TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

upgrade

Browse Source
This commit is contained in:
Xes
2025-08-14 22:37:50 +02:00
parent fb6d5d5926
commit 3641e93527
9156 changed files with 1813532 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

215
main/inc/lib/svg-edit/extensions/savefile_config.php Normal file
View File

@@ -0,0 +1,215 @@
<?php
use ChamiloSession as Session;
/*
* filesave.php
* To be used with ext-server_opensave.js for SVG-edit
*
* Licensed under the Apache License, Version 2
*
* Copyright(c) 2010 Alexis Deveria
*
* Integrate svg-edit with Chamilo
* @author Juan Carlos Raña Trabado
* @since 25/september/2010
*/
require_once '../../../../../inc/global.inc.php';
// Add security from Chamilo
api_protect_course_script();
api_block_anonymous_users();
if (!isset($_POST['output_svg']) && !isset($_POST['output_png'])) {
api_not_allowed();//from Chamilo
die();
}
$file = '';
$suffix = isset($_POST['output_svg']) ? 'svg' : 'png';
$_course = api_get_course_info();
if (isset($_POST['filename']) && strlen($_POST['filename']) > 0) {
$file = $_POST['filename'];
} else {
$file = 'image';
}
if ($suffix == 'svg') {
$mime = 'image/svg+xml';
$contents = rawurldecode($_POST['output_svg']);
} else {
$mime = 'image/png';
$contents = $_POST['output_png'];
$pos = (strpos($contents, 'base64,') + 7);
$contents = base64_decode(substr($contents, $pos));
}
//get SVG-Edit values
$filename = $file;//from svg-edit
$extension = $suffix;// from svg-edit
$content = $contents;//from svg-edit
$title = Database::escape_string(str_replace('_',' ',$filename));
//get Chamilo variables
$relativeUrlPath = Session::read('draw_dir');
if (empty($relativeUrlPath)) {
api_not_allowed();//from Chamilo
die();
}
$current_session_id = api_get_session_id();
$groupId = api_get_group_id();
$groupInfo = GroupManager::get_group_properties($groupId);
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
$saveDir = $dirBaseDocuments.$relativeUrlPath;
// a bit title security
$filename = addslashes(trim($filename));
$filename = Security::remove_XSS($filename);
$filename = api_replace_dangerous_char($filename);
$filename = disable_dangerous_file($filename);
// a bit extension
if ($suffix != 'svg' && $suffix != 'png') {
die();
}
//a bit mime security
//comment because finfo seems stopping the save process files in some php vers.
/*
if (phpversion() >= '5.3' && extension_loaded('fileinfo')) {
$finfo = new finfo(FILEINFO_MIME);
$current_mime=$finfo->buffer($contents);
finfo_close($finfo);
$mime_png='image/png';//svg-edit return image/png; charset=binary
$mime_svg='image/svg+xml';
$mime_xml='application/xml';//hack for svg-edit because original code return application/xml; charset=us-ascii. See
if(strpos($current_mime, $mime_png)===false && $extension=='png') {
die();//File extension does not match its content
} elseif(strpos($current_mime, $mime_svg)===false && strpos($current_mime, $mime_xml)===false && $extension=='svg') {
die();//File extension does not match its content
}
}
*/
//checks if the file exists, then rename the new
if (file_exists($saveDir.'/'.$filename.'.'.$extension) && $currentTool=='document/createdraw') {
$message = get_lang('FileExistsChangeToSave');
$params = array(
'message' => $message,
'url' => ''
);
echo json_encode($params);
exit;
} else {
$drawFileName = $filename.'.'.$extension;
$title = $title.'.'.$extension;
}
$documentPath = $saveDir.'/'.$drawFileName;
//add new document to disk
file_put_contents($documentPath, $contents);
if ($currentTool == 'document/createdraw') {
//add document to database
$doc_id = add_document(
$_course,
$relativeUrlPath.'/'.$drawFileName,
'file',
filesize($documentPath),
$title
);
api_item_property_update(
$_course,
TOOL_DOCUMENT,
$doc_id,
'DocumentAdded',
$_user['user_id'],
$groupInfo,
null,
null,
null,
$current_session_id
);
} elseif ($currentTool == 'document/editdraw') {
//check path
if (!isset($_SESSION['draw_file'])) {
api_not_allowed();//from Chamilo
die();
}
if ($_SESSION['draw_file'] == $drawFileName) {
$document_id = DocumentManager::get_document_id(
$_course,
$relativeUrlPath.'/'.$drawFileName
);
update_existing_document(
$_course,
$document_id,
filesize($documentPath),
null
);
api_item_property_update(
$_course,
TOOL_DOCUMENT,
$document_id,
'DocumentUpdated',
$_user['user_id'],
$groupInfo,
null,
null,
null,
$current_session_id
);
} else {
//add a new document
$doc_id = add_document(
$_course,
$relativeUrlPath.'/'.$drawFileName,
'file',
filesize($documentPath),
$title
);
api_item_property_update(
$_course,
TOOL_DOCUMENT,
$doc_id,
'DocumentAdded',
$_user['user_id'],
$groupInfo,
null,
null,
null,
$current_session_id
);
}
}
//clean sessions and add messages and return to current document list
Session::erase('draw_dir');
Session::erase('draw_file');
if ($suffix != 'png') {
if ($relativeUrlPath == '') {
$relativeUrlPath = '/';
};
$url = api_get_path(WEB_CODE_PATH).'document/document.php?'.api_get_cidreq().'&curdirpath='.urlencode($relativeUrlPath);
$message = get_lang('FileSavedAs').': '.$title;
//echo 'alert("'.get_lang('FileSavedAs').': '.$title.'");';
//echo 'window.top.location.href="'.$interbreadcrumb.'";';//return to current document list
} else {
$url = '';
$message = get_lang('FileExportAs').': '.$title;
}
$params = array(
'message' => $message,
'url' => $url
);
echo json_encode($params);
exit;