chamilo /
chamilo-lms
@@ -11,237 +11,237 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | class WSError |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * Error handler. This needs to be a class that implements the interface WSErrorHandler |
|
| 16 | - * |
|
| 17 | - * @var WSErrorHandler |
|
| 18 | - */ |
|
| 19 | - protected static $_handler; |
|
| 20 | - |
|
| 21 | - /** |
|
| 22 | - * Error code |
|
| 23 | - * |
|
| 24 | - * @var int |
|
| 25 | - */ |
|
| 26 | - public $code; |
|
| 27 | - |
|
| 28 | - /** |
|
| 29 | - * Error message |
|
| 30 | - * |
|
| 31 | - * @var string |
|
| 32 | - */ |
|
| 33 | - public $message; |
|
| 34 | - |
|
| 35 | - /** |
|
| 36 | - * Constructor |
|
| 37 | - * |
|
| 38 | - * @param int Error code |
|
| 39 | - * @param string Error message |
|
| 40 | - */ |
|
| 41 | - public function __construct($code, $message) { |
|
| 42 | - $this->code = $code; |
|
| 43 | - $this->message = $message; |
|
| 44 | - } |
|
| 45 | - |
|
| 46 | - /** |
|
| 47 | - * Sets the error handler |
|
| 48 | - * |
|
| 49 | - * @param WSErrorHandler Error handler |
|
| 50 | - */ |
|
| 51 | - public static function setErrorHandler($handler) { |
|
| 52 | - if($handler instanceof WSErrorHandler) { |
|
| 53 | - self::$_handler = $handler; |
|
| 54 | - } |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - /** |
|
| 58 | - * Returns the error handler |
|
| 59 | - * |
|
| 60 | - * @return WSErrorHandler Error handler |
|
| 61 | - */ |
|
| 62 | - public static function getErrorHandler() { |
|
| 63 | - return self::$_handler; |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * Transforms the error into an array |
|
| 68 | - * |
|
| 69 | - * @return array Associative array with code and message |
|
| 70 | - */ |
|
| 71 | - public function toArray() { |
|
| 72 | - return array('code' => $this->code, 'message' => $this->message); |
|
| 73 | - } |
|
| 14 | + /** |
|
| 15 | + * Error handler. This needs to be a class that implements the interface WSErrorHandler |
|
| 16 | + * |
|
| 17 | + * @var WSErrorHandler |
|
| 18 | + */ |
|
| 19 | + protected static $_handler; |
|
| 20 | + |
|
| 21 | + /** |
|
| 22 | + * Error code |
|
| 23 | + * |
|
| 24 | + * @var int |
|
| 25 | + */ |
|
| 26 | + public $code; |
|
| 27 | + |
|
| 28 | + /** |
|
| 29 | + * Error message |
|
| 30 | + * |
|
| 31 | + * @var string |
|
| 32 | + */ |
|
| 33 | + public $message; |
|
| 34 | + |
|
| 35 | + /** |
|
| 36 | + * Constructor |
|
| 37 | + * |
|
| 38 | + * @param int Error code |
|
| 39 | + * @param string Error message |
|
| 40 | + */ |
|
| 41 | + public function __construct($code, $message) { |
|
| 42 | + $this->code = $code; |
|
| 43 | + $this->message = $message; |
|
| 44 | + } |
|
| 45 | + |
|
| 46 | + /** |
|
| 47 | + * Sets the error handler |
|
| 48 | + * |
|
| 49 | + * @param WSErrorHandler Error handler |
|
| 50 | + */ |
|
| 51 | + public static function setErrorHandler($handler) { |
|
| 52 | + if($handler instanceof WSErrorHandler) { |
|
| 53 | + self::$_handler = $handler; |
|
| 54 | + } |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + /** |
|
| 58 | + * Returns the error handler |
|
| 59 | + * |
|
| 60 | + * @return WSErrorHandler Error handler |
|
| 61 | + */ |
|
| 62 | + public static function getErrorHandler() { |
|
| 63 | + return self::$_handler; |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * Transforms the error into an array |
|
| 68 | + * |
|
| 69 | + * @return array Associative array with code and message |
|
| 70 | + */ |
|
| 71 | + public function toArray() { |
|
| 72 | + return array('code' => $this->code, 'message' => $this->message); |
|
| 73 | + } |
|
| 74 | 74 | } |
| 75 | 75 | |
| 76 | 76 | /** |
| 77 | 77 | * Interface that must be implemented by any error handler |
| 78 | 78 | */ |
| 79 | 79 | interface WSErrorHandler { |
| 80 | - /** |
|
| 81 | - * Handle method |
|
| 82 | - * |
|
| 83 | - * @param WSError Error |
|
| 84 | - */ |
|
| 85 | - public function handle($error); |
|
| 80 | + /** |
|
| 81 | + * Handle method |
|
| 82 | + * |
|
| 83 | + * @param WSError Error |
|
| 84 | + */ |
|
| 85 | + public function handle($error); |
|
| 86 | 86 | } |
| 87 | 87 | |
| 88 | 88 | /** |
| 89 | 89 | * Main class of the webservice. Webservice classes extend this class |
| 90 | 90 | */ |
| 91 | 91 | class WS { |
| 92 | - /** |
|
| 93 | - * Chamilo configuration |
|
| 94 | - * |
|
| 95 | - * @var array |
|
| 96 | - */ |
|
| 97 | - protected $_configuration; |
|
| 98 | - |
|
| 99 | - /** |
|
| 100 | - * Constructor |
|
| 101 | - */ |
|
| 102 | - public function __construct() { |
|
| 103 | - $this->_configuration = $GLOBALS['_configuration']; |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - /** |
|
| 107 | - * Verifies the API key |
|
| 108 | - * |
|
| 109 | - * @param string Secret key |
|
| 110 | - * @return mixed WSError in case of failure, null in case of success |
|
| 111 | - */ |
|
| 112 | - protected function verifyKey($secret_key) { |
|
| 113 | - $ip = trim($_SERVER['REMOTE_ADDR']); |
|
| 114 | - // if we are behind a reverse proxy, assume it will send the |
|
| 115 | - // HTTP_X_FORWARDED_FOR header and use this IP instead |
|
| 116 | - if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { |
|
| 117 | - list($ip1,$ip2) = preg_split('/,/',$_SERVER['HTTP_X_FORWARDED_FOR']); |
|
| 118 | - $ip = trim($ip1); |
|
| 119 | - } |
|
| 120 | - $security_key = $ip.$this->_configuration['security_key']; |
|
| 121 | - |
|
| 122 | - if(!api_is_valid_secret_key($secret_key, $security_key)) { |
|
| 123 | - return new WSError(1, "API key is invalid"); |
|
| 124 | - } else { |
|
| 125 | - return null; |
|
| 126 | - } |
|
| 127 | - } |
|
| 128 | - |
|
| 129 | - /** |
|
| 130 | - * Gets the real user id based on the user id field name and value. |
|
| 131 | - * Note that if the user id field name is "chamilo_user_id", it will use the user id |
|
| 132 | - * in the system database |
|
| 133 | - * |
|
| 134 | - * @param string User id field name |
|
| 135 | - * @param string User id value |
|
| 136 | - * @return mixed System user id if the user was found, WSError otherwise |
|
| 137 | - */ |
|
| 138 | - protected function getUserId($user_id_field_name, $user_id_value) { |
|
| 139 | - if($user_id_field_name == "chamilo_user_id") { |
|
| 140 | - if(UserManager::is_user_id_valid(intval($user_id_value))) { |
|
| 141 | - return intval($user_id_value); |
|
| 142 | - } else { |
|
| 143 | - return new WSError(100, "User not found"); |
|
| 144 | - } |
|
| 145 | - } else { |
|
| 146 | - $user_id = UserManager::get_user_id_from_original_id($user_id_value, $user_id_field_name); |
|
| 147 | - if($user_id == 0) { |
|
| 148 | - return new WSError(100, "User not found"); |
|
| 149 | - } else { |
|
| 150 | - return $user_id; |
|
| 151 | - } |
|
| 152 | - } |
|
| 153 | - } |
|
| 154 | - |
|
| 155 | - /** |
|
| 156 | - * Gets the real course id based on the course id field name and value. |
|
| 157 | - * Note that if the course id field name is "chamilo_course_id", it will use the course id |
|
| 158 | - * in the system database |
|
| 159 | - * |
|
| 160 | - * @param string Course id field name |
|
| 161 | - * @param string Course id value |
|
| 162 | - * @return mixed System course id if the course was found, WSError otherwise |
|
| 163 | - */ |
|
| 164 | - protected function getCourseId($course_id_field_name, $course_id_value) |
|
| 165 | - { |
|
| 166 | - if ($course_id_field_name == "chamilo_course_id") { |
|
| 167 | - if (CourseManager::get_course_code_from_course_id( |
|
| 168 | - intval($course_id_value) |
|
| 169 | - ) != null |
|
| 170 | - ) { |
|
| 171 | - return intval($course_id_value); |
|
| 172 | - } else { |
|
| 173 | - return new WSError(200, "Course not found"); |
|
| 174 | - } |
|
| 175 | - } else { |
|
| 176 | - $courseId = CourseManager::get_course_code_from_original_id( |
|
| 177 | - $course_id_value, |
|
| 178 | - $course_id_field_name |
|
| 179 | - ); |
|
| 180 | - if (!empty($courseId)) { |
|
| 181 | - return $courseId; |
|
| 182 | - } else { |
|
| 183 | - return new WSError(200, "Course not found"); |
|
| 184 | - } |
|
| 185 | - } |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * Gets the real session id based on the session id field name and value. |
|
| 190 | - * Note that if the session id field name is "chamilo_session_id", it will use the session id |
|
| 191 | - * in the system database |
|
| 192 | - * |
|
| 193 | - * @param string Session id field name |
|
| 194 | - * @param string Session id value |
|
| 195 | - * @return mixed System session id if the session was found, WSError otherwise |
|
| 196 | - */ |
|
| 197 | - protected function getSessionId($session_id_field_name, $session_id_value) |
|
| 198 | - { |
|
| 199 | - if ($session_id_field_name == "chamilo_session_id") { |
|
| 200 | - $session = SessionManager::fetch((int)$session_id_value); |
|
| 201 | - if (!empty($session)) { |
|
| 202 | - return intval($session_id_value); |
|
| 203 | - } else { |
|
| 204 | - return new WSError(300, "Session not found"); |
|
| 205 | - } |
|
| 206 | - } else { |
|
| 207 | - $session_id = SessionManager::getSessionIdFromOriginalId( |
|
| 208 | - $session_id_value, |
|
| 209 | - $session_id_field_name |
|
| 210 | - ); |
|
| 211 | - if ($session_id == 0) { |
|
| 212 | - return new WSError(300, "Session not found"); |
|
| 213 | - } else { |
|
| 214 | - return $session_id; |
|
| 215 | - } |
|
| 216 | - } |
|
| 217 | - } |
|
| 218 | - |
|
| 219 | - /** |
|
| 220 | - * Handles an error by calling the WSError error handler |
|
| 221 | - * |
|
| 222 | - * @param WSError Error |
|
| 223 | - */ |
|
| 224 | - protected function handleError($error) { |
|
| 225 | - $handler = WSError::getErrorHandler(); |
|
| 226 | - $handler->handle($error); |
|
| 227 | - } |
|
| 228 | - |
|
| 229 | - /** |
|
| 230 | - * Gets a successful result |
|
| 231 | - * |
|
| 232 | - * @return array Array with a code of 0 and a message 'Operation was successful' |
|
| 233 | - */ |
|
| 234 | - protected function getSuccessfulResult() { |
|
| 235 | - return array('code' => 0, 'message' => 'Operation was successful'); |
|
| 236 | - } |
|
| 237 | - |
|
| 238 | - /** |
|
| 239 | - * Test function. Returns the string success |
|
| 240 | - * |
|
| 241 | - * @return string Success |
|
| 242 | - */ |
|
| 243 | - public function test() { |
|
| 244 | - return "success"; |
|
| 245 | - } |
|
| 92 | + /** |
|
| 93 | + * Chamilo configuration |
|
| 94 | + * |
|
| 95 | + * @var array |
|
| 96 | + */ |
|
| 97 | + protected $_configuration; |
|
| 98 | + |
|
| 99 | + /** |
|
| 100 | + * Constructor |
|
| 101 | + */ |
|
| 102 | + public function __construct() { |
|
| 103 | + $this->_configuration = $GLOBALS['_configuration']; |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + /** |
|
| 107 | + * Verifies the API key |
|
| 108 | + * |
|
| 109 | + * @param string Secret key |
|
| 110 | + * @return mixed WSError in case of failure, null in case of success |
|
| 111 | + */ |
|
| 112 | + protected function verifyKey($secret_key) { |
|
| 113 | + $ip = trim($_SERVER['REMOTE_ADDR']); |
|
| 114 | + // if we are behind a reverse proxy, assume it will send the |
|
| 115 | + // HTTP_X_FORWARDED_FOR header and use this IP instead |
|
| 116 | + if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { |
|
| 117 | + list($ip1,$ip2) = preg_split('/,/',$_SERVER['HTTP_X_FORWARDED_FOR']); |
|
| 118 | + $ip = trim($ip1); |
|
| 119 | + } |
|
| 120 | + $security_key = $ip.$this->_configuration['security_key']; |
|
| 121 | + |
|
| 122 | + if(!api_is_valid_secret_key($secret_key, $security_key)) { |
|
| 123 | + return new WSError(1, "API key is invalid"); |
|
| 124 | + } else { |
|
| 125 | + return null; |
|
| 126 | + } |
|
| 127 | + } |
|
| 128 | + |
|
| 129 | + /** |
|
| 130 | + * Gets the real user id based on the user id field name and value. |
|
| 131 | + * Note that if the user id field name is "chamilo_user_id", it will use the user id |
|
| 132 | + * in the system database |
|
| 133 | + * |
|
| 134 | + * @param string User id field name |
|
| 135 | + * @param string User id value |
|
| 136 | + * @return mixed System user id if the user was found, WSError otherwise |
|
| 137 | + */ |
|
| 138 | + protected function getUserId($user_id_field_name, $user_id_value) { |
|
| 139 | + if($user_id_field_name == "chamilo_user_id") { |
|
| 140 | + if(UserManager::is_user_id_valid(intval($user_id_value))) { |
|
| 141 | + return intval($user_id_value); |
|
| 142 | + } else { |
|
| 143 | + return new WSError(100, "User not found"); |
|
| 144 | + } |
|
| 145 | + } else { |
|
| 146 | + $user_id = UserManager::get_user_id_from_original_id($user_id_value, $user_id_field_name); |
|
| 147 | + if($user_id == 0) { |
|
| 148 | + return new WSError(100, "User not found"); |
|
| 149 | + } else { |
|
| 150 | + return $user_id; |
|
| 151 | + } |
|
| 152 | + } |
|
| 153 | + } |
|
| 154 | + |
|
| 155 | + /** |
|
| 156 | + * Gets the real course id based on the course id field name and value. |
|
| 157 | + * Note that if the course id field name is "chamilo_course_id", it will use the course id |
|
| 158 | + * in the system database |
|
| 159 | + * |
|
| 160 | + * @param string Course id field name |
|
| 161 | + * @param string Course id value |
|
| 162 | + * @return mixed System course id if the course was found, WSError otherwise |
|
| 163 | + */ |
|
| 164 | + protected function getCourseId($course_id_field_name, $course_id_value) |
|
| 165 | + { |
|
| 166 | + if ($course_id_field_name == "chamilo_course_id") { |
|
| 167 | + if (CourseManager::get_course_code_from_course_id( |
|
| 168 | + intval($course_id_value) |
|
| 169 | + ) != null |
|
| 170 | + ) { |
|
| 171 | + return intval($course_id_value); |
|
| 172 | + } else { |
|
| 173 | + return new WSError(200, "Course not found"); |
|
| 174 | + } |
|
| 175 | + } else { |
|
| 176 | + $courseId = CourseManager::get_course_code_from_original_id( |
|
| 177 | + $course_id_value, |
|
| 178 | + $course_id_field_name |
|
| 179 | + ); |
|
| 180 | + if (!empty($courseId)) { |
|
| 181 | + return $courseId; |
|
| 182 | + } else { |
|
| 183 | + return new WSError(200, "Course not found"); |
|
| 184 | + } |
|
| 185 | + } |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * Gets the real session id based on the session id field name and value. |
|
| 190 | + * Note that if the session id field name is "chamilo_session_id", it will use the session id |
|
| 191 | + * in the system database |
|
| 192 | + * |
|
| 193 | + * @param string Session id field name |
|
| 194 | + * @param string Session id value |
|
| 195 | + * @return mixed System session id if the session was found, WSError otherwise |
|
| 196 | + */ |
|
| 197 | + protected function getSessionId($session_id_field_name, $session_id_value) |
|
| 198 | + { |
|
| 199 | + if ($session_id_field_name == "chamilo_session_id") { |
|
| 200 | + $session = SessionManager::fetch((int)$session_id_value); |
|
| 201 | + if (!empty($session)) { |
|
| 202 | + return intval($session_id_value); |
|
| 203 | + } else { |
|
| 204 | + return new WSError(300, "Session not found"); |
|
| 205 | + } |
|
| 206 | + } else { |
|
| 207 | + $session_id = SessionManager::getSessionIdFromOriginalId( |
|
| 208 | + $session_id_value, |
|
| 209 | + $session_id_field_name |
|
| 210 | + ); |
|
| 211 | + if ($session_id == 0) { |
|
| 212 | + return new WSError(300, "Session not found"); |
|
| 213 | + } else { |
|
| 214 | + return $session_id; |
|
| 215 | + } |
|
| 216 | + } |
|
| 217 | + } |
|
| 218 | + |
|
| 219 | + /** |
|
| 220 | + * Handles an error by calling the WSError error handler |
|
| 221 | + * |
|
| 222 | + * @param WSError Error |
|
| 223 | + */ |
|
| 224 | + protected function handleError($error) { |
|
| 225 | + $handler = WSError::getErrorHandler(); |
|
| 226 | + $handler->handle($error); |
|
| 227 | + } |
|
| 228 | + |
|
| 229 | + /** |
|
| 230 | + * Gets a successful result |
|
| 231 | + * |
|
| 232 | + * @return array Array with a code of 0 and a message 'Operation was successful' |
|
| 233 | + */ |
|
| 234 | + protected function getSuccessfulResult() { |
|
| 235 | + return array('code' => 0, 'message' => 'Operation was successful'); |
|
| 236 | + } |
|
| 237 | + |
|
| 238 | + /** |
|
| 239 | + * Test function. Returns the string success |
|
| 240 | + * |
|
| 241 | + * @return string Success |
|
| 242 | + */ |
|
| 243 | + public function test() { |
|
| 244 | + return "success"; |
|
| 245 | + } |
|
| 246 | 246 | } |
| 247 | 247 | |
@@ -22,32 +22,32 @@ discard block |
||
| 22 | 22 | */ |
| 23 | 23 | function courses_list($security_key, $visibilities = 'public') { |
| 24 | 24 | |
| 25 | - global $_configuration; |
|
| 25 | + global $_configuration; |
|
| 26 | 26 | |
| 27 | - // Check if this script is launch by server and if security key is ok. |
|
| 28 | - if ($security_key != $_configuration['security_key']) { |
|
| 29 | - return array('error_msg' => 'Security check failed'); |
|
| 30 | - } |
|
| 27 | + // Check if this script is launch by server and if security key is ok. |
|
| 28 | + if ($security_key != $_configuration['security_key']) { |
|
| 29 | + return array('error_msg' => 'Security check failed'); |
|
| 30 | + } |
|
| 31 | 31 | |
| 32 | - $vis = array('public' => '3', 'public-registered' => '2', 'private' => '1', 'closed' => '0'); |
|
| 32 | + $vis = array('public' => '3', 'public-registered' => '2', 'private' => '1', 'closed' => '0'); |
|
| 33 | 33 | |
| 34 | - $courses_list = array(); |
|
| 34 | + $courses_list = array(); |
|
| 35 | 35 | |
| 36 | - if (!is_array($visibilities)) { |
|
| 37 | - $tmp = $visibilities; |
|
| 38 | - $visibilities = array($tmp); |
|
| 39 | - } |
|
| 40 | - foreach ($visibilities as $visibility) { |
|
| 41 | - if (!in_array($visibility, array_keys($vis))) { |
|
| 42 | - return array('error_msg' => 'Security check failed'); |
|
| 43 | - } |
|
| 44 | - $courses_list_tmp = CourseManager::get_courses_list(null, null, null, null, $vis[$visibility]); |
|
| 45 | - foreach ($courses_list_tmp as $index => $course) { |
|
| 46 | - $course_info = CourseManager::get_course_information($course['code']); |
|
| 47 | - $courses_list[$course['code']] = array('title' => api_utf8_encode($course_info['title']), 'url' => api_get_path(WEB_COURSE_PATH).$course_info['directory'].'/', 'teacher' => api_utf8_encode($course_info['tutor_name']), 'language' => $course_info['course_language']); |
|
| 48 | - } |
|
| 49 | - } |
|
| 50 | - return $courses_list; |
|
| 36 | + if (!is_array($visibilities)) { |
|
| 37 | + $tmp = $visibilities; |
|
| 38 | + $visibilities = array($tmp); |
|
| 39 | + } |
|
| 40 | + foreach ($visibilities as $visibility) { |
|
| 41 | + if (!in_array($visibility, array_keys($vis))) { |
|
| 42 | + return array('error_msg' => 'Security check failed'); |
|
| 43 | + } |
|
| 44 | + $courses_list_tmp = CourseManager::get_courses_list(null, null, null, null, $vis[$visibility]); |
|
| 45 | + foreach ($courses_list_tmp as $index => $course) { |
|
| 46 | + $course_info = CourseManager::get_course_information($course['code']); |
|
| 47 | + $courses_list[$course['code']] = array('title' => api_utf8_encode($course_info['title']), 'url' => api_get_path(WEB_COURSE_PATH).$course_info['directory'].'/', 'teacher' => api_utf8_encode($course_info['tutor_name']), 'language' => $course_info['course_language']); |
|
| 48 | + } |
|
| 49 | + } |
|
| 50 | + return $courses_list; |
|
| 51 | 51 | } |
| 52 | 52 | |
| 53 | 53 | header('Content-Type: text/xml; charset=utf-8'); |
@@ -55,17 +55,17 @@ discard block |
||
| 55 | 55 | echo '<courseslist>'; |
| 56 | 56 | |
| 57 | 57 | if (empty($_POST['security-key']) || empty($_POST['visibility'])) { |
| 58 | - echo '<errormsg>Invalid parameters, this script expects a security-key and a visibility parameters</errormsg>'; |
|
| 58 | + echo '<errormsg>Invalid parameters, this script expects a security-key and a visibility parameters</errormsg>'; |
|
| 59 | 59 | } else { |
| 60 | - $courses_list = courses_list($_POST['security-key'], $_POST['visibility']); |
|
| 61 | - foreach ($courses_list as $code => $cd) { |
|
| 62 | - echo '<course>'; |
|
| 63 | - echo '<code>' , $code , '</code>'; |
|
| 64 | - echo '<title>' , $cd['title'] , '</title>'; |
|
| 65 | - echo '<url>' , $cd['url'] , '</url>'; |
|
| 66 | - echo '<teacher>' , $cd['teacher'] , '</teacher>'; |
|
| 67 | - echo '<language>' , $cd['language'] , '</language>'; |
|
| 68 | - echo '</course>'; |
|
| 69 | - } |
|
| 60 | + $courses_list = courses_list($_POST['security-key'], $_POST['visibility']); |
|
| 61 | + foreach ($courses_list as $code => $cd) { |
|
| 62 | + echo '<course>'; |
|
| 63 | + echo '<code>' , $code , '</code>'; |
|
| 64 | + echo '<title>' , $cd['title'] , '</title>'; |
|
| 65 | + echo '<url>' , $cd['url'] , '</url>'; |
|
| 66 | + echo '<teacher>' , $cd['teacher'] , '</teacher>'; |
|
| 67 | + echo '<language>' , $cd['language'] , '</language>'; |
|
| 68 | + echo '</course>'; |
|
| 69 | + } |
|
| 70 | 70 | } |
| 71 | 71 | echo '</courseslist>'; |
@@ -17,7 +17,7 @@ |
||
| 17 | 17 | $result = $objExercise->read($exercise_id); |
| 18 | 18 | |
| 19 | 19 | if (!$result) { |
| 20 | - api_not_allowed(true); |
|
| 20 | + api_not_allowed(true); |
|
| 21 | 21 | } |
| 22 | 22 | |
| 23 | 23 | $interbreadcrumb[] = array( |
@@ -17,18 +17,18 @@ discard block |
||
| 17 | 17 | api_block_anonymous_users(); |
| 18 | 18 | |
| 19 | 19 | if ($_user['user_id']!= api_get_user_id() || api_get_user_id()==0 || $_user['user_id']==0) { |
| 20 | - api_not_allowed(); |
|
| 21 | - die(); |
|
| 20 | + api_not_allowed(); |
|
| 21 | + die(); |
|
| 22 | 22 | } |
| 23 | 23 | |
| 24 | 24 | if(!isset($_GET['title']) || !isset($_GET['type']) || !isset($_GET['image'])) { |
| 25 | - api_not_allowed(); |
|
| 26 | - die(); |
|
| 25 | + api_not_allowed(); |
|
| 26 | + die(); |
|
| 27 | 27 | } |
| 28 | 28 | |
| 29 | 29 | if(!isset($_SESSION['paint_dir']) || !isset($_SESSION['whereami']) ){ |
| 30 | - api_not_allowed(); |
|
| 31 | - die(); |
|
| 30 | + api_not_allowed(); |
|
| 31 | + die(); |
|
| 32 | 32 | } |
| 33 | 33 | |
| 34 | 34 | //pixlr return |
@@ -72,22 +72,22 @@ discard block |
||
| 72 | 72 | $filename = disable_dangerous_file($filename); |
| 73 | 73 | |
| 74 | 74 | if (strlen(trim($filename))==0) { |
| 75 | - echo "The title is empty";//if title is empty, headers Content-Type = application/octet-stream, then not create a new title here please |
|
| 76 | - exit; |
|
| 75 | + echo "The title is empty";//if title is empty, headers Content-Type = application/octet-stream, then not create a new title here please |
|
| 76 | + exit; |
|
| 77 | 77 | } |
| 78 | 78 | |
| 79 | 79 | //check file_get_contents |
| 80 | 80 | if ($contents === false) { |
| 81 | - echo "I cannot read: ".$urlcontents; |
|
| 81 | + echo "I cannot read: ".$urlcontents; |
|
| 82 | 82 | exit; |
| 83 | 83 | } |
| 84 | 84 | |
| 85 | 85 | // Extension security |
| 86 | 86 | if($extension!= 'jpg' && $extension!= 'png' && $extension!= 'pxd'){ |
| 87 | - die(); |
|
| 87 | + die(); |
|
| 88 | 88 | } |
| 89 | 89 | if($extension=='pxd') { |
| 90 | - echo "pxd file type does not supported";// not secure because check security headers and finfo() return Content-Type = application/octet-stream |
|
| 90 | + echo "pxd file type does not supported";// not secure because check security headers and finfo() return Content-Type = application/octet-stream |
|
| 91 | 91 | exit; |
| 92 | 92 | } |
| 93 | 93 | |
@@ -95,8 +95,8 @@ discard block |
||
| 95 | 95 | $headers = get_headers($urlcontents, 1); |
| 96 | 96 | $content_type = explode("/", $headers['Content-Type']); |
| 97 | 97 | if ($content_type[0] != "image") { |
| 98 | - echo "Invalid file type"; |
|
| 99 | - exit; |
|
| 98 | + echo "Invalid file type"; |
|
| 99 | + exit; |
|
| 100 | 100 | } |
| 101 | 101 | |
| 102 | 102 | //Verify that the file is an image. Fileinfo method |
@@ -114,49 +114,49 @@ discard block |
||
| 114 | 114 | $title = $title.'.'.$extension; |
| 115 | 115 | |
| 116 | 116 | if($currentTool=='document/createpaint'){ |
| 117 | - //check save as and prevent rewrite an older file with same name |
|
| 118 | - if (0 != $groupId){ |
|
| 117 | + //check save as and prevent rewrite an older file with same name |
|
| 118 | + if (0 != $groupId){ |
|
| 119 | 119 | $group_properties = GroupManager :: get_group_properties($groupId); |
| 120 | 120 | $groupPath = $group_properties['directory']; |
| 121 | - } else { |
|
| 122 | - $groupPath =''; |
|
| 123 | - } |
|
| 124 | - |
|
| 125 | - if (file_exists($saveDir.'/'.$filename.'.'.$extension)){ |
|
| 126 | - $i = 1; |
|
| 127 | - while (file_exists($saveDir.'/'.$filename.'_'.$i.'.'.$extension)) $i++; |
|
| 128 | - $paintFileName = $filename . '_' . $i . '.'.$extension; |
|
| 129 | - $title = $filename . '_' . $i . '.'.$extension; |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - // |
|
| 133 | - $documentPath = $saveDir.'/'.$paintFileName; |
|
| 134 | - //add new document to disk |
|
| 135 | - file_put_contents( $documentPath, $contents ); |
|
| 136 | - //add document to database |
|
| 137 | - $doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title); |
|
| 138 | - api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 121 | + } else { |
|
| 122 | + $groupPath =''; |
|
| 123 | + } |
|
| 124 | + |
|
| 125 | + if (file_exists($saveDir.'/'.$filename.'.'.$extension)){ |
|
| 126 | + $i = 1; |
|
| 127 | + while (file_exists($saveDir.'/'.$filename.'_'.$i.'.'.$extension)) $i++; |
|
| 128 | + $paintFileName = $filename . '_' . $i . '.'.$extension; |
|
| 129 | + $title = $filename . '_' . $i . '.'.$extension; |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + // |
|
| 133 | + $documentPath = $saveDir.'/'.$paintFileName; |
|
| 134 | + //add new document to disk |
|
| 135 | + file_put_contents( $documentPath, $contents ); |
|
| 136 | + //add document to database |
|
| 137 | + $doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title); |
|
| 138 | + api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 139 | 139 | |
| 140 | 140 | }elseif($currentTool=='document/editpaint'){ |
| 141 | 141 | |
| 142 | - $documentPath = $saveDir.'/'.$paintFileName; |
|
| 143 | - //add new document to disk |
|
| 144 | - file_put_contents( $documentPath, $contents ); |
|
| 145 | - |
|
| 146 | - //check path |
|
| 147 | - if(!isset($_SESSION['paint_file'])){ |
|
| 148 | - api_not_allowed(); |
|
| 149 | - die(); |
|
| 150 | - } |
|
| 151 | - if($_SESSION['paint_file']==$paintFileName){ |
|
| 152 | - $document_id = DocumentManager::get_document_id($_course, $relativeUrlPath.'/'.$paintFileName); |
|
| 153 | - update_existing_document($_course, $document_id, filesize($documentPath), null); |
|
| 154 | - api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 155 | - }else{ |
|
| 156 | - //add a new document |
|
| 157 | - $doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title); |
|
| 158 | - api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 159 | - } |
|
| 142 | + $documentPath = $saveDir.'/'.$paintFileName; |
|
| 143 | + //add new document to disk |
|
| 144 | + file_put_contents( $documentPath, $contents ); |
|
| 145 | + |
|
| 146 | + //check path |
|
| 147 | + if(!isset($_SESSION['paint_file'])){ |
|
| 148 | + api_not_allowed(); |
|
| 149 | + die(); |
|
| 150 | + } |
|
| 151 | + if($_SESSION['paint_file']==$paintFileName){ |
|
| 152 | + $document_id = DocumentManager::get_document_id($_course, $relativeUrlPath.'/'.$paintFileName); |
|
| 153 | + update_existing_document($_course, $document_id, filesize($documentPath), null); |
|
| 154 | + api_item_property_update($_course, TOOL_DOCUMENT, $document_id, 'DocumentUpdated', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 155 | + }else{ |
|
| 156 | + //add a new document |
|
| 157 | + $doc_id = add_document($_course, $relativeUrlPath.'/'.$paintFileName, 'file', filesize($documentPath), $title); |
|
| 158 | + api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id); |
|
| 159 | + } |
|
| 160 | 160 | } |
| 161 | 161 | |
| 162 | 162 | |
@@ -171,12 +171,12 @@ discard block |
||
| 171 | 171 | unset($_SESSION['temp_realpath_image']); |
| 172 | 172 | |
| 173 | 173 | if (!isset($_SESSION['exit_pixlr'])) { |
| 174 | - $location=api_get_path(WEB_CODE_PATH).'document/document.php'; |
|
| 175 | - echo '<script>window.parent.location.href="'.$location.'"</script>'; |
|
| 176 | - api_not_allowed(true); |
|
| 174 | + $location=api_get_path(WEB_CODE_PATH).'document/document.php'; |
|
| 175 | + echo '<script>window.parent.location.href="'.$location.'"</script>'; |
|
| 176 | + api_not_allowed(true); |
|
| 177 | 177 | } else { |
| 178 | - echo '<div align="center" style="padding-top:150; font-family:Arial, Helvetica, Sans-serif;font-size:25px;color:#aaa;font-weight:bold;">'.get_lang('PleaseStandBy').'</div>'; |
|
| 179 | - $location=api_get_path(WEB_CODE_PATH).'document/document.php?id='.Security::remove_XSS($_SESSION['exit_pixlr']); |
|
| 180 | - echo '<script>window.parent.location.href="'.$location.'"</script>'; |
|
| 181 | - unset($_SESSION['exit_pixlr']); |
|
| 178 | + echo '<div align="center" style="padding-top:150; font-family:Arial, Helvetica, Sans-serif;font-size:25px;color:#aaa;font-weight:bold;">'.get_lang('PleaseStandBy').'</div>'; |
|
| 179 | + $location=api_get_path(WEB_CODE_PATH).'document/document.php?id='.Security::remove_XSS($_SESSION['exit_pixlr']); |
|
| 180 | + echo '<script>window.parent.location.href="'.$location.'"</script>'; |
|
| 181 | + unset($_SESSION['exit_pixlr']); |
|
| 182 | 182 | } |
@@ -85,7 +85,7 @@ discard block |
||
| 85 | 85 | } |
| 86 | 86 | } |
| 87 | 87 | if ($quota_bytes != 0) { |
| 88 | - $quota_percentage = round($quota_bytes/$total_quota_bytes, 2)*100; |
|
| 88 | + $quota_percentage = round($quota_bytes/$total_quota_bytes, 2)*100; |
|
| 89 | 89 | } |
| 90 | 90 | |
| 91 | 91 | $session[] = array(addslashes(get_lang('Teacher').': '.$user_name).' ('.format_file_size($quota_bytes).')', $quota_percentage); |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | } |
| 104 | 104 | $session[] = array(addslashes(sprintf(get_lang('TeacherXInSession'),$user_name)), $quota_percentage); |
| 105 | 105 | |
| 106 | - } |
|
| 106 | + } |
|
| 107 | 107 | } |
| 108 | 108 | |
| 109 | 109 | $quota_percentage = round(($total_quota_bytes - $used_quota_bytes)/$total_quota_bytes, 2)*100; |
@@ -17,7 +17,7 @@ |
||
| 17 | 17 | $result = $objExercise->read($exercise_id); |
| 18 | 18 | |
| 19 | 19 | if (!$result) { |
| 20 | - api_not_allowed(true); |
|
| 20 | + api_not_allowed(true); |
|
| 21 | 21 | } |
| 22 | 22 | |
| 23 | 23 | $interbreadcrumb[] = array( |
@@ -48,9 +48,9 @@ discard block |
||
| 48 | 48 | */ |
| 49 | 49 | //user has submitted a file |
| 50 | 50 | if (isset($_FILES['user_upload'])) { |
| 51 | - $upload_ok = process_uploaded_file($_FILES['user_upload']); |
|
| 52 | - if ($upload_ok) { |
|
| 53 | - //file got on the server without problems, now process it |
|
| 51 | + $upload_ok = process_uploaded_file($_FILES['user_upload']); |
|
| 52 | + if ($upload_ok) { |
|
| 53 | + //file got on the server without problems, now process it |
|
| 54 | 54 | $new_path = handle_uploaded_document( |
| 55 | 55 | $_course, |
| 56 | 56 | $_FILES['user_upload'], |
@@ -62,17 +62,17 @@ discard block |
||
| 62 | 62 | $_POST['unzip'], |
| 63 | 63 | $_POST['if_exists'] |
| 64 | 64 | ); |
| 65 | - $new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : ''; |
|
| 66 | - $new_title = isset($_POST['title']) ? trim($_POST['title']) : ''; |
|
| 65 | + $new_comment = isset($_POST['comment']) ? trim($_POST['comment']) : ''; |
|
| 66 | + $new_title = isset($_POST['title']) ? trim($_POST['title']) : ''; |
|
| 67 | 67 | |
| 68 | - if ($new_path && ($new_comment || $new_title)) |
|
| 69 | - if (($docid = DocumentManager::get_document_id($_course, $new_path))) { |
|
| 70 | - $table_document = Database::get_course_table(TABLE_DOCUMENT); |
|
| 71 | - $ct = ''; |
|
| 72 | - if ($new_comment) $ct .= ", comment='$new_comment'"; |
|
| 73 | - if ($new_title) $ct .= ", title='$new_title'"; |
|
| 74 | - Database::query("UPDATE $table_document SET" . substr($ct, 1) ." WHERE id = '$docid'"); |
|
| 75 | - } |
|
| 68 | + if ($new_path && ($new_comment || $new_title)) |
|
| 69 | + if (($docid = DocumentManager::get_document_id($_course, $new_path))) { |
|
| 70 | + $table_document = Database::get_course_table(TABLE_DOCUMENT); |
|
| 71 | + $ct = ''; |
|
| 72 | + if ($new_comment) $ct .= ", comment='$new_comment'"; |
|
| 73 | + if ($new_title) $ct .= ", title='$new_title'"; |
|
| 74 | + Database::query("UPDATE $table_document SET" . substr($ct, 1) ." WHERE id = '$docid'"); |
|
| 75 | + } |
|
| 76 | 76 | //check for missing images in html files |
| 77 | 77 | $missing_files = check_for_missing_files($base_work_dir.$_POST['curdirpath'].$new_path); |
| 78 | 78 | if ($missing_files) { |
@@ -128,8 +128,8 @@ discard block |
||
| 128 | 128 | } |
| 129 | 129 | //they want to create a directory |
| 130 | 130 | if (isset($_POST['create_dir']) && $_POST['dirname']!='') { |
| 131 | - $added_slash = ($path=='/')?'':'/'; |
|
| 132 | - $dir_name = $path.$added_slash.api_replace_dangerous_char($_POST['dirname']); |
|
| 131 | + $added_slash = ($path=='/')?'':'/'; |
|
| 132 | + $dir_name = $path.$added_slash.api_replace_dangerous_char($_POST['dirname']); |
|
| 133 | 133 | $created_dir = create_unexisting_directory( |
| 134 | 134 | $_course, |
| 135 | 135 | $_user['user_id'], |
@@ -149,15 +149,15 @@ discard block |
||
| 149 | 149 | } |
| 150 | 150 | |
| 151 | 151 | if (isset($_GET['createdir'])) { |
| 152 | - //create the form that asks for the directory name |
|
| 153 | - $new_folder_text = '<form action="'.api_get_self().'" method="POST">'; |
|
| 154 | - $new_folder_text .= '<input type="hidden" name="curdirpath" value="'.$path.'"/>'; |
|
| 155 | - $new_folder_text .= get_lang('NewDir') .' '; |
|
| 156 | - $new_folder_text .= '<input type="text" name="dirname"/>'; |
|
| 157 | - $new_folder_text .= '<input type="submit" name="create_dir" value="'.get_lang('Ok').'"/>'; |
|
| 158 | - $new_folder_text .= '</form>'; |
|
| 159 | - //show the form |
|
| 160 | - Display::display_normal_message($new_folder_text); |
|
| 152 | + //create the form that asks for the directory name |
|
| 153 | + $new_folder_text = '<form action="'.api_get_self().'" method="POST">'; |
|
| 154 | + $new_folder_text .= '<input type="hidden" name="curdirpath" value="'.$path.'"/>'; |
|
| 155 | + $new_folder_text .= get_lang('NewDir') .' '; |
|
| 156 | + $new_folder_text .= '<input type="text" name="dirname"/>'; |
|
| 157 | + $new_folder_text .= '<input type="submit" name="create_dir" value="'.get_lang('Ok').'"/>'; |
|
| 158 | + $new_folder_text .= '</form>'; |
|
| 159 | + //show the form |
|
| 160 | + Display::display_normal_message($new_folder_text); |
|
| 161 | 161 | } else { //give them a link to create a directory |
| 162 | 162 | ?> |
| 163 | 163 | <p> |
@@ -17,7 +17,7 @@ |
||
| 17 | 17 | $result = $objExercise->read($exercise_id); |
| 18 | 18 | |
| 19 | 19 | if (!$result) { |
| 20 | - api_not_allowed(true); |
|
| 20 | + api_not_allowed(true); |
|
| 21 | 21 | } |
| 22 | 22 | |
| 23 | 23 | $interbreadcrumb[] = array( |
@@ -261,7 +261,7 @@ |
||
| 261 | 261 | ?> |
| 262 | 262 | <option value="<?php echo $enreg['user_id']; ?>"><?php echo $enreg['username'].' - '.api_get_person_name($enreg['firstname'], $enreg['lastname']); ?></option> |
| 263 | 263 | <?php |
| 264 | - } |
|
| 264 | + } |
|
| 265 | 265 | unset($nosessionUsersList); |
| 266 | 266 | ?> |
| 267 | 267 | </select> |
