function studynotes_handle_session($action, $auth) { global $CFG, $cm; require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "data_handling.php"; require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "filterlib" . DIRECTORY_SEPARATOR . "HTMLPurifier.standalone.php"; require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "equationsupport" . DIRECTORY_SEPARATOR . "LaTeXrender.php"; require_once $CFG->dirroot . DIRECTORY_SEPARATOR . "mod" . DIRECTORY_SEPARATOR . "studynotes" . DIRECTORY_SEPARATOR . "server" . DIRECTORY_SEPARATOR . "session_handler.php"; $data = $action == "upload" ? $_POST : $_POST['data']; $ignoreQuotes = true; foreach ($_POST['data'] as $key => $value) { if (!get_magic_quotes_gpc()) { $data[$key] = stripslashes($value); } } if ($action == "upload") { $topic = $data['topic']; $hasAccess = MediabirdUtility::checkAccess($topic, $auth->userId); if ($hasAccess) { $userQuota = MediabirdUtility::getUserQuota($auth->userId); $quotaLeft = MediabirdUtility::quotaLeft($auth->userId, $userQuota); //determine folder path $folder = MediabirdConfig::$uploads_folder . $auth->userId . DIRECTORY_SEPARATOR; $prefix = MediabirdConfig::$uploads_folder; $key = "file"; $name = $_FILES[$key]['name']; $_FILES[$key]['name'] = MediabirdUtility::getFreeFilename($folder); $info = MediabirdUtility::storeUpload($key, $folder, $quotaLeft, $prefix); if (isset($info['filename']) && strlen($info['filename']) > 0) { if ($id = MediabirdUtility::recordFile($info['filename'], 0, $auth->userId, $topic)) { $info['filename'] = 'view.php?action=download&id=' . $cm->id . '&did=' . $id; } else { $info['filename'] = null; $info['error'] = "database error"; } } else { $info['filename'] = null; } } else { $info['filename'] = null; $info['error'] = "invalidtopic"; } echo MediabirdUtility::generateUploadHtml($info['filename'], $info['error']); exit; } if ($action == "download") { $id = $_GET['did']; if (isset($id)) { if ($upload_info = get_record("studynotes_uploads", "id", $id)) { $topicId = $upload_info->topic_id; $hasAccess = MediabirdUtility::checkAccess($topicId, $auth->userId); if ($hasAccess) { MediabirdUtility::readUpload($upload_info->filename, $upload_info->type); } } } exit; } $handler = new MediabirdSessionHandler(); $reply = $handler->process($action, $auth, $data); if (isset($reply->filename) && isset($reply->success) && isset($reply->topic)) { if ($id = MediabirdUtility::recordFile($reply->filename, 0, $auth->userId, $reply->topic)) { $reply->filename = 'view.php?action=download&id=' . $cm->id . '&did=' . $id; } else { $reply->success = false; $reply->error = "database error"; } } header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate;"); header("Pragma: no-cache;"); header('Content-Type: application/json;'); return json_encode($reply); }