// Logging
Log::record($course_id, MODULE_ID_DOCS, LOG_INSERT, array('id' => $id, 'filepath' => $file_path, 'filename' => $fileName, 'comment' => $_POST['file_comment'], 'title' => $_POST['file_title']));
Session::Messages($langDownloadEnd, 'alert-success');
redirect($redirect_base_url);
} elseif (isset($_POST['file_content'])) {
$q = false;
if (isset($_POST['editPath'])) {
$fileInfo = Database::get()->querySingle("SELECT * FROM document\n WHERE {$group_sql} AND path = ?s", $_POST['editPath']);
if ($fileInfo->editable) {
$file_path = $fileInfo->path;
$q = Database::get()->query("UPDATE document\n SET date_modified = NOW(), title = ?s\n WHERE {$group_sql} AND path = ?s", $_POST['file_title'], $_POST['editPath']);
$id = $fileInfo->id;
$fileName = $fileInfo->filename;
}
} else {
$safe_fileName = safe_filename(get_file_extension($fileName));
$file_path = $uploadPath . '/' . $safe_fileName;
$file_date = date("Y\\-m\\-d G\\:i\\:s");
$file_format = get_file_extension($fileName);
$file_creator = "{$_SESSION['givenname']} {$_SESSION['surname']}";
$q = Database::get()->query("INSERT INTO document SET\n course_id = ?d,\n subsystem = ?d,\n subsystem_id = ?d,\n path = ?s,\n extra_path = '',\n filename = ?s,\n visible = 1,\n comment = '',\n category = 0,\n title = ?s,\n creator = ?s,\n date = ?s,\n date_modified = ?s,\n subject = '',\n description = '',\n author = ?s,\n format = ?s,\n language = ?s,\n copyrighted = 0,\n editable = 1", $course_id, $subsystem, $subsystem_id, $file_path, $fileName, $_POST['file_title'], $file_creator, $file_date, $file_date, $file_creator, $file_format, $language);
}
if ($q) {
if (!isset($id)) {
$id = $q->lastInsertID;
$log_action = LOG_INSERT;
} else {
$log_action = LOG_MODIFY;
}
Log::record($course_id, MODULE_ID_DOCS, $log_action, array('id' => $id, 'filepath' => $file_path, 'filename' => $fileName, 'title' => $_POST['file_title']));
$action_message .= "<div class='alert alert-success'>{$langDownloadEnd}</div><br />";
ftruncate($fchat, 0);
fwrite($fchat, $timeNow . " ---- " . $langWashFrom . " ---- " . $nick . " -------- !@#$ systemMsgClear\n");
fflush($fchat);
flock($fchat, LOCK_UN);
}
fclose($fchat);
@unlink($tmpArchiveFile);
redirect_to_home_page("modules/conference/messageList.php?course=$course_code");
}
// store
if (isset($_GET['store']) && $is_editor) {
require_once 'modules/document/doc_init.php';
if (!isset($_GET['token']) || !validate_csrf_token($_GET['token'])) csrf_token_error();
$saveIn = "chat." . date("Y-m-j-his") . ".txt";
$chat_filename = '/' . safe_filename('txt');
//Concat temp & chat file removing system messages and html tags
$exportFileChat = $coursePath . $course_code . '/chat_export.txt';
$fp = fopen($exportFileChat, 'a+');
$tmp_file = @file_get_contents($tmpArchiveFile);
$chat_file = @file_get_contents($fileChatName);
$con_file = preg_replace(array('/^(.*?)!@#\$ systemMsg.*\n/m','/!@#\$.*/'), '', strip_tags($tmp_file.$chat_file));
fwrite($fp, $con_file);
fclose($fp);
if (copy($exportFileChat, $basedir . $chat_filename)) {
Database::get()->query("INSERT INTO document SET
course_id = ?d,
subsystem = ?d,
function submit_work($uid, $group_id, $id, $file) {
global $groupPath, $langUploadError, $langUploadSuccess,
$langBack, $m, $tool_content, $workPath,
$group_sql, $webDir, $course_code, $is_editor;
$ext = get_file_extension($file);
$local_name = greek_to_latin('Group ' . $group_id . (empty($ext) ? '' : '.' . $ext));
$original_filename = Database::get()->querySingle("SELECT filename FROM document WHERE $group_sql AND path = ?s", $file)->filename;
$source = $groupPath . $file;
$destination = work_secret($id) . "/$local_name";
delete_submissions_by_uid($uid, $group_id, $id, $destination);
if (is_dir($source)) {
$original_filename = $original_filename . '.zip';
$zip_filename = $webDir . 'courses/temp/' . safe_filename('zip');
zip_documents_directory($zip_filename, $file, $is_editor);
$source = $zip_filename;
}
if (copy($source, "$workPath/$destination")) {
Database::get()->query("INSERT INTO assignment_submit (uid, assignment_id, submission_date,
submission_ip, file_path, file_name, comments, group_id, grade_comments)
VALUES (?d, ?d, NOW(), '$_SERVER[REMOTE_ADDR]', ?s, ?s, ?s, ?d, ''", $uid, $id, $destination, $original_filename, $_POST['comments'], $group_id);
$tool_content .="<div class='alert alert-success'>$langUploadSuccess
<br>$m[the_file] \"$original_filename\" $m[was_submitted]<br>
<a href='index.php?course=$course_code'>$langBack</a></div><br>";
} else {
$tool_content .="<div class='alert alert-danger'>$langUploadError<br>
<a href='index.php?course=$course_code'>$langBack</a></div><br>";
}
}
} else {
#############################
# andmebaasis topelt malli nime olemasolu kontroll
$sql = $site->db->prepare("SELECT count(*) from templ_tyyp where nimi = ?", $site->fdat["nimi"]);
$sth = new SQL($sql);
$site->debug->msg($sth->debug->get_msgs());
$on_olemas = $sth->fetchsingle();
if ($on_olemas) {
# malli nimi juba olemas, veateade
$error = $site->sys_sona(array(sona => "Faili nimi juba kinni", tyyp => "editor"));
}
if (!$error) {
#############################
# safe failinime tegemine
$filename = trim(preg_replace("/[^\\w\\.]/", "_", $site->fdat[nimi])) . ".html";
$filename = safe_filename($filename);
$site->debug->msg("Template file safe name = {$filename}");
############################
# topelt kontroll: ega pole f��siliselt sellist faili olemas
# kui on, pane number l�ppu
$filename_original = $filename;
$i = 1;
while (file_exists($templ_path . $filename)) {
# Keerle tsyklis kuni leiad vaba failinime
if (preg_match("/^(.*)\\.(.*?)\$/", $filename_original, $matches)) {
$filename = $matches[1] . ++$i . "." . $matches[2];
}
}
}
# if !error
}
function make_path($path, $path_components)
{
global $basedir, $givenname, $surname, $path_already_exists, $course_id, $group_sql, $subsystem, $subsystem_id;
$path_already_exists = true;
$depth = 1 + substr_count($path, '/');
foreach ($path_components as $component) {
$q = Database::get()->querySingle("SELECT path, visible, format,\n (LENGTH(path) - LENGTH(REPLACE(path, '/', ''))) AS depth\n FROM document\n WHERE {$group_sql} AND\n filename = ?s AND\n path LIKE ?s HAVING depth = {$depth}", $component, $path . '%');
if ($q) {
// Path component already exists in database
$path = $q->path;
$depth++;
} else {
// Path component must be created
$path .= '/' . safe_filename();
mkdir($basedir . $path, 0775);
$id = Database::get()->query("INSERT INTO document SET\n course_id = ?d,\n\t\t\t\t\t subsystem = ?d,\n subsystem_id = ?d,\n path = ?s,\n filename = ?s,\n visible = 1,\n creator = ?s,\n date = NOW(),\n date_modified = NOW(),\n format = '.dir'", $course_id, $subsystem, $subsystem_id, $path, $component, $givenname . $surname)->lastInsertID;
Log::record($course_id, MODULE_ID_DOCS, LOG_INSERT, array('id' => $id, 'path' => $path, 'filename' => $component));
$path_already_exists = false;
}
}
return $path;
}
}
require_once 'include/lib/hierarchy.class.php';
require_once 'archive_functions.php';
require_once 'restore_functions.php';
$toolName = $langCloneCourse;
$treeObj = new Hierarchy();
$_POST['restoreThis'] = null; // satisfy course_details_form()
if (isset($_POST['create_restored_course'])) {
if (!isset($_POST['token']) || !validate_csrf_token($_POST['token'])) csrf_token_error();
$currentCourseCode = $course_code;
$restoreThis = $webDir . '/courses/tmpUnzipping/' .
$uid . '/' . safe_filename();
mkdir($restoreThis, 0755, true);
archiveTables($course_id, $course_code, $restoreThis);
recurse_copy($webDir . '/courses/' . $course_code,
$restoreThis . '/html');
register_posted_variables(array(
'course_code' => true,
'course_lang' => true,
'course_title' => true,
'course_desc' => true,
'course_vis' => true,
'course_prof' => true), 'all');
create_restored_course($tool_content, $restoreThis, $course_code, $course_lang, $course_title, $course_desc, $course_vis, $course_prof);
$course_code = $currentCourseCode; // revert course code to the correct value
function parse_links($courseId, $data, $extras = true)
{
$chapter_contents = array();
$chapter_contents[0] = array();
$current_chapter = 0;
$final_data = array('type' => 'folder', 'title' => safe_filename($courseId));
$first_chapter = true;
$offset = 0;
foreach ($data as $item) {
if ($item["__class"] == "chapter") {
if ($first_chapter) {
$final_data['contents'] = array();
if (count($chapter_contents[0]) > 0) {
$final_data['contents'] = $chapter_contents[0];
}
$offset = count($chapter_contents[0]);
$first_chapter = false;
} else {
$final_data['contents'][$current_chapter + $offset - 1]['contents'] = $chapter_contents[$current_chapter];
}
$current_chapter++;
$chapter_contents[$current_chapter] = array();
$chapter = array('type' => 'folder', 'title' => safe_filename($item["title"]), 'index' => $item["index"]);
array_push($final_data['contents'], $chapter);
} else {
if ($item["__class"] == "lecture") {
if ($item["assetType"] == "Article") {
$asset = array('type' => 'file', 'data' => 'text', 'extension' => 'html', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']["data"]["body"]);
array_push($chapter_contents[$current_chapter], $asset);
} else {
if ($item["assetType"] == "Presentation") {
if (!empty($item['asset']['downloadUrl']['download'])) {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => end(explode(".", strtolower($item['asset']['data']['name']))), 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['download']);
array_push($chapter_contents[$current_chapter], $asset);
} else {
$asset = array('type' => 'folder', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => array());
preg_match('/src="https:\\/\\/www.udemy.com\\/embed\\/presentation\\/(.*?)\\/" width/', $item['asset']['viewHTML'], $matches);
$asset['contents'] = get_links('presentation', $matches[1]);
//array_push($chapter_contents[$current_chapter],$asset);
}
} else {
if ($item["assetType"] == "VideoMashup") {
if (!empty($item['asset']['downloadUrl']['download'])) {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => 'mp4', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['Video']['0']);
array_push($chapter_contents[$current_chapter], $asset);
$asset = array('type' => 'file', 'data' => 'link', 'extension' => 'pdf', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['download']);
array_push($chapter_contents[$current_chapter], $asset);
} else {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => 'mp4', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"]);
preg_match('/src="(.*?)\\/" width/', $item['asset']['viewHTML'], $matches);
$asset['contents'] = get_links('videomashup', $matches[1]);
array_push($chapter_contents[$current_chapter], $asset);
}
} else {
if ($item["assetType"] == "Video") {
if (!empty($item['asset']['downloadUrl']['download'])) {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => end(explode(".", strtolower($item['asset']['data']['name']))), 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['download']);
array_push($chapter_contents[$current_chapter], $asset);
} else {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => 'mp4', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"]);
preg_match('/src="(.*?)\\/" width/', $item['asset']['viewHTML'], $matches);
$asset['contents'] = get_links('video', $matches[1]);
array_push($chapter_contents[$current_chapter], $asset);
}
} else {
if ($item["assetType"] == "E-Book") {
if (!empty($item['asset']['downloadUrl']['download'])) {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => end(explode(".", strtolower($item['asset']['data']['name']))), 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['download']);
array_push($chapter_contents[$current_chapter], $asset);
} else {
$asset = array('type' => 'folder', 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => array());
preg_match('/src="https:\\/\\/www.udemy.com\\/embed\\/e-book\\/(.*?)\\/" width/', $item['asset']['viewHTML'], $matches);
$asset['contents'] = get_links('e-book', $matches[1]);
//array_push($chapter_contents[$current_chapter],$asset);
}
} else {
if (!empty($item['asset']['downloadUrl']['download'])) {
$asset = array('type' => 'file', 'data' => 'link', 'extension' => end(explode(".", strtolower($item['asset']['data']['name']))), 'title' => safe_filename($item["title"]), 'index' => $item["lectureIndex"], 'contents' => $item['asset']['downloadUrl']['download']);
array_push($chapter_contents[$current_chapter], $asset);
}
}
}
}
}
}
if ($extras) {
if (count($item["extras"]) > 0) {
$actual_count = 0;
$extras_folder = array('type' => 'folder', 'title' => "Extras", 'index' => $item["lectureIndex"]);
$extras_content = array();
foreach ($item["extras"] as $key => $extra) {
if (!empty($extra['downloadUrl']['download'])) {
$actual_count++;
$asset = array('type' => 'file', 'data' => 'link', 'extension' => end(explode(".", strtolower($extra['data']['name']))), 'title' => safe_filename($extra["title"]), 'index' => $key + 1, 'lindex' => $extras_folder['index'], 'contents' => $extra['downloadUrl']['download']);
array_push($extras_content, $asset);
}
}
$extras_folder['contents'] = $extras_content;
if ($actual_count > 0) {
array_push($chapter_contents[$current_chapter], $extras_folder);
}
}
}
}
}
}
$final_data['contents'][$current_chapter + $offset - 1]['contents'] = $chapter_contents[$current_chapter];
return $final_data;
}
if ($filesize + $dropbox_space > $diskQuotaDropbox) {
$errormsg = $langNoSpace;
$error = TRUE;
} elseif (!is_uploaded_file($filetmpname)) {
// check user found : no clean error msg
die($langBadFormData);
}
// set title
if (isset($_POST['message_title']) and $_POST['message_title'] != '') {
$subject = $_POST['message_title'];
} else {
$subject = $langMessage;
}
$format = get_file_extension($filename);
$real_filename = $filename;
$filename = safe_filename($format);
$recipients = $_POST["recipients"];
//After uploading the file, create the db entries
if (!$error) {
$filename_final = $dropbox_dir . '/' . $filename;
move_uploaded_file($filetmpname, $filename_final) or die($langUploadError);
@chmod($filename_final, 0644);
$msg = new Msg($uid, $cid, $subject, $_POST['body'], $recipients, $filename, $real_filename, $filesize);
}
chdir($cwd);
}
if (isset($_POST['mailing']) and $_POST['mailing']) {
// send mail to recipients of dropbox file
if ($course_id != 0 || isset($_POST['course'])) {
//message in course context
$c = course_id_to_title($cid);
function theme_image_src($src)
{
if (strlen($src) > 0) {
if (starts_with($src, 'images/site/')) {
$dirPaths = get_theme_img_search_site_dir_list();
} else {
$dirPaths = get_theme_img_search_dir_list();
}
$src = safe_filename($src);
$file_r = parse_file($src);
$src = $file_r['name'];
// temporary until we fix up the theme image calls to use the actual images that exist.
$extension_r = array($file_r['extension'], 'png', 'jpg', 'gif');
while (list(, $dir) = each($dirPaths)) {
reset($extension_r);
while (list(, $extension) = each($extension_r)) {
$file = './' . $dir . '/' . $src . '.' . $extension;
if (file_exists($file)) {
return $file;
}
}
}
}
return FALSE;
// no image found.
}
function encode_dropbox_documents($code, $id, $filename, $title) {
global $webDir, $langEncDropboxError;
$format = get_file_extension($title);
$new_filename = safe_filename($format);
$path_to_dropbox = $webDir . '/courses/' . $code . '/dropbox/';
if (!file_exists($path_to_dropbox . $filename)) {
$filename = iconv('UTF-8', 'ISO-8859-7', $filename);
}
if (rename($path_to_dropbox . $filename, $path_to_dropbox . $new_filename)) {
Database::get()->query("UPDATE dropbox_file SET filename = '$new_filename'
WHERE id = '$id'", $code);
} else {
Debug::message($langEncDropboxError, Debug::ERROR);
}
}
public function produce_cache_filename()
{
//
// Get the client IP address.
//
if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$this->warnx("Proxy configuration error: X-Forwarded-For header not found");
return;
}
$client_ip = trim($_SERVER['HTTP_X_FORWARDED_FOR']);
if (preg_match('/^[0-9a-f:.]+$/', $client_ip) === 0) {
$this->warnx("Proxy error: invalid X-Forwarded-For header value: [{$client_ip}]");
return;
}
//
// Parse the URL and make sure it belongs to a YouTube video.
//
$url = parse_url($this->original_url);
if (!is_array($url) || !is_string($url['query'])) {
$this->warnx("Invalid URL");
return;
}
parse_str($url['query'], $p);
if (!is_array($p)) {
$this->warnx("Invalid query string: [{$url['query']}]");
return;
}
foreach (array('sver', 'itag', 'id') as $n) {
if (!is_string($p[$n]) || strlen($p[$n]) === 0) {
$this->warnx("Query parameter [{$n}] not found or empty");
return;
}
}
if (isset($p['begin'])) {
//
// The user is not downloading the whole video, but seeking within it.
// TODO How to deal with this?
// Maybe nginx's FLV module could help.
//
$this->warnx("Uncachable: begin is set: [{$p['begin']}]");
} else {
if ($p['sver'] != '3') {
//
// Stream Version?
//
// All requests seem to have this field set to the number 3.
// If this ever changes, we should look at the new requests to make
// sure that they are still compatible with this script.
//
$this->warnx("Uncachable: sver is not 3: [{$p['sver']}]");
} else {
//
// All values in $p are provided by the user.
// Do not use them directly in 'fopen()'.
//
$this->cache_filename = cachedir($this) . '/' . 'id=' . safe_filename($p['id']) . '.itag=' . safe_filename($p['itag']);
$this->log_filename = "{$this->cache_filename}." . time() . ".{$client_ip}.log";
$this->temp_cache_filename = "{$this->cache_filename}." . uniqid(mt_rand() . '_', TRUE) . ".{$client_ip}.tmp";
}
}
}
public function get_original_url()
{
if (!isset($_GET['url'])) {
$this->logdie(2, __FUNCTION__, "Proxy URL rewriter error: url GET parameter not found.");
}
$this->original_url = base64_decode($_GET['url'], TRUE);
if (!is_string($this->original_url)) {
$this->logdie(2, __FUNCTION__, "Proxy URL rewriter error: url GET parameter is invalidly base64 encoded.");
}
$this->log(1, __FUNCTION__, "Accessed URL {$this->original_url}");
//
// Get the client IP address.
//
if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$this->log(2, __FUNCTION__, "Proxy configuration error: X-Forwarded-For header not found");
return;
}
// get forwarded server ip, can be multiple ones if there is multiple proxies
$this->client_ip = trim($_SERVER['HTTP_X_FORWARDED_FOR']);
if (strpos($this->client_ip, ", ")) {
$cips_exploded = explode(", ", $this->client_ip);
$this->client_ip = $cips_exploded[count($cips_exploded) - 1];
// get last ip in the array
}
if (preg_match('/^[0-9a-f:.]+$/', $this->client_ip) === 0) {
$this->log(2, __FUNCTION__, "Proxy error: invalid X-Forwarded-For header value: [{$this->client_ip}]");
return;
}
//
// Parse the URL and make sure it belongs to a YouTube video.
//
$url = parse_url($this->original_url);
if (!is_array($url) || !is_string($url['query'])) {
$this->logdie(2, __FUNCTION__, "Invalid URL");
return;
}
parse_str($url['query'], $this->parsed_url);
if (!is_array($this->parsed_url)) {
$this->log(2, __FUNCTION__, "Invalid query string: [{$url['query']}]");
unset($this->cache_request);
return;
}
foreach (array('sver', 'itag', 'id') as $n) {
if (!is_string($this->parsed_url[$n]) || strlen($this->parsed_url[$n]) === 0) {
$this->log(2, __FUNCTION__, "Query parameter [{$n}] not found or empty");
unset($this->cache_request);
return;
}
}
$this->cache_request = 'id=' . safe_filename($this->parsed_url['id']) . '.itag=' . safe_filename($this->parsed_url['itag']);
}
