/**
* Determine the maximum size allowed to upload. This size is based on
* the tool $maxFilledSpace regarding the space already opccupied
* by previous uploaded files, and the php.ini upload_max_filesize
* and post_max_size parameters. This value is diplayed on the upload
* form.
*
* @param integer $maxFilledSpace local max allowed file size
* e.g. remaining place in
* an allocated course directory
*
* @return integer : lower value between php.ini values of upload_max_filesize
* and post_max_size
* and the claroline value of size left in directory
*
* @see - get_max_upload_size() uses dir_total_space() function
*/
function get_max_upload_size($maxFilledSpace, $baseWorkDir)
{
$php_uploadMaxFile = ini_get('upload_max_filesize');
if (strstr($php_uploadMaxFile, 'M')) {
$php_uploadMaxFile = intval($php_uploadMaxFile) * 1048576;
}
$php_postMaxFile = ini_get('post_max_size');
if (strstr($php_postMaxFile, 'M')) {
$php_postMaxFile = intval($php_postMaxFile) * 1048576;
}
$docRepSpaceAvailable = $maxFilledSpace - dir_total_space($baseWorkDir);
$fileSizeLimitList = array($php_uploadMaxFile, $php_postMaxFile, $docRepSpaceAvailable);
sort($fileSizeLimitList);
list($maxFileSize) = $fileSizeLimitList;
return $maxFileSize;
}
} else {
Database::get()->query("INSERT INTO document SET\n course_id = ?d ,\n subsystem = ?d ,\n subsystem_id = ?d ,\n path = ?s,\n filename = ?s ,\n visible = 0,\n creator = ?s,\n date = ?t ,\n date_modified = ?t ,\n format = ?s,\n language = ?s", $course_id, $subsystem, $subsystem_id, $metadataPath, $oldFilename, $_SESSION['givenname'] . " " . $_SESSION['surname'], $xml_date, $xml_date, $file_format, $_POST['meta_language']);
}
$action_message = "<div class='alert alert-success'>{$langMetadataMod}</div>";
}
if (isset($_POST['replacePath']) and isset($_FILES['newFile']) and is_uploaded_file($_FILES['newFile']['tmp_name'])) {
validateUploadedFile($_FILES['newFile']['name'], $menuTypeID);
$replacePath = $_POST['replacePath'];
// Check if file actually exists
$result = Database::get()->querySingle("SELECT id, path, format FROM document WHERE\n {$group_sql} AND\n format <> '.dir' AND\n path=?s", $replacePath);
if ($result) {
$docId = $result->id;
$oldpath = $result->path;
$oldformat = $result->format;
// check for disk quota
$diskUsed = dir_total_space($basedir);
if ($diskUsed - filesize($basedir . $oldpath) + $_FILES['newFile']['size'] > $diskQuotaDocument) {
$action_message = "<div class='alert alert-danger'>{$langNoSpace}</div>";
} elseif (unwanted_file($_FILES['newFile']['name'])) {
$action_message = "<div class='alert alert-danger'>{$langUnwantedFiletype}: " . q($_FILES['newFile']['name']) . "</div>";
} else {
$newformat = get_file_extension($_FILES['newFile']['name']);
$newpath = preg_replace("/\\.{$oldformat}\$/", '', $oldpath) . (empty($newformat) ? '' : '.' . $newformat);
my_delete($basedir . $oldpath);
$affectedRows = Database::get()->query("UPDATE document SET path = ?s, format = ?s, filename = ?s, date_modified = NOW()\n WHERE {$group_sql} AND path = ?s", $newpath, $newformat, $_FILES['newFile']['name'], $oldpath)->affectedRows;
if (!copy($_FILES['newFile']['tmp_name'], $basedir . $newpath) or $affectedRows == 0) {
$action_message = "<div class='alert alert-danger'>{$langGeneralError}</div>";
} else {
if (hasMetaData($oldpath, $basedir, $group_sql)) {
rename($basedir . $oldpath . ".xml", $basedir . $newpath . ".xml");
Database::get()->query("UPDATE document SET path = ?s, filename=?s WHERE {$group_sql} AND path = ?s", $newpath . ".xml", $_FILES['newFile']['name'] . ".xml", $oldpath . ".xml");
}
$form .= '<tr>' . "\n" . '<td> </td>' . "\n" . '<td>' . "\n" . '<input type="submit" name="submitImage" value="' . get_lang("Ok") . '" /> ' . "\n" . claro_html_button(claro_htmlspecialchars(Url::Contextualize($_SERVER['PHP_SELF'] . '?cmd=exChDir&file=' . base64_encode($cwd))), get_lang("Cancel")) . '</td>' . "\n" . '</tr>' . "\n\n" . '</table>' . "\n" . '</form>' . "\n";
$dialogBox->form($form);
}
// end if ($imgFileNb > 0)
}
// end if (strrchr($fileName) == "htm"
}
// end if is_uploaded_file
}
// end if ($cmd == 'exUpload')
if ($cmd == 'rqUpload') {
/*
* Prepare dialog box display
*/
$spaceAlreadyOccupied = dir_total_space($baseWorkDir);
$remainingDiskSpace = $maxFilledSpace - $spaceAlreadyOccupied;
$maxUploadSize = get_max_upload_size($maxFilledSpace, $baseWorkDir);
if ($remainingDiskSpace < 0) {
// Disk quota exceeded
$remainingDiskSpace = 0;
$adminEmailUrl = '<a href="mailto:' . get_conf('administrator_email') . '">' . get_lang('Platform administrator') . '</a>';
$dialogBox->error('<p>' . get_lang('Disk quota exceeded, please contact the %administrator', array('%administrator' => $adminEmailUrl)) . '<br />' . "\n" . '<small>' . get_lang('Maximum disk space : %size', array('%size' => format_file_size($maxFilledSpace))) . '</small><br />' . "\n" . '<small>' . get_lang('Disk space occupied : %size', array('%size' => format_file_size($spaceAlreadyOccupied))) . '</small><br />' . "\n" . '<small>' . get_lang('Disk space available : %size', array('%size' => format_file_size($remainingDiskSpace))) . '</small>' . '</p>');
} else {
/*
* Technical note: 'cmd=exUpload' is added into the 'action'
* attributes of the form, rather than simply put in a post
* hidden input. That way, this parameter is concatenated with
* the URL, and it guarantees than it will be received by the
* server. The reason of this trick, is because, sometimes,
* when file upload fails, no form data are received at all by
/**
* Computes the size already occupied by a directory and is subdirectories
*
* @author - Hugues Peeters <*****@*****.**>
* @param - dir_path (string) - size of the file in byte
* @return - int - return the directory size in bytes
*/
function dir_total_space($dir_path)
{
$save_dir = getcwd();
chdir($dir_path);
$handle = opendir($dir_path);
$sumSize = 0;
$dirList = array();
while ($element = readdir($handle)) {
if ($element == '.' || $element == '..') {
continue;
// Skip the current and parent directories
}
if (is_file($element)) {
$sumSize += filesize($element);
}
if (is_dir($element)) {
$dirList[] = $dir_path . '/' . $element;
}
}
closedir($handle);
if (sizeof($dirList) > 0) {
foreach ($dirList as $j) {
$sizeDir = dir_total_space($j);
// Recursivity
$sumSize += $sizeDir;
}
}
chdir($save_dir);
// Return to initial position
return $sumSize;
}
}
} else {
$recipients[] = $r;
}
}
$recipients = array_unique($recipients);
if (isset($_POST['message_title']) and $_POST['message_title'] != '') {
$subject = $_POST['message_title'];
} else {
$subject = $langMessage;
}
$msg = new Msg($uid, $cid, $subject, $_POST['body'], $recipients, $filename, $real_filename, $filesize);
} else {
$cwd = getcwd();
if (is_dir($dropbox_dir)) {
$dropbox_space = dir_total_space($dropbox_dir);
}
$filename = php2phps($_FILES['file']['name']);
$filesize = $_FILES['file']['size'];
$filetype = $_FILES['file']['type'];
$filetmpname = $_FILES['file']['tmp_name'];
validateUploadedFile($_FILES['file']['name'], 1);
if ($filesize + $dropbox_space > $diskQuotaDropbox) {
$errormsg = $langNoSpace;
$error = TRUE;
} elseif (!is_uploaded_file($filetmpname)) {
// check user found : no clean error msg
die($langBadFormData);
}
// set title
if (isset($_POST['message_title']) and $_POST['message_title'] != '') {
$personal_msgs_allowed = get_config('dropbox_allow_personal_messages');
if (!isset($course_id)) {
$course_id = 0;
}
if ($course_id != 0) {
$dropbox_dir = $webDir . "/courses/" . $course_code . "/dropbox";
if (!is_dir($dropbox_dir)) {
mkdir($dropbox_dir);
}
// get dropbox quotas from database
$d = Database::get()->querySingle("SELECT dropbox_quota FROM course WHERE code = ?s", $course_code);
$diskQuotaDropbox = $d->dropbox_quota;
$diskUsed = dir_total_space($dropbox_dir);
}
// javascript functions
$head_content = '<script type="text/javascript">
function checkForm (frm) {
if (frm.elements["recipients[]"].selectedIndex < 0) {
alert("' . $langNoUserSelected . '");
return false;
} else {
return true;
}
}
</script>';
if ($course_id != 0) {
}
}
if (isset($_GET['id']) and isset($_GET['table_edit'])) {
$pageName = $langEditChange;
}
$tool_content .= action_bar(array(
array('title' => $langBack,
'url' => "$_SERVER[SCRIPT_NAME]?course=$course_code",
'icon' => 'fa-reply',
'level' => 'primary-label')));
}
}
$diskQuotaVideo = Database::get()->querySingle("SELECT video_quota FROM course WHERE code=?s", $course_code)->video_quota;
$updir = "$webDir/video/$course_code"; //path to upload directory
$diskUsed = dir_total_space($updir);
if (isset($_GET['showQuota']) and $_GET['showQuota'] == TRUE) {
$pageName = $langQuotaBar;
$navigation[] = array('url' => "$_SERVER[SCRIPT_NAME]?course=$course_code", 'name' => $langVideo);
$tool_content .= showquota($diskQuotaVideo, $diskUsed);
draw($tool_content, $menuTypeID);
exit;
}
// visibility commands
if (isset($_GET['vis'])) {
$table = select_table($_GET['table']);
Database::get()->query("UPDATE $table SET visible = ?d WHERE id = ?d", $_GET['vis'], $_GET['vid']);
$action_message = "<div class='alert alert-success'>$langViMod</div>";
}
