<?php
// Uploadify v1.6.2
// Copyright (C) 2009 by Ronnie Garcia
// Co-developed by Travis Nickels

require_once('../../init.php');
//include('../../../../config.php');

$cmid = (int)$_GET['cmid'];
if (!$cmid) {
    echo "Module ID missing";
    exit;
}

$itemid = (int)$_GET['itemid'];
if (!$itemid) {
    echo "Module ID missing";
    exit;
}

$signature = $_REQUEST['signature'];
$signeddata = $_REQUEST['signeddata'];

if ($signature != sloodle_signature($signeddata)) {
    echo "Invalid signature";
    exit;
}

$bits = explode('-', $signeddata);
if ($bits[2] != $cmid) {
    echo "Invalid signature";
    exit;
}

if (SLOODLE_IS_ENVIRONMENT_MOODLE_2) {
    //
    $fs = get_file_storage();
     
    //$url = $CFG->wwwroot/pluginfile.php/$forumcontextid/mod_forum/post/$postid/image.jpg
    // Prepare file record object
    //$targetPath = $CFG->dataroot.'/'.SITEID.'/presenter/'.(int)$_GET["moduleId"].'/';
    $filename = str_replace(' ', '_', $_FILES['Filedata']['name']);
    $fileinfo = new SplFileInfo($filename);
    $extension = $fileinfo->getExtension();

    $allowable = array('jpg', 'gif', 'png', 'mov', 'mpg'); 

    //get the extension of the file being uploaded              
    $fileext = strtolower($extension);
    if (!in_array($fileext, $allowable)) {
        echo "This $filename file is not allowed.";
        exit();
    }

    //$context = get_context_instance(CONTEXT_MODULE, $cmid); 
    $context = context_module::instance($cmid); 
    $contextid = $context->id;

    $fileinfo = array(
        'contextid' => $contextid,        // ID of context
        'component' => 'mod_sloodle',     // usually = table name
        'filearea'  => 'presenter',       // usually = table name
        'itemid'    => $itemid,           // usually = ID of row in table
//      'filepath'  => '/presenter',      // any path beginning and ending in /
        'filepath'  => '/'.$contextid.'/mod_sloodle/presenter/'.$itemid.'/',
        'filename'  => $filename
    );

    $tmpfilename = $_FILES['Filedata']['tmp_name'] ;

    $fs->create_file_from_pathname( $fileinfo, $tmpfilename);
    echo 1;
}
//
else {
    if (!empty($_FILES)) {
        //
        $tempFile = $_FILES['Filedata']['tmp_name'];
        $targetPath = $CFG->dataroot.'/'.SITEID.'/'.$cmid.'/sloodle/presenter/';
        $targetFile =  str_replace('//','/',$targetPath) . str_replace(' ','_',$_FILES['Filedata']['name']);
        $fileinfo = new SplFileInfo($targetFile);
        $extension = $fileinfo->getExtension();
         
        //Server side security check
        //only allow images!!!
        //$allowable = array ('.jpg','.gif','.png','.htm','.html','.mov'); 
        $allowable = array('jpg', 'gif', 'png', 'mov', 'mpg'); 

        //get the extension of the file being uploaded              
        $fileext = strtolower($extension);
        if (!in_array($fileext, $allowable)) {
             echo "This file is not allowed.";
             exit();
        }
        
        mkdir(str_replace('//','/',$targetPath), 0755, true);
        move_uploaded_file($tempFile,$targetFile);
        echo 1;
        // TODO: Change this to echo file path 
    } 
}