= 4.2.6.6 =

~ Fixed: security material file. ~ Tweak: material file.
LearnPress · May 6, 2024 · 1906f19 · 1906f19
1 parent 3cfbd6e
commit 1906f19
Show file tree

Hide file tree

Showing 7 changed files with 364 additions and 295 deletions.
diff --git a/assets/src/js/admin/course-material.js b/assets/src/js/admin/course-material.js
@@ -129,13 +129,13 @@ document.addEventListener( 'DOMContentLoaded', function() {
 			let material_data = [];
 			let formData = new FormData(),
 				send_request = true;
-			formData.append( 'action', '_lp_save_materials' );
+
 			materials.forEach( function( ele, index ) {
-				let label = ele.querySelector( '.lp-material--field-title' ).value,
+				const label = ele.querySelector( '.lp-material--field-title' ).value,
 					method = ele.querySelector( '.lp-material--field-method' ).value,
 					external_field = ele.querySelector( '.lp-material--field-external-link' ),
-					upload_field = ele.querySelector( '.lp-material--field-upload' ),
-					file, link;
+					upload_field = ele.querySelector( '.lp-material--field-upload' );
+				let file, link;
 				if ( ! label ) {
 					send_request = false;
 				}
@@ -159,6 +159,7 @@ document.addEventListener( 'DOMContentLoaded', function() {
 				}
 				material_data.push( { label, method, file, link } );
 			} );
+
 			if ( ! send_request ) {
 				alert( 'Enter file title, choose file or enter file link!' );
 			} else {
@@ -167,7 +168,7 @@ document.addEventListener( 'DOMContentLoaded', function() {
 				const url = `${ lpGlobalSettings.rest }lp/v1/material/item-materials/${ postID }`;
 				formData.append( 'data', material_data );
 				target.classList.add( 'loading' );
-				// formData.append( 'post_id', postID );
+
 				fetch( url, {
 					method: 'POST',
 					headers: {
@@ -176,31 +177,34 @@ document.addEventListener( 'DOMContentLoaded', function() {
 					body: formData,
 				} ) // wrapped
 					.then( ( res ) => res.text() )
-					.then( ( data ) => {
+					.then( ( resString ) => {
 						// console.log( data );
 						if ( ! is_single ) {
 							material__group_container.innerHTML = '';
 						} else {
 							materials[ 0 ].remove();
 						}
-						data = JSON.parse( data );
-						if ( data.material && data.material.length > 0 ) {
-							const material_table = document.querySelector( '.lp-material--table tbody' );
-							for ( let i = 0; i < data.material.length; i++ ) {
-								const row = data.material[ i ].data;
-								insertRow( material_table, row );
-							}
-							can_upload.innerText = ~~can_upload.innerText - data.material.length;
-							add_btn.setAttribute( 'can-upload', can_upload.innerText );
-						}
-						if ( data.items && data.items.length > 0 ) {
-							for ( let i = 0; i < data.items.length; i++ ) {
-								add_btn.insertAdjacentHTML(
-									'beforebegin',
-									`<h3 class="notice notice-error">${ data.items[ i ].message }</h3>`
-								);
+						const res = JSON.parse( resString );
+						const { message, data, status } = res;
+						alert( message );
+
+						if ( status === 'success' ) {
+							if ( data.length > 0 ) {
+								const material_table = document.querySelector( '.lp-material--table' );
+								const thead = material_table.querySelector( 'thead' );
+								const tbody = material_table.querySelector( 'tbody' );
+
+								thead.classList.remove( 'hidden' );
+								for ( let i = 0; i < data.length; i++ ) {
+									const row = data[ i ];
+									insertRow( tbody, row );
+								}
+								can_upload.innerText = parseInt( can_upload.innerText ) - data.length;
+								add_btn.setAttribute( 'can-upload', can_upload.innerText );
 							}
 						}
+					} )
+					.finally( () => {
 						target.classList.remove( 'loading' );
 					} )
 					.catch( ( err ) => console.log( err ) );

diff --git a/assets/src/scss/admin/_material_file.scss b/assets/src/scss/admin/_material_file.scss
@@ -0,0 +1,64 @@
+table.lp-material--table {
+	border-collapse: collapse;
+	width: 100%;
+}
+
+table.lp-material--table td, th {
+	border: 1px solid #dddddd;
+	text-align: left;
+	padding: 8px;
+}
+
+table.lp-material--table thead.hidden {
+	display: none;
+}
+
+table.lp-material--table td.sort {
+	cursor: move;
+}
+
+table.lp-material--table tr:nth-child(even) {
+	background-color: #dddddd40;
+}
+.lp-material--field-wrap {
+	display: flex;
+	flex-direction: row;
+	align-items: center;
+	padding-block: 5px;
+}
+.lp-material--field-wrap label { min-width:70px }
+.lp-material--group{
+	margin-top: 10px;
+	padding: 10px;
+	border: 1px solid #dedede;
+	border-radius: 10px;
+	box-shadow: 2px 2px rgba(180, 180, 180, 0.2);
+}
+.lp-material-btn-wrap{
+	margin-bottom: 10px;
+}
+.lp-material-btn-wrap.loading::before, #btn-lp--save-material.loading::before{
+	display: inline-block;
+	margin-right: 5px;
+	font-weight: 900;
+	content: "\f110";
+	-webkit-animation: lp-rotating 1s linear infinite;
+	-moz-animation: lp-rotating 1s linear infinite;
+	animation: lp-rotating 1s linear infinite;
+}
+.button.lp-material--delete{
+	color: white;
+	border-color: red;
+	background: red;
+	vertical-align: top;
+}
+.lp-material--field-wrap.field-action-wrap{
+	display: flex;
+	justify-content: space-between;
+}
+.lp-meta-box .lp-material--field-wrap input{
+	width: 100%;
+}
+#available-to-upload{
+	font-weight: bold;
+}
diff --git a/assets/src/scss/admin/admin.scss b/assets/src/scss/admin/admin.scss
@@ -25,6 +25,7 @@
 @import "responsive";
 @import "../frontend/skeleton-animation";
 @import "statistics";
+@import "material_file";
 .button {
 
 	&.disabled {

diff --git a/inc/TemplateHooks/Course/CourseMaterialTemplate.php b/inc/TemplateHooks/Course/CourseMaterialTemplate.php
@@ -185,7 +185,7 @@ public function html_file_link( $material ) {
 				'<a href="%s" target="_blank" rel="%s">
                     <i class="fas fa-file-download btn-download-material"></i>
                 </a>',
-				$file_url,
+				esc_url_raw( $file_url ),
 				$rel
 			);
 			$content        = Template::instance()->nest_elements( $html_wrapper, $html_file_link );