webservice/upload.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17
  18 /**
  19  * Accept uploading files by web service token
  20  *
  21  * POST params:
  22  *  token => the web service user token (needed for authentication)
  23  *  filepath => the private file aera path (where files will be stored)
  24  *  [_FILES] => for example you can send the files with <input type=file>,
  25  *              or with curl magic: 'file_1' => '@/path/to/file', or ...
  26  *  filearea => 'private' or 'draft' (default = 'private'). These are the only 2 areas we are allowing
  27  *              direct uploads via webservices. The private file area is deprecated - please don't use it.
  28  *  itemid   => For draft areas this is the draftid - this can be used to add a list of files
  29  *              to a draft area in separate requests. If it is 0, a new draftid will be generated.
  30  *              For private files, this is ignored.
  31  *
  32  * @package    core_webservice
  33  * @copyright  2011 Dongsheng Cai <dongsheng@moodle.com>
  34  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  35  */
  36
  37 /**
  38  * AJAX_SCRIPT - exception will be converted into JSON
  39  */
  40 define('AJAX_SCRIPT', true);
  41
  42 /**
  43  * NO_MOODLE_COOKIES - we don't want any cookie
  44  */
  45 define('NO_MOODLE_COOKIES', true);
  46
  47 require_once(dirname(dirname(__FILE__)) . '/config.php');
  48 require_once($CFG->dirroot . '/webservice/lib.php');
  49 $filepath = optional_param('filepath', '/', PARAM_PATH);
  50 // The default file area is 'private' for user private files. This
  51 // area is actually deprecated and only supported for backwards compatibility with
  52 // the mobile app.
  53 $filearea = optional_param('filearea', 'private', PARAM_ALPHA);
  54 $itemid = optional_param('itemid', 0, PARAM_INT);
  55
  56 echo $OUTPUT->header();
  57
  58 // authenticate the user
  59 $token = required_param('token', PARAM_ALPHANUM);
  60 $webservicelib = new webservice();
  61 $authenticationinfo = $webservicelib->authenticate_user($token);
  62 $fileuploaddisabled = empty($authenticationinfo['service']->uploadfiles);
  63 if ($fileuploaddisabled) {
  64     throw new webservice_access_exception('Web service file upload must be enabled in external service settings');
  65 }
  66
  67 // check the user can manage his own files (can upload)
  68 $context = context_user::instance($USER->id);
  69 require_capability('moodle/user:manageownfiles', $context);
  70
  71 $fs = get_file_storage();
  72
  73 $totalsize = 0;
  74 $files = array();
  75 foreach ($_FILES as $fieldname=>$uploaded_file) {
  76     // check upload errors
  77     if (!empty($_FILES[$fieldname]['error'])) {
  78         switch ($_FILES[$fieldname]['error']) {
  79         case UPLOAD_ERR_INI_SIZE:
  80             throw new moodle_exception('upload_error_ini_size', 'repository_upload');
  81             break;
  82         case UPLOAD_ERR_FORM_SIZE:
  83             throw new moodle_exception('upload_error_form_size', 'repository_upload');
  84             break;
  85         case UPLOAD_ERR_PARTIAL:
  86             throw new moodle_exception('upload_error_partial', 'repository_upload');
  87             break;
  88         case UPLOAD_ERR_NO_FILE:
  89             throw new moodle_exception('upload_error_no_file', 'repository_upload');
  90             break;
  91         case UPLOAD_ERR_NO_TMP_DIR:
  92             throw new moodle_exception('upload_error_no_tmp_dir', 'repository_upload');
  93             break;
  94         case UPLOAD_ERR_CANT_WRITE:
  95             throw new moodle_exception('upload_error_cant_write', 'repository_upload');
  96             break;
  97         case UPLOAD_ERR_EXTENSION:
  98             throw new moodle_exception('upload_error_extension', 'repository_upload');
  99             break;
 100         default:
 101             throw new moodle_exception('nofile');
 102         }
 103     }
 104     $file = new stdClass();
 105     $file->filename = clean_param($_FILES[$fieldname]['name'], PARAM_FILE);
 106     // check system maxbytes setting
 107     if (($_FILES[$fieldname]['size'] > get_max_upload_file_size($CFG->maxbytes))) {
 108         // oversize file will be ignored, error added to array to notify
 109         // web service client
 110         $file->errortype = 'fileoversized';
 111         $file->error = get_string('maxbytes', 'error');
 112     } else {
 113         $file->filepath = $_FILES[$fieldname]['tmp_name'];
 114         // calculate total size of upload
 115         $totalsize += $_FILES[$fieldname]['size'];
 116     }
 117     $files[] = $file;
 118 }
 119
 120 $fs = get_file_storage();
 121
 122 if ($filearea == 'draft' && $itemid <= 0) {
 123     $itemid = file_get_unused_draft_itemid();
 124 }
 125
 126 // Get any existing file size limits.
 127 $maxareabytes = FILE_AREA_MAX_BYTES_UNLIMITED;
 128 $maxupload = get_user_max_upload_file_size($context, $CFG->maxbytes);
 129 if ($filearea == 'private') {
 130     // Private files area is limited by $CFG->userquota.
 131     if (!has_capability('moodle/user:ignoreuserquota', $context)) {
 132         $maxareabytes = $CFG->userquota;
 133     }
 134
 135     // Count the size of all existing files in this area.
 136     if ($maxareabytes > 0) {
 137         $usedspace = 0;
 138         $existingfiles = $fs->get_area_files($context->id, 'user', $filearea, false, 'id', false);
 139         foreach ($existingfiles as $file) {
 140             $usedspace += $file->get_filesize();
 141         }
 142         if ($totalsize > ($maxareabytes - $usedspace)) {
 143             throw new file_exception('userquotalimit');
 144         }
 145     }
 146 }
 147
 148 // Check the size of this upload.
 149 if ($maxupload !== USER_CAN_IGNORE_FILE_SIZE_LIMITS && $totalsize > $maxupload) {
 150     throw new file_exception('userquotalimit');
 151 }
 152
 153 $results = array();
 154 foreach ($files as $file) {
 155     if (!empty($file->error)) {
 156         // including error and filename
 157         $results[] = $file;
 158         continue;
 159     }
 160     $file_record = new stdClass;
 161     $file_record->component = 'user';
 162     $file_record->contextid = $context->id;
 163     $file_record->userid    = $USER->id;
 164     $file_record->filearea  = $filearea;
 165     $file_record->filename = $file->filename;
 166     $file_record->filepath  = $filepath;
 167     $file_record->itemid    = $itemid;
 168     $file_record->license   = $CFG->sitedefaultlicense;
 169     $file_record->author    = fullname($authenticationinfo['user']);
 170     $file_record->source    = '';
 171
 172     //Check if the file already exist
 173     $existingfile = $fs->file_exists($file_record->contextid, $file_record->component, $file_record->filearea,
 174                 $file_record->itemid, $file_record->filepath, $file_record->filename);
 175     if ($existingfile) {
 176         $file->errortype = 'filenameexist';
 177         $file->error = get_string('filenameexist', 'webservice', $file->filename);
 178         $results[] = $file;
 179     } else {
 180         $stored_file = $fs->create_file_from_pathname($file_record, $file->filepath);
 181         $results[] = $file_record;
 182     }
 183 }
 184 echo json_encode($results);