1 | <?php |
||
2 | |||
3 | /* For licensing terms, see /license.txt */ |
||
4 | |||
5 | exit; |
||
6 | |||
7 | use ChamiloSession as Session; |
||
8 | |||
9 | /** |
||
10 | * This file allows creating audio files from a text. |
||
11 | * |
||
12 | * @package chamilo.document |
||
13 | * |
||
14 | * @author Juan Carlos Raña Trabado |
||
15 | * |
||
16 | * @since 30/January/2011 |
||
17 | * |
||
18 | * @todo clean all file |
||
19 | */ |
||
20 | require_once __DIR__.'/../inc/global.inc.php'; |
||
21 | |||
22 | if (api_get_setting('enabled_support_paint') === 'false') { |
||
23 | api_not_allowed(true); |
||
24 | } |
||
25 | |||
26 | $this_section = SECTION_COURSES; |
||
27 | $nameTools = get_lang('PhotoRetouching'); |
||
28 | $groupRights = Session::read('group_member_with_upload_rights'); |
||
29 | |||
30 | api_protect_course_script(); |
||
31 | api_block_anonymous_users(); |
||
32 | $_course = api_get_course_info(); |
||
33 | $document_data = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true); |
||
34 | if (empty($document_data)) { |
||
35 | if (api_is_in_group()) { |
||
36 | $group_properties = GroupManager::get_group_properties(api_get_group_id()); |
||
37 | $document_id = DocumentManager::get_document_id(api_get_course_info(), $group_properties['directory']); |
||
38 | $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id()); |
||
39 | } |
||
40 | } |
||
41 | |||
42 | $document_id = $document_data['id']; |
||
43 | $dir = $document_data['path']; |
||
44 | $is_allowed_to_edit = api_is_allowed_to_edit(null, true); |
||
45 | |||
46 | // path for pixlr save |
||
47 | $paintDir = Security::remove_XSS($dir); |
||
48 | if (empty($paintDir)) { |
||
49 | $paintDir = '/'; |
||
50 | } |
||
51 | |||
52 | Session::write('paint_dir', $paintDir); |
||
53 | Session::write('paint_file', get_lang('NewImage')); |
||
54 | |||
55 | // Please, do not modify this dirname formatting |
||
56 | if (strstr($dir, '..')) { |
||
57 | $dir = '/'; |
||
58 | } |
||
59 | |||
60 | if ($dir[0] == '.') { |
||
61 | $dir = substr($dir, 1); |
||
62 | } |
||
63 | |||
64 | if ($dir[0] != '/') { |
||
65 | $dir = '/'.$dir; |
||
66 | } |
||
67 | |||
68 | if ($dir[strlen($dir) - 1] != '/') { |
||
69 | $dir .= '/'; |
||
70 | } |
||
71 | |||
72 | $filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document'.$dir; |
||
73 | |||
74 | if (!is_dir($filepath)) { |
||
75 | $filepath = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document/'; |
||
76 | $dir = '/'; |
||
77 | } |
||
78 | |||
79 | $groupId = api_get_group_id(); |
||
80 | |||
81 | if (!empty($groupId)) { |
||
82 | $interbreadcrumb[] = [ |
||
83 | "url" => api_get_path(WEB_CODE_PATH)."group/group_space.php?".api_get_cidreq(), |
||
84 | "name" => get_lang('GroupSpace'), |
||
85 | ]; |
||
86 | $group = GroupManager::get_group_properties($groupId); |
||
87 | $path = explode('/', $dir); |
||
88 | if ('/'.$path[1] != $group['directory']) { |
||
89 | api_not_allowed(true); |
||
90 | } |
||
91 | } |
||
92 | |||
93 | $interbreadcrumb[] = [ |
||
94 | "url" => "./document.php?curdirpath=".urlencode($dir)."&".api_get_cidreq(), |
||
95 | "name" => get_lang('Documents'), |
||
96 | ]; |
||
97 | |||
98 | if (!api_is_allowed_in_course()) { |
||
99 | api_not_allowed(true); |
||
100 | } |
||
101 | |||
102 | if (!($is_allowed_to_edit || $groupRights || |
||
103 | DocumentManager::is_my_shared_folder($_user['user_id'], Security::remove_XSS($dir), api_get_session_id())) |
||
104 | ) { |
||
105 | api_not_allowed(true); |
||
106 | } |
||
107 | |||
108 | /* Header */ |
||
109 | Event::event_access_tool(TOOL_DOCUMENT); |
||
110 | $display_dir = $dir; |
||
111 | if (isset($group)) { |
||
112 | $display_dir = explode('/', $dir); |
||
113 | unset($display_dir[0]); |
||
114 | unset($display_dir[1]); |
||
115 | $display_dir = implode('/', $display_dir); |
||
116 | } |
||
117 | |||
118 | // Interbreadcrumb for the current directory root path |
||
119 | if (empty($document_data['parents'])) { |
||
120 | $interbreadcrumb[] = ['url' => '#', 'name' => $document_data['title']]; |
||
121 | } else { |
||
122 | foreach ($document_data['parents'] as $document_sub_data) { |
||
123 | $interbreadcrumb[] = [ |
||
124 | 'url' => $document_sub_data['document_url'], |
||
125 | 'name' => $document_sub_data['title'], |
||
126 | ]; |
||
127 | } |
||
128 | } |
||
129 | |||
130 | Display::display_header($nameTools, 'Doc'); |
||
131 | echo '<div class="actions">'; |
||
132 | echo '<a href="document.php?id='.$document_id.'">'. |
||
133 | Display::return_icon( |
||
134 | 'back.png', |
||
135 | get_lang('BackTo').' '.get_lang('DocumentsOverview'), |
||
136 | '', |
||
137 | ICON_SIZE_MEDIUM |
||
138 | ). |
||
139 | '</a>'; |
||
140 | echo '</div>'; |
||
141 | |||
142 | // pixlr |
||
143 | // max size 1 Mb ?? |
||
144 | $title = urlencode(utf8_encode(get_lang('NewImage'))); //TODO:check |
||
145 | $image = Display::returnIconPath('canvas1024x768.png'); |
||
146 | $exit_path = api_get_path(WEB_CODE_PATH).'document/exit_pixlr.php'; |
||
147 | Session::write('exit_pixlr', $document_data['path']); |
||
148 | $target_path = api_get_path(WEB_CODE_PATH).'document/save_pixlr.php'; |
||
149 | $target = $target_path; |
||
150 | $locktarget = 'true'; |
||
151 | $locktitle = 'false'; |
||
152 | $referrer = 'Chamilo'; |
||
153 | |||
154 | if ($_SERVER['HTTP_HOST'] == "localhost") { |
||
155 | $path_and_file = api_get_path(SYS_PATH).'/crossdomain.xml'; |
||
156 | if (!file_exists($path_and_file)) { |
||
157 | $crossdomain = '<?xml version="1.0"?> |
||
158 | <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"> |
||
159 | <cross-domain-policy> |
||
160 | <allow-access-from domain="cdn.pixlr.com" /> |
||
161 | <site-control permitted-cross-domain-policies="master-only"/> |
||
162 | <allow-http-request-headers-from domain="cnd.pixlr.com" headers="*" secure="true"/> |
||
163 | </cross-domain-policy>'; //more open domain="*" |
||
164 | @file_put_contents($path_and_file, $crossdomain); |
||
0 ignored issues
–
show
|
|||
165 | } |
||
166 | $credentials = 'true'; |
||
167 | } else { |
||
168 | $credentials = 'false'; |
||
169 | } |
||
170 | $pixlr_url = '//pixlr.com/editor/?title='.$title.'&image='.$image.'&referrer='.$referrer.'&target='.$target.'&exit='.$exit_path.'&locktarget='.$locktarget.'&locktitle='.$locktitle.'&credentials='.$credentials; |
||
171 | ?> |
||
172 | <script> |
||
173 | document.write('<iframe id="frame" frameborder="0" scrolling="no" src="<?php echo $pixlr_url; ?>" width="100%" height="100%"><noframes><p>Sorry, your browser does not handle frames</p></noframes></iframe></div>'); |
||
174 | function resizeIframe() { |
||
175 | var height = window.innerHeight; |
||
176 | //max lower size |
||
177 | if (height<600) { |
||
178 | height=600; |
||
179 | } |
||
180 | document.getElementById('frame').style.height = height +"px"; |
||
181 | }; |
||
182 | document.getElementById('frame').onload = resizeIframe; |
||
183 | window.onresize = resizeIframe; |
||
184 | </script> |
||
185 | <?php |
||
186 | echo '<noscript>'; |
||
187 | echo '<iframe style="height: 600px; width: 100%;" scrolling="no" frameborder="0" src="'.$pixlr_url.'"><noframes><p>Sorry, your browser does not handle frames</p></noframes></iframe>'; |
||
188 | echo '</noscript>'; |
||
189 | |||
190 | Display::display_footer(); |
||
191 |
If you suppress an error, we recommend checking for the error condition explicitly: