document.lib.php

完美的在线教育系统

		}

		//if the extension is found, return the content type
		if (isset ($mime_types[$extension]))
			return $mime_types[$extension];
		//else return octet-stream
		return "application/octet-stream";
	}

	/**
	*	@return true if the user is allowed to see the document, false otherwise
	*	@author Sergio A Kessler, first version
	*	@author Roan Embrechts, bugfix
	*   @todo ??not only check if a file is visible, but also check if the user is allowed to see the file??
	*/
	function file_visible_to_user($this_course, $doc_url)
	{
		if (api_is_allowed_to_edit())
		{
			return true;
		}
		else
		{
			$tbl_document = Database::get_course_table(TABLE_DOCUMENT);
			$tbl_item_property = $this_course.'item_property';
			//$doc_url = addslashes($doc_url);
			$query = "SELECT 1 FROM `$tbl_document` AS docs,`$tbl_item_property` AS props WHERE props.tool = 'document' AND docs.id=props.ref AND props.visibility <> '1' AND docs.path = '$doc_url'";
			//echo $query;
			$result = api_sql_query($query, __FILE__, __LINE__);

			return (Database::num_rows($result) == 0);
		}
	}

	/**
	* This function streams a file to the client
	*
	* @param string $full_file_name
	* @param boolean $forced
	* @param string $name
	* @return false if file doesn't exist, true if stream succeeded
	*/
	function file_send_for_download($full_file_name, $forced = false, $name = '')
	{
		if (!is_file($full_file_name))
		{
			return false;
		}
		$filename = ($name == '') ? basename($full_file_name) : $name;
		$len = filesize($full_file_name);

		if ($forced)
		{
			//force the browser to save the file instead of opening it

			header('Content-type: application/octet-stream');
			//header('Content-Type: application/force-download');
			header('Content-length: '.$len);
			if (preg_match("/MSIE 5.5/", $_SERVER['HTTP_USER_AGENT']))
			{
				header('Content-Disposition: filename= '.$filename);
			}
			else
			{
				header('Content-Disposition: attachment; filename= '.$filename);
			}
			if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
			{
				header('Pragma: ');
				header('Cache-Control: ');
				header('Cache-Control: public'); // IE cannot download from sessions without a cache
			}
			header('Content-Description: '.$filename);
			header('Content-transfer-encoding: binary');

			$fp = fopen($full_file_name, 'r');
			fpassthru($fp);
			return true;
		}
		else
		{
			//no forced download, just let the browser decide what to do according to the mimetype

			$content_type = DocumentManager :: file_get_mime_type($filename);
			header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
			header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
			header('Cache-Control: no-cache, must-revalidate');
			header('Pragma: no-cache');
			header('Content-type: '.$content_type);
			header('Content-Length: '.$len);
			$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
			if (strpos($user_agent, 'msie'))
			{
				header('Content-Disposition: ; filename= '.$filename);
			}
			else
			{
				header('Content-Disposition: inline; filename= '.$filename);
			}
			readfile($full_file_name);
			return true;
		}
	}

	/**
	* This function streams a string to the client for download.
	* You have to ensure that the calling script then stops processing (exit();)
	* otherwise it may cause subsequent use of the page to want to download
	* other pages in php rather than interpreting them.
	*
	* @param string The string contents
	* @param boolean Whether "save" mode is forced (or opening directly authorized)
	* @param string The name of the file in the end (including extension)
	* @return false if file doesn't exist, true if stream succeeded
	*/
	function string_send_for_download($full_string, $forced = false, $name = '')
	{
		$filename = $name;
		$len = strlen($full_string);

		if ($forced)
		{
			//force the browser to save the file instead of opening it

			header('Content-type: application/octet-stream');
			//header('Content-Type: application/force-download');
			header('Content-length: '.$len);
			if (preg_match("/MSIE 5.5/", $_SERVER['HTTP_USER_AGENT']))
			{
				header('Content-Disposition: filename= '.$filename);
			}
			else
			{
				header('Content-Disposition: attachment; filename= '.$filename);
			}
			if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
			{
				header('Pragma: ');
				header('Cache-Control: ');
				header('Cache-Control: public'); // IE cannot download from sessions without a cache
			}
			header('Content-Description: '.$filename);
			header('Content-transfer-encoding: binary');

			//$fp = fopen($full_string, 'r');
			//fpassthru($fp);
			echo $full_string;
			return true;
			//You have to ensure that the calling script then stops processing (exit();)
			//otherwise it may cause subsequent use of the page to want to download
			//other pages in php rather than interpreting them.
		}
		else
		{
			//no forced download, just let the browser decide what to do according to the mimetype

			$content_type = DocumentManager :: file_get_mime_type($filename);
			header('Expires: Wed, 01 Jan 1990 00:00:00 GMT');
			header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
			header('Cache-Control: no-cache, must-revalidate');
			header('Pragma: no-cache');
			header('Content-type: '.$content_type);
			header('Content-Length: '.$len);
			$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
			if (strpos($user_agent, 'msie'))
			{
				header('Content-Disposition: ; filename= '.$filename);
			}
			else
			{
				header('Content-Disposition: inline; filename= '.$filename);
			}
			echo($full_string);
			//You have to ensure that the calling script then stops processing (exit();)
			//otherwise it may cause subsequent use of the page to want to download
			//other pages in php rather than interpreting them.
			return true;
		}
	}

	/**
	* Fetches all document data for the given user/group
	*
	* @param array $_course
	* @param string $path
	* @param int $to_group_id
	* @param int $to_user_id
	* @param boolean $can_see_invisible
	* @return array with all document data 
	*/
	function get_all_document_data($_course, $path = '/', $to_group_id = 0, $to_user_id = NULL, $can_see_invisible = false)
	{
		$TABLE_ITEMPROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY, $_course['dbName']);
		$TABLE_DOCUMENT = Database :: get_course_table(TABLE_DOCUMENT, $_course['dbName']);

		//if to_user_id = NULL -> change query (IS NULL)
		//$to_user_id = (is_null($to_user_id))?'IS NULL':'= '.$to_user_id;
		if (!is_null($to_user_id))
		{
			$to_field = 'last.to_user_id';
			$to_value = $to_user_id;
		}
		else
		{
			$to_field = 'last.to_group_id';
			$to_value = $to_group_id;
		}

		//escape underscores in the path so they don't act as a wildcard
		$path 		= Database::escape_string(str_replace('_', '\_', $path));
		$to_user_id = Database::escape_string($to_user_id);
		$to_value	= Database::escape_string($to_value);

		//if they can't see invisible files, they can only see files with visibility 1
		$visibility_bit = ' = 1';
		//if they can see invisible files, only deleted files (visibility 2) are filtered out
		if ($can_see_invisible)
		{
			$visibility_bit = ' <> 2';
		}

		//the given path will not end with a slash, unless it's the root '/'
		//so no root -> add slash
		$added_slash = ($path == '/') ? '' : '/';

		$sql = "SELECT *
						FROM  ".$TABLE_ITEMPROPERTY."  AS last, ".$TABLE_DOCUMENT."  AS docs
						WHERE docs.id = last.ref
						AND docs.path LIKE '".$path.$added_slash."%'
						AND docs.path NOT LIKE '".$path.$added_slash."%/%'
						AND last.tool = '".TOOL_DOCUMENT."' 
						AND ".$to_field." = ".$to_value."
						AND last.visibility".$visibility_bit;

		//echo $sql;

		$result = api_sql_query($sql);

		if ($result && Database::num_rows($result) != 0)
		{
			while ($row = Database::fetch_array($result,'ASSOC'))
				//while ($row = Database::fetch_array($result,MYSQL_NUM))
			{
				
				if($row['filetype']=='file' && pathinfo($row['path'],PATHINFO_EXTENSION)=='html'){
					
					//Templates management
					$table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES);
					$sql_is_template = "SELECT id FROM $table_template 
										WHERE course_code='".$_course['id']."' 
										AND user_id='".api_get_user_id()."'
										AND ref_doc='".$row['id']."'";
					$template_result = api_sql_query($sql_is_template);
					if(Database::num_rows($template_result)>0){
						$row['is_template'] = 1;
					}
					else{
						$row['is_template'] = 0;
					}
				}
				
				$document_data[$row['id']] = $row;
				//$document_data[] = $row;
			}
			return $document_data;
		}
		else
		{
			//display_error("Error getting document info from database (".mysql_error().")!");
			return false;
		}
	}

	/**
	 * Gets the paths of all folders in a course
	 * can show all folders (exept for the deleted ones) or only visible ones
	 * @param array $_course
	 * @param boolean $can_see_invisible
	 * @param int $to_group_id
	 * @return array with paths
	 */
	function get_all_document_folders($_course, $to_group_id = '0', $can_see_invisible = false)
	{
		$TABLE_ITEMPROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY, $_course['dbName']);
		$TABLE_DOCUMENT = Database :: get_course_table(TABLE_DOCUMENT, $_course['dbName']);
		if(empty($to_group_id)){$to_group_id = '0';} //avoid empty strings in $to_group_id
		if ($can_see_invisible)
		{
			$sql = "SELECT path
								FROM  ".$TABLE_ITEMPROPERTY."  AS last, ".$TABLE_DOCUMENT."  AS docs
								WHERE docs.id = last.ref
								AND docs.filetype = 'folder' 
								AND last.tool = '".TOOL_DOCUMENT."'