projects / atutor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
remove old readme
[atutor.git] / docs / mods / _standard / file_storage / edit.php
1 <?php\r
2 /****************************************************************/\r
3 /* ATutor                                                                                                               */\r
4 /****************************************************************/\r
5 /* Copyright (c) 2002-2010                                      */\r
6 /* Inclusive Design Institute                                   */\r
7 /* http://atutor.ca                                                                                             */\r
8 /*                                                              */\r
9 /* This program is free software. You can redistribute it and/or*/\r
10 /* modify it under the terms of the GNU General Public License  */\r
11 /* as published by the Free Software Foundation.                                */\r
12 /****************************************************************/\r
13 // $Id$\r
14 \r
15 define('AT_INCLUDE_PATH', '../../../include/');\r
16 require(AT_INCLUDE_PATH.'vitals.inc.php');\r
17 require(AT_INCLUDE_PATH.'../mods/_standard/file_storage/file_storage.inc.php');\r
18 \r
19 $owner_type = abs($_REQUEST['ot']);\r
20 $owner_id   = abs($_REQUEST['oid']);\r
21 $owner_arg_prefix = '?ot='.$owner_type.SEP.'oid='.$owner_id. SEP;\r
22 if (!($owner_status = fs_authenticate($owner_type, $owner_id)) || !query_bit($owner_status, WORKSPACE_AUTH_WRITE)) { \r
23         $msg->addError('ACCESS_DENIED');\r
24         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php', AT_PRETTY_URL_IS_HEADER));\r
25         exit;\r
26 }\r
27 \r
28 if (isset($_POST['cancel'])) {\r
29         $msg->addFeedback('CANCELLED');\r
30         header('Location: '.url_rewrite('mods/_standard/file_storage/index.php'.$owner_arg_prefix.'folder='.abs($_POST['folder']), AT_PRETTY_URL_IS_HEADER));\r
31         exit;\r
32 } else if (isset($_POST['submit'])) {\r
33         $_POST['id'] = abs($_POST['id']);\r
34 \r
35 \r
36         if (!$_POST['name']) {\r
37                 $msg->addError('MISSING_FILENAME');\r
38         }\r
39 \r
40         if (!$msg->containsErrors()) {\r
41                 $_POST['name'] = $addslashes($_POST['name']);\r
42                 $_POST['comment'] = $addslashes(trim($_POST['comment']));\r
43                 $_POST['description'] = $addslashes(trim($_POST['description']));\r
44                 $_POST['body'] = $stripslashes($_POST['body']); // saved to disk not db so no need to escape.\r
45                 $original_file = fs_get_file_path($_POST['id']);\r
46                 $folder = abs($_POST['folder']);\r
47 \r
48                 if (!$_POST['edit'] || (file_get_contents($original_file . $_POST['id']) == $_POST['body'])) {\r
49                         // file is not editable ,or it is editable but no changes made.\r
50                         // only add the comment (if any) and the file name\r
51 \r
52                         $num_comments = 0;\r
53                         \r
54                         if ($_POST['comment']){\r
55                                 $sql = "INSERT INTO ".TABLE_PREFIX."files_comments VALUES (NULL, $_POST[id], $_SESSION[member_id], NOW(), '{$_POST['comment']}')";\r
56                                 mysql_query($sql, $db);\r
57 \r
58                                 $num_comments = 1;\r
59                         }\r
60 \r
61                         $sql = "UPDATE ".TABLE_PREFIX."files SET file_name='$_POST[name]', description='$_POST[description]', num_comments=num_comments+$num_comments, date=date WHERE file_id=$_POST[id] AND owner_type=$owner_type AND owner_id=$owner_id";\r
62                         mysql_query($sql, $db);\r
63                 } else {\r
64                         // this file is editable, and has changed\r
65 \r
66                         $size = strlen($_POST['body']);\r
67 \r
68                         if ($_POST['comment']) {\r
69                                 $num_comments = 1;\r
70                         } else {\r
71                                 $num_comments = 0;\r
72                         }\r
73                         $sql = "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$_POST[id] AND owner_type=$owner_type AND owner_id=$owner_id";\r
74                         $result = mysql_query($sql, $db);\r
75                         $row = mysql_fetch_assoc($result);\r
76 \r
77                         if ($_config['fs_versioning']) {\r
78                                 $sql = "INSERT INTO ".TABLE_PREFIX."files VALUES (NULL, {$row['owner_type']}, {$row['owner_id']}, $_SESSION[member_id], {$row['folder_id']}, 0, NOW(), $num_comments, {$row['num_revisions']}+1, '{$_POST['name']}', $size, '$_POST[description]')";\r
79                                 $result = mysql_query($sql, $db);\r
80 \r
81                                 $file_id = mysql_insert_id($db);\r
82 \r
83                                 $file_path = fs_get_file_path($file_id);\r
84                                 if ($fp = fopen($file_path . $file_id, 'wb')) {\r
85                                         ftruncate($fp, 0);\r
86                                         fwrite($fp, $_POST['body'], $size);\r
87                                         fclose($fp);\r
88 \r
89                                         $sql = "UPDATE ".TABLE_PREFIX."files SET parent_file_id=$file_id, date=date WHERE file_id=$_POST[id] AND owner_type=$owner_type AND owner_id=$owner_id";\r
90                                         $result = mysql_query($sql, $db);\r
91 \r
92                                         if ($_POST['comment']){\r
93                                                 $sql = "INSERT INTO ".TABLE_PREFIX."files_comments VALUES (NULL, $file_id, $_SESSION[member_id], NOW(), '{$_POST['comment']}')";\r
94                                                 mysql_query($sql, $db);\r
95                                         }\r
96                                 }\r
97                         } else {\r
98                                 $file_path = fs_get_file_path($_POST['id']);\r
99                                 if ($fp = fopen($file_path . $_POST['id'], 'wb')) {\r
100                                         ftruncate($fp, 0);\r
101                                         fwrite($fp, $_POST['body'], $size);\r
102                                         fclose($fp);\r
103                                 }\r
104                         }\r
105                 }\r
106                 $msg->addFeedback('FILE_EDITED_SUCCESSFULLY');\r
107                 header('Location: '.url_rewrite('mods/_standard/file_storage/index.php'.$owner_arg_prefix.'folder='.$folder, AT_PRETTY_URL_IS_HEADER));\r
108                 exit;\r
109         }\r
110 \r
111         $_GET['id'] = $_POST['id'];\r
112 }\r
113 \r
114 $onload = 'document.form.name.focus();';\r
115 \r
116 require(AT_INCLUDE_PATH.'header.inc.php');\r
117 \r
118 if (($_POST['setvisual'] && !$_POST['settext']) || $_GET['setvisual']) {\r
119         require(AT_INCLUDE_PATH.'lib/tinymce.inc.php');\r
120 \r
121         load_editor(false, 'body');\r
122 }\r
123 \r
124 $id = abs($_REQUEST['id']);\r
125 \r
126 $sql = "SELECT file_name, folder_id, description FROM ".TABLE_PREFIX."files WHERE file_id=$id AND owner_type=$owner_type AND owner_id=$owner_id";\r
127 $result = mysql_query($sql, $db);\r
128 if (!$row = mysql_fetch_assoc($result)) {\r
129         $msg->printErrors('FILE_NOT_EXIST');\r
130         require(AT_INCLUDE_PATH.'footer.inc.php');\r
131         exit;\r
132 }\r
133 if (isset($_POST['description'])) {\r
134         $row['description'] = $stripslashes($_POST['description']);\r
135         $row['file_name']   = $stripslashes($_POST['name']);\r
136         $row['comment']     = $stripslashes($_POST['comment']);\r
137         $_POST['body']      = $stripslashes($_POST['body']);\r
138 }\r
139 $ext = fs_get_file_extension($row['file_name']);\r
140 $file_path = fs_get_file_path($id);\r
141 ?>\r
142 \r
143 <form method="post" action="<?php echo $_SERVER['PHP_SELF'] . $owner_arg_prefix; ?>" name="form">\r
144 <input type="hidden" name="id" value="<?php echo $id; ?>" />\r
145 <input type="hidden" name="folder" value="<?php echo $row['folder_id']; ?>" />\r
146 <input type="submit" name="submit" style="display:none;"/>\r
147 <div class="input-form">\r
148         <div class="row">\r
149                 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="name"><?php echo _AT('file_name'); ?></label><br />\r
150                 <input type="text" name="name" id="name" value="<?php echo htmlspecialchars($row['file_name']); ?>" size="40" maxlength="70" />\r
151         </div>\r
152 \r
153         <div class="row">\r
154                 <label for="description"><?php echo _AT('description'); ?></label><br />\r
155                 <textarea name="description" id="description" cols="30" rows="2"><?php echo htmlspecialchars($row['description']); ?></textarea>\r
156         </div>\r
157 \r
158         <?php if (in_array($ext, $editable_file_types)): ?>\r
159                 <input type="hidden" name="edit" value="1" />\r
160                 <div class="row">\r
161                         <label for="comment"><?php echo _AT('revision_comment'); ?></label><br />\r
162                         <textarea name="comment" id="comment" cols="30" rows="2"><?php echo htmlspecialchars($row['comment']); ?></textarea>\r
163                 </div>\r
164 \r
165                 <div class="row">\r
166                         <?php\r
167                                 if (($_POST['setvisual'] && !$_POST['settext']) || $_GET['setvisual']){\r
168                                         echo '<input type="hidden" name="setvisual" value="'.$_POST['setvisual'].'" />';\r
169                                         echo '<input type="submit" name="settext" value="'._AT('switch_text').'" />';\r
170                                 } else {\r
171                                         echo '<input type="submit" name="setvisual" value="'._AT('switch_visual').'" />';\r
172                                 }\r
173                         ?>\r
174                 </div>\r
175 \r
176                 <div class="row">\r
177                         <label for="body"><?php echo _AT('contents'); ?></label><br />\r
178                         <textarea name="body" id="body" cols="30" rows="20"><?php\r
179                                 if (isset($_POST['body'])) {\r
180                                         echo $_POST['body'];\r
181                                 } else {\r
182                                         echo htmlspecialchars(file_get_contents($file_path . $id));\r
183                                 }\r
184                                 ?></textarea>\r
185                 </div>\r
186         <?php else: ?>\r
187                 <div class="row">\r
188                         <label for="comment"><?php echo _AT('revision_comment'); ?></label><br />\r
189                         <textarea name="comment" id="comment" cols="30" rows="2"></textarea>\r
190                 </div>\r
191                 <div class="row">\r
192                         <?php echo _AT('contents'); ?><br />\r
193                         <?php echo _AT('not_editable'); ?>\r
194                         <br />\r
195                         <?php if (in_array($ext, array('gif', 'jpg','jpeg', 'png', 'bmp'))): ?>\r
196                                 <img src="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" alt="" title="" />\r
197 \r
198                         <?php elseif ($ext == 'swf'): ?>\r
199                                 <object type="application/x-shockwave-flash" data="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" width="550" height="400"><param name="movie" value="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" /></object>\r
200 \r
201                         <?php elseif ($ext == 'mov'): ?>\r
202                                 <object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" width="550" height="400" codebase="http://www.apple.com/qtactivex/qtplugin.cab"><param name="src" value="file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" /><param name="autoplay" value="true" /><param name="controller" value="true" /><embed src="file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" width="550" height="400" controller="true" pluginspage="http://www.apple.com/quicktime/download/"></embed></object>\r
203 \r
204                         <?php elseif ($ext == 'mp3'): ?>\r
205                                 <object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" width="200" height="15" codebase="http://www.apple.com/qtactivex/qtplugin.cab"><param name="src" value="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" /><param name="autoplay" value="false" /><embed src="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" width="200" height="15" autoplay="false" pluginspage="http://www.apple.com/quicktime/download/"></embed></object>\r
206 \r
207                         <?php elseif (in_array($ext, array('wav', 'au'))): ?>\r
208                                 <embed src="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>" autostart="false" width="145" height="60"><noembed><bgsound src="mods/_standard/file_storage/index.php<?php echo $owner_arg_prefix; ?>download=1<?php echo SEP; ?>files<?php echo urlencode('[]').'='.$id; ?>"></noembed></embed>\r
209 \r
210                         <?php endif; ?>\r
211                 </div>\r
212 \r
213                 <input type="hidden" name="edit" value="0" />\r
214         <?php endif; ?>\r
215         <div class="row buttons">\r
216                 <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />\r
217                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />\r
218         </div>\r
219 </div>\r
220 </form>\r
221 \r
222 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>
Course Management Learning Management Tools