Project

General

Profile

Bug #4142 » lp_upload.php

Yoselyn Castillo, 16/08/2012 16:28

 
1
<?php
2
/* For licensing terms, see /license.txt */
3
/**
4
 * Script managing the learnpath upload. To best treat the uploaded file, make sure we can identify it.
5
 * @package chamilo.learnpath
6
 * @author Yannick Warnier <ywarnier@beeznest.org>
7
 */
8
/**
9
 * Code
10
 */
11
// Flag to allow for anonymous user - needs to be set before global.inc.php.
12
$use_anonymous = true;
13
require_once 'back_compat.inc.php';
14
$course_dir = api_get_course_path().'/scorm';
15
$course_sys_dir = api_get_path(SYS_COURSE_PATH).$course_dir;
16
if (empty($_POST['current_dir'])) {
17
    $current_dir = '';
18
} else {
19
    $current_dir = replace_dangerous_char(trim($_POST['current_dir']), 'strict');
20
}
21
$uncompress = 1;
22

    
23
//error_log('New LP - lp_upload.php', 0);
24
/*
25
 * Check the request method in place of a variable from POST
26
 * because if the file size exceed the maximum file upload
27
 * size set in php.ini, all variables from POST are cleared !
28
 */
29

    
30
$user_file = Request::is_post() ? Request::file('user_file') : array();
31
$user_file = $user_file ? $user_file : array();
32
$is_error = isset($user_file['error']) ? $user_file['error'] : false;
33
if( Request::is_post() && $is_error){
34
    return api_failure::set_failure('upload_file_too_big');
35
    unset($_FILEs['user_file']);
36
}else if ($_SERVER['REQUEST_METHOD'] == 'POST' && count($_FILES) > 0 && !empty($_FILES['user_file']['name'])) {
37

    
38
    // A file upload has been detected, now deal with the file...
39

    
40
    // Directory creation.
41

    
42
    $stopping_error = false;
43

    
44
    $s = $_FILES['user_file']['name'];
45

    
46
    // Get name of the zip file without the extension.
47
    $info = pathinfo($s);
48
    $filename = $info['basename'];
49
    $extension = $info['extension'];
50
    $file_base_name = str_replace('.'.$extension, '', $filename);
51

    
52
    $new_dir = replace_dangerous_char(trim($file_base_name), 'strict');
53
    require_once 'learnpath.class.php';
54
    $type = learnpath::get_package_type($_FILES['user_file']['tmp_name'], $_FILES['user_file']['name']);
55

    
56
    $proximity = 'local';
57
    if (!empty($_REQUEST['content_proximity'])) {
58
    	$proximity = Database::escape_string($_REQUEST['content_proximity']);
59
    }
60
    $maker = 'Scorm';
61
    if (!empty($_REQUEST['content_maker'])) {
62
    	$maker = Database::escape_string($_REQUEST['content_maker']);
63
    }
64

    
65

    
66

    
67
    switch ($type) {
68
        case 'scorm':
69
            require_once 'scorm.class.php';
70
            $oScorm = new scorm();
71
            $manifest = $oScorm->import_package($_FILES['user_file'], $current_dir);
72
            if (!$manifest) { //if api_set_failure
73
                return api_failure::set_failure(api_failure::get_last_failure());
74
            }
75
            if (!empty($manifest)) {
76
                $oScorm->parse_manifest($manifest);
77
                $oScorm->import_manifest(api_get_course_id(), $_REQUEST['use_max_score']);
78
            } else {
79
                // Show error message stored in $oScrom->error_msg.
80
            }
81
            $oScorm->set_proximity($proximity);
82
            $oScorm->set_maker($maker);
83
            $oScorm->set_jslib('scorm_api.php');
84
            break;
85
        case 'aicc':
86
            require_once 'aicc.class.php';
87
            $oAICC = new aicc();
88
            $config_dir = $oAICC->import_package($_FILES['user_file']);
89
            if (!empty($config_dir)) {
90
                $oAICC->parse_config_files($config_dir);
91
                $oAICC->import_aicc(api_get_course_id());
92
            }
93
            $oAICC->set_proximity($proximity);
94
            $oAICC->set_maker($maker);
95
            $oAICC->set_jslib('aicc_api.php');
96
            break;
97
        case 'oogie':
98
            require_once 'openoffice_presentation.class.php';
99
            $take_slide_name = empty($_POST['take_slide_name']) ? false : true;
100
            $o_ppt = new OpenofficePresentation($take_slide_name);
101
            $first_item_id = $o_ppt -> convert_document($_FILES['user_file']);
102
            break;
103
        case 'woogie':
104
            require_once 'openoffice_text.class.php';
105
            $split_steps = $_POST['split_steps'];
106
            $o_doc = new OpenofficeText($split_steps);
107
            $first_item_id = $o_doc -> convert_document($_FILES['user_file']);
108
            break;
109
        case '':
110
        default:
111
            return api_failure::set_failure('not_a_learning_path');
112
    }
113
} elseif($_SERVER['REQUEST_METHOD'] == 'POST') {
114
    // end if is_uploaded_file
115

    
116
    // If file name given to get in claroline/upload/, try importing this way.
117

    
118
    // A file upload has been detected, now deal with the file...
119

    
120
    // Directory creation.
121

    
122
    $stopping_error = false;
123

    
124
    // Escape path with basename so it can only be directly into the claroline/upload directory.
125
    $s = api_get_path(SYS_ARCHIVE_PATH).basename($_POST['file_name']);
126
    // Get name of the zip file without the extension
127
    $info = pathinfo($s);
128
    $filename = $info['basename'];
129
    $extension = $info['extension'];
130
    $file_base_name = str_replace('.'.$extension, '', $filename);
131
    $new_dir = replace_dangerous_char(trim($file_base_name), 'strict');
132

    
133
    require_once 'learnpath.class.php';
134

    
135
    $type = learnpath::get_package_type($s, basename($s));
136
    $post_max = ini_get('post_max_size');
137
    $upl_max = ini_get('upload_max_filesize');
138
    if (filesize($s)>$post_max || filesize($s)>$upl_max ){
139
         return api_failure::set_failure('upload_file_too_big');
140
    }
141
    switch ($type) {
142
        case 'scorm':
143
            require_once 'scorm.class.php';
144
            $oScorm = new scorm();
145
            $manifest = $oScorm->import_local_package($s, $current_dir);
146
            if ($manifest === false ) { //if ap i_set_failure
147
                return api_failure::set_failure(api_failure::get_last_failure());
148
            }
149
            if (!empty($manifest)) {
150
                $oScorm->parse_manifest($manifest);
151
                $oScorm->import_manifest(api_get_course_id(), $_REQUEST['use_max_score']);
152
            }
153

    
154
            $proximity = '';
155
            if (!empty($_REQUEST['content_proximity'])) { $proximity = Database::escape_string($_REQUEST['content_proximity']); }
156
            $maker = '';
157
            if (!empty($_REQUEST['content_maker'])) {$maker = Database::escape_string($_REQUEST['content_maker']); }
158
            $oScorm->set_proximity($proximity);
159
            $oScorm->set_maker($maker);
160
            $oScorm->set_jslib('scorm_api.php');
161
            break;
162
        case 'aicc':
163
            require_once 'aicc.class.php';
164
            $oAICC = new aicc();
165
            $config_dir = $oAICC->import_local_package($s, $current_dir);
166
            if (!empty($config_dir)) {
167
                $oAICC->parse_config_files($config_dir);
168
                $oAICC->import_aicc(api_get_course_id());
169
            }
170
            $proximity = '';
171
            if (!empty($_REQUEST['content_proximity'])) { $proximity = Database::escape_string($_REQUEST['content_proximity']); }
172
            $maker = '';
173
            if (!empty($_REQUEST['content_maker'])) { $maker = Database::escape_string($_REQUEST['content_maker']); }
174
            $oAICC->set_proximity($proximity);
175
            $oAICC->set_maker($maker);
176
            $oAICC->set_jslib('aicc_api.php');
177
            break;
178
        case '':
179
        default:
180
        
181
            if (filesize($s)>$post_max || filesize($s)>$upl_max ){
182
                return api_failure::set_failure('upload_file_too_big');
183
            }
184
            return api_failure::set_failure('not_a_learning_path');
185
    }
186
}
(1-1/4)