public function resolve(ResourceLocator $locator) { if ($locator->hasResourceId()) { $context = Claro_Context::getCurrentContext(); $context[CLARO_CONTEXT_COURSE] = $locator->getCourseId(); if ($locator->inGroup()) { $context[CLARO_CONTEXT_GROUP] = $locator->getGroupId(); } $path = get_path('coursesRepositorySys') . claro_get_course_path($locator->getCourseId()); // in a group if ($locator->inGroup()) { $groupData = claro_get_group_data($context); $path .= '/group/' . $groupData['directory']; $groupId = $locator->getGroupId(); } else { $path .= '/document'; } $path .= '/' . ltrim($locator->getResourceId(), '/'); $resourcePath = '/' . ltrim($locator->getResourceId(), '/'); $path = secure_file_path($path); if (!file_exists($path)) { throw new Exception("Resource not found {$path}"); } elseif (is_dir($path)) { $url = new Url(get_module_entry_url('CLDOC')); $url->addParam('cmd', 'exChDir'); $url->addParam('file', base64_encode($resourcePath)); return $url->toUrl(); } else { return get_module_url('CLDOC') . '/connector/cllp.frames.cnr.php'; return claro_get_file_download_url($resourcePath, Claro_Context::getUrlContext($context)); } } else { return get_module_entry_url('CLDOC'); } }
public function loadFromModule($moduleLabel, $lib, $media = 'all') { $lib = secure_file_path($lib); $moduleLabel = secure_file_path($moduleLabel); if (!get_module_data($moduleLabel)) { pushClaroMessage(__CLASS__ . "::{$moduleLabel} does not exists", 'error'); return false; } if (claro_debug_mode()) { pushClaroMessage(__CLASS__ . "::Try to find {$lib} for {$moduleLabel}", 'debug'); } $cssPath = array(0 => array('path' => get_path('rootSys') . 'platform/css/' . $moduleLabel . '/' . $lib . '.css', 'url' => get_path('url') . '/platform/css/' . $moduleLabel . '/' . $lib . '.css'), 1 => array('path' => get_module_path($moduleLabel) . '/css/' . $lib . '.css', 'url' => get_module_url($moduleLabel) . '/css/' . $lib . '.css')); /*$path = get_module_path( $moduleLabel ) . '/css/' . $lib . '.css'; $url = get_module_url( $moduleLabel ) . '/css/' . $lib . '.css';*/ foreach ($cssPath as $cssTry) { $path = $cssTry['path']; $url = $cssTry['url']; if (claro_debug_mode()) { pushClaroMessage(__CLASS__ . "::Try {$path}::{$url} for {$moduleLabel}", 'debug'); } if (file_exists($path)) { if (array_key_exists($path, $this->css)) { return false; } $this->css[$path] = array('url' => $url . '?' . filemtime($path), 'media' => $media); if (claro_debug_mode()) { pushClaroMessage(__CLASS__ . "::Use {$path}::{$url} for {$moduleLabel}", 'debug'); } ClaroHeader::getInstance()->addHtmlHeader('<link rel="stylesheet" type="text/css"' . ' href="' . $url . '"' . ' media="' . $media . '" />'); return true; } else { if (claro_debug_mode()) { pushClaroMessage(__CLASS__ . "::Cannot found css {$lib} for {$moduleLabel}", 'error'); } return false; } } }
/** * @param string $moduleLabel label of the module * @param string $template name of the template */ public function __construct($moduleLabel, $template) { $template = secure_file_path($template); $moduleLabel = secure_file_path($moduleLabel); // Custom template file for the installed campus $customTemplatePath = get_path('rootSys') . 'platform/templates/' . $moduleLabel . '/' . $template; // Version specific template file $defaultVersionTemplatePath = get_module_path($moduleLabel) . '/templates/1_11/' . $template; // Default template path $defaultTemplatePath = get_module_path($moduleLabel) . '/templates/' . $template; if (file_exists($customTemplatePath)) { parent::__construct($customTemplatePath); } elseif (file_exists($defaultVersionTemplatePath)) { parent::__construct($defaultVersionTemplatePath); } elseif (file_exists($defaultTemplatePath)) { parent::__construct($defaultTemplatePath); } else { throw new Exception("Template not found {$template} " . "at custom location {$customTemplatePath} " . "or default location {$defaultTemplatePath} !"); } }
$cwd = secure_file_path($cwd); $searchPattern = $_REQUEST['searchPattern']; $searchPatternSql = $_REQUEST['searchPattern']; $searchPatternSql = str_replace('_', '\\_', $searchPatternSql); $searchPatternSql = str_replace('%', '\\%', $searchPatternSql); $searchPatternSql = str_replace('?', '_', $searchPatternSql); $searchPatternSql = str_replace('*', '%', $searchPatternSql); $searchRecursive = true; $searchBasePath = $baseWorkDir . $cwd; } else { $searchPattern = ''; $searchRecursive = false; $searchBasePath = $baseWorkDir . $curDirPath; $searchExcludeList = array(); } $searchBasePath = secure_file_path($searchBasePath); if (false === ($filePathList = claro_search_file(search_string_to_pcre($searchPattern), $searchBasePath, $searchRecursive, 'ALL', $searchExcludeList))) { switch (claro_failure::get_last_failure()) { case 'BASE_DIR_DONT_EXIST': pushClaroMessage($searchBasePath . ' : call to an unexisting directory in groups'); break; default: pushClaroMessage('Search failed'); break; } // TODO claro_search_file would return an empty array when failed $filePathList = array(); } for ($i = 0; $i < count($filePathList); $i++) { $filePathList[$i] = str_replace($baseWorkDir, '', $filePathList[$i]); }
protected function getPath($locator) { $path = get_path('coursesRepositorySys') . claro_get_course_path($locator->getCourseId()); // $groupId = null; // in a group if ($locator->inGroup()) { $groupData = claro_get_group_data(array(CLARO_CONTEXT_COURSE => $locator->getCourseId(), CLARO_CONTEXT_GROUP => $locator->getGroupId())); $path .= '/group/' . $groupData['directory']; // $groupId = $locator->getGroupId(); } else { $path .= '/document'; } if ($locator->hasResourceId()) { $path .= '/' . ltrim($locator->getResourceId(), '/'); } $path = secure_file_path($path); return $path; }
/** * Include a textzone file * @param string $textzone name of the textzone * @param string $defaultContent content displayed if textzone cannot be found or doesn't exist */ function include_textzone($textzone, $defaultContent = null) { $textzone = secure_file_path($textzone); // find correct path where the file is // FIXME : move ALL textzones to the same location ! if (file_exists(get_path('rootSys') . './platform/textzone/' . $textzone)) { $textzonePath = get_path('rootSys') . './platform/textzone/' . $textzone; } elseif (file_exists(get_path('rootSys') . './' . $textzone)) { $textzonePath = get_path('rootSys') . './' . $textzone; } else { $textzonePath = null; } // textzone content if (!is_null($textzonePath)) { include $textzonePath; } else { if (!is_null($defaultContent)) { echo $defaultContent; } if (claro_is_platform_admin()) { // help tip for administrator echo '<p>' . get_lang('blockTextZoneHelp', array('%textZoneFile' => $textzone)) . '</p>'; } } // edit link if (claro_is_platform_admin()) { echo '<p>' . "\n" . '<a href="' . get_path('rootAdminWeb') . 'managing/editFile.php?cmd=rqEdit&file=' . $textzone . '">' . "\n" . '<img src="' . get_icon_url('edit') . '" alt="" />' . get_lang('Edit text zone') . "\n" . '</a>' . "\n" . '</p>' . "\n"; } }
$downloader = new $className($moduleLabel); } else { $downloader = false; // $downloader = new Claro_Generic_Module_Downloader($moduleLabel); pushClaroMessage('No downloader found for module ' . strip_tags($moduleLabel), 'warning'); } } else { $downloader = new Claro_PlatformDocumentsDownloader(); } if ($downloader && $downloader->isAllowedToDownload($requestUrl)) { $pathInfo = $downloader->getFilePath($requestUrl); // use slashes instead of backslashes in file path if (claro_debug_mode()) { pushClaroMessage('<p>File path : ' . $pathInfo . '</p>', 'pathInfo'); } $pathInfo = secure_file_path($pathInfo); // Check if path exists in course folder if (!file_exists($pathInfo) || is_dir($pathInfo)) { $isDownloadable = false; $dialogBox->title(get_lang('Not found')); $dialogBox->error(get_lang('The requested file <strong>%file</strong> was not found on the platform.', array('%file' => basename($pathInfo)))); } } else { $isDownloadable = false; pushClaroMessage('downloader said no!', 'debug'); $dialogBox->title(get_lang('Not allowed')); } } // Output section if ($isDownloadable) { // end session to avoid lock
function getSingleResource($args) { $tlabelReq = 'MOBILE'; $thisFile = isset($args['resID']) ? $args['resID'] : null; $cid = claro_get_current_course_id(); if (is_null($cid) || is_null($thisFile)) { throw new InvalidArgumentException('Missing cid or resourceId argument!'); } if (claro_is_course_allowed()) { /* INITIALISATION = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = */ $tableName = get_module_main_tbl(array('mobile_tokens')); $tableName = $tableName['mobile_tokens']; $limit = 5; $baseWorkDir = get_path('coursesRepositorySys') . claro_get_course_path($cid) . '/document'; if (is_dir($baseWorkDir . $thisFile) || is_file($baseWorkDir . $thisFile)) { if (is_dir($baseWorkDir . $thisFile)) { if ($is_allowedToEdit || get_conf('cldoc_allowNonManagersToDownloadFolder', true) || get_conf('cldoc_allowNonManagersToDownloadFolder', true) && get_conf('cldoc_allowAnonymousToDownloadFolder', true)) { /* * PREPARE THE FILE COLLECTION */ if (!$is_allowedToEdit) { // Build an exclude file list to prevent simple user // to see document contained in "invisible" directories $searchExcludeList = getInvisibleDocumentList($baseWorkDir); } else { $searchExcludeList = array(); } $filePathList = claro_search_file(search_string_to_pcre(''), $baseWorkDir . $thisFile, true, 'FILE', $searchExcludeList); /* * BUILD THE ZIP ARCHIVE */ require_once get_path('incRepositorySys') . '/lib/thirdparty/pclzip/pclzip.lib.php'; // Build archive in tmp course folder $downloadArchivePath = get_conf('cldoc_customTmpPath', ''); if (empty($downloadArchivePath)) { $downloadArchivePath = get_path('coursesRepositorySys') . claro_get_course_path() . '/tmp/zip'; $downloadArchiveFile = $downloadArchivePath . '/' . uniqid('') . '.zip'; } else { $downloadArchiveFile = rtrim($downloadArchivePath, '/') . '/' . claro_get_current_course_id() . '_CLDOC_' . uniqid('') . '.zip'; } if (!is_dir($downloadArchivePath)) { mkdir($downloadArchivePath, CLARO_FILE_PERMISSIONS, true); } $downloadArchive = new PclZip($downloadArchiveFile); $downloadArchive->add($filePathList, PCLZIP_OPT_REMOVE_PATH, $baseWorkDir . $thisFile); if (file_exists($downloadArchiveFile)) { $pathInfo = $downloadArchiveFile; } else { throw new RuntimeException('Internal Server Error', 500); } } else { throw new RuntimeException('Not allowed', 403); } } elseif (is_file($baseWorkDir . $thisFile)) { require_once get_path('incRepositorySys') . '/lib/file/downloader.lib.php'; Claroline::getInstance()->notification->addListener('download', 'trackInCourse'); $connectorPath = secure_file_path(get_module_path($tlabelReq) . '/connector/downloader.cnr.php'); require_once $connectorPath; $className = $tlabelReq . '_Downloader'; $downloader = new $className($tlabelReq, $cid, claro_get_current_user_id()); if ($downloader && $downloader->isAllowedToDownload($thisFile)) { $pathInfo = $downloader->getFilePath($thisFile); $pathInfo = secure_file_path($pathInfo); // Check if path exists in course folder if (!file_exists($pathInfo) || is_dir($pathInfo)) { throw new RuntimeException('Resource not found', 404); } } else { throw new RuntimeException('Not allowed', 403); } } for ($result = $try = 0; $try < $limit && $result < 1; $try++) { /* Create token and register into the db. Retry until the registration complete or fail $limit times. = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = */ $token = bin2hex(openssl_random_pseudo_bytes(15)); $sql = 'REPLACE INTO `' . $tableName . '` (`userId`, `token`, `requestedPath`, `requestTime`, `wasFolder`, `canRetry`) ' . 'VALUES (\'' . claro_get_current_user_id() . '\', \'' . $token . '\', \'' . claro_sql_escape($pathInfo) . '\', NOW(), \'' . (is_dir($baseWorkDir . $thisFile) ? 1 : 0) . '\' , \'' . (isset($args['platform']) && $args['platform'] == 'WP' ? 1 : 0) . '\');'; $result = Claroline::getDatabase()->exec($sql); } $response['token'] = $try == $limit ? null : $token; return $response; } else { throw new RuntimeException('Resource not found', 404); } } else { throw new RuntimeException('Not allowed', 403); } }
public function getFilePath($requestedUrl) { $requestedUrl = secure_file_path($requestedUrl); return realpath(rtrim(str_replace('\\', '/', get_path('rootSys')), '/') . '/platform/document' . '/' . $requestedUrl); }
$dialogBox->error(get_lang('Cannot copy the file')); $formCorrectlySent = false; } // remove the previous file if there was one if (isset($_REQUEST['currentWrkUrl'])) { @unlink($assignment->getAssigDirSys() . $_REQUEST['currentWrkUrl']); } } } elseif ($assignmentContent == "FILE") { if (isset($_REQUEST['currentWrkUrl'])) { // if there was already a file and nothing was provided to replace it, reuse it $wrkForm['filename'] = $_REQUEST['currentWrkUrl']; } elseif (!is_null($submitGroupWorkUrl)) { $wrkForm['filename'] = $assignment->createUniqueFilename(basename($submitGroupWorkUrl)); $groupWorkFile = get_path('coursesRepositorySys') . '/' . claro_get_course_path() . '/group/' . claro_get_current_group_data('directory') . '/' . $submitGroupWorkUrl; $groupWorkFile = secure_file_path($groupWorkFile); if (file_exists($groupWorkFile)) { copy($groupWorkFile, $assignment->getAssigDirSys() . $wrkForm['filename']); } else { // if the main thing to provide is a file and that no file was sent $dialogBox->error(get_lang('Unable to copy file : %filename', array('%filename' => basename($submitGroupWorkUrl)))); $formCorrectlySent = false; } } elseif ($submission->getParentId() == 0) { // if the main thing to provide is a file and that no file was sent $dialogBox->error(get_lang('Field \'%name\' is required', array('%name' => get_lang('File')))); $formCorrectlySent = false; } } elseif ($assignmentContent == "TEXTFILE") { // attached file is optionnal if work type is TEXT AND FILE // so the attached file can be deleted only in this mode
/** * Load configuration file given its name * @param string $name */ function load_kernel_config($name) { $name = secure_file_path($name); if (file_exists(claro_get_conf_repository() . $name . '.conf.php')) { include claro_get_conf_repository() . $name . '.conf.php'; } }
*/ require dirname(__FILE__) . '/../inc/claro_init_global.inc.php'; require_once get_path('includePath') . '/lib/thumbnails.lib.php'; require_once get_path('includePath') . '/lib/fileManage.lib.php'; require_once get_path('includePath') . '/lib/file.lib.php'; if (claro_is_in_a_group() && claro_is_group_allowed()) { $documentRootDir = get_path('coursesRepositorySys') . claro_get_course_path() . '/group/' . claro_get_current_group_data('directory'); $thumbnailsDirectory = get_path('coursesRepositorySys') . claro_get_course_path() . '/tmp/thumbs/' . claro_get_current_group_data('directory'); } elseif (claro_is_in_a_course() && claro_is_course_allowed()) { $documentRootDir = get_path('coursesRepositorySys') . claro_get_course_path() . '/document'; $thumbnailsDirectory = get_path('coursesRepositorySys') . claro_get_course_path() . '/tmp/thumbs'; } else { header('HTTP/1.1 403 Forbidden'); exit; } $image = array_key_exists('img', $_REQUEST) ? secure_file_path($_REQUEST['img']) : null; if (is_null($image)) { header('HTTP/1.1 403 Forbidden'); exit; } $imagePath = $documentRootDir . $image; if (file_exists($imagePath)) { list($width, $height, $type, $attr) = getimagesize($imagePath); $thumbWidth = 75; $newHeight = round($height * $thumbWidth / $width); $thumbnailer = new Thumbnailer($thumbnailsDirectory, $documentRootDir); $thumbPath = $thumbnailer->getThumbnail($image, $newHeight, $thumbWidth); if (!$thumbPath) { $thumbPath = $imagePath; } // end session to avoid lock