| blob | 92565f988ea1b5937b8f1d1b75a9042ac633b588 |
1 <?php
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 // GNU General Public License for more details.
14 //
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 /**
19 * Functions for file handling.
20 *
21 * @package core
22 * @subpackage file
23 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 */
29 /** @var string unique string constant. */
37 /**
38 * Encodes file serving url
39 *
40 * @deprecated use moodle_url factory methods instead
41 *
42 * @global object
43 * @param string $urlbase
44 * @param string $path /filearea/itemid/dir/dir/file.exe
45 * @param bool $forcedownload
46 * @param bool $https https url required
47 * @return string encoded file url
48 */
52 //TODO: deprecate this
61 }
67 }
68 }
72 }
75 }
77 /**
78 * Prepares 'editor' formslib element from data in database
79 *
80 * The passed $data record must contain field foobar, foobarformat and optionally foobartrust. This
81 * function then copies the embedded files into draft area (assigning itemids automatically),
82 * creates the form element foobar_editor and rewrites the URLs so the embedded images can be
83 * displayed.
84 * In your mform definition, you must have an 'editor' element called foobar_editor. Then you call
85 * your mform's set_data() supplying the object returned by this function.
86 *
87 * @param object $data database field that holds the html text with embedded media
88 * @param string $field the name of the database field that holds the html text with embedded media
89 * @param array $options editor options (like maxifiles, maxbytes etc.)
90 * @param object $context context of the editor
91 * @param string $component
92 * @param string $filearea file area name
93 * @param int $itemid item id, required if item exists
94 * @return object modified data object
95 */
96 function file_prepare_standard_editor($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
100 }
103 }
106 }
109 }
112 }
114 //sanity check for passed context. This function doesn't expect $option['context'] to be set
115 //But this function is called before creating editor hence, this is one of the best places to check
116 //if context is used properly. This check notify developer that they missed passing context to editor.
118 //if $context is not null then make sure $option['context'] is also set.
119 debugging('Context for editor is not set in editoroptions. Hence editor will not respect editor filters', DEBUG_DEVELOPER);
121 //If both are passed then they should be equal.
123 $exceptionmsg = 'Editor context ['.$options['context']->id.'] is not equal to passed context ['.$context->id.']';
125 }
126 }
133 }
136 }
139 }
142 }
146 // noclean ignored if trusttext enabled
149 }
154 }
155 }
157 }
161 $currenttext = file_prepare_draft_area($draftid_editor, $contextid, $component, $filearea, $itemid, $options, $data->{$field});
162 $data->{$field.'_editor'} = array('text'=>$currenttext, 'format'=>$data->{$field.'format'}, 'itemid'=>$draftid_editor);
164 $data->{$field.'_editor'} = array('text'=>$data->{$field}, 'format'=>$data->{$field.'format'}, 'itemid'=>0);
165 }
168 }
170 /**
171 * Prepares the content of the 'editor' form element with embedded media files to be saved in database
172 *
173 * This function moves files from draft area to the destination area and
174 * encodes URLs to the draft files so they can be safely saved into DB. The
175 * form has to contain the 'editor' element named foobar_editor, where 'foobar'
176 * is the name of the database field to hold the wysiwyg editor content. The
177 * editor data comes as an array with text, format and itemid properties. This
178 * function automatically adds $data properties foobar, foobarformat and
179 * foobartrust, where foobar has URL to embedded files encoded.
180 *
181 * @param object $data raw data submitted by the form
182 * @param string $field name of the database field containing the html with embedded media files
183 * @param array $options editor options (trusttext, subdirs, maxfiles, maxbytes etc.)
184 * @param object $context context, required for existing data
185 * @param string component
186 * @param string $filearea file area name
187 * @param int $itemid item id, required if item exists
188 * @return object modified data object
189 */
190 function file_postupdate_standard_editor($data, $field, array $options, $context, $component=null, $filearea=null, $itemid=null) {
194 }
197 }
200 }
203 }
206 }
212 }
216 if ($options['maxfiles'] == 0 or is_null($filearea) or is_null($itemid) or empty($editor['itemid'])) {
219 $data->{$field} = file_save_draft_area_files($editor['itemid'], $context->id, $component, $filearea, $itemid, $options, $editor['text'], $options['forcehttps']);
220 }
224 }
226 /**
227 * Saves text and files modified by Editor formslib element
228 *
229 * @param object $data $database entry field
230 * @param string $field name of data field
231 * @param array $options various options
232 * @param object $context context - must already exist
233 * @param string $component
234 * @param string $filearea file area name
235 * @param int $itemid must already exist, usually means data is in db
236 * @return object modified data obejct
237 */
238 function file_prepare_standard_filemanager($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
242 }
248 }
255 }
257 /**
258 * Saves files modified by File manager formslib element
259 *
260 * @param object $data $database entry field
261 * @param string $field name of data field
262 * @param array $options various options
263 * @param object $context context - must already exist
264 * @param string $component
265 * @param string $filearea file area name
266 * @param int $itemid must already exist, usually means data is in db
267 * @return object modified data obejct
268 */
269 function file_postupdate_standard_filemanager($data, $field, array $options, $context, $component, $filearea, $itemid) {
273 }
276 }
279 }
285 file_save_draft_area_files($data->{$field.'_filemanager'}, $context->id, $component, $filearea, $itemid, $options);
292 }
293 }
296 }
298 /**
299 *
300 * @global object
301 * @global object
302 * @return int a random but available draft itemid that can be used to create a new draft
303 * file area.
304 */
309 // guests and not-logged-in users can not be allowed to upload anything!!!!!!
311 }
319 }
322 }
324 /**
325 * Initialise a draft file area from a real one by copying the files. A draft
326 * area will be created if one does not already exist. Normally you should
327 * get $draftitemid by calling file_get_submitted_draft_itemid('elementname');
328 *
329 * @global object
330 * @global object
331 * @param int &$draftitemid the id of the draft area to use, or 0 to create a new one, in which case this parameter is updated.
332 * @param integer $contextid This parameter and the next two identify the file area to copy files from.
333 * @param string $component
334 * @param string $filearea helps indentify the file area.
335 * @param integer $itemid helps identify the file area. Can be null if there are no files yet.
336 * @param array $options text and file options ('subdirs'=>false, 'forcehttps'=>false)
337 * @param string $text some html content that needs to have embedded links rewritten to point to the draft area.
338 * @return string if $text was passed in, the rewritten $text is returned. Otherwise NULL.
339 */
340 function file_prepare_draft_area(&$draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null) {
346 }
349 }
355 // create a new area and copy existing files into
357 $file_record = array('contextid'=>$usercontext->id, 'component'=>'user', 'filearea'=>'draft', 'itemid'=>$draftitemid);
358 if (!is_null($itemid) and $files = $fs->get_area_files($contextid, $component, $filearea, $itemid)) {
361 // we need a way to mark the age of each draft area,
362 // by not copying the root dir we force it to be created automatically with current timestamp
364 }
367 }
369 }
370 }
372 // at this point there should not be any draftfile links yet,
373 // because this is a new text from database that should still contain the @@pluginfile@@ links
374 // this happens when developers forget to post process the text
375 $text = str_replace("\"$CFG->httpswwwroot/draftfile.php", "\"$CFG->httpswwwroot/brokenfile.php#", $text);
376 }
378 // nothing to do
379 }
383 }
385 // relink embedded files - editor can not handle @@PLUGINFILE@@ !
386 return file_rewrite_pluginfile_urls($text, 'draftfile.php', $usercontext->id, 'user', 'draft', $draftitemid, $options);
387 }
389 /**
390 * Convert encoded URLs in $text from the @@PLUGINFILE@@/... form to an actual URL.
391 *
392 * @global object
393 * @param string $text The content that may contain ULRs in need of rewriting.
394 * @param string $file The script that should be used to serve these files. pluginfile.php, draftfile.php, etc.
395 * @param integer $contextid This parameter and the next two identify the file area to use.
396 * @param string $component
397 * @param string $filearea helps identify the file area.
398 * @param integer $itemid helps identify the file area.
399 * @param array $options text and file options ('forcehttps'=>false)
400 * @return string the processed text.
401 */
402 function file_rewrite_pluginfile_urls($text, $file, $contextid, $component, $filearea, $itemid, array $options=null) {
408 }
412 }
418 }
422 }
425 }
427 /**
428 * Returns information about files in a draft area.
429 *
430 * @global object
431 * @global object
432 * @param integer $draftitemid the draft area item id.
433 * @return array with the following entries:
434 * 'filecount' => number of files in the draft area.
435 * (more information will be added as needed).
436 */
445 // The number of files
446 $draftfiles = $fs->get_area_files($usercontext->id, 'user', 'draft', $draftitemid, 'id', false);
451 }
454 }
456 /**
457 * Get used space of files
458 * @return int total bytes
459 */
465 JOIN (SELECT contenthash, filename, MAX(id) AS id
466 FROM {files}
467 WHERE contextid = ? AND component = ? AND filearea != ?
472 }
474 /**
475 * Convert any string to a valid filepath
476 * @param string $str
477 * @return string path
478 */
484 }
485 }
487 /**
488 * Generate a folder tree of draft area of current USER recursively
489 * @param int $itemid
490 * @param string $filepath
491 * @param mixed $data //TODO: use normal return value instead, this does not fit the rest of api here (skodak)
492 */
498 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
513 }
514 }
515 }
516 }
518 /**
519 * Listing all files (including folders) in current path (draft area)
520 * used by file manager
521 * @param int $draftitemid
522 * @param string $filepath
523 * @return mixed
524 */
535 // will be used to build breadcrumb
544 }
545 }
546 }
550 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
567 }
576 // do NOT use file browser here!
577 $item->url = moodle_url::make_draftfile_url($draftitemid, $item->filepath, $item->filename)->out();
578 }
580 }
581 }
585 }
587 /**
588 * Returns draft area itemid for a given element.
589 *
590 * @param string $elname name of formlib editor element, or a hidden form field that stores the draft area item id, etc.
591 * @return integer the itemid, or 0 if there is not one yet.
592 */
594 // this is a nasty hack, ideally all new elements should use arrays here or there should be a new parameter
597 }
605 }
609 }
613 }
616 }
618 /**
619 * Saves files from a draft file area to a real one (merging the list of files).
620 * Can rewrite URLs in some content at the same time if desired.
621 *
622 * @global object
623 * @global object
624 * @param integer $draftitemid the id of the draft area to use. Normally obtained
625 * from file_get_submitted_draft_itemid('elementname') or similar.
626 * @param integer $contextid This parameter and the next two identify the file area to save to.
627 * @param string $component
628 * @param string $filearea indentifies the file area.
629 * @param integer $itemid helps identifies the file area.
630 * @param array $options area options (subdirs=>false, maxfiles=-1, maxbytes=0)
631 * @param string $text some html content that needs to have embedded links rewritten
632 * to the @@PLUGINFILE@@ form for saving in the database.
633 * @param boolean $forcehttps force https urls.
634 * @return string if $text was passed in, the rewritten $text is returned. Otherwise NULL.
635 */
636 function file_save_draft_area_files($draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null, $forcehttps=false) {
645 }
648 }
651 }
657 // means there are no files - one file means root dir only ;-)
662 // there were no files before - one file means root dir only ;-)
663 $file_record = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid);
668 }
669 }
671 // oversized file - should not get here at all
673 }
675 // more files - should not get here at all
677 }
680 }
682 }
685 // we have to merge old and new files - we want to keep file ids for files that were not changed
686 // we change time modified for all new and changed files, we keep time created as is
687 $file_record = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'timemodified'=>time());
691 $newhash = $fs->get_pathname_hash($contextid, $component, $filearea, $itemid, $file->get_filepath(), $file->get_filename());
693 }
698 // delete files not needed any more - deleted by user
701 }
703 if ($oldfile->get_contenthash() != $newfile->get_contenthash() or $oldfile->get_sortorder() != $newfile->get_sortorder()
704 or $oldfile->get_status() != $newfile->get_status() or $oldfile->get_license() != $newfile->get_license()
705 or $oldfile->get_author() != $newfile->get_author() or $oldfile->get_source() != $newfile->get_source()) {
706 // file was changed, use updated with new timemodified data
709 }
710 // unchanged file or directory - we keep it as is
714 }
715 }
717 // now add new/changed files
718 // the size and subdirectory tests are extra safety only, the UI should prevent it
723 }
724 }
726 // oversized file - should not get here at all
728 }
730 // more files - should not get here at all
732 }
735 }
737 }
738 }
740 // note: do not purge the draft area - we clean up areas later in cron,
741 // the reason is that user might press submit twice and they would loose the files,
742 // also sometimes we might want to use hacks that save files into two different areas
748 }
749 }
751 /**
752 * Convert the draft file area URLs in some content to @@PLUGINFILE@@ tokens
753 * ready to be saved in the database. Normally, this is done automatically by
754 * {@link file_save_draft_area_files()}.
755 * @param string $text the content to process.
756 * @param int $draftitemid the draft file area the content was using.
757 * @param bool $forcehttps whether the content contains https URLs. Default false.
758 * @return string the processed content.
759 */
768 }
770 // relink embedded files if text submitted - no absolute links allowed in database!
771 $text = str_ireplace("$wwwroot/draftfile.php/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
775 preg_match_all("!$wwwroot/draftfile.php\?file=%2F{$usercontext->id}%2Fuser%2Fdraft%2F{$draftitemid}%2F[^'\",&<>|`\s:\\\\]+!iu", $text, $matches);
780 }
781 }
782 $text = str_ireplace("$wwwroot/draftfile.php?file=/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
783 }
786 }
788 /**
789 * Set file sort order
790 * @global object $DB
791 * @param integer $contextid the context id
792 * @param string $component
793 * @param string $filearea file area.
794 * @param integer $itemid itemid.
795 * @param string $filepath file path.
796 * @param string $filename file name.
797 * @param integer $sortorer the sort order of file.
798 * @return boolean
799 */
800 function file_set_sortorder($contextid, $component, $filearea, $itemid, $filepath, $filename, $sortorder) {
802 $conditions = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'filepath'=>$filepath, 'filename'=>$filename);
808 }
810 }
812 /**
813 * reset file sort order number to 0
814 * @global object $DB
815 * @param integer $contextid the context id
816 * @param string $component
817 * @param string $filearea file area.
818 * @param integer $itemid itemid.
819 * @return boolean
820 */
827 }
833 }
835 }
837 /**
838 * Returns description of upload error
839 *
840 * @param int $errorcode found in $_FILES['filename.ext']['error']
841 * @return string error description string, '' if ok
842 */
866 // Note: there is no error with a value of 5
882 }
885 }
887 /**
888 * Recursive function formating an array in POST parameter
889 * @param array $arraydata - the array that we are going to format and add into &$data array
890 * @param string $currentdata - a row of the final postdata array at instant T
891 * when finish, it's assign to $data under this format: name[keyname][][]...[]='value'
892 * @param array $data - the final data array containing all POST parameters : 1 row = 1 parameter
893 */
902 }
903 }
904 }
906 /**
907 * Transform a PHP array into POST parameter
908 * (see the recursive function format_array_postdata_for_curlcall)
909 * @param array $postdata
910 * @return array containing all POST parameters (1 row = 1 POST parameter)
911 */
920 }
921 }
924 }
929 /**
930 * Fetches content of file from Internet (using proxy if defined). Uses cURL extension if present.
931 * Due to security concerns only downloads from http(s) sources are supported.
932 *
933 * @param string $url file url starting with http(s)://
934 * @param array $headers http headers, null if none. If set, should be an
935 * associative array of header name => value pairs.
936 * @param array $postdata array means use POST request with given parameters
937 * @param bool $fullresponse return headers, responses, etc in a similar way snoopy does
938 * (if false, just returns content)
939 * @param int $timeout timeout for complete download process including all file transfer
940 * (default 5 minutes)
941 * @param int $connecttimeout timeout for connection to server; this is the timeout that
942 * usually happens if the remote server is completely down (default 20 seconds);
943 * may not work when using proxy
944 * @param bool $skipcertverify If true, the peer's SSL certificate will not be checked.
945 * Only use this when already in a trusted location.
946 * @param string $tofile store the downloaded content to file instead of returning it.
947 * @param bool $calctimeout false by default, true enables an extra head request to try and determine
948 * filesize and appropriately larger timeout based on $CFG->curltimeoutkbitrate
949 * @return mixed false if request failed or content of the file as string if ok. True if file downloaded into $tofile successfully.
950 */
951 function download_file_content($url, $headers=null, $postdata=null, $fullresponse=false, $timeout=300, $connecttimeout=20, $skipcertverify=false, $tofile=NULL, $calctimeout=false) {
954 // some extra security
959 }
960 }
973 }
974 }
976 // check if proxy (if used) should be bypassed for this url
982 }
984 // set extra headers
989 }
991 }
995 }
997 // use POST if requested
1002 }
1009 // TODO: add version test for '7.10.5'
1012 }
1015 // SOCKS supported in PHP5 only
1032 }
1033 }
1034 }
1042 }
1047 // any proxy authentication if PHP 5.1
1049 }
1050 }
1051 }
1053 // set up header and content handlers
1058 curl_setopt($ch, CURLOPT_HEADERFUNCTION, partial('download_file_content_header_handler', $received));
1060 curl_setopt($ch, CURLOPT_WRITEFUNCTION, partial('download_file_content_write_handler', $received));
1061 }
1064 //use very slow rate of 56kbps as a timeout speed when not set
1068 }
1070 // try to calculate the proper amount for timeout from remote file size.
1071 // if disabled or zero, we won't do any checks nor head requests.
1073 //setup header request only options
1077 );
1084 $timeout = max($timeout, ceil($info['download_content_length'] * 8 / ($bitrate * 1024))); //adjust for large files only - take max timeout.
1085 }
1086 //reinstate affected curl options
1090 );
1091 }
1096 // try to detect encoding problems
1100 }
1104 }
1117 }
1126 }
1133 // for security reasons we support only true http connections (Location: file:// exploit prevention)
1148 }
1153 debugging("cURL request for \"$url\" failed, HTTP response code: ".$response->response_code, DEBUG_ALL);
1157 }
1158 }
1159 }
1161 /**
1162 * internal implementation
1163 */
1167 }
1169 /**
1170 * internal implementation
1171 */
1176 // bad luck, file creation or overriding failed
1178 }
1179 }
1181 // bad luck, write failed, let's abort completely
1183 }
1185 }
1187 /**
1188 * @return array List of information about file types based on extensions.
1189 * Associative array of extension (lower-case) to associative array
1190 * from 'element name' to data. Current element names are 'type' and 'icon'.
1191 * Unknown types should use the 'xxx' entry which includes defaults.
1192 */
1218 'docx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'icon'=>'docx'),
1220 'dotx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.template', 'icon'=>'dotx'),
1277 'otg' => array ('type'=>'application/vnd.oasis.opendocument.graphics-template', 'icon'=>'odg'),
1279 'otp' => array ('type'=>'application/vnd.oasis.opendocument.presentation-template', 'icon'=>'odp'),
1281 'ots' => array ('type'=>'application/vnd.oasis.opendocument.spreadsheet-template', 'icon'=>'ods'),
1299 'pptx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'icon'=>'pptx'),
1300 'pptm' => array ('type'=>'application/vnd.ms-powerpoint.presentation.macroEnabled.12', 'icon'=>'pptm'),
1301 'potx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.template', 'icon'=>'potx'),
1302 'potm' => array ('type'=>'application/vnd.ms-powerpoint.template.macroEnabled.12', 'icon'=>'potm'),
1303 'ppam' => array ('type'=>'application/vnd.ms-powerpoint.addin.macroEnabled.12', 'icon'=>'ppam'),
1304 'ppsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.slideshow', 'icon'=>'ppsx'),
1305 'ppsm' => array ('type'=>'application/vnd.ms-powerpoint.slideshow.macroEnabled.12', 'icon'=>'ppsm'),
1356 'xlsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'icon'=>'xlsx'),
1358 'xltx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.template', 'icon'=>'xltx'),
1360 'xlsb' => array ('type'=>'application/vnd.ms-excel.sheet.binary.macroEnabled.12', 'icon'=>'xlsb'),
1366 );
1368 }
1370 /**
1371 * Obtains information about a filetype based on its extension. Will
1372 * use a default if no information is present about that particular
1373 * extension.
1374 *
1375 * @param string $element Desired information (usually 'icon'
1376 * for icon filename or 'type' for MIME type)
1377 * @param string $filename Filename we're looking up
1378 * @return string Requested piece of information from array
1379 */
1393 }
1395 if (file_exists($CFG->dirroot.'/pix/f/'.$filename.'.png') or file_exists($CFG->dirroot.'/pix/f/'.$filename.'.gif')) {
1399 }
1402 }
1403 }
1407 }
1409 }
1410 }
1412 /**
1413 * Obtains information about a filetype based on the MIME type rather than
1414 * the other way around.
1415 *
1416 * @param string $element Desired information (usually 'icon')
1417 * @param string $mimetype MIME type we're looking up
1418 * @return string Requested piece of information from array
1419 */
1427 }
1429 }
1430 }
1432 }
1434 /**
1435 * Get information about a filetype based on the icon file.
1436 *
1437 * @param string $element Desired information (usually 'icon')
1438 * @param string $icon Icon file name without extension
1439 * @param boolean $all return all matching entries (defaults to false - best (by ext)/last match)
1440 * @return string Requested piece of information from array
1441 */
1447 }
1448 // Try to get the extension
1452 }
1458 }
1459 //No break, for example for 'excel' we don't want 'csv'!
1460 }
1461 }
1465 }
1467 }
1469 // Requested only one, try to get the best by extension coincidence, else return the last
1472 }
1474 return array_pop($info); // Return last match (mimicking behaviour/comment inside foreach loop)
1475 }
1477 /**
1478 * Returns the relative icon path for a given mime type
1479 *
1480 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1481 * a return the full path to an icon.
1482 *
1483 * <code>
1484 * $mimetype = 'image/jpg';
1485 * $icon = $OUTPUT->pix_url(file_mimetype_icon($mimetype));
1486 * echo '<img src="'.$icon.'" alt="'.$mimetype.'" />';
1487 * </code>
1488 *
1489 * @todo When an $OUTPUT->icon method is available this function should be altered
1490 * to conform with that.
1491 *
1492 * @param string $mimetype The mimetype to fetch an icon for
1493 * @param int $size The size of the icon. Not yet implemented
1494 * @return string The relative path to the icon
1495 */
1501 if (file_exists("$CFG->dirroot/pix/f/$icon-$size.png") or file_exists("$CFG->dirroot/pix/f/$icon-$size.gif")) {
1503 }
1504 }
1506 }
1508 /**
1509 * Returns the relative icon path for a given file name
1510 *
1511 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1512 * a return the full path to an icon.
1513 *
1514 * <code>
1515 * $filename = 'jpg';
1516 * $icon = $OUTPUT->pix_url(file_extension_icon($filename));
1517 * echo '<img src="'.$icon.'" alt="blah" />';
1518 * </code>
1519 *
1520 * @todo When an $OUTPUT->icon method is available this function should be altered
1521 * to conform with that.
1522 * @todo Implement $size
1523 *
1524 * @param string filename The filename to get the icon for
1525 * @param int $size The size of the icon. Defaults to null can also be 32
1526 * @return string
1527 */
1533 if (file_exists("$CFG->dirroot/pix/f/$icon-$size.png") or file_exists("$CFG->dirroot/pix/f/$icon-$size.gif")) {
1535 }
1536 }
1538 }
1540 /**
1541 * Obtains descriptions for file types (e.g. 'Microsoft Word document') from the
1542 * mimetypes.php language file.
1543 *
1544 * @param string $mimetype MIME type (can be obtained using the mimeinfo function)
1545 * @param bool $capitalise If true, capitalises first character of result
1546 * @return string Text description
1547 */
1553 }
1556 }
1558 }
1560 /**
1561 * Requested file is not found or not accessible
1562 *
1563 * @return does not return, terminates script
1564 */
1568 print_error('filenotfound', 'error', $CFG->wwwroot.'/course/view.php?id='.$COURSE->id); //this is not displayed on IIS??
1569 }
1570 /**
1571 * Helper function to send correct 404 for server.
1572 */
1578 }
1579 }
1581 /**
1582 * Check output buffering settings before sending file.
1583 * Please note you should not send any other headers after calling this function.
1584 *
1585 * @private to be called only from lib/filelib.php !
1586 * @return void
1587 */
1589 // We needed to be able to send headers up until now
1592 }
1596 // IE compatibility HACK - it does not like zlib compression much
1597 // there is also a problem with the length header in older PHP versions
1600 }
1602 // flush and close all buffers if possible
1605 // prevent infinite loop when buffer can not be closed
1607 }
1608 }
1612 //NOTE: we can not reliable test headers_sent() here because
1613 // the headers might be sent which trying to close the buffers,
1614 // this happens especially if browser does not support gzip or deflate
1615 }
1617 /**
1618 * Handles the sending of temporary file to user, download is forced.
1619 * File is deleted after abort or successful sending.
1620 *
1621 * @param string $path path to file, preferably from moodledata/temp/something; or content of file itself
1622 * @param string $filename proposed file name when saving file
1623 * @param bool $path is content of file
1624 * @return does not return, script terminated
1625 */
1630 // only FF is known to correctly save to disk before opening...
1634 }
1636 // close session - not needed anymore
1643 }
1644 // executed after normal finish or abort
1646 }
1648 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
1651 }
1657 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
1665 }
1669 // there is no encoding specified in text files, we need something consistent
1673 }
1675 //flush the buffers - save memory and disable sid rewrite
1676 // this also disables zlib compression
1679 // send the contents
1684 }
1687 }
1689 /**
1690 * Internal callback function used by send_temp_file()
1691 */
1695 }
1696 }
1698 /**
1699 * Handles the sending of file data to the user's browser, including support for
1700 * byteranges etc.
1701 *
1702 * @global object
1703 * @global object
1704 * @global object
1705 * @param string $path Path of file on disk (including real filename), or actual content of file as string
1706 * @param string $filename Filename to send
1707 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
1708 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
1709 * @param bool $pathisstring If true (default false), $path is the content to send and not the pathname
1710 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
1711 * @param string $mimetype Include to specify the MIME type; leave blank to have it guess the type from $filename
1712 * @param bool $dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
1713 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
1714 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
1715 * and should not be reopened.
1716 * @return no return or void, script execution stopped unless $dontdie is true
1717 */
1718 function send_file($path, $filename, $lifetime = 'default' , $filter=0, $pathisstring=false, $forcedownload=false, $mimetype='', $dontdie=false) {
1723 }
1725 // MDL-11789, apply $CFG->filelifetime here
1731 }
1732 }
1736 // Use given MIME type if specified, otherwise guess it using mimeinfo.
1737 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
1738 // only Firefox saves all files locally before opening when content-disposition: attachment stated
1746 /* - MDL-13949
1747 //Adobe Acrobat Reader XSS prevention
1748 if ($mimetype=='application/pdf' or mimeinfo('type', $filename)=='application/pdf') {
1749 //please note that it prevents opening of pdfs in browser when http referer disabled
1750 //or file linked from another site; browser caching of pdfs is now disabled too
1751 if (!empty($_SERVER['HTTP_RANGE'])) {
1752 //already byteserving
1753 $lifetime = 1; // >0 needed for byteserving
1754 } else if (empty($_SERVER['HTTP_REFERER']) or strpos($_SERVER['HTTP_REFERER'], $CFG->wwwroot)!==0) {
1755 $mimetype = 'application/x-forcedownload';
1756 $forcedownload = true;
1757 $lifetime = 0;
1758 } else {
1759 $lifetime = 1; // >0 needed for byteserving
1760 }
1761 }
1762 */
1765 // get unixtime of request header; clip extra junk off first
1774 }
1776 }
1777 }
1779 //do not put '@' before the next header to detect incorrect moodle configurations,
1780 //error should be better than "weird" empty lines for admins/users
1783 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
1786 }
1792 }
1799 if (empty($CFG->disablebyteserving) && !$pathisstring && $mimetype != 'text/plain' && $mimetype != 'text/html') {
1804 // byteserving stuff - for acrobat reader and download accelerators
1805 // see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
1806 // inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
1811 //suffix case
1815 //fix range length
1817 }
1819 //invalid byte-range ==> ignore header
1822 }
1823 //prepare multipart header
1825 $ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/$filesize\r\n\r\n";
1826 }
1829 }
1833 }
1834 }
1836 /// Do not byteserve (disabled, strings, text and html files).
1838 }
1840 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
1848 }
1850 }
1857 }
1860 //flush the buffers - save memory and disable sid rewrite
1861 //this also disables zlib compression
1864 // send the contents
1869 }
1884 //flush the buffers - save memory and disable sid rewrite
1885 //this also disables zlib compression
1888 // send the contents
1890 // only filter text if filter all files is selected
1901 //flush the buffers - save memory and disable sid rewrite
1902 //this also disables zlib compression
1905 // send the contents
1912 //flush the buffers - save memory and disable sid rewrite
1913 //this also disables zlib compression
1916 // send the contents
1921 }
1922 }
1923 }
1926 }
1928 }
1930 /**
1931 * Handles the sending of file data to the user's browser, including support for
1932 * byteranges etc.
1933 *
1934 * @global object
1935 * @global object
1936 * @global object
1937 * @param object $stored_file local file object
1938 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
1939 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
1940 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
1941 * @param string $filename Override filename
1942 * @param bool $dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
1943 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
1944 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
1945 * and should not be reopened.
1946 * @return void no return or void, script execution stopped unless $dontdie is true
1947 */
1948 function send_stored_file($stored_file, $lifetime=86400 , $filter=0, $forcedownload=false, $filename=null, $dontdie=false) {
1952 // nothing to serve
1955 }
1957 }
1961 }
1965 // Use given MIME type if specified, otherwise guess it using mimeinfo.
1966 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
1967 // only Firefox saves all files locally before opening when content-disposition: attachment stated
1977 // get unixtime of request header; clip extra junk off first
1986 }
1988 }
1989 }
1991 //do not put '@' before the next header to detect incorrect moodle configurations,
1992 //error should be better than "weird" empty lines for admins/users
1995 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
1998 }
2004 }
2011 if (empty($CFG->disablebyteserving) && $mimetype != 'text/plain' && $mimetype != 'text/html') {
2016 // byteserving stuff - for acrobat reader and download accelerators
2017 // see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
2018 // inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
2023 //suffix case
2027 //fix range length
2029 }
2031 //invalid byte-range ==> ignore header
2034 }
2035 //prepare multipart header
2037 $ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/$filesize\r\n\r\n";
2038 }
2041 }
2044 }
2045 }
2047 /// Do not byteserve (disabled, strings, text and html files).
2049 }
2051 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
2059 }
2061 }
2068 }
2071 //flush the buffers - save memory and disable sid rewrite
2072 //this also disables zlib compression
2075 // send the contents
2090 //flush the buffers - save memory and disable sid rewrite
2091 //this also disables zlib compression
2094 // send the contents
2098 // only filter text if filter all files is selected
2108 //flush the buffers - save memory and disable sid rewrite
2109 //this also disables zlib compression
2112 // send the contents
2119 //flush the buffers - save memory and disable sid rewrite
2120 //this also disables zlib compression
2123 // send the contents
2125 }
2126 }
2129 }
2131 }
2133 /**
2134 * Retrieves an array of records from a CSV file and places
2135 * them into a given table structure
2136 *
2137 * @global object
2138 * @global object
2139 * @param string $file The path to a CSV file
2140 * @param string $table The table to retrieve columns from
2141 * @return bool|array Returns an array of CSV records or false
2142 */
2148 }
2152 }
2158 }
2166 }
2167 }
2175 }
2177 }
2181 }
2183 /**
2184 *
2185 * @global object
2186 * @global object
2187 * @param string $file The file to put the CSV content into
2188 * @param array $records An array of records to write to a CSV file
2189 * @param string $table The table to get columns from
2190 * @return bool success
2191 */
2197 }
2202 }
2208 }
2213 }
2216 }
2219 }
2225 }
2228 }
2239 }
2242 }
2243 }
2245 }
2249 }
2252 /**
2253 * Recursively delete the file or folder with path $location. That is,
2254 * if it is a file delete it. If it is a folder, delete all its content
2255 * then delete it. If $location does not exist to start, that is not
2256 * considered an error.
2257 *
2258 * @param string $location the path to remove.
2259 * @return bool
2260 */
2263 // extra safety against wrong param
2265 }
2274 }
2278 }
2279 }
2280 }
2281 }
2285 }
2290 }
2291 }
2293 }
2295 /**
2296 * Send requested byterange of file.
2297 *
2298 * @param object $handle A file handle
2299 * @param string $mimetype The mimetype for the output
2300 * @param array $ranges An array of ranges to send
2301 * @param string $filesize The size of the content if only one range is used
2302 */
2307 }
2315 //flush the buffers - save memory and disable sid rewrite
2316 //this also disables zlib compression
2327 }
2334 }
2339 //TODO: check if "multipart/x-byteranges" is more compatible with current readers/browsers/servers
2341 //flush the buffers - save memory and disable sid rewrite
2342 //this also disables zlib compression
2356 }
2357 }
2361 }
2362 }
2364 /**
2365 * add includes (js and css) into uploaded files
2366 * before returning them, useful for themes and utf.js includes
2367 *
2368 * @global object
2369 * @param string $text text to search and replace
2370 * @return string text with added head includes
2371 */
2373 // first look for <head> tag
2377 /* foreach ($CFG->stylesheets as $stylesheet) {
2378 //TODO: MDL-21120
2379 $stylesheetshtml .= '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'" />'."\n";
2380 }*/
2384 // this script is needed by most media filter plugins.
2387 }
2394 }
2396 // if not, look for <html> tag, and stick <head> right after
2399 // replace <html> tag with <html><head>includes</head>
2403 }
2405 // if not, look for <body> tag, and stick <head> before body
2411 }
2413 // if not, just stick a <head> tag at the beginning
2416 }
2418 /**
2419 * RESTful cURL class
2420 *
2421 * This is a wrapper class for curl, it is quite easy to use:
2422 * <code>
2423 * $c = new curl;
2424 * // enable cache
2425 * $c = new curl(array('cache'=>true));
2426 * // enable cookie
2427 * $c = new curl(array('cookie'=>true));
2428 * // enable proxy
2429 * $c = new curl(array('proxy'=>true));
2430 *
2431 * // HTTP GET Method
2432 * $html = $c->get('http://example.com');
2433 * // HTTP POST Method
2434 * $html = $c->post('http://example.com/', array('q'=>'words', 'name'=>'moodle'));
2435 * // HTTP PUT Method
2436 * $html = $c->put('http://example.com/', array('file'=>'/var/www/test.txt');
2437 * </code>
2438 *
2439 * @package core
2440 * @subpackage file
2441 * @author Dongsheng Cai <dongsheng@cvs.moodle.org>
2442 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
2443 */
2446 /** @var bool */
2449 /** @var string */
2451 /** @var array */
2454 /** @var string */
2458 /** @var array */
2460 /** @var string */
2464 /** @var bool */
2468 /**
2469 * @global object
2470 * @param array $options
2471 */
2478 }
2479 // the options of curl should be init here.
2483 }
2489 }
2490 }
2497 }
2498 }
2499 }
2505 }
2511 }
2518 }
2520 }
2521 }
2524 }
2525 }
2526 /**
2527 * Resets the CURL options that have already been set
2528 */
2532 // True to include the header in the output
2534 // True to Exclude the body from the output
2536 // TRUE to follow any "Location: " header that the server
2537 // sends as part of the HTTP header (note this is recursive,
2538 // PHP will follow as many "Location: " headers that it is sent,
2539 // unless CURLOPT_MAXREDIRS is set).
2540 //$this->options['CURLOPT_FOLLOWLOCATION'] = 1;
2543 // TRUE to return the transfer as a string of the return
2544 // value of curl_exec() instead of outputting it out directly.
2550 }
2552 /**
2553 * Reset Cookie
2554 */
2562 }
2563 }
2564 }
2565 }
2567 /**
2568 * Set curl options
2569 *
2570 * @param array $options If array is null, this function will
2571 * reset the options to default value.
2572 *
2573 */
2579 }
2581 }
2582 }
2583 }
2584 /**
2585 * Reset http method
2586 *
2587 */
2596 }
2598 /**
2599 * Set HTTP Request Header
2600 *
2601 * @param array $headers
2602 *
2603 */
2608 }
2611 }
2612 }
2613 /**
2614 * Set HTTP Response Header
2615 *
2616 */
2619 }
2620 /**
2621 * private callback function
2622 * Formatting HTTP Response Header
2623 *
2624 * @param mixed $ch Apparently not used
2625 * @param string $header
2626 * @return int The strlen of the header
2627 */
2629 {
2643 }
2646 }
2647 }
2649 }
2651 /**
2652 * Set options for individual curl instance
2653 *
2654 * @param object $curl A curl handle
2655 * @param array $options
2656 * @return object The curl handle
2657 */
2659 // Clean up
2661 // set cookie
2665 ));
2666 }
2668 // set proxy
2671 }
2673 // reset before set options
2675 // set headers
2680 'Connection: keep-alive'
2681 ));
2682 }
2690 }
2692 // set options
2696 }
2698 }
2700 }
2701 /**
2702 * Download multiple files in parallel
2703 *
2704 * Calls {@link multi()} with specific download headers
2705 *
2706 * <code>
2707 * $c = new curl;
2708 * $c->download(array(
2709 * array('url'=>'http://localhost/', 'file'=>fopen('a', 'wb')),
2710 * array('url'=>'http://localhost/20/', 'file'=>fopen('b', 'wb'))
2711 * ));
2712 * </code>
2713 *
2714 * @param array $requests An array of files to request
2715 * @param array $options An array of options to set
2716 * @return array An array of results
2717 */
2722 }
2723 /*
2724 * Mulit HTTP Requests
2725 * This function could run multi-requests in parallel.
2726 *
2727 * @param array $requests An array of files to request
2728 * @param array $options An array of options to set
2729 * @return array An array of results
2730 */
2740 }
2744 }
2754 }
2756 }
2759 }
2760 /**
2761 * Single HTTP Request
2762 *
2763 * @param string $url The URL to request
2764 * @param array $options
2765 * @return bool
2766 */
2768 // create curl instance
2778 }
2779 }
2791 }
2799 // exception is not ajax friendly
2800 //throw new moodle_exception($this->error, 'curl');
2801 }
2802 }
2804 /**
2805 * HTTP HEAD method
2806 *
2807 * @see request()
2808 *
2809 * @param string $url
2810 * @param array $options
2811 * @return bool
2812 */
2818 }
2820 /**
2821 * HTTP POST method
2822 *
2823 * @param string $url
2824 * @param array|string $params
2825 * @param array $options
2826 * @return bool
2827 */
2837 }
2838 }
2842 // $params is the raw post data
2844 }
2846 }
2848 /**
2849 * HTTP GET method
2850 *
2851 * @param string $url
2852 * @param array $params
2853 * @param array $options
2854 * @return bool
2855 */
2862 }
2864 }
2866 /**
2867 * HTTP PUT method
2868 *
2869 * @param string $url
2870 * @param array $params
2871 * @param array $options
2872 * @return bool
2873 */
2878 }
2886 }
2890 }
2892 /**
2893 * HTTP DELETE method
2894 *
2895 * @param string $url
2896 * @param array $params
2897 * @param array $options
2898 * @return bool
2899 */
2904 }
2907 }
2908 /**
2909 * HTTP TRACE method
2910 *
2911 * @param string $url
2912 * @param array $options
2913 * @return bool
2914 */
2919 }
2920 /**
2921 * HTTP OPTIONS method
2922 *
2923 * @param string $url
2924 * @param array $options
2925 * @return bool
2926 */
2931 }
2934 }
2935 }
2937 /**
2938 * This class is used by cURL class, use case:
2939 *
2940 * <code>
2941 * $CFG->repositorycacheexpire = 120;
2942 * $CFG->curlcache = 120;
2943 *
2944 * $c = new curl(array('cache'=>true), 'module_cache'=>'repository');
2945 * $ret = $c->get('http://www.google.com');
2946 * </code>
2947 *
2948 * @package core
2949 * @subpackage file
2950 * @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
2951 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
2952 */
2954 /** @var string */
2956 /**
2957 *
2958 * @global object
2959 * @param string @module which module is using curl_cache
2960 *
2961 */
2968 }
2971 }
2975 }
2980 }
2982 }
2983 }
2985 /**
2986 * Get cached value
2987 *
2988 * @global object
2989 * @global object
2990 * @param mixed $param
2991 * @return bool|string
2992 */
3000 {
3007 }
3008 }
3010 }
3012 /**
3013 * Set cache value
3014 *
3015 * @global object $CFG
3016 * @global object $USER
3017 * @param mixed $param
3018 * @param mixed $val
3019 */
3026 }
3028 /**
3029 * Remove cache files
3030 *
3031 * @param int $expire The number os seconds before expiry
3032 */
3040 }
3041 }
3042 }
3043 }
3044 }
3045 /**
3046 * delete current user's cache file
3047 *
3048 * @global object $CFG
3049 * @global object $USER
3050 */
3058 }
3059 }
3060 }
3061 }
3062 }
3063 }
3065 /**
3066 * This class is used to parse lib/file/file_types.mm which help get file
3067 * extensions by file types.
3068 * The file_types.mm file can be edited by freemind in graphic environment.
3069 *
3070 * @package core
3071 * @subpackage file
3072 * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
3073 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
3074 */
3076 /**
3077 * Check file_types.mm file, setup variables
3078 *
3079 * @global object $CFG
3080 * @param string $file
3081 */
3088 }
3091 }
3093 /**
3094 * A private function to browse xml nodes
3095 *
3096 * @param array $parent
3097 * @param array $types
3098 */
3108 }
3109 }
3112 }
3113 }
3115 /**
3116 * A private function to select text nodes
3117 *
3118 * @param array $parent
3119 */
3124 }
3127 }
3128 }
3131 /**
3132 * Get file extensions by file types names.
3133 *
3134 * @param array $types
3135 * @return mixed
3136 */
3140 }
3145 }
3150 }
3151 }
3159 }
3160 }
3163 }
3165 }
3166 }
3168 /**
3169 * This function delegates file serving to individual plugins
3170 *
3171 * @param string $relativepath
3172 * @param bool $forcedownload
3173 *
3174 * @package core
3175 * @subpackage file
3176 * @copyright 2008 Petr Skoda (http://skodak.org)
3177 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
3178 */
3181 // relative path must start with '/'
3186 }
3188 // extract relative path components
3193 }
3203 // ========================================================================================================================
3205 // Blog file serving
3208 }
3211 }
3215 }
3220 }
3225 }
3229 }
3230 }
3231 }
3236 }
3240 //ok
3245 }
3246 }
3251 if (!$file = $fs->get_file($context->id, $component, $filearea, $entryid, $filepath, $filename) or $file->is_directory()) {
3253 }
3257 // ========================================================================================================================
3259 if (($filearea === 'outcome' or $filearea === 'scale') and $context->contextlevel == CONTEXT_SYSTEM) {
3260 // Global gradebook files
3263 }
3269 }
3275 //TODO: nobody implemented this yet in grade edit form!!
3280 }
3286 }
3292 }
3294 // ========================================================================================================================
3298 // All tag descriptions are going to be public but we still need to respect forcelogin
3301 }
3307 }
3314 }
3316 // ========================================================================================================================
3320 // All events here are public the one requirement is that we respect forcelogin
3323 }
3325 // Get the event if from the args array
3328 // Load the event from the database
3331 }
3332 // Check that we got an event and that it's userid is that of the user
3334 // Get the file and serve if successful
3337 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3339 }
3346 // Must be logged in, if they are not then they obviously can't be this user
3349 // Don't want guests here, potentially saves a DB call
3352 }
3354 // Get the event if from the args array
3357 // Load the event from the database - user id must match
3358 if (!$event = $DB->get_record('event', array('id'=>(int)$eventid, 'userid'=>$USER->id, 'eventtype'=>'user'))) {
3360 }
3362 // Get the file and serve if successful
3365 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3367 }
3374 // Respect forcelogin and require login unless this is the site.... it probably
3375 // should NEVER be the site
3378 }
3380 // Must be able to at least view the course
3382 //TODO: hmm, do we really want to block guests here?
3384 }
3386 // Get the event id
3389 // Load the event from the database we need to check whether it is
3390 // a) valid course event
3391 // b) a group event
3392 // Group events use the course context (there is no group context)
3395 }
3397 // If its a group event require either membership of view all groups capability
3399 if (!has_capability('moodle/site:accessallgroups', $context) && !groups_is_member($event->groupid, $USER->id)) {
3401 }
3403 //ok
3405 // some other type
3407 }
3409 // If we get this far we can serve the file
3412 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3414 }
3421 }
3423 // ========================================================================================================================
3433 }
3436 // protect images if login required and not logged in;
3437 // also if login is required for profile images and is not logged in or guest
3438 // do not use require_login() because it is expensive and not suitable here anyway
3440 }
3444 }
3445 if (!$redirect && !$file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename.'/.png')) {
3448 }
3449 }
3453 }
3461 }
3465 }
3469 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
3471 }
3480 }
3485 // always can access own
3492 }
3494 // we allow access to site profile of all course contacts (usually teachers)
3495 if (!has_coursecontact_role($userid) && !has_capability('moodle/user:viewdetails', $context)) {
3497 }
3504 }
3508 if (has_capability('moodle/user:viewdetails', get_context_instance(CONTEXT_COURSE, $course->id))) {
3510 }
3511 }
3512 }
3516 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
3518 }
3529 }
3535 }
3537 //TODO: review this logic of user profile access prevention
3538 if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
3540 }
3541 if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
3543 }
3546 }
3547 if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
3549 }
3550 }
3554 if (!$file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename) or $file->is_directory()) {
3556 }
3566 }
3571 }
3575 if (!$file = $fs->get_file($context->id, 'user', 'backup', 0, $filepath, $filename) or $file->is_directory()) {
3577 }
3584 }
3586 // ========================================================================================================================
3590 }
3594 // no login necessary - unless login forced everywhere
3596 }
3600 if (!$file = $fs->get_file($context->id, 'coursecat', 'description', 0, $filepath, $filename) or $file->is_directory()) {
3602 }
3608 }
3610 // ========================================================================================================================
3614 }
3619 }
3623 if (!$file = $fs->get_file($context->id, 'course', 'summary', 0, $filepath, $filename) or $file->is_directory()) {
3625 }
3635 }
3639 if (!$section = $DB->get_record('course_sections', array('id'=>$sectionid, 'course'=>$course->id))) {
3641 }
3645 // block access to unavailable sections if can not edit course
3647 }
3648 }
3652 if (!$file = $fs->get_file($context->id, 'course', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
3654 }
3661 }
3666 }
3672 $group = $DB->get_record('groups', array('id'=>$groupid, 'courseid'=>$course->id), '*', MUST_EXIST);
3673 if (($course->groupmodeforce and $course->groupmode == SEPARATEGROUPS) and !has_capability('moodle/site:accessallgroups', $context) and !groups_is_member($group->id, $USER->id)) {
3674 // do not allow access to separate group info if not member or teacher
3676 }
3684 if (!$file = $fs->get_file($context->id, 'group', 'description', $group->id, $filepath, $filename) or $file->is_directory()) {
3686 }
3696 }
3697 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.png')) {
3698 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.jpg')) {
3700 }
3701 }
3708 }
3713 }
3719 // note: everybody has access to grouping desc images for now
3724 if (!$file = $fs->get_file($context->id, 'grouping', 'description', $groupingid, $filepath, $filename) or $file->is_directory()) {
3726 }
3733 }
3735 // ========================================================================================================================
3743 if (!$file = $fs->get_file($context->id, 'backup', 'course', 0, $filepath, $filename) or $file->is_directory()) {
3745 }
3758 if (!$file = $fs->get_file($context->id, 'backup', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
3760 }
3771 if (!$file = $fs->get_file($context->id, 'backup', 'activity', 0, $filepath, $filename) or $file->is_directory()) {
3773 }
3779 // Backup files that were generated by the automated backup systems.
3786 if (!$file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename) or $file->is_directory()) {
3788 }
3795 }
3797 // ========================================================================================================================
3803 // ========================================================================================================================
3806 // files embedded into the form definition description
3816 }
3821 FROM {grading_areas} ga
3822 JOIN {grading_definitions} gd ON (gd.areaid = ga.id)
3828 }
3834 }
3838 }
3840 // ========================================================================================================================
3845 }
3850 // somebody tries to gain illegal access, cm type must match the component!
3852 }
3853 }
3858 }
3861 // all users may access it
3864 if (!$file = $fs->get_file($context->id, 'mod_'.$modname, 'intro', 0, $filepath, $filename) or $file->is_directory()) {
3866 }
3870 // finally send the file
3872 }
3877 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3880 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3882 }
3886 // ========================================================================================================================
3889 // note: no more class methods in blocks please, that is ....
3892 }
3896 $birecord = $DB->get_record('block_instances', array('id'=>$context->instanceid), '*',MUST_EXIST);
3898 // somebody tries to gain illegal access, cm type must match the component!
3900 }
3902 $bprecord = $DB->get_record('block_positions', array('blockinstanceid' => $context->instanceid), 'visible');
3903 // User can't access file, if block is hidden or doesn't have block:view capability
3906 }
3909 }
3913 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3915 }
3920 // all core subsystems have to be specified above, no more guessing here!
3924 // try to serve general plugin file in arbitrary context
3928 }
3933 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3935 }
3938 }
3940 }