← Back to branch summary

~ubuntu-branches/ubuntu/hoary/moodle/hoary

« back to all changes in this revision

Viewing changes to lib/editor/coursefiles.php

  • Committer: Bazaar Package Importer
  • Author(s): Isaac Clerencia
  • Date: 2004-12-29 00:49:52 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20041229004952-gliyqzpj2w3e7clx
Tags: 1.4.3-1
http://bugs.debian.org/285842
http://bugs.debian.org/285842
* Urgency high as upstream release fixes several security bugs
* New upstream release
* Write database creation errors and warn the user about it, 
closes: #285842, #285842

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/editor/coursefiles.php
1
 
<?PHP // $Id: coursefiles.php,v 1.5 2004/05/16 16:09:22 julmis Exp $
 
1
<?php // $Id: coursefiles.php,v 1.7.2.6 2004/11/04 16:56:29 moodler Exp $
2
2
 
3
3
//  Manage all uploaded files in a course file area
4
4
 
14
14
    require("../../config.php");
15
15
    require("../../files/mimetypes.php");
16
16
 
17
 
    require_variable($id);
18
 
    optional_variable($file, "");
19
 
    optional_variable($wdir, "");
20
 
    optional_variable($action, "");
21
 
    optional_variable($usecheckboxes, true);
 
17
    $id      = required_param('id', PARAM_INT);
 
18
    $file    = optional_param('file', '', PARAM_PATH);
 
19
    $wdir    = optional_param('wdir', '', PARAM_PATH);
 
20
    $action  = optional_param('action', '', PARAM_ACTION);
 
21
    $name    = optional_param('name', '', PARAM_FILE);
 
22
    $oldname = optional_param('oldname', '', PARAM_FILE);
 
23
    $usecheckboxes  = optional_param('usecheckboxes', 1, PARAM_INT);
 
24
 
22
25
 
23
26
    if (! $course = get_record("course", "id", $id) ) {
24
27
        error("That's an invalid course id");
26
29
 
27
30
    require_login($course->id);
28
31
 
29
 
    if (! isteacher($course->id) ) {
 
32
    if (! isteacheredit($course->id) ) {
30
33
        error("Only teachers can edit files");
31
34
    }
32
35
 
33
36
    function html_footer() {
34
 
        echo "</td></tr></table></body></html>";
 
37
        echo "\n\n</body>\n</html>";
35
38
    }
36
39
 
37
40
    function html_header($course, $wdir, $formfield=""){
38
41
 
39
42
        global $CFG;
40
43
 
41
 
        if (! $site = get_site()) {
42
 
            error("Invalid site!");
43
 
        }
44
 
 
45
44
        ?>
 
45
        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 
46
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
46
47
        <html>
47
48
        <head>
 
49
        <meta http-equiv="content-type" content="text/html; charset=<?php print_string("thischarset");?>" />
48
50
        <title>coursefiles</title>
49
51
        <script language="javscript" type="text/javascript">
50
52
        <!--
143
145
            if(uploader != null) {
144
146
                uploader.reset();
145
147
            }
146
 
            set_dir('<?php print($_REQUEST['wdir']);?>');
 
148
            set_dir('<?php print(!empty($_REQUEST['wdir'])) ? $_REQUEST['wdir'] : "";?>');
147
149
            return true;
148
150
        }
149
151
        -->
182
184
//  End of configuration and access control
183
185
 
184
186
 
185
 
    $regexp="\\.\\.";
186
 
    if (ereg( $regexp, $file, $regs )| ereg( $regexp, $wdir,$regs )) {
 
187
    if (!$wdir) {
 
188
        $wdir="/";
 
189
    }
 
190
 
 
191
    if (($wdir != '/' and detect_munged_arguments($wdir, 0))
 
192
      or ($file != '' and detect_munged_arguments($file, 0))) {
187
193
        $message = "Error: Directories can not contain \"..\"";
188
194
        $wdir = "/";
189
195
        $action = "";
190
196
    }
191
197
 
192
 
    if (!$wdir) {
193
 
        $wdir="/";
194
 
    }
195
198
 
196
199
    switch ($action) {
197
200
 
198
201
        case "upload":
199
202
            html_header($course, $wdir);
 
203
            require_once($CFG->dirroot.'/lib/uploadlib.php');
200
204
 
201
 
            if (!empty($_FILES['userfile'])) {
202
 
                $userfile = $_FILES['userfile'];
203
 
            } else {
204
 
                $save = false;
205
 
            }
206
 
            if (!empty($save)) {
207
 
                if (!is_uploaded_file($userfile['tmp_name']) or $userfile['size'] == 0) {
208
 
                    notify(get_string("uploadnofilefound"));
209
 
                } else {
210
 
                    $userfile_name = clean_filename($userfile['name']);
211
 
                    if ($userfile_name) {
212
 
                        $newfile = "$basedir$wdir/$userfile_name";
213
 
                        if (move_uploaded_file($userfile['tmp_name'], $newfile)) {
214
 
                            chmod($newfile, 0666);
215
 
                            $a = NULL;
216
 
                            $a->file = "$userfile_name (".$userfile['type'].")";
217
 
                            $a->directory = $wdir;
218
 
                            print_string("uploadedfileto", "", $a);
219
 
                        } else {
220
 
                            notify(get_string("uploadproblem", "", $userfile_name));
221
 
                        }
222
 
                    }
 
205
            if (!empty($save) and confirm_sesskey()) {
 
206
                $um = new upload_manager('userfile',false,false,$course,false,0);
 
207
                $dir = "$basedir$wdir";
 
208
                if ($um->process_file_uploads($dir)) {
 
209
                    notify(get_string('uploadedfile'));
223
210
                }
 
211
                // um will take care of error reporting.
224
212
                displaydir($wdir);
225
 
 
226
213
            } else {
227
 
                $upload_max_filesize = get_max_upload_file_size();
 
214
                $upload_max_filesize = get_max_upload_file_size($CFG->maxbytes);
228
215
                $filesize = display_size($upload_max_filesize);
229
216
 
230
217
                $struploadafile = get_string("uploadafile");
232
219
                $strmaxsize = get_string("maxsize", "", $filesize);
233
220
                $strcancel = get_string("cancel");
234
221
 
235
 
                echo "<P>$struploadafile ($strmaxsize) --> <B>$wdir</B>";
236
 
                echo "<TABLE border=\"0\"><TR><TD COLSPAN=2>";
237
 
                echo "<FORM ENCTYPE=\"multipart/form-data\" METHOD=\"post\" ACTION=\"".$_SERVER['PHP_SELF']."\">";
238
 
                echo " <INPUT TYPE=hidden NAME=MAX_FILE_SIZE value=\"$upload_max_filesize\">";
239
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
240
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
241
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=upload>";
242
 
                echo " <INPUT NAME=\"userfile\" TYPE=\"file\" size=\"40\">";
243
 
                echo " </TD><TR><TD align=\"right\">";
244
 
                echo " <INPUT TYPE=submit NAME=save VALUE=\"$struploadthisfile\">";
245
 
                echo "</FORM>";
246
 
                echo "</TD><TD>";
247
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=\"get\">";
248
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
249
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
250
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
251
 
                echo " <INPUT TYPE=submit VALUE=\"$strcancel\">";
252
 
                echo "</FORM>";
253
 
                echo "</TD></TR></TABLE>";
 
222
                echo "<p>$struploadafile ($strmaxsize) --> <strong>$wdir</strong>";
 
223
                echo "<table border=\"0\"><tr><td colspan=\"2\">\n";
 
224
                echo "<form enctype=\"multipart/form-data\" method=\"post\" action=\"coursefiles.php\">\n";
 
225
                upload_print_form_fragment(1,array('userfile'),null,false,null,$course->maxbytes,0,false);
 
226
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
227
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
228
                echo " <input type=\"hidden\" name=\"action\" value=\"upload\" />\n";
 
229
                echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
230
                echo " </td><tr><td align=\"right\">";
 
231
                echo " <input type=\"submit\" name=\"save\" value=\"$struploadthisfile\" />\n";
 
232
                echo "</form>\n";
 
233
                echo "</td>\n<td>\n";
 
234
                echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
235
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
236
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
237
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
238
                echo " <input type=\"submit\" value=\"$strcancel\" />\n";
 
239
                echo "</form>\n";
 
240
                echo "</td>\n</tr>\n</table>\n";
254
241
            }
255
242
            html_footer();
256
243
            break;
257
244
 
258
245
        case "delete":
259
 
            if (!empty($confirm)) {
 
246
            if (!empty($confirm) and confirm_sesskey()) {
260
247
                html_header($course, $wdir);
261
248
                foreach ($USER->filelist as $file) {
262
249
                    $fullfile = $basedir.$file;
263
250
                    if (! fulldelete($fullfile)) {
264
 
                        echo "<BR>Error: Could not delete: $fullfile";
 
251
                        echo "<br />Error: Could not delete: $fullfile";
265
252
                    }
266
253
                }
267
254
                clearfilelist();
277
264
                    print_simple_box_end();
278
265
                    echo "<br />";
279
266
                    notice_yesno (get_string("deletecheckfiles"),
280
 
                                "".basename($_SERVER['PHP_SELF'])."?id=$id&wdir=$wdir&action=delete&confirm=1",
281
 
                                "".basename($_SERVER['PHP_SELF'])."?id=$id&wdir=$wdir&action=cancel");
 
267
                                "coursefiles.php?id=$id&amp;wdir=$wdir&amp;action=delete&amp;confirm=1&amp;sesskey=$USER->sesskey",
 
268
                                "coursefiles.php?id=$id&amp;wdir=$wdir&amp;action=cancel");
282
269
                } else {
283
270
                    displaydir($wdir);
284
271
                }
288
275
 
289
276
        case "move":
290
277
            html_header($course, $wdir);
291
 
            if ($count = setfilelist($_POST)) {
 
278
            if ($count = setfilelist($_POST) and confirm_sesskey()) {
292
279
                $USER->fileop     = $action;
293
280
                $USER->filesource = $wdir;
294
 
                echo "<p align=center>";
 
281
                echo "<p align=\"center\">";
295
282
                print_string("selectednowmove", "moodle", $count);
296
283
                echo "</p>";
297
284
            }
301
288
 
302
289
        case "paste":
303
290
            html_header($course, $wdir);
304
 
            if (isset($USER->fileop) and $USER->fileop == "move") {
 
291
            if (isset($USER->fileop) and $USER->fileop == "move" and confirm_sesskey()) {
305
292
                foreach ($USER->filelist as $file) {
306
293
                    $shortfile = basename($file);
307
294
                    $oldfile = $basedir.$file;
308
295
                    $newfile = $basedir.$wdir."/".$shortfile;
309
296
                    if (!rename($oldfile, $newfile)) {
310
 
                        echo "<P>Error: $shortfile not moved";
 
297
                        echo "<p>Error: $shortfile not moved";
311
298
                    }
312
299
                }
313
300
            }
317
304
            break;
318
305
 
319
306
        case "rename":
320
 
            if (!empty($name)) {
 
307
            if (!empty($name) and confirm_sesskey()) {
321
308
                html_header($course, $wdir);
322
 
                $name = clean_filename($name);
 
309
                $name    = clean_filename($name);
 
310
                $oldname = clean_filename($oldname);
323
311
                if (file_exists($basedir.$wdir."/".$name)) {
324
312
                    echo "Error: $name already exists!";
325
313
                } else if (!rename($basedir.$wdir."/".$oldname, $basedir.$wdir."/".$name)) {
332
320
                $strcancel = get_string("cancel");
333
321
                $strrenamefileto = get_string("renamefileto", "moodle", $file);
334
322
                html_header($course, $wdir, "form.name");
335
 
                echo "<P>$strrenamefileto:";
336
 
                echo "<TABLE><TR><TD>";
337
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=\"post\" NAME=\"form\">";
338
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
339
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
340
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=rename>";
341
 
                echo " <INPUT TYPE=hidden NAME=oldname VALUE=\"$file\">";
342
 
                echo " <INPUT TYPE=text NAME=name SIZE=35 VALUE=\"$file\">";
343
 
                echo " <INPUT TYPE=submit VALUE=\"$strrename\">";
344
 
                echo "</FORM>";
345
 
                echo "</TD><TD>";
346
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
347
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
348
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
349
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
350
 
                echo " <INPUT TYPE=submit VALUE=\"$strcancel\">";
351
 
                echo "</FORM>";
352
 
                echo "</TD></TR></TABLE>";
 
323
                echo "<p>$strrenamefileto:";
 
324
                echo "<table border=\"0\">\n<tr>\n<td>\n";
 
325
                echo "<form action=\"coursefiles.php\" method=\"post\" name=\"form\">\n";
 
326
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
327
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
328
                echo " <input type=\"hidden\" name=\"action\" value=\"rename\" />\n";
 
329
                echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
330
                echo " <input type=\"hidden\" name=oldname value=\"$file\" />\n";
 
331
                echo " <input type=\"text\" name=\"name\" size=\"35\" value=\"$file\" />\n";
 
332
                echo " <input type=\"submit\" value=\"$strrename\" />\n";
 
333
                echo "</form>\n";
 
334
                echo "</td><td>\n";
 
335
                echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
336
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
337
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
338
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
339
                echo " <input type=\"submit\" value=\"$strcancel\" />\n";
 
340
                echo "</form>";
 
341
                echo "</td></tr>\n</table>\n";
353
342
            }
354
343
            html_footer();
355
344
            break;
356
345
 
357
346
        case "mkdir":
358
 
            if (!empty($name)) {
 
347
            if (!empty($name) and confirm_sesskey()) {
359
348
                html_header($course, $wdir);
360
349
                $name = clean_filename($name);
361
350
                if (file_exists("$basedir$wdir/$name")) {
370
359
                $strcancel = get_string("cancel");
371
360
                $strcreatefolder = get_string("createfolder", "moodle", $wdir);
372
361
                html_header($course, $wdir, "form.name");
373
 
                echo "<P>$strcreatefolder:";
374
 
                echo "<TABLE><TR><TD>";
375
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=post NAME=form>";
376
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
377
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
378
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=mkdir>";
379
 
                echo " <INPUT TYPE=text NAME=name SIZE=35>";
380
 
                echo " <INPUT TYPE=submit VALUE=\"$strcreate\">";
381
 
                echo "</FORM>";
382
 
                echo "</TD><TD>";
383
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
384
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
385
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
386
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
387
 
                echo " <INPUT TYPE=submit VALUE=\"$strcancel\">";
388
 
                echo "</FORM>";
389
 
                echo "</TD></TR></TABLE>";
 
362
                echo "<p>$strcreatefolder:";
 
363
                echo "<table border=\"0\">\n<tr><td>\n";
 
364
                echo "<form action=\"coursefiles.php\" method=\"post\" name=\"form\">\n";
 
365
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
366
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
367
                echo " <input type=\"hidden\" name=\"action\" value=\"mkdir\" />\n";
 
368
                echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
369
                echo " <input type=\"text\" name=\"name\" size=\"35\" />\n";
 
370
                echo " <input type=\"submit\" value=\"$strcreate\" />\n";
 
371
                echo "</form>\n";
 
372
                echo "</td><td>\n";
 
373
                echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
374
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
375
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
376
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
377
                echo " <input type=\"submit\" value=\"$strcancel\" />\n";
 
378
                echo "</form>\n";
 
379
                echo "</td>\n</tr>\n</table>\n";
390
380
            }
391
381
            html_footer();
392
382
            break;
393
383
 
394
384
        case "edit":
395
385
            html_header($course, $wdir);
396
 
            if (isset($text)) {
 
386
            if (isset($text) and confirm_sesskey()) {
397
387
                $fileptr = fopen($basedir.$file,"w");
398
388
                fputs($fileptr, stripslashes($text));
399
389
                fclose($fileptr);
400
390
                displaydir($wdir);
401
391
 
402
392
            } else {
403
 
                $streditfile = get_string("edit", "", "<B>$file</B>");
 
393
                $streditfile = get_string("edit", "", "<strong>$file</strong>");
404
394
                $fileptr  = fopen($basedir.$file, "r");
405
395
                $contents = fread($fileptr, filesize($basedir.$file));
406
396
                fclose($fileptr);
407
397
 
408
 
                if (mimeinfo("type", $file) == "text/html") {
409
 
                    if ($usehtmleditor = can_use_richtext_editor()) {
410
 
                        $onsubmit = "onsubmit=\"copyrichtext(document.form.text);\"";
411
 
                    } else {
412
 
                        $onsubmit = "";
413
 
                    }
414
 
                } else {
415
 
                    $usehtmleditor = false;
416
 
                    $onsubmit = "";
417
 
                }
418
 
 
419
398
                print_heading("$streditfile");
420
399
 
421
 
                echo "<TABLE><TR><TD COLSPAN=2>";
422
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=\"post\" NAME=\"form\" $onsubmit>";
423
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
424
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=\"$wdir\">";
425
 
                echo " <INPUT TYPE=hidden NAME=file VALUE=\"$file\">";
426
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=edit>";
427
 
                print_textarea($usehtmleditor, 25, 80, 680, 400, "text", $contents);
428
 
                echo "</TD></TR><TR><TD>";
429
 
                echo " <INPUT TYPE=submit VALUE=\"".get_string("savechanges")."\">";
430
 
                echo "</FORM>";
431
 
                echo "</TD><TD>";
432
 
                echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
433
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
434
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
435
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
436
 
                echo " <INPUT TYPE=submit VALUE=\"".get_string("cancel")."\">";
437
 
                echo "</FORM>";
438
 
                echo "</TD></TR></TABLE>";
 
400
                echo "<table><tr><td colspan=\"2\">\n";
 
401
                echo "<form action=\"coursefiles.php\" method=\"post\" name=\"form\" $onsubmit>\n";
 
402
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
403
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
404
                echo " <input type=\"hidden\" name=file value=\"$file\" />";
 
405
                echo " <input type=\"hidden\" name=\"action\" value=\"edit\" />\n";
 
406
                echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
407
                print_textarea(false, 25, 80, 680, 400, "text", $contents);
 
408
                echo "</td>\n</tr>\n<tr>\n<td>\n";
 
409
                echo " <input type=\"submit\" value=\"".get_string("savechanges")."\" />\n";
 
410
                echo "</form>\n";
 
411
                echo "</td>\n<td>\n";
 
412
                echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
413
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
414
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
415
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
416
                echo " <input type=\"submit\" value=\"".get_string("cancel")."\" />\n";
 
417
                echo "</form>\n";
 
418
                echo "</td></tr></table>\n";
439
419
 
440
420
                if ($usehtmleditor) {
441
421
                    print_richedit_javascript("form", "text", "yes");
447
427
            break;
448
428
 
449
429
        case "zip":
450
 
            if (!empty($name)) {
 
430
            if (!empty($name) and confirm_sesskey()) {
451
431
                html_header($course, $wdir);
452
432
                $name = clean_filename($name);
453
 
                if (empty($CFG->zip)) {    // Use built-in php-based zip function
454
 
                    $files = array();
455
 
                    foreach ($USER->filelist as $file) {
456
 
                        $files[] = "$basedir/$file";
457
 
                    }
458
 
                    include_once('../pclzip/pclzip.lib.php');
459
 
                    $archive = new PclZip("$basedir/$wdir/$name");
460
 
                    if (($list = $archive->create($files,'',"$basedir/$wdir/")) == 0) {
461
 
                        error($archive->errorInfo(true));
462
 
                    }
463
 
                } else {                   // Use external zip program
464
 
                    $files = "";
465
 
                    foreach ($USER->filelist as $file) {
466
 
                        $files .= basename($file);
467
 
                        $files .= " ";
468
 
                    }
469
 
                    $command = "cd $basedir/$wdir ; $CFG->zip -r $name $files";
470
 
                    Exec($command);
471
 
                }
 
433
 
 
434
                $files = array();
 
435
                foreach ($USER->filelist as $file) {
 
436
                   $files[] = "$basedir/$file";
 
437
                }
 
438
 
 
439
                if (!zip_files($files,"$basedir/$wdir/$name")) {
 
440
                    error(get_string("zipfileserror","error"));
 
441
                }
 
442
 
472
443
                clearfilelist();
473
444
                displaydir($wdir);
474
445
 
476
447
                html_header($course, $wdir, "form.name");
477
448
 
478
449
                if (setfilelist($_POST)) {
479
 
                    echo "<P ALIGN=CENTER>".get_string("youareabouttocreatezip").":</P>";
 
450
                    echo "<p align=\"center\">".get_string("youareabouttocreatezip").":</p>";
480
451
                    print_simple_box_start("center");
481
452
                    printfilelist($USER->filelist);
482
453
                    print_simple_box_end();
483
 
                    echo "<BR>";
484
 
                    echo "<P ALIGN=CENTER>".get_string("whattocallzip");
485
 
                    echo "<TABLE><TR><TD>";
486
 
                    echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=post NAME=form>";
487
 
                    echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
488
 
                    echo " <INPUT TYPE=hidden NAME=wdir VALUE=\"$wdir\">";
489
 
                    echo " <INPUT TYPE=hidden NAME=action VALUE=zip>";
490
 
                    echo " <INPUT TYPE=text NAME=name SIZE=35 VALUE=\"new.zip\">";
491
 
                    echo " <INPUT TYPE=submit VALUE=\"".get_string("createziparchive")."\">";
492
 
                    echo "</FORM>";
493
 
                    echo "</TD><TD>";
494
 
                    echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
495
 
                    echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
496
 
                    echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
497
 
                    echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
498
 
                    echo " <INPUT TYPE=submit VALUE=\"".get_string("cancel")."\">";
499
 
                    echo "</FORM>";
500
 
                    echo "</TD></TR></TABLE>";
 
454
                    echo "<br />";
 
455
                    echo "<p align=\"center\">".get_string("whattocallzip");
 
456
                    echo "<table border=\"0\">\n<tr>\n<td>\n";
 
457
                    echo "<form action=\"coursefiles.php\" method=\"post\" name=\"form\">\n";
 
458
                    echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
459
                    echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
460
                    echo " <input type=\"hidden\" name=\"action\" value=\"zip\" />\n";
 
461
                    echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
462
                    echo " <INPUT TYPE=text name=name SIZE=35 value=\"new.zip\" />\n";
 
463
                    echo " <input type=\"submit\" value=\"".get_string("createziparchive")."\" />";
 
464
                    echo "</form>\n";
 
465
                    echo "</td>\n<td>\n";
 
466
                    echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
467
                    echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
468
                    echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
469
                    echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
470
                    echo " <input type=\"submit\" value=\"".get_string("cancel")."\" />\n";
 
471
                    echo "</form>\n";
 
472
                    echo "</td>\n</tr>\n</table>\n";
501
473
                } else {
502
474
                    displaydir($wdir);
503
475
                    clearfilelist();
508
480
 
509
481
        case "unzip":
510
482
            html_header($course, $wdir);
511
 
            if (!empty($file)) {
512
 
                $strname = get_string("name");
513
 
                $strsize = get_string("size");
514
 
                $strmodified = get_string("modified");
515
 
                $strstatus = get_string("status");
 
483
            if (!empty($file) and confirm_sesskey()) {
516
484
                $strok = get_string("ok");
517
485
                $strunpacking = get_string("unpacking", "", $file);
518
486
 
519
 
                echo "<P ALIGN=CENTER>$strunpacking:</P>";
 
487
                echo "<p align=\"center\">$strunpacking:</p>";
520
488
 
521
489
                $file = basename($file);
522
490
 
523
 
                if (empty($CFG->unzip)) {    // Use built-in php-based unzip function
524
 
                    include_once('../pclzip/pclzip.lib.php');
525
 
                    $archive = new PclZip("$basedir/$wdir/$file");
526
 
                    if (!$list = $archive->extract("$basedir/$wdir")) {
527
 
                        error($archive->errorInfo(true));
528
 
                    } else {  // print some output
529
 
                        echo "<table cellpadding=\"4\" cellspacing=\"2\" border=\"0\" width=640>";
530
 
                        echo "<tr><th align=left>$strname</th>";
531
 
                        echo "<th align=right>$strsize</th>";
532
 
                        echo "<th align=right>$strmodified</th>";
533
 
                        echo "<th align=right>$strstatus</th></tr>";
534
 
                        foreach ($list as $item) {
535
 
                            echo "<tr>";
536
 
                            $item['filename'] = str_replace("$basedir/$wdir/", "", $item['filename']);
537
 
                            print_cell("left", $item['filename']);
538
 
                            if (! $item['folder']) {
539
 
                                print_cell("right", display_size($item['size']));
540
 
                            } else {
541
 
                                echo "<td>&nbsp;</td>";
542
 
                            }
543
 
                            $filedate  = userdate($item['mtime'], get_string("strftimedatetime"));
544
 
                            print_cell("right", $filedate);
545
 
                            print_cell("right", $item['status']);
546
 
                            echo "</tr>";
547
 
                        }
548
 
                        echo "</table>";
549
 
                    }
550
 
 
551
 
                } else {                     // Use external unzip program
552
 
                    print_simple_box_start("center");
553
 
                    echo "<PRE>";
554
 
                    $command = "cd $basedir/$wdir ; $CFG->unzip -o $file 2>&1";
555
 
                    passthru($command);
556
 
                    echo "</PRE>";
557
 
                    print_simple_box_end();
 
491
                if (!unzip_file("$basedir/$wdir/$file")) {
 
492
                    error(get_string("unzipfileserror","error"));
558
493
                }
559
494
 
560
 
                echo "<CENTER><FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
561
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
562
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
563
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
564
 
                echo " <INPUT TYPE=submit VALUE=\"$strok\">";
565
 
                echo "</FORM>";
566
 
                echo "</CENTER>";
 
495
                echo "<center><form action=\"coursefiles.php\" method=\"get\">\n";
 
496
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
497
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
498
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
499
                echo " <input type=\"submit\" value=\"$strok\" />\n";
 
500
                echo "</form>\n";
 
501
                echo "</center>\n";
567
502
            } else {
568
503
                displaydir($wdir);
569
504
            }
572
507
 
573
508
        case "listzip":
574
509
            html_header($course, $wdir);
575
 
            if (!empty($file)) {
 
510
            if (!empty($file) and confirm_sesskey()) {
576
511
                $strname = get_string("name");
577
512
                $strsize = get_string("size");
578
513
                $strmodified = get_string("modified");
579
514
                $strok = get_string("ok");
580
515
                $strlistfiles = get_string("listfiles", "", $file);
581
516
 
582
 
                echo "<P ALIGN=CENTER>$strlistfiles:</P>";
 
517
                echo "<p align=\"center\">$strlistfiles:</p>";
583
518
                $file = basename($file);
584
519
 
585
520
                include_once('../pclzip/pclzip.lib.php');
588
523
                    notify($archive->errorInfo(true));
589
524
 
590
525
                } else {
591
 
                    echo "<table cellpadding=\"4\" cellspacing=\"2\" border=\"0\">";
592
 
                    echo "<tr><th align=left>$strname</th><th align=right>$strsize</th><th align=right>$strmodified</th></tr>";
 
526
                    echo "<table cellpadding=\"4\" cellspacing=\"2\" border=\"0\">\n";
 
527
                    echo "<tr>\n<th align=\"left\">$strname</th><th align=\"right\">$strsize</th><th align=\"right\">$strmodified</th></tr>";
593
528
                    foreach ($list as $item) {
594
529
                        echo "<tr>";
595
530
                        print_cell("left", $item['filename']);
596
531
                        if (! $item['folder']) {
597
532
                            print_cell("right", display_size($item['size']));
598
533
                        } else {
599
 
                            echo "<td>&nbsp;</td>";
 
534
                            echo "<td>&nbsp;</td>\n";
600
535
                        }
601
536
                        $filedate  = userdate($item['mtime'], get_string("strftimedatetime"));
602
537
                        print_cell("right", $filedate);
603
 
                        echo "</tr>";
 
538
                        echo "</tr>\n";
604
539
                    }
605
 
                    echo "</table>";
 
540
                    echo "</table>\n";
606
541
                }
607
 
                echo "<br><center><form action=\"".$_SERVER['PHP_SELF']."\" method=get>";
608
 
                echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
609
 
                echo " <INPUT TYPE=hidden NAME=wdir VALUE=$wdir>";
610
 
                echo " <INPUT TYPE=hidden NAME=action VALUE=cancel>";
611
 
                echo " <INPUT TYPE=submit VALUE=\"$strok\">";
612
 
                echo "</FORM>";
613
 
                echo "</CENTER>";
 
542
                echo "<br /><center><form action=\"coursefiles.php\" method=\"get\">\n";
 
543
                echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
544
                echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
545
                echo " <input type=\"hidden\" name=\"action\" value=\"cancel\" />\n";
 
546
                echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
547
                echo " <input type=\"submit\" value=\"$strok\" />\n";
 
548
                echo "</form>\n";
 
549
                echo "</center>\n";
614
550
            } else {
615
551
                displaydir($wdir);
616
552
            }
692
628
 
693
629
    foreach ($filelist as $file) {
694
630
        if (is_dir($basedir.$file)) {
695
 
            echo "<img src=\"$CFG->pixpath/f/folder.gif\" height=\"16\" width=\"16\"> $file<br />";
 
631
            echo "<img src=\"$CFG->pixpath/f/folder.gif\" height=\"16\" width=\"16\" alt=\"\" /> $file<br />";
696
632
            $subfilelist = array();
697
633
            $currdir = opendir($basedir.$file);
698
634
            while ($subfile = readdir($currdir)) {
704
640
 
705
641
        } else {
706
642
            $icon = mimeinfo("icon", $file);
707
 
            echo "<img src=\"$CFG->pixpath/f/$icon\"  height=\"16\" width=\"16\"> $file<br />";
 
643
            echo "<img src=\"$CFG->pixpath/f/$icon\"  height=\"16\" width=\"16\" alt=\"\" /> $file<br />";
708
644
        }
709
645
    }
710
646
}
711
647
 
712
648
 
713
649
function print_cell($alignment="center", $text="&nbsp;") {
714
 
    echo "<TD ALIGN=\"$alignment\" NOWRAP>";
 
650
    echo "<td align=\"$alignment\" nowrap=\"nowrap\">\n";
715
651
    echo "$text";
716
 
    echo "</TD>\n";
 
652
    echo "</td>\n";
717
653
}
718
654
 
719
655
function get_image_size($filepath) {
777
713
    $strchoose   = get_string("choose");
778
714
 
779
715
 
780
 
    echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=post NAME=dirform>";
781
 
    echo "<TABLE BORDER=\"0\" cellspacing=\"2\" cellpadding=\"2\" width=\"100%\">";
 
716
    echo "<form action=\"coursefiles.php\" method=\"post\" name=\"dirform\">\n";
 
717
    echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"2\" width=\"100%\">\n";
782
718
 
783
719
    if ($wdir == "/") {
784
720
        $wdir = "";
787
723
        if($bdir == "/") {
788
724
            $bdir = "";
789
725
        }
790
 
        print "<tr><td colspan=\"5\">";
791
 
        print "<a href=\"".basename($_SERVER['PHP_SELF'])."?id=$id&wdir=$bdir&usecheckboxes=$usecheckboxes\" onclick=\"return reset_value();\">";
792
 
        print "<img src=\"$CFG->wwwroot/lib/editor/images/folderup.gif\" height=\"14\" width=\"24\" border=\"0\" ALT=\"Move up\">";
793
 
        print "</a></td></tr>\n";
 
726
        print "<tr>\n<td colspan=\"5\">";
 
727
        print "<a href=\"coursefiles.php?id=$id&amp;wdir=$bdir&amp;usecheckboxes=$usecheckboxes\" onclick=\"return reset_value();\">";
 
728
        print "<img src=\"$CFG->wwwroot/lib/editor/images/folderup.gif\" height=\"14\" width=\"24\" border=\"0\" alt=\"Move up\" />";
 
729
        print "</a></td>\n</tr>\n";
794
730
    }
795
731
 
796
732
    $count = 0;
806
742
            $filesafe = rawurlencode($dir);
807
743
            $filedate = userdate(filemtime($filename), "%d %b %Y, %I:%M %p");
808
744
 
809
 
            echo "<TR>";
 
745
            echo "<tr>";
810
746
 
811
747
            if ($usecheckboxes) {
812
 
                print_cell("center", "<input type=checkbox name=\"file$count\" value=\"$fileurl\" onclick=\"return set_rename('$filesafe');\">");
 
748
                print_cell("center", "<input type=\"checkbox\" name=\"file$count\" value=\"$fileurl\" onclick=\"return set_rename('$filesafe');\" />");
813
749
            }
814
 
            print_cell("left", "<a href=\"".basename($_server['php_self'])."?id=$id&wdir=$fileurl\" onclick=\"return reset_value();\"><img src=\"$CFG->pixpath/f/folder.gif\" height=16 width=16 border=0 alt=\"folder\"></a> <a href=\"".basename($_server['php_self'])."?id=$id&wdir=$fileurl&usecheckboxes=$usecheckboxes\" onclick=\"return reset_value();\">".htmlspecialchars($dir)."</a>");
 
750
            print_cell("left", "<a href=\"coursefiles.php?id=$id&amp;wdir=$fileurl\" onclick=\"return reset_value();\"><img src=\"$CFG->pixpath/f/folder.gif\" height=\"16\" width=\"16\" border=\"0\" alt=\"folder\" /></a> <a href=\"coursefiles.php?id=$id&amp;wdir=$fileurl&amp;usecheckboxes=$usecheckboxes\" onclick=\"return reset_value();\">".htmlspecialchars($dir)."</a>");
815
751
            print_cell("right", "&nbsp;");
816
752
            print_cell("right", $filedate);
817
753
 
818
 
            echo "</TR>";
 
754
            echo "</tr>";
819
755
        }
820
756
    }
821
757
 
843
779
                $imgheight = "Unknown";
844
780
            }
845
781
            unset($dimensions);
846
 
            echo "<tr>";
 
782
            echo "<tr>\n";
847
783
 
848
784
            if ($usecheckboxes) {
849
 
                print_cell("center", "<input type=\"checkbox\" name=\"file$count\" value=\"$fileurl\" onclick=\"return set_rename('$filesafe');\">");
 
785
                print_cell("center", "<input type=\"checkbox\" name=\"file$count\" value=\"$fileurl\" onclick=\"return set_rename('$filesafe');\" />");
850
786
            }
851
 
            echo "<td align=left nowrap>";
 
787
            echo "<td align=\"left\" nowrap=\"nowrap\">";
852
788
            if ($CFG->slasharguments) {
853
789
                $ffurl = "/file.php/$id$fileurl";
854
790
            } else {
855
791
                $ffurl = "/file.php?file=/$id$fileurl";
856
792
            }
857
793
            link_to_popup_window ($ffurl, "display",
858
 
                                  "<img src=\"$CFG->pixpath/f/$icon\" height=16 width=16 border=0 align=\"absmiddle\" alt=\"$strfile\">",
 
794
                                  "<img src=\"$CFG->pixpath/f/$icon\" height=\"16\" width=\"16\" border=\"0\" align=\"middle\" alt=\"$strfile\" />",
859
795
                                  480, 640);
860
796
            $file_size = filesize($filename);
861
797
 
862
798
            echo "<a onclick=\"return set_value(info = {url: '".$CFG->wwwroot.$ffurl."',";
863
799
            echo " isize: '".$file_size."', itype: '".$imgtype."', iwidth: '".$imgwidth."',";
864
800
            echo " iheight: '".$imgheight."', imodified: '".$filedate."' })\" href=\"#\">$file</a>";
865
 
            echo "<!-- </font> --></td>";
 
801
            echo "</td>\n";
866
802
 
867
803
            if ($icon == "zip.gif") {
868
 
                $edittext = "<a href=\"".basename($_SERVER['PHP_SELF'])."?id=$id&wdir=$wdir&file=$fileurl&action=unzip\">$strunzip</a>&nbsp;";
869
 
                $edittext .= "<a href=\"".basename($_SERVER['PHP_SELF'])."?id=$id&wdir=$wdir&file=$fileurl&action=listzip\">$strlist</a> ";
 
804
                $edittext = "<a href=\"coursefiles.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=unzip&amp;sesskey=$USER->sesskey\">$strunzip</a>&nbsp;";
 
805
                $edittext .= "<a href=\"coursefiles.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=listzip&amp;sesskey=$USER->sesskey\">$strlist</a> ";
870
806
            } else {
871
807
                $edittext = "&nbsp;";
872
808
            }
873
809
            print_cell("right", "$edittext ");
874
810
            print_cell("right", $filedate);
875
811
 
876
 
            echo "</TR>";
 
812
            echo "</tr>\n";
877
813
        }
878
814
    }
879
 
    echo "</TABLE>";
 
815
    echo "</table>\n";
880
816
 
881
817
    if (empty($wdir)) {
882
818
        $wdir = "/";
883
819
    }
884
820
 
885
 
    echo "<TABLE BORDER=0 cellspacing=2 cellpadding=2>";
886
 
    echo "<TR><TD>";
887
 
    echo "<INPUT TYPE=hidden NAME=id VALUE=\"$id\">";
888
 
    echo "<INPUT TYPE=hidden NAME=wdir VALUE=\"$wdir\"> ";
 
821
    echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"2\">\n";
 
822
    echo "<tr>\n<td>";
 
823
    echo "<input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
824
    echo "<input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
825
    echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
889
826
    $options = array (
890
827
                   "move" => "$strmovetoanotherfolder",
891
828
                   "delete" => "$strdeletecompletely",
894
831
    if (!empty($count)) {
895
832
        choose_from_menu ($options, "action", "", "$strwithchosenfiles...", "javascript:document.dirform.submit()");
896
833
    }
897
 
 
898
 
    echo "</FORM>";
899
 
    echo "<TD ALIGN=center>";
900
834
    if (!empty($USER->fileop) and ($USER->fileop == "move") and ($USER->filesource <> $wdir)) {
901
 
        echo "<FORM ACTION=\"".$_SERVER['PHP_SELF']."\" METHOD=get>";
902
 
        echo " <INPUT TYPE=hidden NAME=id VALUE=$id>";
903
 
        echo " <INPUT TYPE=hidden NAME=wdir VALUE=\"$wdir\">";
904
 
        echo " <INPUT TYPE=hidden NAME=action VALUE=paste>";
905
 
        echo " <INPUT TYPE=submit VALUE=\"$strmovefilestohere\">";
906
 
        echo "</FORM>";
 
835
        echo "<form action=\"coursefiles.php\" method=\"get\">\n";
 
836
        echo " <input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
 
837
        echo " <input type=\"hidden\" name=\"wdir\" value=\"$wdir\" />\n";
 
838
        echo " <input type=\"hidden\" name=\"action\" value=\"paste\" />\n";
 
839
        echo " <input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
 
840
        echo " <input type=\"submit\" value=\"$strmovefilestohere\" />\n";
 
841
        echo "</form>";
907
842
    }
908
 
    echo "<TD ALIGN=right>";
909
 
    echo "</TD>";
910
 
    echo "<TD ALIGN=right>";
911
 
    echo "</TD></TR>";
912
 
    echo "</TABLE>";
913
 
 
 
843
    echo "</td></tr>\n";
 
844
    echo "</table>\n";
 
845
    echo "</form>\n";
914
846
}
915
 
?>
 
 
b'\\ No newline at end of file'
 
847
?>