One Hat Cyber Team
Your IP :
104.23.197.103
Server IP :
104.21.51.23
Server :
Linux 128-201-239-36.cprapid.com 3.10.0-1160.41.1.el7.x86_64 #1 SMP Tue Aug 31 14:52:47 UTC 2021 x86_64
Server Software :
Apache
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
juscatamarca
/
www
/
campusjxj
/
helpers
/
View File Name :
admin_class_files.php
<?php declare(strict_types=1); require_once ROOT_PATH . '/config/database.php'; /** * @return array<int, array<string, mixed>> */ function get_class_options(): array { $sql = " SELECT cl.id, cl.title AS class_title, cl.class_order, cl.status AS class_status, co.title AS course_title, gd.name AS geographic_department_name FROM classes cl INNER JOIN courses co ON co.id = cl.course_id LEFT JOIN geographic_departments gd ON gd.id = co.geographic_department_id WHERE co.status <> 'archived' ORDER BY co.title ASC, cl.class_order ASC "; return db_fetch_all($sql); } /** * @return array<int, array<string, mixed>> */ function get_admin_class_files(?string $search = null, ?string $fileType = null, ?string $status = null): array { $conditions = ['1 = 1']; $params = []; if ($search !== null && trim($search) !== '') { $conditions[] = '(cf.original_name LIKE :search OR cl.title LIKE :search OR co.title LIKE :search)'; $params[':search'] = '%' . trim($search) . '%'; } if ($fileType !== null && in_array($fileType, ['study_material', 'exam', 'extra'], true)) { $conditions[] = 'cf.file_type = :file_type'; $params[':file_type'] = $fileType; } if ($status !== null && in_array($status, ['active', 'inactive', 'archived'], true)) { $conditions[] = 'cf.status = :status'; $params[':status'] = $status; } $sql = " SELECT cf.id, cf.class_id, cf.uploaded_by, cf.file_type, cf.original_name, cf.stored_name, cf.file_extension, cf.file_size_bytes, cf.mime_type, cf.storage_path, cf.status, cf.created_at, cl.title AS class_title, cl.class_order, co.title AS course_title, gd.name AS geographic_department_name FROM class_files cf INNER JOIN classes cl ON cl.id = cf.class_id INNER JOIN courses co ON co.id = cl.course_id LEFT JOIN geographic_departments gd ON gd.id = co.geographic_department_id WHERE " . implode(' AND ', $conditions) . " ORDER BY cf.created_at DESC, cf.id DESC "; return db_fetch_all($sql, $params); } /** * @return array<string, mixed>|null */ function get_admin_class_file_by_id(int $id): ?array { $sql = " SELECT cf.id, cf.class_id, cf.file_type, cf.original_name, cf.stored_name, cf.file_extension, cf.file_size_bytes, cf.mime_type, cf.storage_path, cf.status, cf.created_at, cl.title AS class_title, co.title AS course_title, gd.name AS geographic_department_name FROM class_files cf INNER JOIN classes cl ON cl.id = cf.class_id INNER JOIN courses co ON co.id = cl.course_id LEFT JOIN geographic_departments gd ON gd.id = co.geographic_department_id WHERE cf.id = :id LIMIT 1 "; return db_fetch_one($sql, [':id' => $id]); } function admin_class_exists(int $classId): bool { $sql = 'SELECT id FROM classes WHERE id = :id LIMIT 1'; return db_fetch_one($sql, [':id' => $classId]) !== null; } function ensure_class_files_upload_dir(): string { $dir = UPLOADS_PATH . '/class_files'; if (!is_dir($dir)) { mkdir($dir, 0775, true); } return $dir; } function generate_safe_stored_name(string $extension): string { $timestamp = date('Ymd_His'); $token = bin2hex(random_bytes(8)); return 'cf_' . $timestamp . '_' . $token . '.' . strtolower($extension); } /** * @param array<string, mixed> $data * @param array<string, mixed> $uploadedFile */ function create_admin_class_file(array $data, array $uploadedFile): bool { $extension = strtolower((string) pathinfo((string) $uploadedFile['name'], PATHINFO_EXTENSION)); $storedName = generate_safe_stored_name($extension); $targetDir = ensure_class_files_upload_dir(); $targetAbsolutePath = $targetDir . '/' . $storedName; $storagePath = 'uploads/class_files/' . $storedName; if (!move_uploaded_file((string) $uploadedFile['tmp_name'], $targetAbsolutePath)) { throw new RuntimeException('No se pudo mover el archivo al directorio de destino.'); } $sql = " INSERT INTO class_files ( class_id, uploaded_by, file_type, original_name, stored_name, file_extension, file_size_bytes, mime_type, storage_path, status ) VALUES ( :class_id, :uploaded_by, :file_type, :original_name, :stored_name, :file_extension, :file_size_bytes, :mime_type, :storage_path, :status ) "; return db_execute($sql, [ ':class_id' => (int) $data['class_id'], ':uploaded_by' => isset($data['uploaded_by']) ? (int) $data['uploaded_by'] : null, ':file_type' => (string) $data['file_type'], ':original_name' => (string) $uploadedFile['name'], ':stored_name' => $storedName, ':file_extension' => $extension, ':file_size_bytes' => (int) $uploadedFile['size'], ':mime_type' => (string) ($data['mime_type'] ?? ''), ':storage_path' => $storagePath, ':status' => (string) $data['status'], ]); } /** * @param array<string, mixed> $data */ /** * @param array<string, mixed> $data * @param array<string, mixed>|null $uploadedFile */ function update_admin_class_file(int $id, array $data, ?array $uploadedFile = null): bool { // Si se sube un archivo, reemplazar el archivo anterior if ($uploadedFile !== null) { $extension = strtolower((string) pathinfo((string) $uploadedFile['name'], PATHINFO_EXTENSION)); $storedName = generate_safe_stored_name($extension); $targetDir = ensure_class_files_upload_dir(); $targetAbsolutePath = $targetDir . '/' . $storedName; $storagePath = 'uploads/class_files/' . $storedName; if (!move_uploaded_file((string) $uploadedFile['tmp_name'], $targetAbsolutePath)) { throw new RuntimeException('No se pudo mover el archivo al directorio de destino.'); } // Actualizar tambiƩn los datos del archivo $sql = " UPDATE class_files SET class_id = :class_id, file_type = :file_type, status = :status, original_name = :original_name, stored_name = :stored_name, file_extension = :file_extension, file_size_bytes = :file_size_bytes, mime_type = :mime_type, storage_path = :storage_path, updated_at = NOW() WHERE id = :id "; return db_execute($sql, [ ':id' => $id, ':class_id' => (int) $data['class_id'], ':file_type' => (string) $data['file_type'], ':status' => (string) $data['status'], ':original_name' => (string) $uploadedFile['name'], ':stored_name' => $storedName, ':file_extension' => $extension, ':file_size_bytes' => (int) $uploadedFile['size'], ':mime_type' => (string) ($data['mime_type'] ?? ''), ':storage_path' => $storagePath, ]); } else { // Solo actualizar metadatos $sql = " UPDATE class_files SET class_id = :class_id, file_type = :file_type, status = :status, updated_at = NOW() WHERE id = :id "; return db_execute($sql, [ ':id' => $id, ':class_id' => (int) $data['class_id'], ':file_type' => (string) $data['file_type'], ':status' => (string) $data['status'], ]); } } /** * @return array{class: string, label: string} */ function admin_file_type_badge(string $type): array { switch ($type) { case 'study_material': return ['class' => 'text-bg-primary', 'label' => 'Material de estudio']; case 'exam': return ['class' => 'text-bg-warning text-dark', 'label' => 'Examen']; case 'extra': return ['class' => 'text-bg-secondary', 'label' => 'Recurso extra']; default: return ['class' => 'text-bg-light', 'label' => ucfirst($type)]; } } /** * @return array{class: string, label: string} */ function admin_file_status_badge(string $status): array { switch ($status) { case 'active': return ['class' => 'text-bg-success', 'label' => 'Activo']; case 'inactive': return ['class' => 'text-bg-secondary', 'label' => 'Inactivo']; case 'archived': return ['class' => 'text-bg-dark', 'label' => 'Archivado']; default: return ['class' => 'text-bg-light', 'label' => ucfirst($status)]; } } function format_bytes(int $bytes): string { if ($bytes <= 0) { return '0 B'; } $units = ['B', 'KB', 'MB', 'GB']; $size = (float) $bytes; $i = 0; while ($size >= 1024 && $i < count($units) - 1) { $size /= 1024; $i++; } return ($i === 0 ? (string) (int) $size : (string) round($size, 1)) . ' ' . $units[$i]; } function delete_admin_class_file(int $id): bool { $classFile = get_admin_class_file_by_id($id); if ($classFile === null) { return false; } $storagePath = (string) ($classFile['storage_path'] ?? ''); if ($storagePath !== '') { $filePath = UPLOADS_PATH . '/' . str_replace('uploads/', '', $storagePath); if (is_file($filePath)) { @unlink($filePath); } } $sql = 'DELETE FROM class_files WHERE id = :id'; return db_execute($sql, [':id' => $id]); }