
$file = '';
}
$nameTools = get_lang('Create/edit document');
$out = '';
$out .= claro_html_tool_title(array('mainTitle' => get_lang('Documents and Links'), 'subTitle' => get_lang('Create/edit document')));
/*========================================================================
CREATE DOCUMENT
========================================================================*/
if ($cmd == 'rqMkHtml') {
$out .= '<form action="' . claro_htmlspecialchars(get_module_entry_url('CLDOC')) . '" method="post">' . "\n" . claro_form_relay_context() . "\n" . '<input type="hidden" name="cmd" value="exMkHtml" />' . "\n" . '<input type="hidden" name="cwd" value="' . claro_htmlspecialchars(strip_tags($cwd)) . '" />' . "\n" . '<p>' . "\n" . '<b>' . get_lang('Document name') . ' : </b><br />' . "\n" . '<input type="text" name="fileName" size="80" />' . "\n" . '</p>' . "\n" . '<p>' . "\n" . '<b>' . get_lang('Document content') . ' : </b>' . "\n";
if (!empty($_REQUEST['htmlContent'])) {
$content = $_REQUEST['htmlContent'];
} else {
$content = "";
require_once get_path('incRepositorySys') . '/lib/file/downloader.lib.php';
$nameTools = get_lang('Display file');
$dialogBox = new DialogBox();
$noPHP_SELF = true;
$isDownloadable = true;
if (claro_is_in_a_course() && !claro_is_course_allowed()) {
claro_disp_auth_form(true);
}
$claroline->notification->addListener('download', 'trackInCourse');
if (isset($_REQUEST['url'])) {
$requestUrl = strip_tags($_REQUEST['url']);
} else {
$requestUrl = strip_tags(get_path_info());
}
if (is_download_url_encoded($requestUrl)) {
$requestUrl = download_url_decode($requestUrl);
}
if (empty($requestUrl)) {
$isDownloadable = false;
$dialogBox->error(get_lang('Missing parameters'));
} else {
if (isset($_REQUEST['moduleLabel']) && !empty($_REQUEST['moduleLabel'])) {
$moduleLabel = $_REQUEST['moduleLabel'];
} else {
if (!claro_is_in_a_course()) {
$moduleLabel = null;
} else {
$moduleLabel = 'CLDOC';
}
}
if ($moduleLabel) {
