blocks/html/lib.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Form for editing HTML block instances.
  19  *
  20  * @copyright 2010 Petr Skoda (http://skodak.org)
  21  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  22  * @package   block_html
  23  * @category  files
  24  * @param stdClass $course course object
  25  * @param stdClass $birecord_or_cm block instance record
  26  * @param stdClass $context context object
  27  * @param string $filearea file area
  28  * @param array $args extra arguments
  29  * @param bool $forcedownload whether or not force download
  30  * @param array $options additional options affecting the file serving
  31  * @return bool
  32  * @todo MDL-36050 improve capability check on stick blocks, so we can check user capability before sending images.
  33  */
  34 function block_html_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options=array()) {
  35     global $DB, $CFG;
  36
  37     if ($context->contextlevel != CONTEXT_BLOCK) {
  38         send_file_not_found();
  39     }
  40
  41     // If block is in course context, then check if user has capability to access course.
  42     if ($context->get_course_context(false)) {
  43         require_course_login($course);
  44     } else if ($CFG->forcelogin) {
  45         require_login();
  46     } else {
  47         // Get parent context and see if user have proper permission.
  48         $parentcontext = $context->get_parent_context();
  49         if ($parentcontext->contextlevel === CONTEXT_COURSECAT) {
  50             // Check if category is visible and user can view this category.
  51             $category = $DB->get_record('course_categories', array('id' => $parentcontext->instanceid), '*', MUST_EXIST);
  52             if (!$category->visible) {
  53                 require_capability('moodle/category:viewhiddencategories', $parentcontext);
  54             }
  55         }
  56         // At this point there is no way to check SYSTEM or USER context, so ignoring it.
  57     }
  58
  59     if ($filearea !== 'content') {
  60         send_file_not_found();
  61     }
  62
  63     $fs = get_file_storage();
  64
  65     $filename = array_pop($args);
  66     $filepath = $args ? '/'.implode('/', $args).'/' : '/';
  67
  68     if (!$file = $fs->get_file($context->id, 'block_html', 'content', 0, $filepath, $filename) or $file->is_directory()) {
  69         send_file_not_found();
  70     }
  71
  72     if ($parentcontext = context::instance_by_id($birecord_or_cm->parentcontextid, IGNORE_MISSING)) {
  73         if ($parentcontext->contextlevel == CONTEXT_USER) {
  74             // force download on all personal pages including /my/
  75             //because we do not have reliable way to find out from where this is used
  76             $forcedownload = true;
  77         }
  78     } else {
  79         // weird, there should be parent context, better force dowload then
  80         $forcedownload = true;
  81     }
  82
  83     // NOTE: it woudl be nice to have file revisions here, for now rely on standard file lifetime,
  84     //       do not lower it because the files are dispalyed very often.
  85     \core\session\manager::write_close();
  86     send_stored_file($file, null, 0, $forcedownload, $options);
  87 }
  88
  89 /**
  90  * Perform global search replace such as when migrating site to new URL.
  91  * @param  $search
  92  * @param  $replace
  93  * @return void
  94  */
  95 function block_html_global_db_replace($search, $replace) {
  96     global $DB;
  97
  98     $instances = $DB->get_recordset('block_instances', array('blockname' => 'html'));
  99     foreach ($instances as $instance) {
 100         // TODO: intentionally hardcoded until MDL-26800 is fixed
 101         $config = unserialize(base64_decode($instance->configdata));
 102         if (isset($config->text) and is_string($config->text)) {
 103             $config->text = str_replace($search, $replace, $config->text);
 104             $DB->set_field('block_instances', 'configdata', base64_encode(serialize($config)), array('id' => $instance->id));
 105         }
 106     }
 107     $instances->close();
 108 }