Project

General

Profile

Bug #5555 » document.php

Yoselyn Castillo, 23/01/2013 20:08

 
1
<?php
2
/* For licensing terms, see /license.txt */
3
/**
4
 * Homepage script for the documents tool
5
 *
6
 * This script allows the user to manage files and directories on a remote http
7
 * server.
8
 * The user can : - navigate through files and directories.
9
 * 				 - upload a file
10
 * 				 - delete, copy a file or a directory
11
 * 				 - edit properties & content (name, comments, html content)
12
 * The script is organised in four sections.
13
 *
14
 * 1) Execute the command called by the user
15
 * 				Note: somme commands of this section are organised in two steps.
16
 * 			    The script always begins with the second step,
17
 * 			    so it allows to return more easily to the first step.
18
 *
19
 * 				Note (March 2004) some editing functions (renaming, commenting)
20
 * 				are moved to a separate page, edit_document.php. This is also
21
 * 				where xml and other stuff should be added.
22
 * 2) Define the directory to display
23
 * 3) Read files and directories from the directory defined in part 2
24
 * 4) Display all of that on an HTML page
25
 *
26
 * @todo eliminate code duplication with document/document.php, scormdocument.php
27
 *
28
 * @package chamilo.document
29
 */
30
/**
31
 * Code
32
 */
33
// Language files that need to be included
34
$language_file = array('document', 'slideshow', 'gradebook', 'create_course');
35
require_once '../inc/global.inc.php';
36
$current_course_tool = TOOL_DOCUMENT;
37
$this_section = SECTION_COURSES;
38

    
39
require_once 'document.inc.php';
40
$lib_path = api_get_path(LIBRARY_PATH);
41

    
42
/* Libraries */
43
require_once $lib_path . 'fileUpload.lib.php';
44
require_once $lib_path . 'fileDisplay.lib.php';
45
require_once $lib_path . 'fileManage.lib.php';
46

    
47
api_protect_course_script(true);
48
/*
49
Testing time labels
50
$now = api_get_utc_datetime();
51
var_dump(api_convert_and_format_date($now, TIME_NO_SEC_FORMAT));
52
var_dump(api_convert_and_format_date($now, DATE_FORMAT_SHORT));
53
var_dump(api_convert_and_format_date($now, DATE_TIME_FORMAT_LONG));
54
var_dump(api_convert_and_format_date($now, DATE_FORMAT_NUMBER));
55
var_dump(api_convert_and_format_date($now, DATE_TIME_FORMAT_LONG_24H));
56
var_dump(api_convert_and_format_date($now, DATE_TIME_FORMAT_SHORT));
57
var_dump(api_convert_and_format_date($now, DATE_TIME_FORMAT_SHORT_TIME_FIRST));
58
var_dump(api_convert_and_format_date($now, DATE_FORMAT_NUMBER_NO_YEAR));
59
*/
60
//erase temp nanogons' audio, image edit
61
if(isset($_SESSION['temp_audio_nanogong']) && !empty($_SESSION['temp_audio_nanogong'])) {
62
	unlink($_SESSION['temp_audio_nanogong']);
63
}
64

    
65
if(isset($_SESSION['temp_realpath_image']) && !empty($_SESSION['temp_realpath_image'])) {
66
	unlink($_SESSION['temp_realpath_image']);
67
}
68

    
69
//Removing sessions
70
unset($_SESSION['draw_dir']);
71
unset($_SESSION['paint_dir']);
72
unset($_SESSION['temp_audio_nanogong']);
73

    
74
// Create directory certificates
75
DocumentManager::create_directory_certificate_in_course(api_get_course_id());
76

    
77
$course_info = api_get_course_info();
78

    
79
if (empty($course_info)) {
80
    api_not_allowed(true);
81
}
82

    
83
$course_dir = $course_info['path'] . '/document';
84
$sys_course_path = api_get_path(SYS_COURSE_PATH);
85
$base_work_dir = $sys_course_path . $course_dir;
86
$http_www = api_get_path(WEB_COURSE_PATH) . $_course['path'] . '/document';
87

    
88
$dbl_click_id = 0; // Used for avoiding double-click
89

    
90
$selectcat = isset($_GET['selectcat']) ? Security::remove_XSS($_GET['selectcat']) : null;
91

    
92
/* 	Constants and variables */
93
$session_id  = api_get_session_id();
94
$course_code = api_get_course_id();
95
$to_group_id = api_get_group_id();
96

    
97
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
98
$group_member_with_upload_rights = false;
99

    
100
// If the group id is set, we show them group documents
101
$group_properties = array();
102
$group_properties['directory'] = null;
103

    
104
// For sessions we should check the parameters of visibility
105
if (api_get_session_id() != 0) {
106
    $group_member_with_upload_rights = $group_member_with_upload_rights && api_is_allowed_to_session_edit(false, true);
107
}
108

    
109
//Setting group variables
110
if (api_get_group_id()) {
111
    // Get group info
112
    $group_properties = GroupManager::get_group_properties(api_get_group_id());
113
    $noPHP_SELF = true;
114
    // Let's assume the user cannot upload files for the group
115
    $group_member_with_upload_rights = false;
116

    
117
    if ($group_properties['doc_state'] == 2) {
118
        // Documents are private
119
        if ($is_allowed_to_edit || GroupManager :: is_user_in_group(api_get_user_id(), api_get_group_id())) {
120
            // Only courseadmin or group members (members + tutors) allowed
121
            $interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups'));
122
            $interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq=' . api_get_group_id(), 'name' => get_lang('GroupSpace') . ' ' . $group_properties['name']);
123
            //they are allowed to upload
124
            $group_member_with_upload_rights = true;
125
        } else {
126
            $to_group_id = 0;
127
        }
128
    } elseif ($group_properties['doc_state'] == 1) {
129
        // Documents are public
130
        $to_group_id = api_get_group_id();
131
        $interbreadcrumb[] = array('url' => '../group/group.php', 'name' => get_lang('Groups'));
132
        $interbreadcrumb[] = array('url' => '../group/group_space.php?gidReq=' . api_get_group_id(), 'name' => get_lang('GroupSpace') . ' ' . $group_properties['name']);
133
        //allowed to upload?
134
        if ($is_allowed_to_edit || GroupManager::is_subscribed(api_get_user_id(), api_get_group_id())) {
135
            // Only courseadmin or group members can upload
136
            $group_member_with_upload_rights = true;
137
        }
138
    } else { // Documents not active for this group
139
        $to_group_id = 0;
140
    }
141
    $_SESSION['group_member_with_upload_rights'] = $group_member_with_upload_rights;
142
} else {
143
    $_SESSION['group_member_with_upload_rights'] = false;
144
    $to_group_id = 0;
145
}
146

    
147
//Actions
148

    
149
$document_id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
150
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
151
$message = '';
152

    
153
if(Portfolio::controller()->accept()){
154
    Portfolio::controller()->run();
155
}
156

    
157
switch ($action) {
158
    case 'download':
159
        $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
160
        // Check whether the document is in the database
161
        if (empty($document_data)) {
162
            api_not_allowed();
163
        }
164
        // Launch event
165
        event_download($document_data['url']);
166
        // Check visibility of document and paths
167
        if (!($is_allowed_to_edit || $group_member_with_upload_rights) && !DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id())) {
168
            api_not_allowed(true);
169
        }
170
        $full_file_name = $base_work_dir . $document_data['path'];
171
        if (Security::check_abs_path($full_file_name, $base_work_dir . '/')) {
172
            DocumentManager::file_send_for_download($full_file_name, true);
173
        }
174
        exit;
175
        break;
176
    case 'downloadfolder' :
177
        if (api_get_setting('students_download_folders') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) {
178
            $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id());
179

    
180
            //filter when I am into shared folder, I can donwload only my shared folder
181
            if (is_any_user_shared_folder($document_data['path'], $session_id)) {
182
                if (is_my_shared_folder(api_get_user_id(), $document_data['path'], $session_id) || api_is_allowed_to_edit() || api_is_platform_admin()) {
183
                    require 'downloadfolder.inc.php';
184
                }
185
            } else {
186
                require 'downloadfolder.inc.php';
187
            }
188
            exit;
189
        }
190
        break;
191
    case 'export_to_pdf' :
192
        if (api_get_setting('students_export2pdf') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin()) {
193
            DocumentManager::export_to_pdf($document_id, $course_code);
194
        }
195
        break;
196
    case 'copytomyfiles':
197
        // Copy a file to general my files user's
198
        if (api_get_setting('allow_social_tool') == 'true' && api_get_setting('users_copy_files') == 'true' && api_get_user_id() != 0 && !api_is_anonymous()) {
199
            $document_info = DocumentManager::get_document_data_by_id($_GET['id'], api_get_course_id(), true);
200
            $parent_id = $document_info['parent_id'];
201
            $my_path = UserManager::get_user_picture_path_by_id(api_get_user_id(), 'system');
202
            $user_folder = $my_path['dir'] . 'my_files/';
203
            $my_path = null;
204

    
205
            if (!file_exists($user_folder)) {
206
                $perm = api_get_permissions_for_new_directories();
207
                @mkdir($user_folder, $perm, true);
208
            }
209

    
210
            $file = $sys_course_path . $_course['path'] . '/document' . $document_info['path'];
211
            $copyfile = $user_folder . basename($document_info['path']);
212
            $cidReq = Security::remove_XSS($_GET['cidReq']);
213
            $id_session = Security::remove_XSS($_GET['id_session']);
214
            $gidReq = Security::remove_XSS($_GET['gidReq']);
215
            $id = Security::remove_XSS($_GET['id']);
216
            if (empty($parent_id)) {
217
                $parent_id = 0;
218
            }
219
            $file_link = Display::url(get_lang('SeeFile'), api_get_path(WEB_CODE_PATH) . 'social/myfiles.php?cidReq=' . $cidReq . '&amp;id_session=' . $id_session . '&amp;gidReq=' . $gidReq . '&amp;parent_id=' . $parent_id);
220

    
221
            if (file_exists($copyfile)) {
222
                $message = get_lang('CopyAlreadyDone') . '</p><p>';
223
                $message .= '<a class = "btn" href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;id=' . $parent_id . '">' . get_lang("No") . '</a>&nbsp;&nbsp;|&nbsp;&nbsp;
224
                    <a class = "btn" href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;action=copytomyfiles&amp;id=' . $document_info['id'] . '&amp;copy=yes">' . get_lang('Yes') . '</a></p>';
225
                if (!isset($_GET['copy'])) {
226
                    $message = Display::return_message($message, 'warning', false);
227
                }
228
                if (Security::remove_XSS($_GET['copy']) == 'yes') {
229
                    if (!copy($file, $copyfile)) {
230
                        $message = Display::return_message(get_lang('CopyFailed'), 'error');
231
                    } else {
232
                        $message = Display::return_message(get_lang('OverwritenFile') . ' ' . $file_link, 'confirmation', false);
233
                    }
234
                }
235
            } else {
236
                if (!copy($file, $copyfile)) {
237
                    $message = Display::return_message(get_lang('CopyFailed'), 'error');
238
                } else {
239
                    $message = Display::return_message(get_lang('CopyMade') . ' ' . $file_link, 'confirmation', false);
240
                }
241
            }
242
        }
243
        break;
244
}
245

    
246
// I'm in the certification module?
247
$is_certificate_mode = false;
248
if (isset($_GET['curdirpath'])) {
249
    $is_certificate_mode = DocumentManager::is_certificate_mode($_GET['curdirpath']);
250
}
251
if (isset($_REQUEST['certificate']) && $_REQUEST['certificate'] == 'true') {
252
    $is_certificate_mode = true;
253
}
254

    
255
//If no actions we proceed to show the document (Hack in order to use document.php?id=X)
256
if (isset($document_id) && empty($action)) {
257
    $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true);
258

    
259
    //If the document is not a folder we show the document
260
    if ($document_data) {
261
        $parent_id = $document_data['parent_id'];
262

    
263
        //$visibility = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
264
        $visibility = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
265

    
266
        if (!empty($document_data['filetype']) && $document_data['filetype'] == 'file') {
267
            if ($visibility && api_is_allowed_to_session_edit()) {
268
                $url = api_get_path(WEB_COURSE_PATH) . $course_info['path'] . '/document' . $document_data['path'] . '?' . api_get_cidreq();
269
                header("Location: $url");
270
            }
271
            exit;
272
        } else {
273
            if (!$visibility && !api_is_allowed_to_edit()) {
274
                api_not_allowed();
275
            }
276
        }
277
        $_GET['curdirpath'] = $document_data['path'];
278
    }
279

    
280
    // What's the current path?
281
    // We will verify this a bit further down
282
    if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
283
        $curdirpath = Security::remove_XSS($_GET['curdirpath']);
284
    } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') {
285
        $curdirpath = Security::remove_XSS($_POST['curdirpath']);
286
    } else {
287
        $curdirpath = '/';
288
    }
289

    
290
    $curdirpathurl = urlencode($curdirpath);
291
} else {
292
    // What's the current path?
293
    // We will verify this a bit further down
294
    if (isset($_GET['curdirpath']) && $_GET['curdirpath'] != '') {
295
        $curdirpath = Security::remove_XSS($_GET['curdirpath']);
296
    } elseif (isset($_POST['curdirpath']) && $_POST['curdirpath'] != '') {
297
        $curdirpath = Security::remove_XSS($_POST['curdirpath']);
298
    } else {
299
        $curdirpath = '/';
300
    }
301

    
302

    
303
    $curdirpathurl = urlencode($curdirpath);
304

    
305
    // Check the path
306
    // If the path is not found (no document id), set the path to /
307
    $document_id = DocumentManager::get_document_id($course_info, $curdirpath);
308

    
309
    if (!$document_id) {
310
        $document_id = DocumentManager::get_document_id($course_info, $curdirpath);
311
    }
312

    
313
    $document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true);
314
    $parent_id = $document_data['parent_id'];
315
}
316

    
317
if (isset($document_data) && $document_data['path'] == '/certificates') {
318
    $is_certificate_mode = true;
319
}
320

    
321
if (!$parent_id) {
322
    $parent_id = 0;
323
}
324

    
325
$current_folder_id = $document_id;
326

    
327
// Show preview
328
if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isset($_GET['set_preview']) && $_GET['set_preview'] == strval(intval($_GET['set_preview']))) {
329
    if (isset($_GET['set_preview'])) {
330
        // Generate document HTML
331
        $content_html = DocumentManager::replace_user_info_into_html(api_get_user_id(), api_get_course_id(), true);
332

    
333
        $filename = 'certificate_preview/'.api_get_unique_id().'.png';
334
        $qr_code_filename = api_get_path(SYS_ARCHIVE_PATH).$filename;
335

    
336
        $temp_folder = api_get_path(SYS_ARCHIVE_PATH).'certificate_preview';
337
        if (!is_dir($temp_folder)) mkdir($temp_folder, api_get_permissions_for_new_directories());
338

    
339
        $qr_code_web_filename = api_get_path(WEB_ARCHIVE_PATH).$filename;
340

    
341
        $certificate = new Certificate();
342
        $text = $certificate->parse_certificate_variables($content_html['variables']);
343
        $result = $certificate->generate_qr($text, $qr_code_filename);
344

    
345
        $new_content_html = $content_html['content'];
346
        $path_image = api_get_path(WEB_COURSE_PATH) . api_get_course_path() . '/document/images/gallery';
347
        $new_content_html = str_replace('../images/gallery', $path_image, $new_content_html);
348

    
349
        $path_image_in_default_course = api_get_path(WEB_CODE_PATH) . 'default_course_document';
350
        $new_content_html = str_replace('/main/default_course_document', $path_image_in_default_course, $new_content_html);
351
        $new_content_html = str_replace('/main/img/', api_get_path(WEB_IMG_PATH), $new_content_html);
352

    
353
        Display::display_reduced_header();
354

    
355
        echo '<style>body {background:none;}</style><style media="print" type="text/css"> #print_div { visibility:hidden; } </style>';
356
        echo '<a href="javascript:window.print();" style="float:right; padding:4px;" id="print_div"><img src="../img/printmgr.gif" alt="'.get_lang('Print').'"/>'.get_lang('Print').'</a>';
357
        if (is_file($qr_code_filename) && is_readable($qr_code_filename)) {
358
            $new_content_html = str_replace('((certificate_barcode))', Display::img($qr_code_web_filename), $new_content_html);
359
        }
360
        print_r($new_content_html);
361
        exit;
362
    }
363
}
364

    
365

    
366
// Is the document tool visible?
367
// Check whether the tool is actually visible
368
$table_course_tool = Database::get_course_table(TABLE_TOOL_LIST);
369
$course_id = api_get_course_int_id();
370
$tool_sql = 'SELECT visibility FROM ' . $table_course_tool . ' WHERE c_id = ' . $course_id . ' AND name = "' . TOOL_DOCUMENT . '" LIMIT 1';
371
$tool_result = Database::query($tool_sql);
372
$tool_row = Database::fetch_array($tool_result);
373
$tool_visibility = $tool_row['visibility'];
374

    
375
if ($tool_visibility == '0' && $to_group_id == '0' && !($is_allowed_to_edit || $group_member_with_upload_rights)) {
376
    api_not_allowed(true);
377
}
378

    
379
$htmlHeadXtra[] ="<script>
380
function confirmation (name) {
381
    if (confirm(\" " . get_lang("AreYouSureToDelete") . " \"+ name + \" ?\"))
382
        {return true;}
383
    else
384
        {return false;}
385
}
386
</script>";
387

    
388
// If they are looking at group documents they can't see the root
389
if ($to_group_id != 0 && $curdirpath == '/') {
390
    $curdirpath = $group_properties['directory'];
391
    $curdirpathurl = urlencode($group_properties['directory']);
392
}
393

    
394
// Check visibility of the current dir path. Don't show anything if not allowed
395
//@todo check this validation for coaches
396
//if (!$is_allowed_to_edit || api_is_coach()) { before
397

    
398
if (!$is_allowed_to_edit && api_is_coach()) {
399
    if ($curdirpath != '/' && !(DocumentManager::is_visible($curdirpath, $_course, api_get_session_id(), 'folder'))) {
400
        api_not_allowed(true);
401
    }
402
}
403

    
404
/* 	Create shared folders */
405
if ($session_id == 0) {
406
    //Create shared folder. Necessary for courses recycled. Allways session_id should be zero. Allway should be created from a base course, never from a session.
407
    if (!file_exists($base_work_dir . '/shared_folder')) {
408
        $usf_dir_title = get_lang('UserFolders');
409
        $usf_dir_name = '/shared_folder';
410
        $to_group_id = 0;
411
        $visibility = 0;
412
        create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility);
413
    }
414
    // Create dynamic user shared folder
415
    if (!file_exists($base_work_dir . '/shared_folder/sf_user_' . api_get_user_id())) {
416
        $usf_dir_title = api_get_person_name($_user['firstName'], $_user['lastName']);
417
        $usf_dir_name = '/shared_folder/sf_user_' . api_get_user_id();
418
        $to_group_id = 0;
419
        $visibility = 1;
420
        create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility);
421
    }
422
} else {
423
    //Create shared folder session
424
    if (!file_exists($base_work_dir . '/shared_folder_session_' . $session_id)) {
425
        $usf_dir_title = get_lang('UserFolders') . ' (' . api_get_session_name($session_id) . ')';
426
        $usf_dir_name = '/shared_folder_session_' . $session_id;
427
        $to_group_id = 0;
428
        $visibility = 0;
429
        create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility);
430
    }
431
    //Create dynamic user shared folder into a shared folder session
432
    if (!file_exists($base_work_dir . '/shared_folder_session_' . $session_id . '/sf_user_' . api_get_user_id())) {
433
        $usf_dir_title = api_get_person_name($_user['firstName'], $_user['lastName']) . '(' . api_get_session_name($session_id) . ')';
434
        $usf_dir_name = '/shared_folder_session_' . $session_id . '/sf_user_' . api_get_user_id();
435
        $to_group_id = 0;
436
        $visibility = 1;
437
        create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $usf_dir_name, $usf_dir_title, $visibility);
438
    }
439
}
440

    
441
/* 	MAIN SECTION */
442

    
443
// Slideshow inititalisation
444
$_SESSION['image_files_only'] = '';
445
$image_files_only = '';
446

    
447
if ($is_certificate_mode) {
448
    $interbreadcrumb[] = array('url' => '../gradebook/index.php', 'name' => get_lang('Gradebook'));
449
} else {
450
    if ((isset($_GET['id']) && $_GET['id'] != 0) || isset($_GET['curdirpath']) || isset($_GET['createdir'])) {
451
        $interbreadcrumb[] = array('url' => 'document.php', 'name' => get_lang('Documents'));
452
    } else {
453
        $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('Documents'));
454
    }
455
}
456

    
457
// Interbreadcrumb for the current directory root path
458

    
459
if (empty($document_data['parents'])) {
460
    if (isset($_GET['createdir'])) {
461
        $interbreadcrumb[] = array('url' => $document_data['document_url'], 'name' => $document_data['title']);
462
    } else {
463
        $interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']);
464
    }
465
} else {
466
    $counter = 0;
467
    foreach ($document_data['parents'] as $document_sub_data) {
468
        //fixing double group folder in breadcrumb
469
        if (api_get_group_id()) {
470
            if ($counter == 0) {
471
                $counter++;
472
                continue;
473
            }
474
        }
475
        if (!isset($_GET['createdir']) && $document_sub_data['id'] == $document_data['id']) {
476
            $document_sub_data['document_url'] = '#';
477
        }
478
        $interbreadcrumb[] = array('url' => $document_sub_data['document_url'], 'name' => $document_sub_data['title']);
479
        $counter++;
480
    }
481
}
482

    
483
if (isset($_GET['createdir'])) {
484
    $interbreadcrumb[] = array('url' => '#', 'name' => get_lang('CreateDir'));
485
}
486

    
487
$js_path = api_get_path(WEB_LIBRARY_PATH) . 'javascript/';
488

    
489
$htmlHeadXtra[] = '<link rel="stylesheet" href="' . $js_path . 'jquery-jplayer/skins/chamilo/jplayer.blue.monday.css" type="text/css">';
490
$htmlHeadXtra[] = '<script type="text/javascript" src="' . $js_path . 'jquery-jplayer/jquery.jplayer.min.js"></script>';
491
//$htmlHeadXtra[] = '<script type="text/javascript" src="'.$js_path.'jquery-jplayer/jquery.jplayer.inspector.js"></script>';
492

    
493
$mediaplayer_path = api_get_path(WEB_LIBRARY_PATH) . 'mediaplayer/player.swf';
494
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, false);
495

    
496
$count = 1;
497
$jquery = null;
498

    
499
if (!empty($docs_and_folders))
500
    foreach ($docs_and_folders as $file) {
501
        if ($file['filetype'] == 'file') {
502
            $path_info = pathinfo($file['path']);
503
            $extension = strtolower($path_info['extension']);
504
            //@todo use a js loop to autogenerate this code
505
            if (in_array($extension, array('ogg', 'mp3', 'wav'))) {
506
                $document_data = DocumentManager::get_document_data_by_id($file['id'], api_get_course_id());
507

    
508
                if ($extension == 'ogg') {
509
                    $extension = 'oga';
510
                }
511
                //$("#jplayer_inspector_'.$count.'").jPlayerInspector({jPlayer:$("#jquery_jplayer_'.$count.'")});
512
                $params = array('url' => $document_data['direct_url'],
513
                                'extension' =>$extension,
514
                                'count'=> $count
515
                 );
516
                $jquery .= DocumentManager::generate_jplayer_jquery($params);
517
                $count++;
518
            }
519
        }
520
    }
521

    
522
$htmlHeadXtra[] = '<script>
523
$(document).ready( function() {
524
    //Experimental changes to preview mp3, ogg files
525
     ' . $jquery . '
526
});
527
</script>';
528

    
529
Display::display_header('', 'Doc');
530

    
531
// Lib for event log, stats & tracking & record of the access
532
event_access_tool(TOOL_DOCUMENT);
533

    
534
/* 	DISPLAY */
535
if ($to_group_id != 0) { // Add group name after for group documents
536
    $add_group_to_title = ' (' . $group_properties['name'] . ')';
537
}
538

    
539
/* Introduction section (editable by course admins) */
540

    
541
if (!empty($_SESSION['_gid'])) {
542
    Display::display_introduction_section(TOOL_DOCUMENT . $_SESSION['_gid']);
543
} else {
544
    Display::display_introduction_section(TOOL_DOCUMENT);
545
}
546

    
547
// ACTION MENU
548

    
549
/* 	MOVE FILE OR DIRECTORY */
550
//Only teacher and all users into their group and each user into his/her shared folder
551
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id) || is_my_shared_folder(api_get_user_id(), Security::remove_XSS($_POST['move_to']), $session_id)) {
552

    
553
    if (isset($_GET['move']) && $_GET['move'] != '') {
554
        $my_get_move = intval($_REQUEST['move']);
555

    
556
        if (api_is_coach()) {
557
            if (!DocumentManager::is_visible_by_id($my_get_move, $course_info, api_get_session_id(), api_get_user_id())) {
558
                api_not_allowed();
559
            }
560
        }
561

    
562
        if (!$is_allowed_to_edit) {
563
            if (DocumentManager::check_readonly($_course, api_get_user_id(), $my_get_move)) {
564
                api_not_allowed();
565
            }
566
        }
567
        $document_to_move = DocumentManager::get_document_data_by_id($my_get_move, api_get_course_id());
568
        $move_path = $document_to_move['path'];
569
        if (!empty($document_to_move)) {
570
            $folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights);
571

    
572
            //filter if is my shared folder. TODO: move this code to build_move_to_selector function
573
            if (is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id) && !$is_allowed_to_edit) {
574
                $main_user_shared_folder_main = '/shared_folder/sf_user_' . api_get_user_id(); //only main user shared folder
575
                $main_user_shared_folder_sub = '/shared_folder\/sf_user_' . api_get_user_id() . '\//'; //all subfolders
576
                $user_shared_folders = array();
577

    
578
                foreach ($folders as $fold) {
579
                    if ($main_user_shared_folder_main == $fold || preg_match($main_user_shared_folder_sub, $fold)) {
580
                        $user_shared_folders[] = $fold;
581
                    }
582
                }
583
                echo '<legend>' . get_lang('Move') . '</legend>';
584
                echo build_move_to_selector($user_shared_folders, $move_path, $my_get_move, $group_properties['directory']);
585
            } else {
586

    
587
                echo '<legend>' . get_lang('Move') . '</legend>';
588
                echo build_move_to_selector($folders, $move_path, $my_get_move, $group_properties['directory']);
589
            }
590
        }
591
    }
592

    
593
    if (isset($_POST['move_to']) && isset($_POST['move_file'])) {
594

    
595
        if (!$is_allowed_to_edit) {
596
            if (DocumentManager::check_readonly($_course, api_get_user_id(), $_POST['move_file'])) {
597
                api_not_allowed();
598
            }
599
        }
600

    
601
        if (api_is_coach()) {
602
            if (!DocumentManager::is_visible_by_id($_POST['move_file'], $_course, api_get_session_id(), api_get_user_id())) {
603
                api_not_allowed();
604
            }
605
        }
606
        $document_to_move = DocumentManager::get_document_data_by_id($_POST['move_file'], api_get_course_id());
607

    
608
        // Security fix: make sure they can't move files that are not in the document table
609
        if (!empty($document_to_move)) {
610

    
611
            $real_path_target = $base_work_dir . $_POST['move_to'] . '/' . basename($document_to_move['path']);
612
            $fileExist = false;
613
            if (file_exists($real_path_target)) {
614
                $fileExist = true;
615
            }
616
            if (move($base_work_dir . $document_to_move['path'], $base_work_dir . $_POST['move_to'])) {
617
                update_db_info('update', $document_to_move['path'], $_POST['move_to'] . '/' . basename($document_to_move['path']));
618

    
619
                //update database item property
620
                $doc_id = $_POST['move_file'];
621

    
622
                if (is_dir($real_path_target)) {
623
                    api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'FolderMoved', api_get_user_id(), $to_group_id, null, null, null, $session_id);
624
                    Display::display_confirmation_message(get_lang('DirMv'));
625
                } elseif (is_file($real_path_target)) {
626
                    api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentMoved', api_get_user_id(), $to_group_id, null, null, null, $session_id);
627
                    Display::display_confirmation_message(get_lang('DocMv'));
628
                }
629

    
630
                // Set the current path
631
                $curdirpath = $_POST['move_to'];
632
                $curdirpathurl = urlencode($_POST['move_to']);
633
            } else {
634
                if ($fileExist) {
635
                    if (is_dir($real_path_target)) {
636
                        Display::display_error_message(get_lang('DirExists'));
637
                    } elseif (is_file($real_path_target)) {
638
                        Display::display_error_message(get_lang('FileExists'));
639
                    }
640
                } else {
641
                    Display::display_error_message(get_lang('Impossible'));
642
                }
643
            }
644
        } else {
645
            Display::display_error_message(get_lang('Impossible'));
646
        }
647
    }
648
}
649

    
650
/* 	DELETE FILE OR DIRECTORY */
651
//Only teacher and all users into their group
652
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
653
    if (isset($_GET['delete'])) {
654
        if (!$is_allowed_to_edit) {
655
            if (api_is_coach()) {
656
                if (!DocumentManager::is_visible($_GET['delete'], $_course, api_get_session_id())) {
657
                    api_not_allowed();
658
                }
659
            }
660
            if (DocumentManager::check_readonly($_course, api_get_user_id(), $_GET['delete'], '', true)) {
661
                api_not_allowed();
662
            }
663
        }
664

    
665
        $document_data = DocumentManager::get_document_id($_course, $_GET['delete']);
666
        // Check whether the document is in the database
667
        if (!empty($document_data)) {
668
            if (DocumentManager::delete_document($_course, $_GET['delete'], $base_work_dir)) {
669
                if (isset($_GET['delete_certificate_id']) && $_GET['delete_certificate_id'] == strval(intval($_GET['delete_certificate_id']))) {
670
                    $default_certificate_id = $_GET['delete_certificate_id'];
671
                    DocumentManager::remove_attach_certificate(api_get_course_id(), $default_certificate_id);
672
                }
673
                Display::display_confirmation_message(get_lang('DocDeleted'));
674
            } else {
675
                Display::display_error_message(get_lang('DocDeleteError'));
676
            }
677
        } else {
678
            Display::display_warning_message(get_lang('FileNotFound'));
679
        }
680
    }
681

    
682
    if (isset($_POST['action'])) {
683
        switch ($_POST['action']) {
684
            case 'delete':
685
                foreach ($_POST['path'] as $index => & $path) {
686
                    if (!$is_allowed_to_edit) {
687
                        if (DocumentManager::check_readonly($_course, api_get_user_id(), $path)) {
688
                            Display::display_error_message(get_lang('CantDeleteReadonlyFiles'));
689
                            break 2;
690
                        }
691
                    }
692
                }
693

    
694
                foreach ($_POST['path'] as $index => & $path) {
695
                    if (in_array($path, array('/audio', '/flash', '/images', '/shared_folder', '/video', '/chat_files', '/certificates'))) {
696
                        continue;
697
                    } else {
698
                        $delete_document = DocumentManager::delete_document($_course, $path, $base_work_dir);
699
                    }
700
                }
701
                if (!empty($delete_document)) {
702
                    Display::display_confirmation_message(get_lang('DocDeleted'));
703
                }
704
                break;
705
        }
706
    }
707
}
708

    
709
/* 	CREATE DIRECTORY */
710
//Only teacher and all users into their group and any user into his/her shared folder
711
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
712
    // Create directory with $_POST data
713

    
714
    if (isset($_POST['create_dir']) && $_POST['dirname'] != '') {
715
        // Needed for directory creation
716
        $post_dir_name = $_POST['dirname'];
717

    
718
        if ($post_dir_name == '../' || $post_dir_name == '.' || $post_dir_name == '..') {
719
            Display::display_error_message(get_lang('CannotCreateDir'));
720
        } else {
721
            if (!empty($_POST['dir_id'])) {
722
                $document_data = DocumentManager::get_document_data_by_id($_POST['dir_id'], api_get_course_id());
723
                $curdirpath = $document_data['path'];
724
            }
725
            $added_slash = ($curdirpath == '/') ? '' : '/';
726
            $dir_name = $curdirpath . $added_slash . replace_dangerous_char($post_dir_name);
727
            $dir_name = disable_dangerous_file($dir_name);
728
            $dir_check = $base_work_dir . $dir_name;
729

    
730

    
731
            if (!is_dir($dir_check)) {
732
                $created_dir = create_unexisting_directory($_course, api_get_user_id(), api_get_session_id(), $to_group_id, $to_user_id, $base_work_dir, $dir_name, $post_dir_name);
733

    
734
                if ($created_dir) {
735
                    Display::display_confirmation_message('<span title="' . $created_dir . '">' . get_lang('DirCr') . '</span>', false);
736
                    // Uncomment if you want to enter the created dir
737
                    //$curdirpath = $created_dir;
738
                    //$curdirpathurl = urlencode($curdirpath);
739
                } else {
740
                    Display::display_error_message(get_lang('CannotCreateDir'));
741
                }
742
            } else {
743
                Display::display_error_message(get_lang('CannotCreateDir'));
744
            }
745
        }
746
    }
747

    
748
    // Show them the form for the directory name
749
    if (isset($_GET['createdir'])) {
750
        echo create_dir_form($document_id);
751
    }
752
}
753

    
754
/* 	VISIBILITY COMMANDS */
755
//Only teacher
756
if ($is_allowed_to_edit) {
757
    if ((isset($_GET['set_invisible']) && !empty($_GET['set_invisible'])) || (isset($_GET['set_visible']) && !empty($_GET['set_visible'])) && $_GET['set_visible'] != '*' && $_GET['set_invisible'] != '*') {
758
        // Make visible or invisible?
759
        if (isset($_GET['set_visible'])) {
760
            $update_id = intval($_GET['set_visible']);
761
            $visibility_command = 'visible';
762
        } else {
763
            $update_id = intval($_GET['set_invisible']);
764
            $visibility_command = 'invisible';
765
        }
766

    
767
        if (!$is_allowed_to_edit) {
768
            if (api_is_coach()) {
769
                if (!DocumentManager::is_visible_by_id($update_id, $_course, api_get_session_id(), api_get_user_id())) {
770
                    api_not_allowed();
771
                }
772
            }
773
            if (DocumentManager::check_readonly($_course, api_get_user_id(), '', $update_id)) {
774
                api_not_allowed();
775
            }
776
        }
777

    
778
        // Update item_property to change visibility
779
        if (api_item_property_update($_course, TOOL_DOCUMENT, $update_id, $visibility_command, api_get_user_id(), null, null, null, null, $session_id)) {
780
            Display::display_confirmation_message(get_lang('VisibilityChanged')); //don't use ViMod because firt is load ViMdod (Gradebook). VisibilityChanged (trad4all)
781
        } else {
782
            Display::display_error_message(get_lang('ViModProb'));
783
        }
784
    }
785
}
786

    
787
/* 	TEMPLATE ACTION */
788
//Only teacher and all users into their group
789
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
790
    if (isset($_GET['add_as_template']) && !isset($_POST['create_template'])) {
791

    
792
        $document_id_for_template = intval($_GET['add_as_template']);
793

    
794
        // Create the form that asks for the directory name
795
        $template_text = '<form name="set_document_as_new_template" enctype="multipart/form-data" action="' . api_get_self() . '?add_as_template=' . $document_id_for_template . '" method="post">';
796
        $template_text .= '<input type="hidden" name="curdirpath" value="' . $curdirpath . '" />';
797
        $template_text .= '<table><tr><td>';
798
        $template_text .= get_lang('TemplateName') . ' : </td>';
799
        $template_text .= '<td><input type="text" name="template_title" /></td></tr>';
800
        //$template_text .= '<tr><td>'.get_lang('TemplateDescription').' : </td>';
801
        //$template_text .= '<td><textarea name="template_description"></textarea></td></tr>';
802
        $template_text .= '<tr><td>' . get_lang('TemplateImage') . ' : </td>';
803
        $template_text .= '<td><input type="file" name="template_image" id="template_image" /></td></tr>';
804
        $template_text .= '</table>';
805
        $template_text .= '<button type="submit" class="add" name="create_template">' . get_lang('CreateTemplate') . '</button>';
806
        $template_text .= '</form>';
807
        // Show the form
808
        Display::display_normal_message($template_text, false);
809
    } elseif (isset($_GET['add_as_template']) && isset($_POST['create_template'])) {
810

    
811
        $document_id_for_template = intval(Database::escape_string($_GET['add_as_template']));
812

    
813
        $title = Security::remove_XSS($_POST['template_title']);
814
        //$description = Security::remove_XSS($_POST['template_description']);
815
        $user_id = api_get_user_id();
816

    
817
        // Create the template_thumbnails folder in the upload folder (if needed)
818
        if (!is_dir(api_get_path(SYS_PATH) . 'courses/' . $_course['path'] . '/upload/template_thumbnails/')) {
819
            @mkdir(api_get_path(SYS_PATH) . 'courses/' . $_course['path'] . '/upload/template_thumbnails/', api_get_permissions_for_new_directories());
820
        }
821
        // Upload the file
822
        if (!empty($_FILES['template_image']['name'])) {
823

    
824
            require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';
825
            $upload_ok = process_uploaded_file($_FILES['template_image']);
826

    
827
            if ($upload_ok) {
828
                // Try to add an extension to the file if it hasn't one
829
                $new_file_name = $_course['sysCode'] . '-' . add_ext_on_mime(stripslashes($_FILES['template_image']['name']), $_FILES['template_image']['type']);
830

    
831
                // Upload dir
832
                $upload_dir = api_get_path(SYS_PATH) . 'courses/' . $_course['path'] . '/upload/template_thumbnails/';
833

    
834
                // Resize image to max default and end upload
835
                $temp = new Image($_FILES['template_image']['tmp_name']);
836
                $picture_info = $temp->get_image_info();
837

    
838
                $max_width_for_picture = 100;
839

    
840
                if ($picture_info['width'] > $max_width_for_picture) {
841
                    $thumbwidth = $max_width_for_picture;
842
                    if (empty($thumbwidth) || $thumbwidth == 0) {
843
                        $thumbwidth = $max_width_for_picture;
844
                    }
845
                    $new_height = round(($thumbwidth / $picture_info['width']) * $picture_info['height']);
846
                    $temp->resize($thumbwidth, $new_height, 0);
847
                }
848
                $temp->send_image($upload_dir . $new_file_name);
849
            }
850
        }
851

    
852
        DocumentManager::set_document_as_template($title, $description, $document_id_for_template, $course_code, $user_id, $new_file_name);
853
        Display::display_confirmation_message(get_lang('DocumentSetAsTemplate'));
854
    }
855

    
856
    if (isset($_GET['remove_as_template'])) {
857
        $document_id_for_template = intval($_GET['remove_as_template']);
858
        $user_id = api_get_user_id();
859
        DocumentManager::unset_document_as_template($document_id_for_template, $course_code, $user_id);
860
        Display::display_confirmation_message(get_lang('DocumentUnsetAsTemplate'));
861
    }
862
}
863

    
864
// END ACTION MENU
865
// Attach certificate in the gradebook
866
if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isset($_GET['set_certificate']) && $_GET['set_certificate'] == strval(intval($_GET['set_certificate']))) {
867
    if (isset($_GET['cidReq'])) {
868
        $course_id = Security::remove_XSS($_GET['cidReq']); // course id
869
        $document_id = Security::remove_XSS($_GET['set_certificate']); // document id
870
        DocumentManager::attach_gradebook_certificate($course_id, $document_id);
871
        Display::display_normal_message(get_lang('IsDefaultCertificate'));
872
    }
873
}
874

    
875
/* 	GET ALL DOCUMENT DATA FOR CURDIRPATH */
876
if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
877
    $docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, true);
878
} else {
879
    $docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, false);
880
}
881
if (api_get_group_id() != 0) {
882
    
883
    if (api_is_allowed_to_edit() || GroupManager::is_subscribed(api_get_user_id(), api_get_group_id()) || GroupManager :: is_tutor_of_group(api_get_user_id(), api_get_group_id())) {
884
        $folders = DocumentManager::get_all_document_folders($_course, api_get_group_id(), $is_allowed_to_edit || $group_member_with_upload_rights);
885
    }
886
} else {
887
    $folders = DocumentManager::get_all_document_folders($_course, api_get_group_id(), $is_allowed_to_edit || $group_member_with_upload_rights);
888
}
889

    
890

    
891
//$folders = DocumentManager::get_all_document_folders($_course, $to_group_id, $is_allowed_to_edit || $group_member_with_upload_rights);
892
if ($folders === false) {
893
    $folders = array();
894
}
895

    
896
echo '<div class="actions">';
897
if (!$is_certificate_mode) {
898
    /* BUILD SEARCH FORM */
899
    echo '<span style="display:inline-block;">';
900
    $form = new FormValidator('search_document', 'get', '', '', null, false);
901
    $renderer = & $form->defaultRenderer();
902
    $renderer->setElementTemplate('<span>{element}</span> ');
903
    $form->add_textfield('keyword', '', false, array('class' => 'span2'));
904
    $form->addElement('style_submit_button', 'submit', get_lang('Search'), 'class="search"');
905
    $form->display();
906
    echo '</span>';
907
}
908

    
909
/* GO TO PARENT DIRECTORY */
910
if ($curdirpath != '/' && $curdirpath != $group_properties['directory'] && !$is_certificate_mode) {
911
    echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&id=' . $parent_id . '">';
912
    echo Display::display_icon('folder_up.png', get_lang('Up'), '', ICON_SIZE_MEDIUM);
913
    echo '</a>';
914
}
915

    
916
if ($is_certificate_mode && $curdirpath != '/certificates') {
917
    ?>
918
    <a href="<?php echo api_get_self(); ?>?<?php echo api_get_cidreq(); ?>&amp;curdirpath=<?php echo urlencode((dirname($curdirpath) == '\\') ? '/' : dirname($curdirpath)); ?>">
919
        <?php Display::display_icon('folder_up.png', get_lang('Up'), '', ICON_SIZE_MEDIUM); ?></a>
920
    <?php
921
}
922

    
923

    
924
$column_show = array();
925

    
926
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
927

    
928
    // TODO:check enable more options for shared folders
929
    /* CREATE NEW DOCUMENT OR NEW DIRECTORY / GO TO UPLOAD / DOWNLOAD ZIPPED FOLDER */
930

    
931
    // Create new document
932
    if (!$is_certificate_mode) {
933
        ?>
934
        <a href="create_document.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
935
            <?php Display::display_icon('new_document.png', get_lang('CreateDoc'), '', ICON_SIZE_MEDIUM); ?></a>
936
        <?php
937
        // Create new draw
938
        if (api_get_setting('enabled_support_svg') == 'true') {
939
            if (api_browser_support('svg')) {
940
                ?>
941
                <a href="create_draw.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
942
                    <?php Display::display_icon('new_draw.png', get_lang('Draw'), '', ICON_SIZE_MEDIUM); ?></a>&nbsp;
943
                <?php
944
            } else {
945
                Display::display_icon('new_draw_na.png', get_lang('BrowserDontSupportsSVG'), '', ICON_SIZE_MEDIUM);
946
            }
947
        }
948

    
949
        // Create new paint
950
        if (api_get_setting('enabled_support_pixlr') == 'true') {
951
            ?>
952
            <a href="create_paint.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
953
                <?php Display::display_icon('new_paint.png', get_lang('PhotoRetouching'), '', ICON_SIZE_MEDIUM); ?></a>
954
            <?php
955
        }
956

    
957

    
958
		// Record an image clip from my webcam
959
		if (api_get_setting('enable_webcam_clip') == 'true') {
960
		?>
961
			<a href="webcam_clip.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
962
		   	<?php Display::display_icon('webcam.png', get_lang('WebCamClip'),'',ICON_SIZE_MEDIUM); ?></a>
963
		<?php
964
		}
965

    
966
		// Record audio (nanogong)
967
        if (api_get_setting('enable_nanogong') == 'true') {
968
            ?>
969
            <a href="record_audio.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
970
                <?php Display::display_icon('new_recording.png', get_lang('RecordMyVoice'), '', ICON_SIZE_MEDIUM); ?></a>
971
            <?php
972
        }
973

    
974
		// Record  audio (wami record)
975
        if (api_get_setting('enable_wami_record') == 'true') {
976
            ?>
977
            <a href="record_audio_wami.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>">
978
                <?php Display::display_icon('new_recording.png', get_lang('RecordMyVoice'), '', ICON_SIZE_MEDIUM); ?></a>
979
            <?php
980
        }
981

    
982
        // Create new audio from text
983
        if (api_get_setting('enabled_text2audio') == 'true') {
984
            $dt2a = 'google';
985
            $req_dt2a = '&amp;dt2a=' . $dt2a;
986
            ?>
987
            <a href="create_audio.php?<?php echo api_get_cidreq(); ?>&amp;id=<?php echo $document_id. $req_dt2a; ?>">
988
                <?php Display::display_icon('new_sound.png', get_lang('CreateAudio'), '', ICON_SIZE_MEDIUM); ?></a>
989
            <?php
990
        }
991
    }
992

    
993
    // Create new certificate
994
    if ($is_certificate_mode) {
995
        ?>
996
        <a href="create_document.php?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>&certificate=true&selectcat=<?php echo $selectcat; ?>">
997
            <?php Display::display_icon('new_certificate.png', get_lang('CreateCertificate'), '', ICON_SIZE_MEDIUM); ?></a>
998
        <?php
999
    }
1000
    // File upload link
1001
    if ($is_certificate_mode) {
1002
        echo '<a href="upload.php?' . api_get_cidreq() . '&id=' . $current_folder_id.'">';
1003
        echo Display::display_icon('upload_certificate.png', get_lang('UploadCertificate'), '', ICON_SIZE_MEDIUM) . '</a>';
1004
    } else {
1005
        echo '<a href="upload.php?' . api_get_cidreq() . '&id=' . $current_folder_id.'">';
1006
        echo Display::display_icon('upload_file.png', get_lang('UplUploadDocument'), '', ICON_SIZE_MEDIUM) . '</a>';
1007
    }
1008
    // Create directory
1009
    if (!$is_certificate_mode) {
1010
        ?>
1011
        <a href="<?php echo api_get_self(); ?>?<?php echo api_get_cidreq(); ?>&id=<?php echo $document_id; ?>&createdir=1">
1012
            <?php Display::display_icon('new_folder.png', get_lang('CreateDir'), '', ICON_SIZE_MEDIUM); ?></a>
1013
        <?php
1014
    }
1015
}
1016

    
1017
$table_footer = '';
1018
$total_size = 0;
1019

    
1020
if (isset($docs_and_folders) && is_array($docs_and_folders)) {
1021
    if (api_get_group_id() == 0 || ( api_is_allowed_to_edit() || GroupManager::is_subscribed(api_get_user_id(),0) || GroupManager :: is_tutor_of_group(api_get_user_id(), api_get_group_id()))) {
1022
        // Create a sortable table with our data
1023
        $sortable_data = array();
1024

    
1025
        $count = 1;
1026
        foreach ($docs_and_folders as $key => $document_data) {
1027
            $row = array();
1028
            $row['id'] = $document_data['id'];
1029
            $row['type'] = $document_data['filetype'];
1030

    
1031
            // If the item is invisible, wrap it in a span with class invisible
1032

    
1033
            $is_visible = DocumentManager::is_visible_by_id($document_data['id'], $course_info, api_get_session_id(), api_get_user_id(), false);
1034

    
1035
            $invisibility_span_open = ($is_visible == 0) ? '<span class="muted">' : '';
1036
            $invisibility_span_close = ($is_visible == 0) ? '</span>' : '';
1037

    
1038
            // Size (or total size of a directory)
1039
            $size = $document_data['filetype'] == 'folder' ? get_total_folder_size($document_data['path'], $is_allowed_to_edit) : $document_data['size'];
1040

    
1041
            // Get the title or the basename depending on what we're using
1042
            if ($document_data['title'] != '') {
1043
                $document_name = $document_data['title'];
1044
            } else {
1045
                $document_name = basename($document_data['path']);
1046
            }
1047
            $row['name'] = $document_name;
1048
            // Data for checkbox
1049
            if (($is_allowed_to_edit || $group_member_with_upload_rights) && count($docs_and_folders) > 1) {
1050
                $row[] = $document_data['path'];
1051
            }
1052

    
1053
            if (DocumentManager::is_folder_to_avoid($document_data['path'], $is_certificate_mode)) {
1054
                continue;
1055
            }
1056

    
1057
            // Show the owner of the file only in groups
1058
            $user_link = '';
1059

    
1060
            if (isset($_SESSION['_gid']) && $_SESSION['_gid'] != '') {
1061
                if (!empty($document_data['insert_user_id'])) {
1062
                    $user_info = UserManager::get_user_info_by_id($document_data['insert_user_id']);
1063
                    $user_name = api_get_person_name($user_info['firstname'], $user_info['lastname']);
1064
                    $user_link = '<div class="document_owner">' . get_lang('Owner') . ': ' . display_user_link_document($document_data['insert_user_id'], $user_name) . '</div>';
1065
                }
1066
            }
1067

    
1068
            // Icons (clickable)
1069
            $row[] = create_document_link($document_data, true, $count, $is_visible);
1070

    
1071
            $path_info = pathinfo($document_data['path']);
1072

    
1073
            if (isset($path_info['extension']) && in_array($path_info['extension'], array('ogg', 'mp3', 'wav'))) {
1074
                $count++;
1075
            }
1076

    
1077
            // Validacion when belongs to a session
1078
            $session_img = api_get_session_image($document_data['session_id'], $_user['status']);
1079

    
1080
            // Document title with link
1081
            $row[] = create_document_link($document_data, false, null, $is_visible) . $session_img . '<br />' . $invisibility_span_open . '<i>' . nl2br(htmlspecialchars($document_data['comment'], ENT_QUOTES, $charset)) . '</i>' . $invisibility_span_close . $user_link;
1082

    
1083
            // Comments => display comment under the document name
1084
            $display_size = format_file_size($size);
1085
            $row[] = '<span style="display:none;">'.$size.'</span>'.$invisibility_span_open.$display_size.$invisibility_span_close;
1086

    
1087
            // Last edit date
1088

    
1089
            $last_edit_date = api_get_local_time($document_data['lastedit_date']);
1090
            $display_date = date_to_str_ago($last_edit_date).' <div class="muted"><small>'.$last_edit_date."</small></div>";
1091
            $row[] = $invisibility_span_open.$display_date.$invisibility_span_close;
1092
            // Admins get an edit column
1093

    
1094
            if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
1095
                $is_template = isset($document_data['is_template']) ? $document_data['is_template'] : false;
1096
                // If readonly, check if it the owner of the file or if the user is an admin
1097
                if ($document_data['insert_user_id'] == api_get_user_id() || api_is_platform_admin()) {
1098
                    $edit_icons = build_edit_icons($document_data, $key, $is_template, 0, $is_visible);
1099
                } else {
1100
                    $edit_icons = build_edit_icons($document_data, $key, $is_template, $document_data['readonly'], $is_visible);
1101
                }
1102
                $row[] = $edit_icons;
1103
            }
1104
            $row[] = $last_edit_date;
1105
            $row[] = $size;
1106
            $row[] = $document_name;
1107

    
1108
            $total_size = $total_size + $size;
1109

    
1110
            if ((isset($_GET['keyword']) && search_keyword($document_name, $_GET['keyword'])) || !isset($_GET['keyword']) || empty($_GET['keyword'])) {
1111
                $sortable_data[] = $row;
1112
            }
1113
        }
1114
    }
1115
} else {
1116
    $sortable_data = '';
1117
    $table_footer = get_lang('NoDocsInFolder');
1118
}
1119

    
1120
if (!is_null($docs_and_folders)) {
1121

    
1122
    // Show download zipped folder icon
1123
    global $total_size;
1124
    if (!$is_certificate_mode && $total_size != 0 && (api_get_setting('students_download_folders') == 'true' || api_is_allowed_to_edit() || api_is_platform_admin())) {
1125

    
1126
        //for student does not show icon into other shared folder, and does not show into main path (root)
1127
        if (is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id) && $curdirpath != '/' || api_is_allowed_to_edit() || api_is_platform_admin()) {
1128
            echo '<a href="' . api_get_self() . '?' . api_get_cidreq() . '&amp;action=downloadfolder&amp;id=' . $document_id . '">' . Display::return_icon('save_pack.png', get_lang('Save') . ' (ZIP)', '', ICON_SIZE_MEDIUM) . '</a>';
1129
        }
1130
    }
1131
}
1132

    
1133
// Slideshow by Patrick Cool, May 2004
1134
require 'document_slideshow.inc.php';
1135
if ($image_present && !isset($_GET['keyword'])) {
1136
    echo '<a href="slideshow.php?' . api_get_cidreq() . '&amp;curdirpath=' . $curdirpathurl . '">' . Display::return_icon('slideshow.png', get_lang('ViewSlideshow'), '', ICON_SIZE_MEDIUM) . '</a>';
1137
}
1138

    
1139
if (api_is_allowed_to_edit(null, true)) {
1140
    echo '<a href="document_quota.php?' . api_get_cidreq() . '">' . Display::return_icon('percentage.png', get_lang('DocumentQuota'), '', ICON_SIZE_MEDIUM) . '</a>';
1141
}
1142

    
1143
echo '</div>'; //end actions
1144

    
1145

    
1146
if (isset($message)) {
1147
    echo $message;
1148
}
1149
if (isset($_POST['move_to'])) {
1150
    $document_id = DocumentManager::get_document_id($course_info, $_POST['move_to']);
1151
}
1152

    
1153
if (isset($_GET['createdir']) && isset($_POST['dirname']) && $_POST['dirname'] != '') {
1154
    $post_dir_name = $_POST['dirname'];
1155
    $document_id = DocumentManager::get_document_id($course_info, $_POST['dirname']);
1156
}
1157
if (!$is_certificate_mode) {
1158
    echo build_directory_selector($folders, $document_id, (isset($group_properties['directory']) ? $group_properties['directory'] : array()), true);
1159
}
1160

    
1161
if (($is_allowed_to_edit || $group_member_with_upload_rights) && count($docs_and_folders) > 1) {
1162
    $column_show[] = 1;
1163
}
1164

    
1165
$column_show[] = 1;
1166
$column_show[] = 1;
1167
$column_show[] = 1;
1168
$column_show[] = 1;
1169

    
1170
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
1171
    $column_show[] = 1;
1172
}
1173
$column_show[] = 0;
1174
$column_show[] = 0;
1175

    
1176
$column_order = array();
1177

    
1178
if (count($row) == 12) {
1179
    //teacher
1180
    $column_order[2] = 8; //name
1181
    $column_order[3] = 7;
1182
    $column_order[4] = 6;
1183
} elseif (count($row) == 10) {
1184
    //student
1185
    $column_order[1] = 6;
1186
    $column_order[2] = 5;
1187
    $column_order[3] = 4;
1188
}
1189

    
1190
$default_column = $is_allowed_to_edit ? 2 : 1;
1191
$tablename = $is_allowed_to_edit ? 'teacher_table' : 'student_table';
1192

    
1193
$table = new SortableTableFromArrayConfig($sortable_data, $default_column, 20, $tablename, $column_show, $column_order, 'ASC', true);
1194

    
1195
if (isset($_GET['keyword'])) {
1196
    $query_vars['keyword'] = Security::remove_XSS($_GET['keyword']);
1197
} else {
1198
    $query_vars['curdirpath'] = $curdirpath;
1199
}
1200

    
1201
if (api_get_group_id()) {
1202
    $query_vars['gidReq'] = api_get_group_id();
1203
}
1204
$query_vars['cidReq'] = api_get_course_id();
1205
$table->set_additional_parameters($query_vars);
1206

    
1207
$column = 0;
1208

    
1209
if (($is_allowed_to_edit || $group_member_with_upload_rights) && count($docs_and_folders) > 1) {
1210
    $table->set_header($column++, '', false, array('style' => 'width:12px;'));
1211
}
1212
$table->set_header($column++, get_lang('Type'), true, array('style' => 'width:30px;'));
1213
$table->set_header($column++, get_lang('Name'));
1214
$table->set_header($column++, get_lang('Size'), true, array('style' => 'width:50px;'));
1215
$table->set_header($column++, get_lang('Date'), true, array('style' => 'width:150px;'));
1216
// Admins get an edit column
1217
if ($is_allowed_to_edit || $group_member_with_upload_rights || is_my_shared_folder(api_get_user_id(), $curdirpath, $session_id)) {
1218
    $table->set_header($column++, get_lang('Actions'), false, array('class' => 'td_actions'));
1219
}
1220

    
1221
// Actions on multiple selected documents
1222
// TODO: Currently only delete action -> take only DELETE right into account
1223

    
1224
if (count($docs_and_folders) > 1) {
1225
    if ($is_allowed_to_edit || $group_member_with_upload_rights) {
1226
        $form_actions = array();
1227
        $form_action['delete'] = get_lang('Delete');
1228
        $portfolio_actions = Portfolio::actions();
1229
        foreach($portfolio_actions as $action){
1230
            $form_action[$action->get_name()] = $action->get_title();
1231
        }
1232
        $table->set_form_actions($form_action, 'path');
1233
    }
1234
}
1235
$table->display();
1236

    
1237
if (count($docs_and_folders) > 1) {
1238
    if ($is_allowed_to_edit || $group_member_with_upload_rights) {
1239

    
1240
        // Getting the course quota
1241
        $course_quota = DocumentManager::get_course_quota();
1242

    
1243
        // Calculating the total space
1244
        $already_consumed_space_course = DocumentManager::documents_total_space(api_get_course_int_id());
1245

    
1246
        // Displaying the quota
1247
        DocumentManager::display_simple_quota($course_quota, $already_consumed_space_course);
1248
    }
1249
}
1250
if (!empty($table_footer)) {
1251
    Display::display_warning_message($table_footer);
1252
}
1253

    
1254
// Footer
1255
Display::display_footer();
(8-8/10)