closedir($handler);
}
//takes care of the condition where the whole package doesn't have any contents but question banks
+//also is the case of urls
if(is_array($all_package_base_path)){
$all_package_base_path = implode('/', $all_package_base_path);
}
-
-if (@rename($import_path.$all_package_base_path, $course_dir.$package_base_name) === false) {
- if (!$msg->containsErrors()) {
- $msg->addError('IMPORT_FAILED');
- }
+if(strpos($all_package_base_path, 'http://')===false){
+ if (@rename($import_path.$all_package_base_path, TR_CONTENT_DIR .$_course_id.'/'.$package_base_name) === false) {
+ if (!$msg->containsErrors()) {
+ $msg->addError('IMPORT_FAILED');
+ }
+ }
}
//check if there are still resources missing
foreach($items as $idetails){
if (file_exists($full_filename)) @unlink($full_filename);
-if (!$msg->containsErrors()) {
- $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
-}
-
if ($oauth_import) {
echo 'course_id='.$_course_id;
} else {
+ if (!$msg->containsErrors()) {
+ $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
+ }
header('Location: ../course/index.php?_course_id='.$_course_id);
}
exit;
//hack, if param[name]=src or none <param> tag, extract. Skip all other <param> attributes.
if ($name!='param' || $attrs['name']=='src'){
//skip glossary.html, tweak to accomodate atutor imscp; also skip repeated entries.
- if (strpos($attrs[$elements[$name]], 'glossary.html')===false
- && !in_array($attrs[$elements[$name]], $my_files)){
- $my_files[] = $attrs[$elements[$name]];
- }
+ //skip javascript: links, void();, #, mailto:
+ if (strpos($attrs[$elements[$name]], 'glossary.html')===false
+ && !in_array($attrs[$elements[$name]], $my_files)
+ && $attrs[$elements[$name]]!='#'
+ && strpos($attrs[$elements[$name]], 'javascript:')===false
+ && strpos($attrs[$elements[$name]], 'mailto:')===false
+ && strpos($attrs[$elements[$name]], 'void(')===false
+ ){
+ $my_files[] = $attrs[$elements[$name]];
+ }
}
}
}
if (substr($file, 0, 7) != 'http://' && substr($file, 0, 8) != 'https://') {
$file_path = realpath(TR_CONTENT_DIR . $course_id . '/' . $content['content_path'] . $file);
+ /* check if the path contains TR_CONTENT_DIR in it, if not, skip it, it's trying to scan through
+ * the file system */
+ if (strpos($file_path, TR_CONTENT_DIR)!==0){
+ continue; //skip
+ }
+
/* check if this file exists in the content dir, if not don't include it */
if (file_exists($file_path) && is_file($file_path) && !in_array($file_path, $zipped_files)) {
$zipped_files[] = $file_path;
} else {
if (preg_match('/^http[s]?\:/', $file) == 1){
$content_files .= str_replace('{FILE}', $file, $ims_template_xml['xml']);
- } else {
+ } elseif (file_exists($file_path) && is_file($file_path)) {
+ //http://www.atutor.ca/atutor/mantis/view.php?id=4313
+ //relative link that goes beyond get.php shouldn't be added
+ //relative link that does not exist shouldn't be added.
$content_files .= str_replace('{FILE}', $content['content_path'] . $file, $ims_template_xml['file']);
}
}