Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
git-svn-id: https://xerteonlinetoolkits.googlecode.com/svn/branches/1.8@134 912cdd6b-5c7d-d5a7-a2ba-d0f0cdb91641
- Loading branch information
Showing
39 changed files
with
2,198 additions
and
2,379 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,138 +1,112 @@ | ||
<?PHP /** | ||
* | ||
* data page, allows other sites to consume the xml of a toolkit | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
|
||
require("config.php"); | ||
|
||
require $xerte_toolkits_site->root_file_path . "languages/" . $_SESSION['toolkits_language'] . "/data.inc"; | ||
|
||
require $xerte_toolkits_site->php_library_path . "database_library.php"; | ||
require $xerte_toolkits_site->php_library_path . "template_status.php"; | ||
require $xerte_toolkits_site->php_library_path . "display_library.php"; | ||
|
||
/** | ||
* connect to the database | ||
*/ | ||
|
||
$mysql_id=database_connect("data database connect successful","data database connect failed"); | ||
|
||
/** | ||
* Check the template ID is a number | ||
*/ | ||
|
||
if(is_numeric(mysql_real_escape_string($_GET['template_id']))){ | ||
|
||
/** | ||
* Run the standard query from config.php, excessive in this case, but suitable | ||
*/ | ||
<?php | ||
/** | ||
* | ||
* data page, allows other sites to consume the xml of a toolkit | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
|
||
$query_to_check_data = "select * from " . $xerte_toolkits_site->database_table_prefix . "additional_sharing where sharing_type=\"xml\" and template_id=\"" . mysql_real_escape_string($_GET['template_id']) . "\""; | ||
require_once("config.php"); | ||
|
||
$query_for_data_response = mysql_query($query_to_check_data); | ||
require $xerte_toolkits_site->root_file_path . "languages/" . $_SESSION['toolkits_language'] . "/data.inc"; | ||
|
||
/** | ||
* Check to see if for this ID a data value is set in additional sharing. | ||
*/ | ||
require $xerte_toolkits_site->php_library_path . "database_library.php"; | ||
require $xerte_toolkits_site->php_library_path . "template_status.php"; | ||
require $xerte_toolkits_site->php_library_path . "display_library.php"; | ||
|
||
if(mysql_num_rows($query_for_data_response)!=0){ | ||
/** | ||
* Check the template ID is a number | ||
*/ | ||
|
||
$row_data = mysql_fetch_array($query_for_data_response); | ||
if(!isset($_GET['template_id']) || !is_numeric($_GET['template_id'])) { | ||
dont_show_template(); | ||
exit(0); | ||
} | ||
|
||
/** | ||
* The extra value in this case is the hostname we have limited XML consumption too, and as such see it exists | ||
*/ | ||
|
||
if($row_data['extra']!=""){ | ||
|
||
/** | ||
* Compare to the host variables | ||
*/ | ||
/** | ||
* Run the standard query from config.php, excessive in this case, but suitable | ||
*/ | ||
|
||
if(($row_data['extra']==$_SERVER['HTTP_REFERER'])||($row_data['extra']==$_SERVER['REMOTE_ADDR'])){ | ||
|
||
/** | ||
* Fetch and return the XML | ||
*/ | ||
$query_to_check_data = "select * from {$xerte_toolkits_site->database_table_prefix}additional_sharing where sharing_type=? AND template_id = ?"; | ||
|
||
$query_for_preview_content = $xerte_toolkits_site->play_edit_preview_query; | ||
|
||
$query_for_preview_content_response = mysql_query($query_for_preview_content); | ||
|
||
$row = mysql_fetch_array($query_for_preview_content_response); | ||
|
||
$query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
||
$query_for_username_response = mysql_query($query_for_username); | ||
|
||
$row_username = mysql_fetch_array($query_for_username_response); | ||
|
||
$path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
|
||
echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
$query_for_data_response = db_query_one($query_to_check_data, array('xml', $_GET['template_id'])); | ||
/** | ||
* Check to see if for this ID a data value is set in additional sharing. | ||
*/ | ||
|
||
}else{ | ||
if(!empty($query_for_data_response)) { | ||
|
||
$row_data = $query_for_data_response; | ||
|
||
dont_show_template(); | ||
/** | ||
* The extra value in this case is the hostname we have limited XML consumption too, and as such see it exists | ||
*/ | ||
|
||
} | ||
if($row_data['extra']!=""){ | ||
|
||
/** | ||
* Compare to the host variables | ||
*/ | ||
|
||
}else{ | ||
|
||
/** | ||
* Fetch and return the XML | ||
*/ | ||
if(($row_data['extra']==$_SERVER['HTTP_REFERER'])||($row_data['extra']==$_SERVER['REMOTE_ADDR'])){ | ||
|
||
$query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); | ||
$query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_GET['template_id']), $query_for_play_content_strip); | ||
/** | ||
* Fetch and return the XML | ||
*/ | ||
|
||
$query_for_play_content_response = mysql_query($query_for_play_content); | ||
$query_for_preview_content = $xerte_toolkits_site->play_edit_preview_query; | ||
|
||
$row = mysql_fetch_array($query_for_play_content_response); | ||
|
||
$query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\""; | ||
|
||
$query_for_username_response = mysql_query($query_for_username); | ||
|
||
$row_username = mysql_fetch_array($query_for_username_response); | ||
|
||
$path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
$query_for_preview_content_response = mysql_query($query_for_preview_content); | ||
|
||
echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
$row = mysql_fetch_array($query_for_preview_content_response); | ||
|
||
$query_for_username = "select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?"; | ||
$row_username = db_query_one($query_for_username, array($row['user_id'])); | ||
|
||
} | ||
|
||
if(empty($row_username)) { | ||
_debug("User deleted, but template remains?"); | ||
} | ||
else { | ||
$path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
} | ||
}else{ | ||
dont_show_template(); | ||
} | ||
|
||
}else{ | ||
}else{ | ||
|
||
/*** | ||
Display nothing | ||
*/ | ||
/** | ||
* Fetch and return the XML | ||
*/ | ||
|
||
echo DATA_XMLFAIL; | ||
$query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); | ||
|
||
dont_show_template(); | ||
$query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_GET['template_id']), $query_for_play_content_strip); | ||
|
||
} | ||
$row = db_query_one($query_for_play_content); | ||
|
||
}else{ | ||
$query_for_username = "select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?"; | ||
|
||
/** | ||
* Display nothing | ||
*/ | ||
$row_username = db_query_one($query_for_username, array($row['user_id'])); | ||
|
||
dont_show_template(); | ||
|
||
} | ||
$path = $xerte_toolkits_site->users_file_area_short . $row['template_id'] . "-" . $row_username['username'] . "-" . $row['template_name'] . "/"; | ||
|
||
echo str_replace("FileLocation + '", $xerte_toolkits_site->site_url . $path, file_get_contents($path . "data.xml")); | ||
} | ||
} | ||
else{ | ||
/*** | ||
Display nothing | ||
*/ | ||
|
||
echo DATA_XMLFAIL; | ||
|
||
?> | ||
dont_show_template(); | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,27 @@ | ||
<?PHP /** | ||
* | ||
* Drawing page, brings up the xerte drawing tool in another window | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
<?php | ||
/** | ||
* | ||
* Drawing page, brings up the xerte drawing tool in another window | ||
* | ||
* @author Patrick Lockley | ||
* @version 1.0 | ||
* @copyright Copyright (c) 2008,2009 University of Nottingham | ||
* @package | ||
*/ | ||
|
||
echo file_get_contents("modules/xerte/drawing_xerte_top"); | ||
require_once('config.php'); | ||
|
||
echo "so.addVariable(\"xmlvariable\", \"$string_for_flash_xml\");"; | ||
echo "so.addVariable(\"rlovariable\", \"$string_for_flash_media\");"; | ||
echo "so.addVariable(\"originalpathvariable\", \"$string_for_flash_xwd\");"; | ||
echo "so.addVariable(\"template_id\", \"" . $row['template_id'] . "\");"; | ||
|
||
echo "so.write(\"flashcontent\");"; | ||
echo "</script>"; | ||
echo file_get_contents("modules/xerte/drawing_xerte_top"); | ||
|
||
echo "</body></html>"; | ||
echo "so.addVariable(\"xmlvariable\", \"$string_for_flash_xml\");"; | ||
echo "so.addVariable(\"rlovariable\", \"$string_for_flash_media\");"; | ||
echo "so.addVariable(\"originalpathvariable\", \"$string_for_flash_xwd\");"; | ||
echo "so.addVariable(\"template_id\", \"" . $row['template_id'] . "\");"; | ||
|
||
?> | ||
echo "so.write(\"flashcontent\");"; | ||
echo "</script>"; | ||
|
||
echo "</body></html>"; | ||
|
||
?> |
Oops, something went wrong.