| blob | 58b857d592e452fff2b317b0769cb68c0d92d4bb |
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * Functions for file handling.
19 *
20 * @package core_files
21 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
27 /**
28 * BYTESERVING_BOUNDARY - string unique string constant.
29 */
32 /**
33 * Unlimited area size constant
34 */
42 /**
43 * Encodes file serving url
44 *
45 * @deprecated use moodle_url factory methods instead
46 *
47 * @todo MDL-31071 deprecate this function
48 * @global stdClass $CFG
49 * @param string $urlbase
50 * @param string $path /filearea/itemid/dir/dir/file.exe
51 * @param bool $forcedownload
52 * @param bool $https https url required
53 * @return string encoded file url
54 */
58 //TODO: deprecate this
67 }
73 }
74 }
78 }
81 }
83 /**
84 * Prepares 'editor' formslib element from data in database
85 *
86 * The passed $data record must contain field foobar, foobarformat and optionally foobartrust. This
87 * function then copies the embedded files into draft area (assigning itemids automatically),
88 * creates the form element foobar_editor and rewrites the URLs so the embedded images can be
89 * displayed.
90 * In your mform definition, you must have an 'editor' element called foobar_editor. Then you call
91 * your mform's set_data() supplying the object returned by this function.
92 *
93 * @category files
94 * @param stdClass $data database field that holds the html text with embedded media
95 * @param string $field the name of the database field that holds the html text with embedded media
96 * @param array $options editor options (like maxifiles, maxbytes etc.)
97 * @param stdClass $context context of the editor
98 * @param string $component
99 * @param string $filearea file area name
100 * @param int $itemid item id, required if item exists
101 * @return stdClass modified data object
102 */
103 function file_prepare_standard_editor($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
107 }
110 }
113 }
116 }
119 }
121 //sanity check for passed context. This function doesn't expect $option['context'] to be set
122 //But this function is called before creating editor hence, this is one of the best places to check
123 //if context is used properly. This check notify developer that they missed passing context to editor.
125 //if $context is not null then make sure $option['context'] is also set.
126 debugging('Context for editor is not set in editoroptions. Hence editor will not respect editor filters', DEBUG_DEVELOPER);
128 //If both are passed then they should be equal.
130 $exceptionmsg = 'Editor context ['.$options['context']->id.'] is not equal to passed context ['.$context->id.']';
132 }
133 }
140 }
143 }
146 }
149 }
153 // noclean ignored if trusttext enabled
156 }
161 }
162 }
164 }
168 $currenttext = file_prepare_draft_area($draftid_editor, $contextid, $component, $filearea, $itemid, $options, $data->{$field});
169 $data->{$field.'_editor'} = array('text'=>$currenttext, 'format'=>$data->{$field.'format'}, 'itemid'=>$draftid_editor);
171 $data->{$field.'_editor'} = array('text'=>$data->{$field}, 'format'=>$data->{$field.'format'}, 'itemid'=>0);
172 }
175 }
177 /**
178 * Prepares the content of the 'editor' form element with embedded media files to be saved in database
179 *
180 * This function moves files from draft area to the destination area and
181 * encodes URLs to the draft files so they can be safely saved into DB. The
182 * form has to contain the 'editor' element named foobar_editor, where 'foobar'
183 * is the name of the database field to hold the wysiwyg editor content. The
184 * editor data comes as an array with text, format and itemid properties. This
185 * function automatically adds $data properties foobar, foobarformat and
186 * foobartrust, where foobar has URL to embedded files encoded.
187 *
188 * @category files
189 * @param stdClass $data raw data submitted by the form
190 * @param string $field name of the database field containing the html with embedded media files
191 * @param array $options editor options (trusttext, subdirs, maxfiles, maxbytes etc.)
192 * @param stdClass $context context, required for existing data
193 * @param string $component file component
194 * @param string $filearea file area name
195 * @param int $itemid item id, required if item exists
196 * @return stdClass modified data object
197 */
198 function file_postupdate_standard_editor($data, $field, array $options, $context, $component=null, $filearea=null, $itemid=null) {
202 }
205 }
208 }
211 }
214 }
220 }
224 if ($options['maxfiles'] == 0 or is_null($filearea) or is_null($itemid) or empty($editor['itemid'])) {
227 $data->{$field} = file_save_draft_area_files($editor['itemid'], $context->id, $component, $filearea, $itemid, $options, $editor['text'], $options['forcehttps']);
228 }
232 }
234 /**
235 * Saves text and files modified by Editor formslib element
236 *
237 * @category files
238 * @param stdClass $data $database entry field
239 * @param string $field name of data field
240 * @param array $options various options
241 * @param stdClass $context context - must already exist
242 * @param string $component
243 * @param string $filearea file area name
244 * @param int $itemid must already exist, usually means data is in db
245 * @return stdClass modified data obejct
246 */
247 function file_prepare_standard_filemanager($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
251 }
257 }
264 }
266 /**
267 * Saves files modified by File manager formslib element
268 *
269 * @todo MDL-31073 review this function
270 * @category files
271 * @param stdClass $data $database entry field
272 * @param string $field name of data field
273 * @param array $options various options
274 * @param stdClass $context context - must already exist
275 * @param string $component
276 * @param string $filearea file area name
277 * @param int $itemid must already exist, usually means data is in db
278 * @return stdClass modified data obejct
279 */
280 function file_postupdate_standard_filemanager($data, $field, array $options, $context, $component, $filearea, $itemid) {
284 }
287 }
290 }
296 file_save_draft_area_files($data->{$field.'_filemanager'}, $context->id, $component, $filearea, $itemid, $options);
303 }
304 }
307 }
309 /**
310 * Generate a draft itemid
311 *
312 * @category files
313 * @global moodle_database $DB
314 * @global stdClass $USER
315 * @return int a random but available draft itemid that can be used to create a new draft
316 * file area.
317 */
322 // guests and not-logged-in users can not be allowed to upload anything!!!!!!
324 }
332 }
335 }
337 /**
338 * Initialise a draft file area from a real one by copying the files. A draft
339 * area will be created if one does not already exist. Normally you should
340 * get $draftitemid by calling file_get_submitted_draft_itemid('elementname');
341 *
342 * @category files
343 * @global stdClass $CFG
344 * @global stdClass $USER
345 * @param int $draftitemid the id of the draft area to use, or 0 to create a new one, in which case this parameter is updated.
346 * @param int $contextid This parameter and the next two identify the file area to copy files from.
347 * @param string $component
348 * @param string $filearea helps indentify the file area.
349 * @param int $itemid helps identify the file area. Can be null if there are no files yet.
350 * @param array $options text and file options ('subdirs'=>false, 'forcehttps'=>false)
351 * @param string $text some html content that needs to have embedded links rewritten to point to the draft area.
352 * @return string|null returns string if $text was passed in, the rewritten $text is returned. Otherwise NULL.
353 */
354 function file_prepare_draft_area(&$draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null) {
360 }
363 }
369 // create a new area and copy existing files into
371 $file_record = array('contextid'=>$usercontext->id, 'component'=>'user', 'filearea'=>'draft', 'itemid'=>$draftitemid);
372 if (!is_null($itemid) and $files = $fs->get_area_files($contextid, $component, $filearea, $itemid)) {
375 // we need a way to mark the age of each draft area,
376 // by not copying the root dir we force it to be created automatically with current timestamp
378 }
381 }
383 // XXX: This is a hack for file manager (MDL-28666)
384 // File manager needs to know the original file information before copying
385 // to draft area, so we append these information in mdl_files.source field
386 // {@link file_storage::search_references()}
387 // {@link file_storage::search_references_count()}
400 // End of file manager hack
401 }
402 }
404 // at this point there should not be any draftfile links yet,
405 // because this is a new text from database that should still contain the @@pluginfile@@ links
406 // this happens when developers forget to post process the text
407 $text = str_replace("\"$CFG->httpswwwroot/draftfile.php", "\"$CFG->httpswwwroot/brokenfile.php#", $text);
408 }
410 // nothing to do
411 }
415 }
417 // relink embedded files - editor can not handle @@PLUGINFILE@@ !
418 return file_rewrite_pluginfile_urls($text, 'draftfile.php', $usercontext->id, 'user', 'draft', $draftitemid, $options);
419 }
421 /**
422 * Convert encoded URLs in $text from the @@PLUGINFILE@@/... form to an actual URL.
423 *
424 * @category files
425 * @global stdClass $CFG
426 * @param string $text The content that may contain ULRs in need of rewriting.
427 * @param string $file The script that should be used to serve these files. pluginfile.php, draftfile.php, etc.
428 * @param int $contextid This parameter and the next two identify the file area to use.
429 * @param string $component
430 * @param string $filearea helps identify the file area.
431 * @param int $itemid helps identify the file area.
432 * @param array $options text and file options ('forcehttps'=>false)
433 * @return string the processed text.
434 */
435 function file_rewrite_pluginfile_urls($text, $file, $contextid, $component, $filearea, $itemid, array $options=null) {
441 }
445 }
451 }
455 }
458 }
460 /**
461 * Returns information about files in a draft area.
462 *
463 * @global stdClass $CFG
464 * @global stdClass $USER
465 * @param int $draftitemid the draft area item id.
466 * @param string $filepath path to the directory from which the information have to be retrieved.
467 * @return array with the following entries:
468 * 'filecount' => number of files in the draft area.
469 * 'filesize' => total size of the files in the draft area.
470 * 'foldercount' => number of folders in the draft area.
471 * 'filesize_without_references' => total size of the area excluding file references.
472 * (more information will be added as needed).
473 */
485 );
488 $draftfiles = $fs->get_directory_files($usercontext->id, 'user', 'draft', $draftitemid, $filepath, true, true);
491 }
497 }
503 }
504 }
507 }
509 /**
510 * Returns whether a draft area has exceeded/will exceed its size limit.
511 *
512 * Please note that the unlimited value for $areamaxbytes is -1 {@link FILE_AREA_MAX_BYTES_UNLIMITED}, not 0.
513 *
514 * @param int $draftitemid the draft area item id.
515 * @param int $areamaxbytes the maximum size allowed in this draft area.
516 * @param int $newfilesize the size that would be added to the current area.
517 * @param bool $includereferences true to include the size of the references in the area size.
518 * @return bool true if the area will/has exceeded its limit.
519 * @since 2.4
520 */
521 function file_is_draft_area_limit_reached($draftitemid, $areamaxbytes, $newfilesize = 0, $includereferences = false) {
527 }
530 }
531 }
533 }
535 /**
536 * Get used space of files
537 * @global moodle_database $DB
538 * @global stdClass $USER
539 * @return int total bytes
540 */
546 JOIN (SELECT contenthash, filename, MAX(id) AS id
547 FROM {files}
548 WHERE contextid = ? AND component = ? AND filearea != ?
553 }
555 /**
556 * Convert any string to a valid filepath
557 * @todo review this function
558 * @param string $str
559 * @return string path
560 */
566 }
567 }
569 /**
570 * Generate a folder tree of draft area of current USER recursively
571 *
572 * @todo MDL-31073 use normal return value instead, this does not fit the rest of api here (skodak)
573 * @param int $draftitemid
574 * @param string $filepath
575 * @param mixed $data
576 */
582 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
597 }
598 }
599 }
600 }
602 /**
603 * Listing all files (including folders) in current path (draft area)
604 * used by file manager
605 * @param int $draftitemid
606 * @param string $filepath
607 * @return stdClass
608 */
619 // will be used to build breadcrumb
628 }
629 }
630 }
634 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
652 }
653 // find the file this draft file was created from and count all references in local
654 // system pointing to that file
658 }
668 // do NOT use file browser here!
674 }
680 $item->realthumbnail = $itemurl->out(false, array('preview' => 'thumb', 'oid' => $file->get_timemodified()));
681 $item->realicon = $itemurl->out(false, array('preview' => 'tinyicon', 'oid' => $file->get_timemodified()));
684 }
685 }
687 }
688 }
692 }
694 /**
695 * Returns draft area itemid for a given element.
696 *
697 * @category files
698 * @param string $elname name of formlib editor element, or a hidden form field that stores the draft area item id, etc.
699 * @return int the itemid, or 0 if there is not one yet.
700 */
702 // this is a nasty hack, ideally all new elements should use arrays here or there should be a new parameter
705 }
713 }
717 }
721 }
724 }
726 /**
727 * Restore the original source field from draft files
728 *
729 * Do not use this function because it makes field files.source inconsistent
730 * for draft area files. This function will be deprecated in 2.6
731 *
732 * @param stored_file $storedfile This only works with draft files
733 * @return stored_file
734 */
743 }
744 }
746 }
747 /**
748 * Saves files from a draft file area to a real one (merging the list of files).
749 * Can rewrite URLs in some content at the same time if desired.
750 *
751 * @category files
752 * @global stdClass $USER
753 * @param int $draftitemid the id of the draft area to use. Normally obtained
754 * from file_get_submitted_draft_itemid('elementname') or similar.
755 * @param int $contextid This parameter and the next two identify the file area to save to.
756 * @param string $component
757 * @param string $filearea indentifies the file area.
758 * @param int $itemid helps identifies the file area.
759 * @param array $options area options (subdirs=>false, maxfiles=-1, maxbytes=0)
760 * @param string $text some html content that needs to have embedded links rewritten
761 * to the @@PLUGINFILE@@ form for saving in the database.
762 * @param bool $forcehttps force https urls.
763 * @return string|null if $text was passed in, the rewritten $text is returned. Otherwise NULL.
764 */
765 function file_save_draft_area_files($draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null, $forcehttps=false) {
774 }
777 }
780 }
783 }
786 // we assume that if $options['return_types'] is NOT specified, we DO allow references.
787 // this is not exactly right. BUT there are many places in code where filemanager options
788 // are not passed to file_save_draft_area_files()
790 }
792 // Check if the draft area has exceeded the authorised limit. This should never happen as validation
793 // should have taken place before, unless the user is doing something nauthly. If so, let's just not save
794 // anything at all in the next area.
797 }
802 // One file in filearea means it is empty (it has only top-level directory '.').
804 // we have to merge old and new files - we want to keep file ids for files that were not changed
805 // we change time modified for all new and changed files, we keep time created as is
812 }
815 }
818 // oversized file - should not get here at all
820 }
822 // more files - should not get here at all
824 }
826 }
827 $newhash = $fs->get_pathname_hash($contextid, $component, $filearea, $itemid, $file->get_filepath(), $file->get_filename());
829 }
831 // Loop through oldfiles and decide which we need to delete and which to update.
832 // After this cycle the array $newhashes will only contain the files that need to be added.
836 // delete files not needed any more - deleted by user
839 }
842 // Now we know that we have $oldfile and $newfile for the same path.
843 // Let's check if we can update this file or we need to delete and create.
845 // Directories are always ok to just update.
847 // File has the 'original' - we need to update the file (it may even have not been changed at all).
849 if ($original['filename'] !== $oldfile->get_filename() || $original['filepath'] !== $oldfile->get_filepath()) {
850 // Very odd, original points to another file. Delete and create file.
853 }
855 // The same file name but absence of 'original' means that file was deteled and uploaded again.
856 // By deleting and creating new file we properly manage all existing references.
859 }
861 // status changed, we delete old file, and create a new one
863 // file was changed, use updated with new timemodified data
865 // This file will be added later
867 }
869 // Updated author
872 }
873 // Updated license
876 }
878 // Updated file source
879 // Field files.source for draftarea files contains serialised object with source and original information.
880 // We only store the source part of it for non-draft file area.
884 }
887 }
889 // Updated sort order
892 }
894 // Update file timemodified
897 }
899 // Replaced file content
906 // push changes to all local files that are referencing this file
908 }
910 // unchanged file or directory - we keep it as is
912 }
914 // Add fresh file or the file which has changed status
915 // the size and subdirectory tests are extra safety only, the UI should prevent it
917 $file_record = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'timemodified'=>time());
919 // Field files.source for draftarea files contains serialised object with source and original information.
920 // We only store the source part of it for non-draft file area.
922 }
929 }
930 }
933 }
934 }
936 // note: do not purge the draft area - we clean up areas later in cron,
937 // the reason is that user might press submit twice and they would loose the files,
938 // also sometimes we might want to use hacks that save files into two different areas
944 }
945 }
947 /**
948 * Convert the draft file area URLs in some content to @@PLUGINFILE@@ tokens
949 * ready to be saved in the database. Normally, this is done automatically by
950 * {@link file_save_draft_area_files()}.
951 *
952 * @category files
953 * @param string $text the content to process.
954 * @param int $draftitemid the draft file area the content was using.
955 * @param bool $forcehttps whether the content contains https URLs. Default false.
956 * @return string the processed content.
957 */
966 }
968 // relink embedded files if text submitted - no absolute links allowed in database!
969 $text = str_ireplace("$wwwroot/draftfile.php/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
973 preg_match_all("!$wwwroot/draftfile.php\?file=%2F{$usercontext->id}%2Fuser%2Fdraft%2F{$draftitemid}%2F[^'\",&<>|`\s:\\\\]+!iu", $text, $matches);
978 }
979 }
980 $text = str_ireplace("$wwwroot/draftfile.php?file=/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
981 }
984 }
986 /**
987 * Set file sort order
988 *
989 * @global moodle_database $DB
990 * @param int $contextid the context id
991 * @param string $component file component
992 * @param string $filearea file area.
993 * @param int $itemid itemid.
994 * @param string $filepath file path.
995 * @param string $filename file name.
996 * @param int $sortorder the sort order of file.
997 * @return bool
998 */
999 function file_set_sortorder($contextid, $component, $filearea, $itemid, $filepath, $filename, $sortorder) {
1001 $conditions = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'filepath'=>$filepath, 'filename'=>$filename);
1007 }
1009 }
1011 /**
1012 * reset file sort order number to 0
1013 * @global moodle_database $DB
1014 * @param int $contextid the context id
1015 * @param string $component
1016 * @param string $filearea file area.
1017 * @param int|bool $itemid itemid.
1018 * @return bool
1019 */
1026 }
1032 }
1034 }
1036 /**
1037 * Returns description of upload error
1038 *
1039 * @param int $errorcode found in $_FILES['filename.ext']['error']
1040 * @return string error description string, '' if ok
1041 */
1065 // Note: there is no error with a value of 5
1081 }
1084 }
1086 /**
1087 * Recursive function formating an array in POST parameter
1088 * @param array $arraydata - the array that we are going to format and add into &$data array
1089 * @param string $currentdata - a row of the final postdata array at instant T
1090 * when finish, it's assign to $data under this format: name[keyname][][]...[]='value'
1091 * @param array $data - the final data array containing all POST parameters : 1 row = 1 parameter
1092 */
1101 }
1102 }
1103 }
1105 /**
1106 * Transform a PHP array into POST parameter
1107 * (see the recursive function format_array_postdata_for_curlcall)
1108 * @param array $postdata
1109 * @return array containing all POST parameters (1 row = 1 POST parameter)
1110 */
1119 }
1120 }
1123 }
1125 /**
1126 * Fetches content of file from Internet (using proxy if defined). Uses cURL extension if present.
1127 * Due to security concerns only downloads from http(s) sources are supported.
1128 *
1129 * @todo MDL-31073 add version test for '7.10.5'
1130 * @category files
1131 * @param string $url file url starting with http(s)://
1132 * @param array $headers http headers, null if none. If set, should be an
1133 * associative array of header name => value pairs.
1134 * @param array $postdata array means use POST request with given parameters
1135 * @param bool $fullresponse return headers, responses, etc in a similar way snoopy does
1136 * (if false, just returns content)
1137 * @param int $timeout timeout for complete download process including all file transfer
1138 * (default 5 minutes)
1139 * @param int $connecttimeout timeout for connection to server; this is the timeout that
1140 * usually happens if the remote server is completely down (default 20 seconds);
1141 * may not work when using proxy
1142 * @param bool $skipcertverify If true, the peer's SSL certificate will not be checked.
1143 * Only use this when already in a trusted location.
1144 * @param string $tofile store the downloaded content to file instead of returning it.
1145 * @param bool $calctimeout false by default, true enables an extra head request to try and determine
1146 * filesize and appropriately larger timeout based on $CFG->curltimeoutkbitrate
1147 * @return mixed false if request failed or content of the file as string if ok. True if file downloaded into $tofile successfully.
1148 */
1149 function download_file_content($url, $headers=null, $postdata=null, $fullresponse=false, $timeout=300, $connecttimeout=20, $skipcertverify=false, $tofile=NULL, $calctimeout=false) {
1152 // some extra security
1157 }
1158 }
1171 }
1172 }
1174 // check if proxy (if used) should be bypassed for this url
1180 }
1182 // set extra headers
1187 }
1189 }
1193 }
1195 // use POST if requested
1200 }
1208 }
1211 // TODO: add version test for '7.10.5'
1214 }
1217 // SOCKS supported in PHP5 only
1234 }
1235 }
1236 }
1244 }
1249 // any proxy authentication if PHP 5.1
1251 }
1252 }
1253 }
1255 // set up header and content handlers
1260 curl_setopt($ch, CURLOPT_HEADERFUNCTION, partial('download_file_content_header_handler', $received));
1262 curl_setopt($ch, CURLOPT_WRITEFUNCTION, partial('download_file_content_write_handler', $received));
1263 }
1266 //use very slow rate of 56kbps as a timeout speed when not set
1270 }
1272 // try to calculate the proper amount for timeout from remote file size.
1273 // if disabled or zero, we won't do any checks nor head requests.
1275 //setup header request only options
1279 );
1286 $timeout = max($timeout, ceil($info['download_content_length'] * 8 / ($bitrate * 1024))); //adjust for large files only - take max timeout.
1287 }
1288 //reinstate affected curl options
1293 );
1294 }
1299 // try to detect encoding problems
1303 }
1307 }
1320 }
1329 }
1336 // for security reasons we support only true http connections (Location: file:// exploit prevention)
1351 }
1356 debugging("cURL request for \"$url\" failed, HTTP response code: ".$response->response_code, DEBUG_ALL);
1360 }
1361 }
1362 }
1364 /**
1365 * internal implementation
1366 * @param stdClass $received
1367 * @param resource $ch
1368 * @param mixed $header
1369 * @return int header length
1370 */
1374 }
1376 /**
1377 * internal implementation
1378 * @param stdClass $received
1379 * @param resource $ch
1380 * @param mixed $data
1381 */
1386 // bad luck, file creation or overriding failed
1388 }
1389 }
1391 // bad luck, write failed, let's abort completely
1393 }
1395 }
1397 /**
1398 * Returns a list of information about file types based on extensions.
1399 *
1400 * The following elements expected in value array for each extension:
1401 * 'type' - mimetype
1402 * 'icon' - location of the icon file. If value is FILENAME, then either pix/f/FILENAME.gif
1403 * or pix/f/FILENAME.png must be present in moodle and contain 16x16 filetype icon;
1404 * also files with bigger sizes under names
1405 * FILENAME-24, FILENAME-32, FILENAME-64, FILENAME-128, FILENAME-256 are recommended.
1406 * 'groups' (optional) - array of filetype groups this filetype extension is part of;
1407 * commonly used in moodle the following groups:
1408 * - web_image - image that can be included as <img> in HTML
1409 * - image - image that we can parse using GD to find it's dimensions, also used for portfolio format
1410 * - video - file that can be imported as video in text editor
1411 * - audio - file that can be imported as audio in text editor
1412 * - archive - we can extract files from this archive
1413 * - spreadsheet - used for portfolio format
1414 * - document - used for portfolio format
1415 * - presentation - used for portfolio format
1416 * 'string' (optional) - the name of the string from lang/en/mimetypes.php that displays
1417 * human-readable description for this filetype;
1418 * Function {@link get_mimetype_description()} first looks at the presence of string for
1419 * particular mimetype (value of 'type'), if not found looks for string specified in 'string'
1420 * attribute, if not found returns the value of 'type';
1421 * 'defaulticon' (boolean, optional) - used by function {@link file_mimetype_icon()} to find
1422 * an icon for mimetype. If an entry with 'defaulticon' is not found for a particular mimetype,
1423 * this function will return first found icon; Especially usefull for types such as 'text/plain'
1424 *
1425 * @category files
1426 * @return array List of information about file types based on extensions.
1427 * Associative array of extension (lower-case) to associative array
1428 * from 'element name' to data. Current element names are 'type' and 'icon'.
1429 * Unknown types should use the 'xxx' entry which includes defaults.
1430 */
1434 '3gp' => array ('type'=>'video/quicktime', 'icon'=>'quicktime', 'groups'=>array('video'), 'string'=>'video'),
1435 'aac' => array ('type'=>'audio/aac', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1437 'ai' => array ('type'=>'application/postscript', 'icon'=>'eps', 'groups'=>array('image'), 'string'=>'image'),
1438 'aif' => array ('type'=>'audio/x-aiff', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1439 'aiff' => array ('type'=>'audio/x-aiff', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1440 'aifc' => array ('type'=>'audio/x-aiff', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1444 'au' => array ('type'=>'audio/au', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1445 'avi' => array ('type'=>'video/x-ms-wm', 'icon'=>'avi', 'groups'=>array('video','web_video'), 'string'=>'video'),
1446 'bmp' => array ('type'=>'image/bmp', 'icon'=>'bmp', 'groups'=>array('image'), 'string'=>'image'),
1453 'dv' => array ('type'=>'video/x-dv', 'icon'=>'quicktime', 'groups'=>array('video'), 'string'=>'video'),
1456 'doc' => array ('type'=>'application/msword', 'icon'=>'document', 'groups'=>array('document')),
1457 'docx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'icon'=>'document', 'groups'=>array('document')),
1458 'docm' => array ('type'=>'application/vnd.ms-word.document.macroEnabled.12', 'icon'=>'document'),
1459 'dotx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.template', 'icon'=>'document'),
1460 'dotm' => array ('type'=>'application/vnd.ms-word.template.macroEnabled.12', 'icon'=>'document'),
1463 'dif' => array ('type'=>'video/x-dv', 'icon'=>'quicktime', 'groups'=>array('video'), 'string'=>'video'),
1469 'flv' => array ('type'=>'video/x-flv', 'icon'=>'flash', 'groups'=>array('video','web_video'), 'string'=>'video'),
1470 'f4v' => array ('type'=>'video/mp4', 'icon'=>'flash', 'groups'=>array('video','web_video'), 'string'=>'video'),
1475 'gif' => array ('type'=>'image/gif', 'icon'=>'gif', 'groups'=>array('image', 'web_image'), 'string'=>'image'),
1476 'gtar' => array ('type'=>'application/x-gtar', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1477 'tgz' => array ('type'=>'application/g-zip', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1478 'gz' => array ('type'=>'application/g-zip', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1479 'gzip' => array ('type'=>'application/g-zip', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1482 'hqx' => array ('type'=>'application/mac-binhex40', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1485 'xhtml'=> array ('type'=>'application/xhtml+xml', 'icon'=>'html', 'groups'=>array('web_file')),
1487 'ico' => array ('type'=>'image/vnd.microsoft.icon', 'icon'=>'image', 'groups'=>array('image'), 'string'=>'image'),
1499 'jpe' => array ('type'=>'image/jpeg', 'icon'=>'jpeg', 'groups'=>array('image', 'web_image'), 'string'=>'image'),
1500 'jpeg' => array ('type'=>'image/jpeg', 'icon'=>'jpeg', 'groups'=>array('image', 'web_image'), 'string'=>'image'),
1501 'jpg' => array ('type'=>'image/jpeg', 'icon'=>'jpeg', 'groups'=>array('image', 'web_image'), 'string'=>'image'),
1503 'js' => array ('type'=>'application/x-javascript', 'icon'=>'text', 'groups'=>array('web_file')),
1510 'mov' => array ('type'=>'video/quicktime', 'icon'=>'quicktime', 'groups'=>array('video','web_video'), 'string'=>'video'),
1511 'movie'=> array ('type'=>'video/x-sgi-movie', 'icon'=>'quicktime', 'groups'=>array('video'), 'string'=>'video'),
1512 'm3u' => array ('type'=>'audio/x-mpegurl', 'icon'=>'mp3', 'groups'=>array('audio'), 'string'=>'audio'),
1513 'mp3' => array ('type'=>'audio/mp3', 'icon'=>'mp3', 'groups'=>array('audio','web_audio'), 'string'=>'audio'),
1514 'mp4' => array ('type'=>'video/mp4', 'icon'=>'mpeg', 'groups'=>array('video','web_video'), 'string'=>'video'),
1515 'm4v' => array ('type'=>'video/mp4', 'icon'=>'mpeg', 'groups'=>array('video','web_video'), 'string'=>'video'),
1516 'm4a' => array ('type'=>'audio/mp4', 'icon'=>'mp3', 'groups'=>array('audio'), 'string'=>'audio'),
1517 'mpeg' => array ('type'=>'video/mpeg', 'icon'=>'mpeg', 'groups'=>array('video','web_video'), 'string'=>'video'),
1518 'mpe' => array ('type'=>'video/mpeg', 'icon'=>'mpeg', 'groups'=>array('video','web_video'), 'string'=>'video'),
1519 'mpg' => array ('type'=>'video/mpeg', 'icon'=>'mpeg', 'groups'=>array('video','web_video'), 'string'=>'video'),
1525 'odt' => array ('type'=>'application/vnd.oasis.opendocument.text', 'icon'=>'writer', 'groups'=>array('document')),
1526 'ott' => array ('type'=>'application/vnd.oasis.opendocument.text-template', 'icon'=>'writer', 'groups'=>array('document')),
1527 'oth' => array ('type'=>'application/vnd.oasis.opendocument.text-web', 'icon'=>'oth', 'groups'=>array('document')),
1530 'otg' => array ('type'=>'application/vnd.oasis.opendocument.graphics-template', 'icon'=>'draw'),
1532 'otp' => array ('type'=>'application/vnd.oasis.opendocument.presentation-template', 'icon'=>'impress'),
1533 'ods' => array ('type'=>'application/vnd.oasis.opendocument.spreadsheet', 'icon'=>'calc', 'groups'=>array('spreadsheet')),
1534 'ots' => array ('type'=>'application/vnd.oasis.opendocument.spreadsheet-template', 'icon'=>'calc', 'groups'=>array('spreadsheet')),
1539 'oga' => array ('type'=>'audio/ogg', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1540 'ogg' => array ('type'=>'audio/ogg', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1541 'ogv' => array ('type'=>'video/ogg', 'icon'=>'video', 'groups'=>array('video'), 'string'=>'video'),
1543 'pct' => array ('type'=>'image/pict', 'icon'=>'image', 'groups'=>array('image'), 'string'=>'image'),
1546 'pic' => array ('type'=>'image/pict', 'icon'=>'image', 'groups'=>array('image'), 'string'=>'image'),
1547 'pict' => array ('type'=>'image/pict', 'icon'=>'image', 'groups'=>array('image'), 'string'=>'image'),
1548 'png' => array ('type'=>'image/png', 'icon'=>'png', 'groups'=>array('image', 'web_image'), 'string'=>'image'),
1550 'pps' => array ('type'=>'application/vnd.ms-powerpoint', 'icon'=>'powerpoint', 'groups'=>array('presentation')),
1551 'ppt' => array ('type'=>'application/vnd.ms-powerpoint', 'icon'=>'powerpoint', 'groups'=>array('presentation')),
1552 'pptx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'icon'=>'powerpoint'),
1553 'pptm' => array ('type'=>'application/vnd.ms-powerpoint.presentation.macroEnabled.12', 'icon'=>'powerpoint'),
1554 'potx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.template', 'icon'=>'powerpoint'),
1555 'potm' => array ('type'=>'application/vnd.ms-powerpoint.template.macroEnabled.12', 'icon'=>'powerpoint'),
1556 'ppam' => array ('type'=>'application/vnd.ms-powerpoint.addin.macroEnabled.12', 'icon'=>'powerpoint'),
1557 'ppsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.slideshow', 'icon'=>'powerpoint'),
1558 'ppsm' => array ('type'=>'application/vnd.ms-powerpoint.slideshow.macroEnabled.12', 'icon'=>'powerpoint'),
1561 'qt' => array ('type'=>'video/quicktime', 'icon'=>'quicktime', 'groups'=>array('video','web_video'), 'string'=>'video'),
1562 'ra' => array ('type'=>'audio/x-realaudio-plugin', 'icon'=>'audio', 'groups'=>array('audio','web_audio'), 'string'=>'audio'),
1563 'ram' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1565 'rm' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'audio', 'groups'=>array('audio'), 'string'=>'audio'),
1566 'rmvb' => array ('type'=>'application/vnd.rn-realmedia-vbr', 'icon'=>'video', 'groups'=>array('video'), 'string'=>'video'),
1569 'rv' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'audio', 'groups'=>array('video'), 'string'=>'video'),
1571 'sit' => array ('type'=>'application/x-stuffit', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1575 'svg' => array ('type'=>'image/svg+xml', 'icon'=>'image', 'groups'=>array('image','web_image'), 'string'=>'image'),
1576 'svgz' => array ('type'=>'image/svg+xml', 'icon'=>'image', 'groups'=>array('image','web_image'), 'string'=>'image'),
1578 'swf' => array ('type'=>'application/x-shockwave-flash', 'icon'=>'flash', 'groups'=>array('video','web_video')),
1579 'swfl' => array ('type'=>'application/x-shockwave-flash', 'icon'=>'flash', 'groups'=>array('video','web_video')),
1592 'tar' => array ('type'=>'application/x-tar', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive'),
1593 'tif' => array ('type'=>'image/tiff', 'icon'=>'tiff', 'groups'=>array('image'), 'string'=>'image'),
1594 'tiff' => array ('type'=>'image/tiff', 'icon'=>'tiff', 'groups'=>array('image'), 'string'=>'image'),
1600 'wav' => array ('type'=>'audio/wav', 'icon'=>'wav', 'groups'=>array('audio'), 'string'=>'audio'),
1601 'webm' => array ('type'=>'video/webm', 'icon'=>'video', 'groups'=>array('video'), 'string'=>'video'),
1602 'wmv' => array ('type'=>'video/x-ms-wmv', 'icon'=>'wmv', 'groups'=>array('video'), 'string'=>'video'),
1603 'asf' => array ('type'=>'video/x-ms-asf', 'icon'=>'wmv', 'groups'=>array('video'), 'string'=>'video'),
1610 'xls' => array ('type'=>'application/vnd.ms-excel', 'icon'=>'spreadsheet', 'groups'=>array('spreadsheet')),
1611 'xlsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'icon'=>'spreadsheet'),
1612 'xlsm' => array ('type'=>'application/vnd.ms-excel.sheet.macroEnabled.12', 'icon'=>'spreadsheet', 'groups'=>array('spreadsheet')),
1613 'xltx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.template', 'icon'=>'spreadsheet'),
1614 'xltm' => array ('type'=>'application/vnd.ms-excel.template.macroEnabled.12', 'icon'=>'spreadsheet'),
1615 'xlsb' => array ('type'=>'application/vnd.ms-excel.sheet.binary.macroEnabled.12', 'icon'=>'spreadsheet'),
1616 'xlam' => array ('type'=>'application/vnd.ms-excel.addin.macroEnabled.12', 'icon'=>'spreadsheet'),
1621 'zip' => array ('type'=>'application/zip', 'icon'=>'archive', 'groups'=>array('archive'), 'string'=>'archive')
1622 );
1624 }
1626 /**
1627 * Obtains information about a filetype based on its extension. Will
1628 * use a default if no information is present about that particular
1629 * extension.
1630 *
1631 * @category files
1632 * @param string $element Desired information (usually 'icon'
1633 * for icon filename or 'type' for MIME type. Can also be
1634 * 'icon24', ...32, 48, 64, 72, 80, 96, 128, 256)
1635 * @param string $filename Filename we're looking up
1636 * @return string Requested piece of information from array
1637 */
1641 static $iconpostfixes = array(256=>'-256', 128=>'-128', 96=>'-96', 80=>'-80', 72=>'-72', 64=>'-64', 48=>'-48', 32=>'-32', 24=>'-24', 16=>'');
1646 }
1652 }
1653 // find the file with the closest size, first search for specific icon then for default icon
1659 }
1660 }
1661 }
1668 }
1669 }
1671 /**
1672 * Obtains information about a filetype based on the MIME type rather than
1673 * the other way around.
1674 *
1675 * @category files
1676 * @param string $element Desired information ('extension', 'icon', 'icon-24', etc.)
1677 * @param string $mimetype MIME type we're looking up
1678 * @return string Requested piece of information from array
1679 */
1681 /* array of cached mimetype->extension associations */
1691 }
1695 }
1696 }
1697 }
1700 }
1701 }
1706 }
1707 }
1709 /**
1710 * Return the relative icon path for a given file
1711 *
1712 * Usage:
1713 * <code>
1714 * // $file - instance of stored_file or file_info
1715 * $icon = $OUTPUT->pix_url(file_file_icon($file))->out();
1716 * echo html_writer::empty_tag('img', array('src' => $icon, 'alt' => get_mimetype_description($file)));
1717 * </code>
1718 * or
1719 * <code>
1720 * echo $OUTPUT->pix_icon(file_file_icon($file), get_mimetype_description($file));
1721 * </code>
1722 *
1723 * @param stored_file|file_info|stdClass|array $file (in case of object attributes $file->filename
1724 * and $file->mimetype are expected)
1725 * @param int $size The size of the icon. Defaults to 16 can also be 24, 32, 64, 128, 256
1726 * @return string
1727 */
1731 }
1740 }
1747 }
1752 // if file name has known extension, return icon for this extension
1754 }
1755 }
1757 }
1759 /**
1760 * Return the relative icon path for a folder image
1761 *
1762 * Usage:
1763 * <code>
1764 * $icon = $OUTPUT->pix_url(file_folder_icon())->out();
1765 * echo html_writer::empty_tag('img', array('src' => $icon));
1766 * </code>
1767 * or
1768 * <code>
1769 * echo $OUTPUT->pix_icon(file_folder_icon(32));
1770 * </code>
1771 *
1772 * @param int $iconsize The size of the icon. Defaults to 16 can also be 24, 32, 48, 64, 72, 80, 96, 128, 256
1773 * @return string
1774 */
1777 static $iconpostfixes = array(256=>'-256', 128=>'-128', 96=>'-96', 80=>'-80', 72=>'-72', 64=>'-64', 48=>'-48', 32=>'-32', 24=>'-24', 16=>'');
1786 }
1787 }
1788 }
1790 }
1792 /**
1793 * Returns the relative icon path for a given mime type
1794 *
1795 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1796 * a return the full path to an icon.
1797 *
1798 * <code>
1799 * $mimetype = 'image/jpg';
1800 * $icon = $OUTPUT->pix_url(file_mimetype_icon($mimetype))->out();
1801 * echo html_writer::empty_tag('img', array('src' => $icon, 'alt' => get_mimetype_description($mimetype)));
1802 * </code>
1803 *
1804 * @category files
1805 * @todo MDL-31074 When an $OUTPUT->icon method is available this function should be altered
1806 * to conform with that.
1807 * @param string $mimetype The mimetype to fetch an icon for
1808 * @param int $size The size of the icon. Defaults to 16 can also be 24, 32, 64, 128, 256
1809 * @return string The relative path to the icon
1810 */
1813 }
1815 /**
1816 * Returns the relative icon path for a given file name
1817 *
1818 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1819 * a return the full path to an icon.
1820 *
1821 * <code>
1822 * $filename = '.jpg';
1823 * $icon = $OUTPUT->pix_url(file_extension_icon($filename))->out();
1824 * echo html_writer::empty_tag('img', array('src' => $icon, 'alt' => '...'));
1825 * </code>
1826 *
1827 * @todo MDL-31074 When an $OUTPUT->icon method is available this function should be altered
1828 * to conform with that.
1829 * @todo MDL-31074 Implement $size
1830 * @category files
1831 * @param string $filename The filename to get the icon for
1832 * @param int $size The size of the icon. Defaults to 16 can also be 24, 32, 64, 128, 256
1833 * @return string
1834 */
1837 }
1839 /**
1840 * Obtains descriptions for file types (e.g. 'Microsoft Word document') from the
1841 * mimetypes.php language file.
1842 *
1843 * @param mixed $obj - instance of stored_file or file_info or array/stdClass with field
1844 * 'filename' and 'mimetype', or just a string with mimetype (though it is recommended to
1845 * have filename); In case of array/stdClass the field 'mimetype' is optional.
1846 * @param bool $capitalise If true, capitalises first character of result
1847 * @return string Text description
1848 */
1851 if (is_object($obj) && method_exists($obj, 'get_filename') && method_exists($obj, 'get_mimetype')) {
1852 // this is an instance of stored_file
1855 } else if (is_object($obj) && method_exists($obj, 'get_visible_name') && method_exists($obj, 'get_mimetype')) {
1856 // this is an instance of file_info
1863 }
1866 }
1869 }
1872 // if file has a known extension, overwrite the specified mimetype
1874 }
1881 }
1889 );
1895 }
1897 // MIME types may include + symbol but this is not permitted in string ids.
1908 }
1911 }
1913 }
1915 /**
1916 * Returns array of elements of type $element in type group(s)
1917 *
1918 * @param string $element name of the element we are interested in, usually 'type' or 'extension'
1919 * @param string|array $groups one group or array of groups/extensions/mimetypes
1920 * @return array
1921 */
1926 }
1929 }
1933 // retrieive and cache all elements of type $element for group $group
1940 }
1945 }
1946 }
1947 }
1949 }
1951 }
1953 /**
1954 * Checks if file with name $filename has one of the extensions in groups $groups
1955 *
1956 * @see get_mimetypes_array()
1957 * @param string $filename name of the file to check
1958 * @param string|array $groups one group or array of groups to check
1959 * @param bool $checktype if true and extension check fails, find the mimetype and check if
1960 * file mimetype is in mimetypes in groups $groups
1961 * @return bool
1962 */
1965 if (!empty($extension) && in_array('.'.strtolower($extension), file_get_typegroup('extension', $groups))) {
1967 }
1969 }
1971 /**
1972 * Checks if mimetype $mimetype belongs to one of the groups $groups
1973 *
1974 * @see get_mimetypes_array()
1975 * @param string $mimetype
1976 * @param string|array $groups one group or array of groups to check
1977 * @return bool
1978 */
1981 }
1983 /**
1984 * Requested file is not found or not accessible, does not return, terminates script
1985 *
1986 * @global stdClass $CFG
1987 * @global stdClass $COURSE
1988 */
1992 print_error('filenotfound', 'error', $CFG->wwwroot.'/course/view.php?id='.$COURSE->id); //this is not displayed on IIS??
1993 }
1994 /**
1995 * Helper function to send correct 404 for server.
1996 */
2002 }
2003 }
2005 /**
2006 * The readfile function can fail when files are larger than 2GB (even on 64-bit
2007 * platforms). This wrapper uses readfile for small files and custom code for
2008 * large ones.
2009 *
2010 * @param string $path Path to file
2011 * @param int $filesize Size of file (if left out, will get it automatically)
2012 * @return int|bool Size read (will always be $filesize) or false if failed
2013 */
2015 // Automatically get size if not specified.
2018 }
2020 // If the file is up to 2^31 - 1, send it normally using readfile.
2023 // For large files, read and output in 64KB chunks.
2027 }
2034 }
2037 }
2039 }
2040 }
2042 /**
2043 * Enhanced readfile() with optional acceleration.
2044 * @param string|stored_file $file
2045 * @param string $mimetype
2046 * @param bool $accelerate
2047 * @return void
2048 */
2053 // there is no encoding specified in text files, we need something consistent
2057 }
2064 if (isset($_SERVER['HTTP_IF_NONE_MATCH']) and trim($_SERVER['HTTP_IF_NONE_MATCH'], '"') === $file->get_contenthash()) {
2067 }
2068 }
2070 // if etag present for stored file rely on it exclusively
2071 if (!empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) and (empty($_SERVER['HTTP_IF_NONE_MATCH']) or !is_object($file))) {
2072 // get unixtime of request header; clip extra junk off first
2077 }
2078 }
2085 }
2091 }
2097 }
2098 }
2099 }
2109 // byteserving stuff - for acrobat reader and download accelerators
2110 // see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
2111 // inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
2116 //suffix case
2120 //fix range length
2122 }
2124 //invalid byte-range ==> ignore header
2127 }
2128 //prepare multipart header
2130 $ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/$filesize\r\n\r\n";
2131 }
2134 }
2140 }
2142 }
2143 }
2145 // Do not byteserve
2147 }
2152 // for large files try to flush and close all buffers to conserve memory
2156 }
2157 }
2158 }
2160 // send the whole file content
2165 }
2166 }
2168 /**
2169 * Similar to readfile_accel() but designed for strings.
2170 * @param string $string
2171 * @param string $mimetype
2172 * @param bool $accelerate
2173 * @return void
2174 */
2179 // there is no encoding specified in text files, we need something consistent
2183 }
2191 }
2192 }
2196 }
2198 /**
2199 * Handles the sending of temporary file to user, download is forced.
2200 * File is deleted after abort or successful sending, does not return, script terminated
2201 *
2202 * @param string $path path to file, preferably from moodledata/temp/something; or content of file itself
2203 * @param string $filename proposed file name when saving file
2204 * @param bool $pathisstring If the path is string
2205 */
2210 // only FF is known to correctly save to disk before opening...
2214 }
2216 // close session - not needed anymore
2223 }
2224 // executed after normal finish or abort
2226 }
2228 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
2231 }
2234 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
2239 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
2242 }
2244 // send the contents - we can not accelerate this because the file will be deleted asap
2250 }
2253 }
2255 /**
2256 * Internal callback function used by send_temp_file()
2257 *
2258 * @param string $path
2259 */
2263 }
2264 }
2266 /**
2267 * Handles the sending of file data to the user's browser, including support for
2268 * byteranges etc.
2269 *
2270 * @category files
2271 * @param string $path Path of file on disk (including real filename), or actual content of file as string
2272 * @param string $filename Filename to send
2273 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
2274 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
2275 * @param bool $pathisstring If true (default false), $path is the content to send and not the pathname
2276 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
2277 * @param string $mimetype Include to specify the MIME type; leave blank to have it guess the type from $filename
2278 * @param bool $dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
2279 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
2280 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
2281 * and should not be reopened.
2282 * @return null script execution stopped unless $dontdie is true
2283 */
2284 function send_file($path, $filename, $lifetime = 'default' , $filter=0, $pathisstring=false, $forcedownload=false, $mimetype='', $dontdie=false) {
2289 }
2291 // MDL-11789, apply $CFG->filelifetime here
2297 }
2298 }
2302 // Use given MIME type if specified, otherwise guess it using mimeinfo.
2303 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
2304 // only Firefox saves all files locally before opening when content-disposition: attachment stated
2309 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
2312 }
2318 }
2324 }
2332 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
2337 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
2340 }
2341 }
2344 // send the contents
2349 }
2352 // Try to put the file through filters
2365 // only filter text if filter all files is selected
2375 // send the contents
2380 }
2381 }
2382 }
2385 }
2387 }
2389 /**
2390 * Handles the sending of file data to the user's browser, including support for
2391 * byteranges etc.
2392 *
2393 * The $options parameter supports the following keys:
2394 * (string|null) preview - send the preview of the file (e.g. "thumb" for a thumbnail)
2395 * (string|null) filename - overrides the implicit filename
2396 * (bool) dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
2397 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
2398 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
2399 * and should not be reopened.
2400 *
2401 * @category files
2402 * @param stored_file $stored_file local file object
2403 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
2404 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
2405 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
2406 * @param array $options additional options affecting the file serving
2407 * @return null script execution stopped unless $options['dontdie'] is true
2408 */
2409 function send_stored_file($stored_file, $lifetime=86400 , $filter=0, $forcedownload=false, array $options=array()) {
2416 }
2422 }
2425 // replace the file with its preview
2429 // unable to create a preview of the file, send its default mime icon instead
2436 }
2440 // preview images have fixed cache lifetime and they ignore forced download
2441 // (they are generated by GD and therefore they are considered reasonably safe).
2446 }
2447 }
2449 // handle external resource
2450 if ($stored_file && $stored_file->is_external_file() && !isset($options['sendcachedexternalfile'])) {
2453 }
2456 // nothing to serve
2459 }
2461 }
2465 }
2469 // Use given MIME type if specified, otherwise guess it using mimeinfo.
2470 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
2471 // only Firefox saves all files locally before opening when content-disposition: attachment stated
2477 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
2480 }
2486 }
2492 }
2498 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
2503 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0, no-transform');
2506 }
2507 }
2510 // send the contents
2525 // only filter text if filter all files is selected
2536 }
2537 }
2540 }
2542 }
2544 /**
2545 * Retrieves an array of records from a CSV file and places
2546 * them into a given table structure
2547 *
2548 * @global stdClass $CFG
2549 * @global moodle_database $DB
2550 * @param string $file The path to a CSV file
2551 * @param string $table The table to retrieve columns from
2552 * @return bool|array Returns an array of CSV records or false
2553 */
2559 }
2563 }
2569 }
2577 }
2578 }
2586 }
2588 }
2592 }
2594 /**
2595 * Create a file with CSV contents
2596 *
2597 * @global stdClass $CFG
2598 * @global moodle_database $DB
2599 * @param string $file The file to put the CSV content into
2600 * @param array $records An array of records to write to a CSV file
2601 * @param string $table The table to get columns from
2602 * @return bool success
2603 */
2609 }
2614 }
2620 }
2625 }
2628 }
2631 }
2637 }
2640 }
2651 }
2654 }
2655 }
2657 }
2661 }
2664 /**
2665 * Recursively delete the file or folder with path $location. That is,
2666 * if it is a file delete it. If it is a folder, delete all its content
2667 * then delete it. If $location does not exist to start, that is not
2668 * considered an error.
2669 *
2670 * @param string $location the path to remove.
2671 * @return bool
2672 */
2675 // extra safety against wrong param
2677 }
2681 }
2688 }
2692 }
2693 }
2694 }
2695 }
2699 }
2704 }
2705 }
2707 }
2709 /**
2710 * Send requested byterange of file.
2711 *
2712 * @param resource $handle A file handle
2713 * @param string $mimetype The mimetype for the output
2714 * @param array $ranges An array of ranges to send
2715 * @param string $filesize The size of the content if only one range is used
2716 */
2718 // better turn off any kind of compression and buffering
2724 }
2735 }
2736 }
2745 }
2752 }
2761 }
2762 }
2774 }
2775 }
2779 }
2780 }
2782 /**
2783 * add includes (js and css) into uploaded files
2784 * before returning them, useful for themes and utf.js includes
2785 *
2786 * @global stdClass $CFG
2787 * @param string $text text to search and replace
2788 * @return string text with added head includes
2789 * @todo MDL-21120
2790 */
2792 // first look for <head> tag
2796 /* foreach ($CFG->stylesheets as $stylesheet) {
2797 //TODO: MDL-21120
2798 $stylesheetshtml .= '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'" />'."\n";
2799 }*/
2803 // this script is needed by most media filter plugins.
2806 }
2813 }
2815 // if not, look for <html> tag, and stick <head> right after
2818 // replace <html> tag with <html><head>includes</head>
2822 }
2824 // if not, look for <body> tag, and stick <head> before body
2830 }
2832 // if not, just stick a <head> tag at the beginning
2835 }
2837 /**
2838 * RESTful cURL class
2839 *
2840 * This is a wrapper class for curl, it is quite easy to use:
2841 * <code>
2842 * $c = new curl;
2843 * // enable cache
2844 * $c = new curl(array('cache'=>true));
2845 * // enable cookie
2846 * $c = new curl(array('cookie'=>true));
2847 * // enable proxy
2848 * $c = new curl(array('proxy'=>true));
2849 *
2850 * // HTTP GET Method
2851 * $html = $c->get('http://example.com');
2852 * // HTTP POST Method
2853 * $html = $c->post('http://example.com/', array('q'=>'words', 'name'=>'moodle'));
2854 * // HTTP PUT Method
2855 * $html = $c->put('http://example.com/', array('file'=>'/var/www/test.txt');
2856 * </code>
2857 *
2858 * @package core_files
2859 * @category files
2860 * @copyright Dongsheng Cai <dongsheng@moodle.com>
2861 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
2862 */
2864 /** @var bool Caches http request contents */
2866 /** @var bool Uses proxy */
2868 /** @var string library version */
2870 /** @var array http's response */
2872 /** @var array http header */
2874 /** @var string cURL information */
2876 /** @var string error */
2878 /** @var int error code */
2881 /** @var array cURL options */
2883 /** @var string Proxy host */
2885 /** @var string Proxy auth */
2887 /** @var string Proxy type */
2889 /** @var bool Debug mode on */
2891 /** @var bool|string Path to cookie file */
2894 /**
2895 * Constructor
2896 *
2897 * @global stdClass $CFG
2898 * @param array $options
2899 */
2906 }
2907 // the options of curl should be init here.
2911 }
2917 }
2918 }
2925 }
2926 }
2927 }
2933 }
2939 }
2946 }
2948 }
2949 }
2952 }
2953 }
2954 /**
2955 * Resets the CURL options that have already been set
2956 */
2960 // True to include the header in the output
2962 // True to Exclude the body from the output
2964 // TRUE to follow any "Location: " header that the server
2965 // sends as part of the HTTP header (note this is recursive,
2966 // PHP will follow as many "Location: " headers that it is sent,
2967 // unless CURLOPT_MAXREDIRS is set).
2968 //$this->options['CURLOPT_FOLLOWLOCATION'] = 1;
2971 // TRUE to return the transfer as a string of the return
2972 // value of curl_exec() instead of outputting it out directly.
2981 }
2982 }
2984 /**
2985 * Get the location of ca certificates.
2986 * @return string absolute file path or empty if default used
2987 */
2991 // Bundle in dataroot always wins.
2994 }
2996 // Next comes the default from php.ini
3000 }
3002 // Windows PHP does not have any certs, we need to use something.
3006 }
3007 }
3009 // Use default, this should work fine on all properly configured *nix systems.
3011 }
3013 /**
3014 * Reset Cookie
3015 */
3023 }
3024 }
3025 }
3026 }
3028 /**
3029 * Set curl options.
3030 *
3031 * Do not use the curl constants to define the options, pass a string
3032 * corresponding to that constant. Ie. to set CURLOPT_MAXREDIRS, pass
3033 * array('CURLOPT_MAXREDIRS' => 10) or array('maxredirs' => 10) to this method.
3034 *
3035 * @param array $options If array is null, this function will reset the options to default value.
3036 * @return void
3037 * @throws coding_exception If an option uses constant value instead of option name.
3038 */
3043 throw new coding_exception('Curl options should be defined using strings, not constant values.');
3044 }
3047 }
3049 }
3050 }
3051 }
3053 /**
3054 * Reset http method
3055 */
3065 }
3067 /**
3068 * Resets the HTTP Request headers (to prepare for the new request)
3069 */
3072 }
3074 /**
3075 * Set HTTP Request Header
3076 *
3077 * @param array $header
3078 */
3083 }
3086 }
3087 }
3089 /**
3090 * Set HTTP Response Header
3091 *
3092 */
3095 }
3097 /**
3098 * private callback function
3099 * Formatting HTTP Response Header
3100 *
3101 * @param resource $ch Apparently not used
3102 * @param string $header
3103 * @return int The strlen of the header
3104 */
3106 {
3119 }
3122 }
3123 }
3125 }
3127 /**
3128 * Set options for individual curl instance
3129 *
3130 * @param resource $curl A curl handle
3131 * @param array $options
3132 * @return resource The curl handle
3133 */
3135 // Clean up
3137 // set cookie
3141 ));
3142 }
3144 // set proxy
3147 }
3149 // reset before set options
3151 // set headers
3156 'Connection: keep-alive'
3157 ));
3158 }
3161 // Bypass proxy (for this request only) if required.
3165 }
3172 }
3174 // Set options.
3178 }
3180 }
3182 /**
3183 * Download multiple files in parallel
3184 *
3185 * Calls {@link multi()} with specific download headers
3186 *
3187 * <code>
3188 * $c = new curl();
3189 * $file1 = fopen('a', 'wb');
3190 * $file2 = fopen('b', 'wb');
3191 * $c->download(array(
3192 * array('url'=>'http://localhost/', 'file'=>$file1),
3193 * array('url'=>'http://localhost/20/', 'file'=>$file2)
3194 * ));
3195 * fclose($file1);
3196 * fclose($file2);
3197 * </code>
3198 *
3199 * or
3200 *
3201 * <code>
3202 * $c = new curl();
3203 * $c->download(array(
3204 * array('url'=>'http://localhost/', 'filepath'=>'/tmp/file1.tmp'),
3205 * array('url'=>'http://localhost/20/', 'filepath'=>'/tmp/file2.tmp')
3206 * ));
3207 * </code>
3208 *
3209 * @param array $requests An array of files to request {
3210 * url => url to download the file [required]
3211 * file => file handler, or
3212 * filepath => file path
3213 * }
3214 * If 'file' and 'filepath' parameters are both specified in one request, the
3215 * open file handle in the 'file' parameter will take precedence and 'filepath'
3216 * will be ignored.
3217 *
3218 * @param array $options An array of options to set
3219 * @return array An array of results
3220 */
3225 }
3227 /**
3228 * Mulit HTTP Requests
3229 * This function could run multi-requests in parallel.
3230 *
3231 * @param array $requests An array of files to request
3232 * @param array $options An array of options to set
3233 * @return array An array of results
3234 */
3242 // open file
3245 }
3248 }
3252 }
3262 }
3264 }
3269 // close file handler if file is opened in this function
3271 }
3272 }
3274 }
3276 /**
3277 * Single HTTP Request
3278 *
3279 * @param string $url The URL to request
3280 * @param array $options
3281 * @return bool
3282 */
3284 // create curl instance
3294 }
3295 }
3308 }
3316 // exception is not ajax friendly
3317 //throw new moodle_exception($this->error, 'curl');
3318 }
3319 }
3321 /**
3322 * HTTP HEAD method
3323 *
3324 * @see request()
3325 *
3326 * @param string $url
3327 * @param array $options
3328 * @return bool
3329 */
3335 }
3337 /**
3338 * HTTP POST method
3339 *
3340 * @param string $url
3341 * @param array|string $params
3342 * @param array $options
3343 * @return bool
3344 */
3354 }
3355 }
3359 // $params is the raw post data
3361 }
3363 }
3365 /**
3366 * HTTP GET method
3367 *
3368 * @param string $url
3369 * @param array $params
3370 * @param array $options
3371 * @return bool
3372 */
3379 }
3381 }
3383 /**
3384 * Downloads one file and writes it to the specified file handler
3385 *
3386 * <code>
3387 * $c = new curl();
3388 * $file = fopen('savepath', 'w');
3389 * $result = $c->download_one('http://localhost/', null,
3390 * array('file' => $file, 'timeout' => 5, 'followlocation' => true, 'maxredirs' => 3));
3391 * fclose($file);
3392 * $download_info = $c->get_info();
3393 * if ($result === true) {
3394 * // file downloaded successfully
3395 * } else {
3396 * $error_text = $result;
3397 * $error_code = $c->get_errno();
3398 * }
3399 * </code>
3400 *
3401 * <code>
3402 * $c = new curl();
3403 * $result = $c->download_one('http://localhost/', null,
3404 * array('filepath' => 'savepath', 'timeout' => 5, 'followlocation' => true, 'maxredirs' => 3));
3405 * // ... see above, no need to close handle and remove file if unsuccessful
3406 * </code>
3407 *
3408 * @param string $url
3409 * @param array|null $params key-value pairs to be added to $url as query string
3410 * @param array $options request options. Must include either 'file' or 'filepath'
3411 * @return bool|string true on success or error string on failure
3412 */
3419 }
3421 // open file
3425 }
3427 }
3434 }
3435 }
3437 }
3439 /**
3440 * HTTP PUT method
3441 *
3442 * @param string $url
3443 * @param array $params
3444 * @param array $options
3445 * @return bool
3446 */
3451 }
3459 }
3463 }
3465 /**
3466 * HTTP DELETE method
3467 *
3468 * @param string $url
3469 * @param array $param
3470 * @param array $options
3471 * @return bool
3472 */
3477 }
3480 }
3482 /**
3483 * HTTP TRACE method
3484 *
3485 * @param string $url
3486 * @param array $options
3487 * @return bool
3488 */
3493 }
3495 /**
3496 * HTTP OPTIONS method
3497 *
3498 * @param string $url
3499 * @param array $options
3500 * @return bool
3501 */
3506 }
3508 /**
3509 * Get curl information
3510 *
3511 * @return string
3512 */
3515 }
3517 /**
3518 * Get curl error code
3519 *
3520 * @return int
3521 */
3524 }
3526 /**
3527 * When using a proxy, an additional HTTP response code may appear at
3528 * the start of the header. For example, when using https over a proxy
3529 * there may be 'HTTP/1.0 200 Connection Established'. Other codes are
3530 * also possible and some may come with their own headers.
3531 *
3532 * If using the return value containing all headers, this function can be
3533 * called to remove unwanted doubles.
3534 *
3535 * Note that it is not possible to distinguish this situation from valid
3536 * data unless you know the actual response part (below the headers)
3537 * will not be included in this string, or else will not 'look like' HTTP
3538 * headers. As a result it is not safe to call this function for general
3539 * data.
3540 *
3541 * @param string $input Input HTTP response
3542 * @return string HTTP response with additional headers stripped if any
3543 */
3545 // I have tried to make this regular expression as specific as possible
3546 // to avoid any case where it does weird stuff if you happen to put
3547 // HTTP/1.1 200 at the start of any line in your RSS file. This should
3548 // also make it faster because it can abandon regex processing as soon
3549 // as it hits something that doesn't look like an http header. The
3550 // header definition is taken from RFC 822, except I didn't support
3551 // folding which is never used in practice.
3554 // HTTP version and status code (ignore value of code).
3556 // Header name: character between 33 and 126 decimal, except colon.
3557 // Colon. Header value: any character except \r and \n. CRLF.
3559 // Headers are terminated by another CRLF (blank line).
3561 // Second HTTP status code, this time must be 200.
3563 }
3564 }
3566 /**
3567 * This class is used by cURL class, use case:
3568 *
3569 * <code>
3570 * $CFG->repositorycacheexpire = 120;
3571 * $CFG->curlcache = 120;
3572 *
3573 * $c = new curl(array('cache'=>true), 'module_cache'=>'repository');
3574 * $ret = $c->get('http://www.google.com');
3575 * </code>
3576 *
3577 * @package core_files
3578 * @copyright Dongsheng Cai <dongsheng@moodle.com>
3579 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
3580 */
3582 /** @var string Path to cache directory */
3585 /**
3586 * Constructor
3587 *
3588 * @global stdClass $CFG
3589 * @param string $module which module is using curl_cache
3590 */
3597 }
3600 }
3604 }
3609 }
3611 }
3612 }
3614 /**
3615 * Get cached value
3616 *
3617 * @global stdClass $CFG
3618 * @global stdClass $USER
3619 * @param mixed $param
3620 * @return bool|string
3621 */
3635 }
3636 }
3638 }
3640 /**
3641 * Set cache value
3642 *
3643 * @global object $CFG
3644 * @global object $USER
3645 * @param mixed $param
3646 * @param mixed $val
3647 */
3654 }
3656 /**
3657 * Remove cache files
3658 *
3659 * @param int $expire The number of seconds before expiry
3660 */
3668 }
3669 }
3670 }
3672 }
3673 }
3674 /**
3675 * delete current user's cache file
3676 *
3677 * @global object $CFG
3678 * @global object $USER
3679 */
3687 }
3688 }
3689 }
3690 }
3691 }
3692 }
3694 /**
3695 * This function delegates file serving to individual plugins
3696 *
3697 * @param string $relativepath
3698 * @param bool $forcedownload
3699 * @param null|string $preview the preview mode, defaults to serving the original file
3700 * @todo MDL-31088 file serving improments
3701 */
3704 // relative path must start with '/'
3709 }
3711 // extract relative path components
3716 }
3726 // ========================================================================================================================
3728 // Blog file serving
3731 }
3734 }
3738 }
3743 }
3748 }
3752 }
3753 }
3754 }
3759 }
3763 //ok
3768 }
3769 }
3774 if (!$file = $fs->get_file($context->id, $component, $filearea, $entryid, $filepath, $filename) or $file->is_directory()) {
3776 }
3778 send_stored_file($file, 10*60, 0, true, array('preview' => $preview)); // download MUST be forced - security!
3780 // ========================================================================================================================
3782 if (($filearea === 'outcome' or $filearea === 'scale') and $context->contextlevel == CONTEXT_SYSTEM) {
3783 // Global gradebook files
3786 }
3792 }
3798 //TODO: nobody implemented this yet in grade edit form!!
3803 }
3809 }
3815 }
3817 // ========================================================================================================================
3821 // All tag descriptions are going to be public but we still need to respect forcelogin
3824 }
3830 }
3837 }
3838 // ========================================================================================================================
3849 }
3850 if (!$file = $fs->get_file($context->id, 'badges', 'badgeimage', $badge->id, '/', $filename.'.png')) {
3852 }
3857 if (!$file = $fs->get_file($context->id, 'badges', 'userbadge', $badge->id, '/', $filename.'.png')) {
3859 }
3863 }
3864 // ========================================================================================================================
3868 // All events here are public the one requirement is that we respect forcelogin
3871 }
3873 // Get the event if from the args array
3876 // Load the event from the database
3879 }
3881 // Get the file and serve if successful
3884 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3886 }
3893 // Must be logged in, if they are not then they obviously can't be this user
3896 // Don't want guests here, potentially saves a DB call
3899 }
3901 // Get the event if from the args array
3904 // Load the event from the database - user id must match
3905 if (!$event = $DB->get_record('event', array('id'=>(int)$eventid, 'userid'=>$USER->id, 'eventtype'=>'user'))) {
3907 }
3909 // Get the file and serve if successful
3912 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3914 }
3921 // Respect forcelogin and require login unless this is the site.... it probably
3922 // should NEVER be the site
3925 }
3927 // Must be able to at least view the course. This does not apply to the front page.
3929 //TODO: hmm, do we really want to block guests here?
3931 }
3933 // Get the event id
3936 // Load the event from the database we need to check whether it is
3937 // a) valid course event
3938 // b) a group event
3939 // Group events use the course context (there is no group context)
3942 }
3944 // If its a group event require either membership of view all groups capability
3946 if (!has_capability('moodle/site:accessallgroups', $context) && !groups_is_member($event->groupid, $USER->id)) {
3948 }
3950 // Ok. Please note that the event type 'site' still uses a course context.
3952 // Some other type.
3954 }
3956 // If we get this far we can serve the file
3959 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3961 }
3968 }
3970 // ========================================================================================================================
3979 }
3981 // fix file name automatically
3984 }
3988 // protect images if login required and not logged in;
3989 // also if login is required for profile images and is not logged in or guest
3990 // do not use require_login() because it is expensive and not suitable here anyway
3993 }
3998 // f3 512x512px was introduced in 2.3, there might be only the smaller version.
4001 }
4002 }
4003 }
4004 }
4006 // bad reference - try to prevent future retries as hard as possible!
4010 }
4011 }
4012 // no redirect here because it is not cached
4016 }
4018 send_stored_file($file, 60*60*24*365, 0, false, array('preview' => $preview)); // enable long caching, there are many images on each page
4025 }
4029 }
4033 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
4035 }
4038 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
4044 }
4049 // always can access own
4056 }
4058 // we allow access to site profile of all course contacts (usually teachers)
4059 if (!has_coursecontact_role($userid) && !has_capability('moodle/user:viewdetails', $context)) {
4061 }
4068 }
4074 }
4075 }
4076 }
4080 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
4082 }
4085 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
4093 }
4099 }
4101 //TODO: review this logic of user profile access prevention
4102 if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
4104 }
4105 if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
4107 }
4110 }
4111 if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
4113 }
4114 }
4118 if (!$file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename) or $file->is_directory()) {
4120 }
4123 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
4130 }
4135 }
4139 if (!$file = $fs->get_file($context->id, 'user', 'backup', 0, $filepath, $filename) or $file->is_directory()) {
4141 }
4144 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
4148 }
4150 // ========================================================================================================================
4154 }
4158 // no login necessary - unless login forced everywhere
4160 }
4164 if (!$file = $fs->get_file($context->id, 'coursecat', 'description', 0, $filepath, $filename) or $file->is_directory()) {
4166 }
4172 }
4174 // ========================================================================================================================
4178 }
4183 }
4187 if (!$file = $fs->get_file($context->id, 'course', $filearea, 0, $filepath, $filename) or $file->is_directory()) {
4189 }
4199 }
4203 if (!$section = $DB->get_record('course_sections', array('id'=>$sectionid, 'course'=>$course->id))) {
4205 }
4209 if (!$file = $fs->get_file($context->id, 'course', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
4211 }
4218 }
4223 }
4229 $group = $DB->get_record('groups', array('id'=>$groupid, 'courseid'=>$course->id), '*', MUST_EXIST);
4230 if (($course->groupmodeforce and $course->groupmode == SEPARATEGROUPS) and !has_capability('moodle/site:accessallgroups', $context) and !groups_is_member($group->id, $USER->id)) {
4231 // do not allow access to separate group info if not member or teacher
4233 }
4241 if (!$file = $fs->get_file($context->id, 'group', 'description', $group->id, $filepath, $filename) or $file->is_directory()) {
4243 }
4253 }
4254 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.png')) {
4255 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.jpg')) {
4257 }
4258 }
4265 }
4270 }
4276 // note: everybody has access to grouping desc images for now
4281 if (!$file = $fs->get_file($context->id, 'grouping', 'description', $groupingid, $filepath, $filename) or $file->is_directory()) {
4283 }
4290 }
4292 // ========================================================================================================================
4300 if (!$file = $fs->get_file($context->id, 'backup', 'course', 0, $filepath, $filename) or $file->is_directory()) {
4302 }
4315 if (!$file = $fs->get_file($context->id, 'backup', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
4317 }
4328 if (!$file = $fs->get_file($context->id, 'backup', 'activity', 0, $filepath, $filename) or $file->is_directory()) {
4330 }
4336 // Backup files that were generated by the automated backup systems.
4343 if (!$file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename) or $file->is_directory()) {
4345 }
4352 }
4354 // ========================================================================================================================
4360 // ========================================================================================================================
4363 // files embedded into the form definition description
4373 }
4378 FROM {grading_areas} ga
4379 JOIN {grading_definitions} gd ON (gd.areaid = ga.id)
4385 }
4391 }
4395 }
4397 // ========================================================================================================================
4402 }
4407 // somebody tries to gain illegal access, cm type must match the component!
4409 }
4410 }
4415 }
4418 // all users may access it
4421 if (!$file = $fs->get_file($context->id, 'mod_'.$modname, 'intro', 0, $filepath, $filename) or $file->is_directory()) {
4423 }
4427 // finally send the file
4429 }
4434 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
4435 $filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
4437 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
4438 $filefunctionold($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
4439 }
4443 // ========================================================================================================================
4446 // note: no more class methods in blocks please, that is ....
4449 }
4453 $birecord = $DB->get_record('block_instances', array('id'=>$context->instanceid), '*',MUST_EXIST);
4455 // somebody tries to gain illegal access, cm type must match the component!
4457 }
4459 $bprecord = $DB->get_record('block_positions', array('contextid' => $context->id, 'blockinstanceid' => $context->instanceid));
4460 // User can't access file, if block is hidden or doesn't have block:view capability
4463 }
4466 }
4470 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
4471 $filefunction($course, $birecord, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
4472 }
4476 // ========================================================================================================================
4478 // all core subsystems have to be specified above, no more guessing here!
4482 // try to serve general plugin file in arbitrary context
4486 }
4491 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
4492 $filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
4493 }
4496 }
4498 }