2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * These functions are required very early in the Moodle
19 * setup process, before any of the main libraries are
24 * @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
28 defined('MOODLE_INTERNAL') ||
die();
30 // Debug levels - always keep the values in ascending order!
31 /** No warnings and errors at all */
32 define('DEBUG_NONE', 0);
33 /** Fatal errors only */
34 define('DEBUG_MINIMAL', E_ERROR | E_PARSE
);
35 /** Errors, warnings and notices */
36 define('DEBUG_NORMAL', E_ERROR | E_PARSE | E_WARNING | E_NOTICE
);
37 /** All problems except strict PHP warnings */
38 define('DEBUG_ALL', E_ALL
& ~E_STRICT
);
39 /** DEBUG_ALL with all debug messages and strict warnings */
40 define('DEBUG_DEVELOPER', E_ALL | E_STRICT
);
42 /** Remove any memory limits */
43 define('MEMORY_UNLIMITED', -1);
44 /** Standard memory limit for given platform */
45 define('MEMORY_STANDARD', -2);
47 * Large memory limit for given platform - used in cron, upgrade, and other places that need a lot of memory.
48 * Can be overridden with $CFG->extramemorylimit setting.
50 define('MEMORY_EXTRA', -3);
51 /** Extremely large memory limit - not recommended for standard scripts */
52 define('MEMORY_HUGE', -4);
55 * Base Moodle Exception class
57 * Although this class is defined here, you cannot throw a moodle_exception until
58 * after moodlelib.php has been included (which will happen very soon).
62 * @copyright 2008 Petr Skoda {@link http://skodak.org}
63 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
65 class moodle_exception
extends Exception
{
68 * @var string The name of the string from error.php to print
73 * @var string The name of module
78 * @var mixed Extra words and phrases that might be required in the error string
83 * @var string The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
88 * @var string Optional information to aid the debugging process
94 * @param string $errorcode The name of the string from error.php to print
95 * @param string $module name of module
96 * @param string $link The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
97 * @param mixed $a Extra words and phrases that might be required in the error string
98 * @param string $debuginfo optional debugging information
100 function __construct($errorcode, $module='', $link='', $a=NULL, $debuginfo=null) {
103 if (empty($module) ||
$module == 'moodle' ||
$module == 'core') {
107 $this->errorcode
= $errorcode;
108 $this->module
= $module;
111 $this->debuginfo
= is_null($debuginfo) ?
null : (string)$debuginfo;
113 if (get_string_manager()->string_exists($errorcode, $module)) {
114 $message = get_string($errorcode, $module, $a);
115 $haserrorstring = true;
117 $message = $module . '/' . $errorcode;
118 $haserrorstring = false;
121 $isinphpunittest = (defined('PHPUNIT_TEST') && PHPUNIT_TEST
);
122 $hasdebugdeveloper = (
123 isset($CFG->debugdisplay
) &&
124 isset($CFG->debug
) &&
125 $CFG->debugdisplay
&&
126 $CFG->debug
=== DEBUG_DEVELOPER
130 if ($isinphpunittest ||
$hasdebugdeveloper) {
131 $message = "$message ($debuginfo)";
135 if (!$haserrorstring and $isinphpunittest) {
136 // Append the contents of $a to $debuginfo so helpful information isn't lost.
137 // This emulates what {@link get_exception_info()} does. Unfortunately that
138 // function is not used by phpunit.
139 $message .= PHP_EOL
.'$a contents: '.print_r($a, true);
142 parent
::__construct($message, 0);
147 * Course/activity access exception.
149 * This exception is thrown from require_login()
151 * @package core_access
152 * @copyright 2010 Petr Skoda {@link http://skodak.org}
153 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
155 class require_login_exception
extends moodle_exception
{
158 * @param string $debuginfo Information to aid the debugging process
160 function __construct($debuginfo) {
161 parent
::__construct('requireloginerror', 'error', '', NULL, $debuginfo);
166 * Session timeout exception.
168 * This exception is thrown from require_login()
170 * @package core_access
171 * @copyright 2015 Andrew Nicols <andrew@nicols.co.uk>
172 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
174 class require_login_session_timeout_exception
extends require_login_exception
{
178 public function __construct() {
179 moodle_exception
::__construct('sessionerroruser', 'error');
184 * Web service parameter exception class
185 * @deprecated since Moodle 2.2 - use moodle exception instead
186 * This exception must be thrown to the web service client when a web service parameter is invalid
187 * The error string is gotten from webservice.php
189 class webservice_parameter_exception
extends moodle_exception
{
192 * @param string $errorcode The name of the string from webservice.php to print
193 * @param string $a The name of the parameter
194 * @param string $debuginfo Optional information to aid debugging
196 function __construct($errorcode=null, $a = '', $debuginfo = null) {
197 parent
::__construct($errorcode, 'webservice', '', $a, $debuginfo);
202 * Exceptions indicating user does not have permissions to do something
203 * and the execution can not continue.
205 * @package core_access
206 * @copyright 2009 Petr Skoda {@link http://skodak.org}
207 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
209 class required_capability_exception
extends moodle_exception
{
212 * @param context $context The context used for the capability check
213 * @param string $capability The required capability
214 * @param string $errormessage The error message to show the user
215 * @param string $stringfile
217 function __construct($context, $capability, $errormessage, $stringfile) {
218 $capabilityname = get_capability_string($capability);
219 if ($context->contextlevel
== CONTEXT_MODULE
and preg_match('/:view$/', $capability)) {
220 // we can not go to mod/xx/view.php because we most probably do not have cap to view it, let's go to course instead
221 $parentcontext = $context->get_parent_context();
222 $link = $parentcontext->get_url();
224 $link = $context->get_url();
226 parent
::__construct($errormessage, $stringfile, $link, $capabilityname);
231 * Exception indicating programming error, must be fixed by a programer. For example
232 * a core API might throw this type of exception if a plugin calls it incorrectly.
236 * @copyright 2008 Petr Skoda {@link http://skodak.org}
237 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
239 class coding_exception
extends moodle_exception
{
242 * @param string $hint short description of problem
243 * @param string $debuginfo detailed information how to fix problem
245 function __construct($hint, $debuginfo=null) {
246 parent
::__construct('codingerror', 'debug', '', $hint, $debuginfo);
251 * Exception indicating malformed parameter problem.
252 * This exception is not supposed to be thrown when processing
253 * user submitted data in forms. It is more suitable
254 * for WS and other low level stuff.
258 * @copyright 2009 Petr Skoda {@link http://skodak.org}
259 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
261 class invalid_parameter_exception
extends moodle_exception
{
264 * @param string $debuginfo some detailed information
266 function __construct($debuginfo=null) {
267 parent
::__construct('invalidparameter', 'debug', '', null, $debuginfo);
272 * Exception indicating malformed response problem.
273 * This exception is not supposed to be thrown when processing
274 * user submitted data in forms. It is more suitable
275 * for WS and other low level stuff.
277 class invalid_response_exception
extends moodle_exception
{
280 * @param string $debuginfo some detailed information
282 function __construct($debuginfo=null) {
283 parent
::__construct('invalidresponse', 'debug', '', null, $debuginfo);
288 * An exception that indicates something really weird happened. For example,
289 * if you do switch ($context->contextlevel), and have one case for each
290 * CONTEXT_... constant. You might throw an invalid_state_exception in the
291 * default case, to just in case something really weird is going on, and
292 * $context->contextlevel is invalid - rather than ignoring this possibility.
296 * @copyright 2009 onwards Martin Dougiamas {@link http://moodle.com}
297 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
299 class invalid_state_exception
extends moodle_exception
{
302 * @param string $hint short description of problem
303 * @param string $debuginfo optional more detailed information
305 function __construct($hint, $debuginfo=null) {
306 parent
::__construct('invalidstatedetected', 'debug', '', $hint, $debuginfo);
311 * An exception that indicates incorrect permissions in $CFG->dataroot
315 * @copyright 2010 Petr Skoda {@link http://skodak.org}
316 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
318 class invalid_dataroot_permissions
extends moodle_exception
{
321 * @param string $debuginfo optional more detailed information
323 function __construct($debuginfo = NULL) {
324 parent
::__construct('invaliddatarootpermissions', 'error', '', NULL, $debuginfo);
329 * An exception that indicates that file can not be served
333 * @copyright 2010 Petr Skoda {@link http://skodak.org}
334 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
336 class file_serving_exception
extends moodle_exception
{
339 * @param string $debuginfo optional more detailed information
341 function __construct($debuginfo = NULL) {
342 parent
::__construct('cannotservefile', 'error', '', NULL, $debuginfo);
347 * Default exception handler.
349 * @param Exception $ex
350 * @return void -does not return. Terminates execution!
352 function default_exception_handler($ex) {
353 global $CFG, $DB, $OUTPUT, $USER, $FULLME, $SESSION, $PAGE;
355 // detect active db transactions, rollback and log as error
356 abort_all_db_transactions();
358 if (($ex instanceof required_capability_exception
) && !CLI_SCRIPT
&& !AJAX_SCRIPT
&& !empty($CFG->autologinguests
) && !empty($USER->autologinguest
)) {
359 $SESSION->wantsurl
= qualified_me();
360 redirect(get_login_url());
363 $info = get_exception_info($ex);
365 // If we already tried to send the header remove it, the content length
366 // should be either empty or the length of the error page.
367 @header_remove
('Content-Length');
369 if (is_early_init($info->backtrace
)) {
370 echo bootstrap_renderer
::early_error($info->message
, $info->moreinfourl
, $info->link
, $info->backtrace
, $info->debuginfo
, $info->errorcode
);
372 if (debugging('', DEBUG_MINIMAL
)) {
373 $logerrmsg = "Default exception handler: ".$info->message
.' Debug: '.$info->debuginfo
."\n".format_backtrace($info->backtrace
, true);
374 error_log($logerrmsg);
379 // If you enable db debugging and exception is thrown, the print footer prints a lot of rubbish
383 // If we are in an AJAX script we don't want to use PREFERRED_RENDERER_TARGET.
384 // Because we know we will want to use ajax format.
385 $renderer = new core_renderer_ajax($PAGE, 'ajax');
389 echo $renderer->fatal_error($info->message
, $info->moreinfourl
, $info->link
, $info->backtrace
, $info->debuginfo
,
391 } catch (Exception
$e) {
393 } catch (Throwable
$e) {
394 // Engine errors in PHP7 throw exceptions of type Throwable (this "catch" will be ignored in PHP5).
398 if (isset($out_ex)) {
399 // default exception handler MUST not throw any exceptions!!
400 // the problem here is we do not know if page already started or not, we only know that somebody messed up in outputlib or theme
401 // so we just print at least something instead of "Exception thrown without a stack frame in Unknown on line 0":-(
402 if (CLI_SCRIPT
or AJAX_SCRIPT
) {
403 // just ignore the error and send something back using the safest method
404 echo bootstrap_renderer
::early_error($info->message
, $info->moreinfourl
, $info->link
, $info->backtrace
, $info->debuginfo
, $info->errorcode
);
406 echo bootstrap_renderer
::early_error_content($info->message
, $info->moreinfourl
, $info->link
, $info->backtrace
, $info->debuginfo
);
407 $outinfo = get_exception_info($out_ex);
408 echo bootstrap_renderer
::early_error_content($outinfo->message
, $outinfo->moreinfourl
, $outinfo->link
, $outinfo->backtrace
, $outinfo->debuginfo
);
413 exit(1); // General error code
417 * Default error handler, prevents some white screens.
419 * @param string $errstr
420 * @param string $errfile
421 * @param int $errline
422 * @return bool false means use default error handler
424 function default_error_handler($errno, $errstr, $errfile, $errline) {
425 if ($errno == 4096) {
426 //fatal catchable error
427 throw new coding_exception('PHP catchable fatal error', $errstr);
433 * Unconditionally abort all database transactions, this function
434 * should be called from exception handlers only.
437 function abort_all_db_transactions() {
438 global $CFG, $DB, $SCRIPT;
440 // default exception handler MUST not throw any exceptions!!
442 if ($DB && $DB->is_transaction_started()) {
443 error_log('Database transaction aborted automatically in ' . $CFG->dirroot
. $SCRIPT);
444 // note: transaction blocks should never change current $_SESSION
445 $DB->force_transaction_rollback();
450 * This function encapsulates the tests for whether an exception was thrown in
451 * early init -- either during setup.php or during init of $OUTPUT.
453 * If another exception is thrown then, and if we do not take special measures,
454 * we would just get a very cryptic message "Exception thrown without a stack
455 * frame in Unknown on line 0". That makes debugging very hard, so we do take
456 * special measures in default_exception_handler, with the help of this function.
458 * @param array $backtrace the stack trace to analyse.
459 * @return boolean whether the stack trace is somewhere in output initialisation.
461 function is_early_init($backtrace) {
462 $dangerouscode = array(
463 array('function' => 'header', 'type' => '->'),
464 array('class' => 'bootstrap_renderer'),
465 array('file' => __DIR__
.'/setup.php'),
467 foreach ($backtrace as $stackframe) {
468 foreach ($dangerouscode as $pattern) {
470 foreach ($pattern as $property => $value) {
471 if (!isset($stackframe[$property]) ||
$stackframe[$property] != $value) {
484 * Returns detailed information about specified exception.
486 * @param Throwable $ex any sort of exception or throwable.
487 * @return stdClass standardised info to display. Fields are clear if you look at the end of this function.
489 function get_exception_info($ex): stdClass
{
492 if ($ex instanceof moodle_exception
) {
493 $errorcode = $ex->errorcode
;
494 $module = $ex->module
;
497 $debuginfo = $ex->debuginfo
;
499 $errorcode = 'generalexceptionmessage';
501 $a = $ex->getMessage();
506 // Append the error code to the debug info to make grepping and googling easier
507 $debuginfo .= PHP_EOL
."Error code: $errorcode";
509 $backtrace = $ex->getTrace();
510 $place = array('file'=>$ex->getFile(), 'line'=>$ex->getLine(), 'exception'=>get_class($ex));
511 array_unshift($backtrace, $place);
513 // Be careful, no guarantee moodlelib.php is loaded.
514 if (empty($module) ||
$module == 'moodle' ||
$module == 'core') {
517 // Search for the $errorcode's associated string
518 // If not found, append the contents of $a to $debuginfo so helpful information isn't lost
519 if (function_exists('get_string_manager')) {
520 if (get_string_manager()->string_exists($errorcode, $module)) {
521 $message = get_string($errorcode, $module, $a);
522 } elseif ($module == 'error' && get_string_manager()->string_exists($errorcode, 'moodle')) {
523 // Search in moodle file if error specified - needed for backwards compatibility
524 $message = get_string($errorcode, 'moodle', $a);
526 $message = $module . '/' . $errorcode;
527 $debuginfo .= PHP_EOL
.'$a contents: '.print_r($a, true);
530 $message = $module . '/' . $errorcode;
531 $debuginfo .= PHP_EOL
.'$a contents: '.print_r($a, true);
534 // Remove some absolute paths from message and debugging info.
537 $cfgnames = array('backuptempdir', 'tempdir', 'cachedir', 'localcachedir', 'themedir', 'dataroot', 'dirroot');
538 foreach ($cfgnames as $cfgname) {
539 if (property_exists($CFG, $cfgname)) {
540 $searches[] = $CFG->$cfgname;
541 $replaces[] = "[$cfgname]";
544 if (!empty($searches)) {
545 $message = str_replace($searches, $replaces, $message);
546 $debuginfo = str_replace($searches, $replaces, $debuginfo);
549 // Be careful, no guarantee weblib.php is loaded.
550 if (function_exists('clean_text')) {
551 $message = clean_text($message);
553 $message = htmlspecialchars($message, ENT_COMPAT
);
556 if (!empty($CFG->errordocroot
)) {
557 $errordoclink = $CFG->errordocroot
. '/en/';
559 // Only if the function is available. May be not for early errors.
560 if (function_exists('current_language')) {
561 $errordoclink = get_docs_url();
563 $errordoclink = 'https://docs.moodle.org/en/';
567 if ($module === 'error') {
568 $modulelink = 'moodle';
570 $modulelink = $module;
572 $moreinfourl = $errordoclink . 'error/' . $modulelink . '/' . $errorcode;
575 $link = get_local_referer(false) ?
: ($CFG->wwwroot
. '/');
578 // When printing an error the continue button should never link offsite.
579 // We cannot use clean_param() here as it is not guaranteed that it has been loaded yet.
580 if (stripos($link, $CFG->wwwroot
) === 0) {
581 // Internal HTTP, all good.
583 // External link spotted!
584 $link = $CFG->wwwroot
. '/';
587 $info = new stdClass();
588 $info->message
= $message;
589 $info->errorcode
= $errorcode;
590 $info->backtrace
= $backtrace;
592 $info->moreinfourl
= $moreinfourl;
594 $info->debuginfo
= $debuginfo;
600 * @deprecated since Moodle 3.8 MDL-61038 - please do not use this function any more.
601 * @see \core\uuid::generate()
603 function generate_uuid() {
604 throw new coding_exception('generate_uuid() cannot be used anymore. Please use ' .
605 '\core\uuid::generate() instead.');
609 * Returns the Moodle Docs URL in the users language for a given 'More help' link.
611 * There are three cases:
613 * 1. In the normal case, $path will be a short relative path 'component/thing',
614 * like 'mod/folder/view' 'group/import'. This gets turned into an link to
615 * MoodleDocs in the user's language, and for the appropriate Moodle version.
616 * E.g. 'group/import' may become 'http://docs.moodle.org/2x/en/group/import'.
617 * The 'http://docs.moodle.org' bit comes from $CFG->docroot.
619 * This is the only option that should be used in standard Moodle code. The other
620 * two options have been implemented because they are useful for third-party plugins.
622 * 2. $path may be an absolute URL, starting http:// or https://. In this case,
623 * the link is used as is.
625 * 3. $path may start %%WWWROOT%%, in which case that is replaced by
626 * $CFG->wwwroot to make the link.
628 * @param string $path the place to link to. See above for details.
629 * @return string The MoodleDocs URL in the user's language. for example @link http://docs.moodle.org/2x/en/$path}
631 function get_docs_url($path = null) {
633 if ($path === null) {
638 // Absolute URLs are used unmodified.
639 if (substr($path, 0, 7) === 'http://' ||
substr($path, 0, 8) === 'https://') {
643 // Paths starting %%WWWROOT%% have that replaced by $CFG->wwwroot.
644 if (substr($path, 0, 11) === '%%WWWROOT%%') {
645 return $CFG->wwwroot
. substr($path, 11);
648 // Otherwise we do the normal case, and construct a MoodleDocs URL relative to $CFG->docroot.
650 // Check that $CFG->branch has been set up, during installation it won't be.
651 if (empty($CFG->branch
)) {
652 // It's not there yet so look at version.php.
653 include($CFG->dirroot
.'/version.php');
655 // We can use $CFG->branch and avoid having to include version.php.
656 $branch = $CFG->branch
;
658 // ensure branch is valid.
660 // We should never get here but in case we do lets set $branch to .
661 // the smart one's will know that this is the current directory
662 // and the smarter ones will know that there is some smart matching
663 // that will ensure people end up at the latest version of the docs.
666 if (empty($CFG->doclang
)) {
667 $lang = current_language();
669 $lang = $CFG->doclang
;
671 $end = '/' . $branch . '/' . $lang . '/' . $path;
672 if (empty($CFG->docroot
)) {
673 return 'http://docs.moodle.org'. $end;
675 return $CFG->docroot
. $end ;
680 * Formats a backtrace ready for output.
682 * This function does not include function arguments because they could contain sensitive information
683 * not suitable to be exposed in a response.
685 * @param array $callers backtrace array, as returned by debug_backtrace().
686 * @param boolean $plaintext if false, generates HTML, if true generates plain text.
687 * @return string formatted backtrace, ready for output.
689 function format_backtrace($callers, $plaintext = false) {
690 // do not use $CFG->dirroot because it might not be available in destructors
691 $dirroot = dirname(__DIR__
);
693 if (empty($callers)) {
697 $from = $plaintext ?
'' : '<ul style="text-align: left" data-rel="backtrace">';
698 foreach ($callers as $caller) {
699 if (!isset($caller['line'])) {
700 $caller['line'] = '?'; // probably call_user_func()
702 if (!isset($caller['file'])) {
703 $caller['file'] = 'unknownfile'; // probably call_user_func()
705 $line = $plaintext ?
'* ' : '<li>';
706 $line .= 'line ' . $caller['line'] . ' of ' . str_replace($dirroot, '', $caller['file']);
707 if (isset($caller['function'])) {
708 $line .= ': call to ';
709 if (isset($caller['class'])) {
710 $line .= $caller['class'] . $caller['type'];
712 $line .= $caller['function'] . '()';
713 } else if (isset($caller['exception'])) {
714 $line .= ': '.$caller['exception'].' thrown';
717 // Remove any non printable chars.
718 $line = preg_replace('/[[:^print:]]/', '', $line);
720 $line .= $plaintext ?
"\n" : '</li>';
723 $from .= $plaintext ?
'' : '</ul>';
729 * This function makes the return value of ini_get consistent if you are
730 * setting server directives through the .htaccess file in apache.
732 * Current behavior for value set from php.ini On = 1, Off = [blank]
733 * Current behavior for value set from .htaccess On = On, Off = Off
734 * Contributed by jdell @ unr.edu
736 * @param string $ini_get_arg The argument to get
737 * @return bool True for on false for not
739 function ini_get_bool($ini_get_arg) {
740 $temp = ini_get($ini_get_arg);
742 if ($temp == '1' or strtolower($temp) == 'on') {
749 * This function verifies the sanity of PHP configuration
750 * and stops execution if anything critical found.
752 function setup_validate_php_configuration() {
753 // this must be very fast - no slow checks here!!!
755 if (ini_get_bool('session.auto_start')) {
756 throw new \
moodle_exception('sessionautostartwarning', 'admin');
761 * Initialise global $CFG variable.
762 * @private to be used only from lib/setup.php
764 function initialise_cfg() {
768 // This should not happen.
773 $localcfg = get_config('core');
774 } catch (dml_exception
$e) {
775 // Most probably empty db, going to install soon.
779 foreach ($localcfg as $name => $value) {
780 // Note that get_config() keeps forced settings
781 // and normalises values to string if possible.
782 $CFG->{$name} = $value;
787 * Cache any immutable config locally to avoid constant DB lookups.
789 * Only to be used only from lib/setup.php
791 function initialise_local_config_cache() {
794 $bootstrapcachefile = $CFG->localcachedir
. '/bootstrap.php';
796 if (!empty($CFG->siteidentifier
) && !file_exists($bootstrapcachefile)) {
798 // ********** This file is generated DO NOT EDIT **********
799 \$CFG->siteidentifier = " . var_export($CFG->siteidentifier
, true) . ";
800 \$CFG->bootstraphash = " . var_export(hash_local_config_cache(), true) . ";
801 // Only if the file is not stale and has not been defined.
802 if (\$CFG->bootstraphash === hash_local_config_cache() && !defined('SYSCONTEXTID')) {
803 define('SYSCONTEXTID', ".SYSCONTEXTID
.");
807 $temp = $bootstrapcachefile . '.tmp' . uniqid();
808 file_put_contents($temp, $contents);
809 @chmod
($temp, $CFG->filepermissions
);
810 rename($temp, $bootstrapcachefile);
815 * Calculate a proper hash to be able to invalidate stale cached configs.
817 * Only to be used to verify bootstrap.php status.
819 * @return string md5 hash of all the sensible bits deciding if cached config is stale or no.
821 function hash_local_config_cache() {
824 // This is pretty much {@see moodle_database::get_settings_hash()} that is used
825 // as identifier for the database meta information MUC cache. Should be enough to
826 // react against any of the normal changes (new prefix, change of DB type) while
827 // *incorrectly* keeping the old dataroot directory unmodified with stale data.
828 // This may need more stuff to be considered if it's discovered that there are
829 // more variables making the file stale.
830 return md5($CFG->dbtype
. $CFG->dbhost
. $CFG->dbuser
. $CFG->dbname
. $CFG->prefix
);
834 * Initialises $FULLME and friends. Private function. Should only be called from
837 function initialise_fullme() {
838 global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
840 // Detect common config error.
841 if (substr($CFG->wwwroot
, -1) == '/') {
842 throw new \
moodle_exception('wwwrootslash', 'error');
846 initialise_fullme_cli();
849 if (!empty($CFG->overridetossl
)) {
850 if (strpos($CFG->wwwroot
, 'http://') === 0) {
851 $CFG->wwwroot
= str_replace('http:', 'https:', $CFG->wwwroot
);
853 unset_config('overridetossl');
857 $rurl = setup_get_remote_url();
858 $wwwroot = parse_url($CFG->wwwroot
.'/');
860 if (empty($rurl['host'])) {
861 // missing host in request header, probably not a real browser, let's ignore them
863 } else if (!empty($CFG->reverseproxy
)) {
864 // $CFG->reverseproxy specifies if reverse proxy server used
865 // Used in load balancing scenarios.
866 // Do not abuse this to try to solve lan/wan access problems!!!!!
869 if (($rurl['host'] !== $wwwroot['host']) or
870 (!empty($wwwroot['port']) and $rurl['port'] != $wwwroot['port']) or
871 (strpos($rurl['path'], $wwwroot['path']) !== 0)) {
873 // Explain the problem and redirect them to the right URL
874 if (!defined('NO_MOODLE_COOKIES')) {
875 define('NO_MOODLE_COOKIES', true);
877 // The login/token.php script should call the correct url/port.
878 if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS
) {
879 $wwwrootport = empty($wwwroot['port'])?
'':$wwwroot['port'];
880 $calledurl = $rurl['host'];
881 if (!empty($rurl['port'])) {
882 $calledurl .= ':'. $rurl['port'];
884 $correcturl = $wwwroot['host'];
885 if (!empty($wwwrootport)) {
886 $correcturl .= ':'. $wwwrootport;
888 throw new moodle_exception('requirecorrectaccess', 'error', '', null,
889 'You called ' . $calledurl .', you should have called ' . $correcturl);
891 redirect($CFG->wwwroot
, get_string('wwwrootmismatch', 'error', $CFG->wwwroot
), 3);
895 // Check that URL is under $CFG->wwwroot.
896 if (strpos($rurl['path'], $wwwroot['path']) === 0) {
897 $SCRIPT = substr($rurl['path'], strlen($wwwroot['path'])-1);
899 // Probably some weird external script
900 $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
904 // $CFG->sslproxy specifies if external SSL appliance is used
905 // (That is, the Moodle server uses http, with an external box translating everything to https).
906 if (empty($CFG->sslproxy
)) {
907 if ($rurl['scheme'] === 'http' and $wwwroot['scheme'] === 'https') {
908 if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS
) {
909 throw new \
moodle_exception('sslonlyaccess', 'error');
911 redirect($CFG->wwwroot
, get_string('wwwrootmismatch', 'error', $CFG->wwwroot
), 3);
915 if ($wwwroot['scheme'] !== 'https') {
916 throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!');
918 $rurl['scheme'] = 'https'; // make moodle believe it runs on https, squid or something else it doing it
919 $_SERVER['HTTPS'] = 'on'; // Override $_SERVER to help external libraries with their HTTPS detection.
920 $_SERVER['SERVER_PORT'] = 443; // Assume default ssl port for the proxy.
923 // Hopefully this will stop all those "clever" admins trying to set up moodle
924 // with two different addresses in intranet and Internet.
925 // Port forwarding is still allowed!
926 if (!empty($CFG->reverseproxy
) && $rurl['host'] === $wwwroot['host'] && (empty($wwwroot['port']) ||
$rurl['port'] === $wwwroot['port'])) {
927 throw new \
moodle_exception('reverseproxyabused', 'error');
930 $hostandport = $rurl['scheme'] . '://' . $wwwroot['host'];
931 if (!empty($wwwroot['port'])) {
932 $hostandport .= ':'.$wwwroot['port'];
935 $FULLSCRIPT = $hostandport . $rurl['path'];
936 $FULLME = $hostandport . $rurl['fullpath'];
937 $ME = $rurl['fullpath'];
941 * Initialises $FULLME and friends for command line scripts.
942 * This is a private method for use by initialise_fullme.
944 function initialise_fullme_cli() {
945 global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
947 // Urls do not make much sense in CLI scripts
948 $backtrace = debug_backtrace();
949 $topfile = array_pop($backtrace);
950 $topfile = realpath($topfile['file']);
951 $dirroot = realpath($CFG->dirroot
);
953 if (strpos($topfile, $dirroot) !== 0) {
954 // Probably some weird external script
955 $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
957 $relativefile = substr($topfile, strlen($dirroot));
958 $relativefile = str_replace('\\', '/', $relativefile); // Win fix
959 $SCRIPT = $FULLSCRIPT = $relativefile;
960 $FULLME = $ME = null;
965 * Get the URL that PHP/the web server thinks it is serving. Private function
966 * used by initialise_fullme. In your code, use $PAGE->url, $SCRIPT, etc.
967 * @return array in the same format that parse_url returns, with the addition of
968 * a 'fullpath' element, which includes any slasharguments path.
970 function setup_get_remote_url() {
972 if (isset($_SERVER['HTTP_HOST'])) {
973 list($rurl['host']) = explode(':', $_SERVER['HTTP_HOST']);
975 $rurl['host'] = null;
977 $rurl['port'] = (int)$_SERVER['SERVER_PORT'];
978 $rurl['path'] = $_SERVER['SCRIPT_NAME']; // Script path without slash arguments
979 $rurl['scheme'] = (empty($_SERVER['HTTPS']) or $_SERVER['HTTPS'] === 'off' or $_SERVER['HTTPS'] === 'Off' or $_SERVER['HTTPS'] === 'OFF') ?
'http' : 'https';
981 if (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false) {
983 $rurl['fullpath'] = $_SERVER['REQUEST_URI'];
985 // Fixing a known issue with:
986 // - Apache versions lesser than 2.4.11
987 // - PHP deployed in Apache as PHP-FPM via mod_proxy_fcgi
988 // - PHP versions lesser than 5.6.3 and 5.5.18.
989 if (isset($_SERVER['PATH_INFO']) && (php_sapi_name() === 'fpm-fcgi') && isset($_SERVER['SCRIPT_NAME'])) {
990 $pathinfodec = rawurldecode($_SERVER['PATH_INFO']);
991 $lenneedle = strlen($pathinfodec);
992 // Checks whether SCRIPT_NAME ends with PATH_INFO, URL-decoded.
993 if (substr($_SERVER['SCRIPT_NAME'], -$lenneedle) === $pathinfodec) {
994 // This is the "Apache 2.4.10- running PHP-FPM via mod_proxy_fcgi" fingerprint,
995 // at least on CentOS 7 (Apache/2.4.6 PHP/5.4.16) and Ubuntu 14.04 (Apache/2.4.7 PHP/5.5.9)
996 // => SCRIPT_NAME contains 'slash arguments' data too, which is wrongly exposed via PATH_INFO as URL-encoded.
997 // Fix both $_SERVER['PATH_INFO'] and $_SERVER['SCRIPT_NAME'].
998 $lenhaystack = strlen($_SERVER['SCRIPT_NAME']);
999 $pos = $lenhaystack - $lenneedle;
1000 // Here $pos is greater than 0 but let's double check it.
1002 $_SERVER['PATH_INFO'] = $pathinfodec;
1003 $_SERVER['SCRIPT_NAME'] = substr($_SERVER['SCRIPT_NAME'], 0, $pos);
1008 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'iis') !== false) {
1009 //IIS - needs a lot of tweaking to make it work
1010 $rurl['fullpath'] = $_SERVER['SCRIPT_NAME'];
1012 // NOTE: we should ignore PATH_INFO because it is incorrectly encoded using 8bit filesystem legacy encoding in IIS.
1013 // Since 2.0, we rely on IIS rewrite extensions like Helicon ISAPI_rewrite
1014 // example rule: RewriteRule ^([^\?]+?\.php)(\/.+)$ $1\?file=$2 [QSA]
1016 // we rely on a proper IIS 6.0+ configuration: the 'FastCGIUtf8ServerVariables' registry key.
1017 if (isset($_SERVER['PATH_INFO']) and $_SERVER['PATH_INFO'] !== '') {
1018 // Check that PATH_INFO works == must not contain the script name.
1019 if (strpos($_SERVER['PATH_INFO'], $_SERVER['SCRIPT_NAME']) === false) {
1020 $rurl['fullpath'] .= clean_param(urldecode($_SERVER['PATH_INFO']), PARAM_PATH
);
1024 if (isset($_SERVER['QUERY_STRING']) and $_SERVER['QUERY_STRING'] !== '') {
1025 $rurl['fullpath'] .= '?'.$_SERVER['QUERY_STRING'];
1027 $_SERVER['REQUEST_URI'] = $rurl['fullpath']; // extra IIS compatibility
1029 /* NOTE: following servers are not fully tested! */
1031 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) {
1032 //lighttpd - not officially supported
1033 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1035 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false) {
1036 //nginx - not officially supported
1037 if (!isset($_SERVER['SCRIPT_NAME'])) {
1038 die('Invalid server configuration detected, please try to add "fastcgi_param SCRIPT_NAME $fastcgi_script_name;" to the nginx server configuration.');
1040 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1042 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'cherokee') !== false) {
1043 //cherokee - not officially supported
1044 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1046 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'zeus') !== false) {
1047 //zeus - not officially supported
1048 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1050 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
1051 //LiteSpeed - not officially supported
1052 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1054 } else if ($_SERVER['SERVER_SOFTWARE'] === 'HTTPD') {
1055 //obscure name found on some servers - this is definitely not supported
1056 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1058 } else if (strpos($_SERVER['SERVER_SOFTWARE'], 'PHP') === 0) {
1059 // built-in PHP Development Server
1060 $rurl['fullpath'] = $_SERVER['REQUEST_URI'];
1063 throw new moodle_exception('unsupportedwebserver', 'error', '', $_SERVER['SERVER_SOFTWARE']);
1066 // sanitize the url a bit more, the encoding style may be different in vars above
1067 $rurl['fullpath'] = str_replace('"', '%22', $rurl['fullpath']);
1068 $rurl['fullpath'] = str_replace('\'', '%27', $rurl['fullpath']);
1074 * Try to work around the 'max_input_vars' restriction if necessary.
1076 function workaround_max_input_vars() {
1077 // Make sure this gets executed only once from lib/setup.php!
1078 static $executed = false;
1080 debugging('workaround_max_input_vars() must be called only once!');
1085 if (!isset($_SERVER["CONTENT_TYPE"]) or strpos($_SERVER["CONTENT_TYPE"], 'multipart/form-data') !== false) {
1086 // Not a post or 'multipart/form-data' which is not compatible with "php://input" reading.
1090 if (!isloggedin() or isguestuser()) {
1091 // Only real users post huge forms.
1095 $max = (int)ini_get('max_input_vars');
1098 // Most probably PHP < 5.3.9 that does not implement this limit.
1102 if ($max >= 200000) {
1103 // This value should be ok for all our forms, by setting it in php.ini
1104 // admins may prevent any unexpected regressions caused by this hack.
1106 // Note there is no need to worry about DDoS caused by making this limit very high
1107 // because there are very many easier ways to DDoS any Moodle server.
1111 // Worst case is advanced checkboxes which use up to two max_input_vars
1112 // slots for each entry in $_POST, because of sending two fields with the
1113 // same name. So count everything twice just in case.
1114 if (count($_POST, COUNT_RECURSIVE
) * 2 < $max) {
1118 // Large POST request with enctype supported by php://input.
1119 // Parse php://input in chunks to bypass max_input_vars limit, which also applies to parse_str().
1120 $str = file_get_contents("php://input");
1121 if ($str === false or $str === '') {
1122 // Some weird error.
1127 $fun = function($p) use ($delim) {
1128 return implode($delim, $p);
1130 $chunks = array_map($fun, array_chunk(explode($delim, $str), $max));
1132 // Clear everything from existing $_POST array, otherwise it might be included
1133 // twice (this affects array params primarily).
1134 foreach ($_POST as $key => $value) {
1135 unset($_POST[$key]);
1136 // Also clear from request array - but only the things that are in $_POST,
1137 // that way it will leave the things from a get request if any.
1138 unset($_REQUEST[$key]);
1141 foreach ($chunks as $chunk) {
1143 parse_str($chunk, $values);
1145 merge_query_params($_POST, $values);
1146 merge_query_params($_REQUEST, $values);
1151 * Merge parsed POST chunks.
1153 * NOTE: this is not perfect, but it should work in most cases hopefully.
1155 * @param array $target
1156 * @param array $values
1158 function merge_query_params(array &$target, array $values) {
1159 if (isset($values[0]) and isset($target[0])) {
1160 // This looks like a split [] array, lets verify the keys are continuous starting with 0.
1161 $keys1 = array_keys($values);
1162 $keys2 = array_keys($target);
1163 if ($keys1 === array_keys($keys1) and $keys2 === array_keys($keys2)) {
1164 foreach ($values as $v) {
1170 foreach ($values as $k => $v) {
1171 if (!isset($target[$k])) {
1175 if (is_array($target[$k]) and is_array($v)) {
1176 merge_query_params($target[$k], $v);
1179 // We should not get here unless there are duplicates in params.
1185 * Initializes our performance info early.
1187 * Pairs up with get_performance_info() which is actually
1188 * in moodlelib.php. This function is here so that we can
1189 * call it before all the libs are pulled in.
1193 function init_performance_info() {
1195 global $PERF, $CFG, $USER;
1197 $PERF = new stdClass();
1198 $PERF->logwrites
= 0;
1199 if (function_exists('microtime')) {
1200 $PERF->starttime
= microtime();
1202 if (function_exists('memory_get_usage')) {
1203 $PERF->startmemory
= memory_get_usage();
1205 if (function_exists('posix_times')) {
1206 $PERF->startposixtimes
= posix_times();
1211 * Indicates whether we are in the middle of the initial Moodle install.
1213 * Very occasionally it is necessary avoid running certain bits of code before the
1214 * Moodle installation has completed. The installed flag is set in admin/index.php
1215 * after Moodle core and all the plugins have been installed, but just before
1216 * the person doing the initial install is asked to choose the admin password.
1218 * @return boolean true if the initial install is not complete.
1220 function during_initial_install() {
1222 return empty($CFG->rolesactive
);
1226 * Function to raise the memory limit to a new value.
1227 * Will respect the memory limit if it is higher, thus allowing
1228 * settings in php.ini, apache conf or command line switches
1231 * The memory limit should be expressed with a constant
1232 * MEMORY_STANDARD, MEMORY_EXTRA or MEMORY_HUGE.
1233 * It is possible to use strings or integers too (eg:'128M').
1235 * @param mixed $newlimit the new memory limit
1236 * @return bool success
1238 function raise_memory_limit($newlimit) {
1241 if ($newlimit == MEMORY_UNLIMITED
) {
1242 ini_set('memory_limit', -1);
1245 } else if ($newlimit == MEMORY_STANDARD
) {
1246 if (PHP_INT_SIZE
> 4) {
1247 $newlimit = get_real_size('128M'); // 64bit needs more memory
1249 $newlimit = get_real_size('96M');
1252 } else if ($newlimit == MEMORY_EXTRA
) {
1253 if (PHP_INT_SIZE
> 4) {
1254 $newlimit = get_real_size('384M'); // 64bit needs more memory
1256 $newlimit = get_real_size('256M');
1258 if (!empty($CFG->extramemorylimit
)) {
1259 $extra = get_real_size($CFG->extramemorylimit
);
1260 if ($extra > $newlimit) {
1265 } else if ($newlimit == MEMORY_HUGE
) {
1266 // MEMORY_HUGE uses 2G or MEMORY_EXTRA, whichever is bigger.
1267 $newlimit = get_real_size('2G');
1268 if (!empty($CFG->extramemorylimit
)) {
1269 $extra = get_real_size($CFG->extramemorylimit
);
1270 if ($extra > $newlimit) {
1276 $newlimit = get_real_size($newlimit);
1279 if ($newlimit <= 0) {
1280 debugging('Invalid memory limit specified.');
1284 $cur = ini_get('memory_limit');
1286 // if php is compiled without --enable-memory-limits
1287 // apparently memory_limit is set to ''
1291 return true; // unlimited mem!
1293 $cur = get_real_size($cur);
1296 if ($newlimit > $cur) {
1297 ini_set('memory_limit', $newlimit);
1304 * Function to reduce the memory limit to a new value.
1305 * Will respect the memory limit if it is lower, thus allowing
1306 * settings in php.ini, apache conf or command line switches
1309 * The memory limit should be expressed with a string (eg:'64M')
1311 * @param string $newlimit the new memory limit
1314 function reduce_memory_limit($newlimit) {
1315 if (empty($newlimit)) {
1318 $cur = ini_get('memory_limit');
1320 // if php is compiled without --enable-memory-limits
1321 // apparently memory_limit is set to ''
1325 return true; // unlimited mem!
1327 $cur = get_real_size($cur);
1330 $new = get_real_size($newlimit);
1331 // -1 is smaller, but it means unlimited
1332 if ($new < $cur && $new != -1) {
1333 ini_set('memory_limit', $newlimit);
1340 * Converts numbers like 10M into bytes.
1342 * @param string $size The size to be converted
1345 function get_real_size($size = 0) {
1350 static $binaryprefixes = array(
1363 if (preg_match('/^([0-9]+)([KMGTP])/i', $size, $matches)) {
1364 return $matches[1] * $binaryprefixes[$matches[2]];
1371 * Try to disable all output buffering and purge
1374 * @access private to be called only from lib/setup.php !
1377 function disable_output_buffering() {
1378 $olddebug = error_reporting(0);
1380 // disable compression, it would prevent closing of buffers
1381 if (ini_get_bool('zlib.output_compression')) {
1382 ini_set('zlib.output_compression', 'Off');
1385 // try to flush everything all the time
1386 ob_implicit_flush(true);
1388 // close all buffers if possible and discard any existing output
1389 // this can actually work around some whitespace problems in config.php
1390 while(ob_get_level()) {
1391 if (!ob_end_clean()) {
1392 // prevent infinite loop when buffer can not be closed
1397 // disable any other output handlers
1398 ini_set('output_handler', '');
1400 error_reporting($olddebug);
1402 // Disable buffering in nginx.
1403 header('X-Accel-Buffering: no');
1408 * Check whether a major upgrade is needed.
1410 * That is defined as an upgrade that changes something really fundamental
1411 * in the database, so nothing can possibly work until the database has
1412 * been updated, and that is defined by the hard-coded version number in
1417 function is_major_upgrade_required() {
1419 $lastmajordbchanges = 2022101400.03; // This should be the version where the breaking changes happen.
1421 $required = empty($CFG->version
);
1422 $required = $required ||
(float)$CFG->version
< $lastmajordbchanges;
1423 $required = $required ||
during_initial_install();
1424 $required = $required ||
!empty($CFG->adminsetuppending
);
1430 * Redirect to the Notifications page if a major upgrade is required, and
1431 * terminate the current user session.
1433 function redirect_if_major_upgrade_required() {
1435 if (is_major_upgrade_required()) {
1437 @\core\session\manager
::terminate_current();
1438 } catch (Exception
$e) {
1439 // Ignore any errors, redirect to upgrade anyway.
1441 $url = $CFG->wwwroot
. '/' . $CFG->admin
. '/index.php';
1442 @header
($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other');
1443 @header
('Location: ' . $url);
1444 echo bootstrap_renderer
::plain_redirect_message(htmlspecialchars($url, ENT_COMPAT
));
1450 * Makes sure that upgrade process is not running
1452 * To be inserted in the core functions that can not be called by pluigns during upgrade.
1453 * Core upgrade should not use any API functions at all.
1454 * See {@link http://docs.moodle.org/dev/Upgrade_API#Upgrade_code_restrictions}
1456 * @throws moodle_exception if executed from inside of upgrade script and $warningonly is false
1457 * @param bool $warningonly if true displays a warning instead of throwing an exception
1458 * @return bool true if executed from outside of upgrade process, false if from inside upgrade process and function is used for warning only
1460 function upgrade_ensure_not_running($warningonly = false) {
1462 if (!empty($CFG->upgraderunning
)) {
1463 if (!$warningonly) {
1464 throw new moodle_exception('cannotexecduringupgrade');
1466 debugging(get_string('cannotexecduringupgrade', 'error'), DEBUG_DEVELOPER
);
1474 * Function to check if a directory exists and by default create it if not exists.
1476 * Previously this was accepting paths only from dataroot, but we now allow
1477 * files outside of dataroot if you supply custom paths for some settings in config.php.
1478 * This function does not verify that the directory is writable.
1480 * NOTE: this function uses current file stat cache,
1481 * please use clearstatcache() before this if you expect that the
1482 * directories may have been removed recently from a different request.
1484 * @param string $dir absolute directory path
1485 * @param boolean $create directory if does not exist
1486 * @param boolean $recursive create directory recursively
1487 * @return boolean true if directory exists or created, false otherwise
1489 function check_dir_exists($dir, $create = true, $recursive = true) {
1492 umask($CFG->umaskpermissions
);
1502 return mkdir($dir, $CFG->directorypermissions
, $recursive);
1506 * Create a new unique directory within the specified directory.
1508 * @param string $basedir The directory to create your new unique directory within.
1509 * @param bool $exceptiononerror throw exception if error encountered
1510 * @return string The created directory
1511 * @throws invalid_dataroot_permissions
1513 function make_unique_writable_directory($basedir, $exceptiononerror = true) {
1514 if (!is_dir($basedir) ||
!is_writable($basedir)) {
1515 // The basedir is not writable. We will not be able to create the child directory.
1516 if ($exceptiononerror) {
1517 throw new invalid_dataroot_permissions($basedir . ' is not writable. Unable to create a unique directory within it.');
1524 // Let's use uniqid() because it's "unique enough" (microtime based). The loop does handle repetitions.
1525 // Windows and old PHP don't like very long paths, so try to keep this shorter. See MDL-69975.
1526 $uniquedir = $basedir . DIRECTORY_SEPARATOR
. uniqid();
1528 // Ensure that basedir is still writable - if we do not check, we could get stuck in a loop here.
1529 is_writable($basedir) &&
1531 // Make the new unique directory. If the directory already exists, it will return false.
1532 !make_writable_directory($uniquedir, $exceptiononerror) &&
1534 // Ensure that the directory now exists
1535 file_exists($uniquedir) && is_dir($uniquedir)
1538 // Check that the directory was correctly created.
1539 if (!file_exists($uniquedir) ||
!is_dir($uniquedir) ||
!is_writable($uniquedir)) {
1540 if ($exceptiononerror) {
1541 throw new invalid_dataroot_permissions('Unique directory creation failed.');
1551 * Create a directory and make sure it is writable.
1554 * @param string $dir the full path of the directory to be created
1555 * @param bool $exceptiononerror throw exception if error encountered
1556 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1558 function make_writable_directory($dir, $exceptiononerror = true) {
1561 if (file_exists($dir) and !is_dir($dir)) {
1562 if ($exceptiononerror) {
1563 throw new coding_exception($dir.' directory can not be created, file with the same name already exists.');
1569 umask($CFG->umaskpermissions
);
1571 if (!file_exists($dir)) {
1572 if (!@mkdir
($dir, $CFG->directorypermissions
, true)) {
1574 // There might be a race condition when creating directory.
1575 if (!is_dir($dir)) {
1576 if ($exceptiononerror) {
1577 throw new invalid_dataroot_permissions($dir.' can not be created, check permissions.');
1579 debugging('Can not create directory: '.$dir, DEBUG_DEVELOPER
);
1586 if (!is_writable($dir)) {
1587 if ($exceptiononerror) {
1588 throw new invalid_dataroot_permissions($dir.' is not writable, check permissions.');
1598 * Protect a directory from web access.
1599 * Could be extended in the future to support other mechanisms (e.g. other webservers).
1602 * @param string $dir the full path of the directory to be protected
1604 function protect_directory($dir) {
1606 // Make sure a .htaccess file is here, JUST IN CASE the files area is in the open and .htaccess is supported
1607 if (!file_exists("$dir/.htaccess")) {
1608 if ($handle = fopen("$dir/.htaccess", 'w')) { // For safety
1609 @fwrite
($handle, "deny from all\r\nAllowOverride None\r\nNote: this file is broken intentionally, we do not want anybody to undo it in subdirectory!\r\n");
1611 @chmod
("$dir/.htaccess", $CFG->filepermissions
);
1617 * Create a directory under dataroot and make sure it is writable.
1618 * Do not use for temporary and cache files - see make_temp_directory() and make_cache_directory().
1620 * @param string $directory the full path of the directory to be created under $CFG->dataroot
1621 * @param bool $exceptiononerror throw exception if error encountered
1622 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1624 function make_upload_directory($directory, $exceptiononerror = true) {
1627 if (strpos($directory, 'temp/') === 0 or $directory === 'temp') {
1628 debugging('Use make_temp_directory() for creation of temporary directory and $CFG->tempdir to get the location.');
1630 } else if (strpos($directory, 'cache/') === 0 or $directory === 'cache') {
1631 debugging('Use make_cache_directory() for creation of cache directory and $CFG->cachedir to get the location.');
1633 } else if (strpos($directory, 'localcache/') === 0 or $directory === 'localcache') {
1634 debugging('Use make_localcache_directory() for creation of local cache directory and $CFG->localcachedir to get the location.');
1637 protect_directory($CFG->dataroot
);
1638 return make_writable_directory("$CFG->dataroot/$directory", $exceptiononerror);
1642 * Get a per-request storage directory in the tempdir.
1644 * The directory is automatically cleaned up during the shutdown handler.
1646 * @param bool $exceptiononerror throw exception if error encountered
1647 * @param bool $forcecreate Force creation of a new parent directory
1648 * @return string Returns full path to directory if successful, false if not; may throw exception
1650 function get_request_storage_directory($exceptiononerror = true, bool $forcecreate = false) {
1653 static $requestdir = null;
1655 $writabledirectoryexists = (null !== $requestdir);
1656 $writabledirectoryexists = $writabledirectoryexists && file_exists($requestdir);
1657 $writabledirectoryexists = $writabledirectoryexists && is_dir($requestdir);
1658 $writabledirectoryexists = $writabledirectoryexists && is_writable($requestdir);
1659 $createnewdirectory = $forcecreate ||
!$writabledirectoryexists;
1661 if ($createnewdirectory) {
1663 // Let's add the first chars of siteidentifier only. This is to help separate
1664 // paths on systems which host multiple moodles. We don't use the full id
1665 // as Windows and old PHP don't like very long paths. See MDL-69975.
1666 $basedir = $CFG->localrequestdir
. '/' . substr($CFG->siteidentifier
, 0, 4);
1668 make_writable_directory($basedir);
1669 protect_directory($basedir);
1671 if ($dir = make_unique_writable_directory($basedir, $exceptiononerror)) {
1672 // Register a shutdown handler to remove the directory.
1673 \core_shutdown_manager
::register_function('remove_dir', [$dir]);
1683 * Create a per-request directory and make sure it is writable.
1684 * This can only be used during the current request and will be tidied away
1685 * automatically afterwards.
1687 * A new, unique directory is always created within a shared base request directory.
1689 * In some exceptional cases an alternative base directory may be required. This can be accomplished using the
1690 * $forcecreate parameter. Typically this will only be requried where the file may be required during a shutdown handler
1691 * which may or may not be registered after a previous request directory has been created.
1693 * @param bool $exceptiononerror throw exception if error encountered
1694 * @param bool $forcecreate Force creation of a new parent directory
1695 * @return string The full path to directory if successful, false if not; may throw exception
1697 function make_request_directory(bool $exceptiononerror = true, bool $forcecreate = false) {
1698 $basedir = get_request_storage_directory($exceptiononerror, $forcecreate);
1699 return make_unique_writable_directory($basedir, $exceptiononerror);
1703 * Get the full path of a directory under $CFG->backuptempdir.
1705 * @param string $directory the relative path of the directory under $CFG->backuptempdir
1706 * @return string|false Returns full path to directory given a valid string; otherwise, false.
1708 function get_backup_temp_directory($directory) {
1710 if (($directory === null) ||
($directory === false)) {
1713 return "$CFG->backuptempdir/$directory";
1717 * Create a directory under $CFG->backuptempdir and make sure it is writable.
1719 * Do not use for storing generic temp files - see make_temp_directory() instead for this purpose.
1721 * Backup temporary files must be on a shared storage.
1723 * @param string $directory the relative path of the directory to be created under $CFG->backuptempdir
1724 * @param bool $exceptiononerror throw exception if error encountered
1725 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1727 function make_backup_temp_directory($directory, $exceptiononerror = true) {
1729 if ($CFG->backuptempdir
!== "$CFG->tempdir/backup") {
1730 check_dir_exists($CFG->backuptempdir
, true, true);
1731 protect_directory($CFG->backuptempdir
);
1733 protect_directory($CFG->tempdir
);
1735 return make_writable_directory("$CFG->backuptempdir/$directory", $exceptiononerror);
1739 * Create a directory under tempdir and make sure it is writable.
1741 * Where possible, please use make_request_directory() and limit the scope
1742 * of your data to the current HTTP request.
1744 * Do not use for storing cache files - see make_cache_directory(), and
1745 * make_localcache_directory() instead for this purpose.
1747 * Temporary files must be on a shared storage, and heavy usage is
1748 * discouraged due to the performance impact upon clustered environments.
1750 * @param string $directory the full path of the directory to be created under $CFG->tempdir
1751 * @param bool $exceptiononerror throw exception if error encountered
1752 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1754 function make_temp_directory($directory, $exceptiononerror = true) {
1756 if ($CFG->tempdir
!== "$CFG->dataroot/temp") {
1757 check_dir_exists($CFG->tempdir
, true, true);
1758 protect_directory($CFG->tempdir
);
1760 protect_directory($CFG->dataroot
);
1762 return make_writable_directory("$CFG->tempdir/$directory", $exceptiononerror);
1766 * Create a directory under cachedir and make sure it is writable.
1768 * Note: this cache directory is shared by all cluster nodes.
1770 * @param string $directory the full path of the directory to be created under $CFG->cachedir
1771 * @param bool $exceptiononerror throw exception if error encountered
1772 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1774 function make_cache_directory($directory, $exceptiononerror = true) {
1776 if ($CFG->cachedir
!== "$CFG->dataroot/cache") {
1777 check_dir_exists($CFG->cachedir
, true, true);
1778 protect_directory($CFG->cachedir
);
1780 protect_directory($CFG->dataroot
);
1782 return make_writable_directory("$CFG->cachedir/$directory", $exceptiononerror);
1786 * Create a directory under localcachedir and make sure it is writable.
1787 * The files in this directory MUST NOT change, use revisions or content hashes to
1788 * work around this limitation - this means you can only add new files here.
1790 * The content of this directory gets purged automatically on all cluster nodes
1791 * after calling purge_all_caches() before new data is written to this directory.
1793 * Note: this local cache directory does not need to be shared by cluster nodes.
1795 * @param string $directory the relative path of the directory to be created under $CFG->localcachedir
1796 * @param bool $exceptiononerror throw exception if error encountered
1797 * @return string|false Returns full path to directory if successful, false if not; may throw exception
1799 function make_localcache_directory($directory, $exceptiononerror = true) {
1802 make_writable_directory($CFG->localcachedir
, $exceptiononerror);
1804 if ($CFG->localcachedir
!== "$CFG->dataroot/localcache") {
1805 protect_directory($CFG->localcachedir
);
1807 protect_directory($CFG->dataroot
);
1810 if (!isset($CFG->localcachedirpurged
)) {
1811 $CFG->localcachedirpurged
= 0;
1813 $timestampfile = "$CFG->localcachedir/.lastpurged";
1815 if (!file_exists($timestampfile)) {
1816 touch($timestampfile);
1817 @chmod
($timestampfile, $CFG->filepermissions
);
1819 } else if (filemtime($timestampfile) < $CFG->localcachedirpurged
) {
1820 // This means our local cached dir was not purged yet.
1821 remove_dir($CFG->localcachedir
, true);
1822 if ($CFG->localcachedir
!== "$CFG->dataroot/localcache") {
1823 protect_directory($CFG->localcachedir
);
1825 touch($timestampfile);
1826 @chmod
($timestampfile, $CFG->filepermissions
);
1830 if ($directory === '') {
1831 return $CFG->localcachedir
;
1834 return make_writable_directory("$CFG->localcachedir/$directory", $exceptiononerror);
1838 * Webserver access user logging
1840 function set_access_log_user() {
1842 if ($USER && isset($USER->username
)) {
1845 if (!empty($CFG->apacheloguser
) && function_exists('apache_note')) {
1846 $logmethod = 'apache';
1847 $logvalue = $CFG->apacheloguser
;
1849 if (!empty($CFG->headerloguser
)) {
1850 $logmethod = 'header';
1851 $logvalue = $CFG->headerloguser
;
1853 if (!empty($logmethod)) {
1854 $loguserid = $USER->id
;
1855 $logusername = clean_filename($USER->username
);
1857 if (isset($USER->firstname
)) {
1858 // We can assume both will be set
1859 // - even if to empty.
1860 $logname = clean_filename($USER->firstname
. " " . $USER->lastname
);
1862 if (\core\session\manager
::is_loggedinas()) {
1863 $realuser = \core\session\manager
::get_realuser();
1864 $logusername = clean_filename($realuser->username
." as ".$logusername);
1865 $logname = clean_filename($realuser->firstname
." ".$realuser->lastname
." as ".$logname);
1866 $loguserid = clean_filename($realuser->id
." as ".$loguserid);
1868 switch ($logvalue) {
1870 $logname = $logusername;
1873 $logname = $logname;
1877 $logname = $loguserid;
1880 if ($logmethod == 'apache') {
1881 apache_note('MOODLEUSER', $logname);
1884 if ($logmethod == 'header' && !headers_sent()) {
1885 header("X-MOODLEUSER: $logname");
1892 * This class solves the problem of how to initialise $OUTPUT.
1894 * The problem is caused be two factors
1896 * <li>On the one hand, we cannot be sure when output will start. In particular,
1897 * an error, which needs to be displayed, could be thrown at any time.</li>
1898 * <li>On the other hand, we cannot be sure when we will have all the information
1899 * necessary to correctly initialise $OUTPUT. $OUTPUT depends on the theme, which
1900 * (potentially) depends on the current course, course categories, and logged in user.
1901 * It also depends on whether the current page requires HTTPS.</li>
1904 * So, it is hard to find a single natural place during Moodle script execution,
1905 * which we can guarantee is the right time to initialise $OUTPUT. Instead we
1906 * adopt the following strategy
1908 * <li>We will initialise $OUTPUT the first time it is used.</li>
1909 * <li>If, after $OUTPUT has been initialised, the script tries to change something
1910 * that $OUTPUT depends on, we throw an exception making it clear that the script
1911 * did something wrong.
1914 * The only problem with that is, how do we initialise $OUTPUT on first use if,
1915 * it is going to be used like $OUTPUT->somthing(...)? Well that is where this
1916 * class comes in. Initially, we set up $OUTPUT = new bootstrap_renderer(). Then,
1917 * when any method is called on that object, we initialise $OUTPUT, and pass the call on.
1919 * Note that this class is used before lib/outputlib.php has been loaded, so we
1920 * must be careful referring to classes/functions from there, they may not be
1921 * defined yet, and we must avoid fatal errors.
1923 * @copyright 2009 Tim Hunt
1924 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
1927 class bootstrap_renderer
{
1929 * Handles re-entrancy. Without this, errors or debugging output that occur
1930 * during the initialisation of $OUTPUT, cause infinite recursion.
1933 protected $initialising = false;
1936 * Have we started output yet?
1937 * @return boolean true if the header has been printed.
1939 public function has_started() {
1944 * Constructor - to be used by core code only.
1945 * @param string $method The method to call
1946 * @param array $arguments Arguments to pass to the method being called
1949 public function __call($method, $arguments) {
1950 global $OUTPUT, $PAGE;
1953 if ($method == 'notification') {
1954 // Catch infinite recursion caused by debugging output during print_header.
1955 $backtrace = debug_backtrace();
1956 array_shift($backtrace);
1957 array_shift($backtrace);
1958 $recursing = is_early_init($backtrace);
1961 $earlymethods = array(
1962 'fatal_error' => 'early_error',
1963 'notification' => 'early_notification',
1966 // If lib/outputlib.php has been loaded, call it.
1967 if (!empty($PAGE) && !$recursing) {
1968 if (array_key_exists($method, $earlymethods)) {
1969 //prevent PAGE->context warnings - exceptions might appear before we set any context
1970 $PAGE->set_context(null);
1972 $PAGE->initialise_theme_and_output();
1973 return call_user_func_array(array($OUTPUT, $method), $arguments);
1976 $this->initialising
= true;
1978 // Too soon to initialise $OUTPUT, provide a couple of key methods.
1979 if (array_key_exists($method, $earlymethods)) {
1980 return call_user_func_array(array('bootstrap_renderer', $earlymethods[$method]), $arguments);
1983 throw new coding_exception('Attempt to start output before enough information is known to initialise the theme.');
1987 * Returns nicely formatted error message in a div box.
1989 * @param string $message error message
1990 * @param string $moreinfourl (ignored in early errors)
1991 * @param string $link (ignored in early errors)
1992 * @param array $backtrace
1993 * @param string $debuginfo
1996 public static function early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo = null) {
1999 $content = "<div class='alert-danger'>$message</div>";
2000 // Check whether debug is set.
2001 $debug = (!empty($CFG->debug
) && $CFG->debug
>= DEBUG_DEVELOPER
);
2002 // Also check we have it set in the config file. This occurs if the method to read the config table from the
2003 // database fails, reading from the config table is the first database interaction we have.
2004 $debug = $debug ||
(!empty($CFG->config_php_settings
['debug']) && $CFG->config_php_settings
['debug'] >= DEBUG_DEVELOPER
);
2006 if (!empty($debuginfo)) {
2007 // Remove all nasty JS.
2008 if (function_exists('s')) { // Function may be not available for some early errors.
2009 $debuginfo = s($debuginfo);
2011 // Because weblib is not available for these early errors, we
2012 // just duplicate s() code here to be safe.
2013 $debuginfo = preg_replace('/&#(\d+|x[0-9a-f]+);/i', '&#$1;',
2014 htmlspecialchars($debuginfo, ENT_QUOTES | ENT_HTML401 | ENT_SUBSTITUTE
));
2016 $debuginfo = str_replace("\n", '<br />', $debuginfo); // keep newlines
2017 $content .= '<div class="notifytiny">Debug info: ' . $debuginfo . '</div>';
2019 if (!empty($backtrace)) {
2020 $content .= '<div class="notifytiny">Stack trace: ' . format_backtrace($backtrace, false) . '</div>';
2028 * This function should only be called by this class, or from exception handlers
2030 * @param string $message error message
2031 * @param string $moreinfourl (ignored in early errors)
2032 * @param string $link (ignored in early errors)
2033 * @param array $backtrace
2034 * @param string $debuginfo extra information for developers
2037 public static function early_error($message, $moreinfourl, $link, $backtrace, $debuginfo = null, $errorcode = null) {
2041 echo "!!! $message !!!\n";
2042 if (!empty($CFG->debug
) and $CFG->debug
>= DEBUG_DEVELOPER
) {
2043 if (!empty($debuginfo)) {
2044 echo "\nDebug info: $debuginfo";
2046 if (!empty($backtrace)) {
2047 echo "\nStack trace: " . format_backtrace($backtrace, true);
2052 } else if (AJAX_SCRIPT
) {
2053 $e = new stdClass();
2054 $e->error
= $message;
2055 $e->stacktrace
= NULL;
2056 $e->debuginfo
= NULL;
2057 if (!empty($CFG->debug
) and $CFG->debug
>= DEBUG_DEVELOPER
) {
2058 if (!empty($debuginfo)) {
2059 $e->debuginfo
= $debuginfo;
2061 if (!empty($backtrace)) {
2062 $e->stacktrace
= format_backtrace($backtrace, true);
2065 $e->errorcode
= $errorcode;
2066 @header
('Content-Type: application/json; charset=utf-8');
2067 echo json_encode($e);
2071 // In the name of protocol correctness, monitoring and performance
2072 // profiling, set the appropriate error headers for machine consumption.
2073 $protocol = (isset($_SERVER['SERVER_PROTOCOL']) ?
$_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0');
2074 @header
($protocol . ' 500 Internal Server Error');
2076 // better disable any caching
2077 @header
('Content-Type: text/html; charset=utf-8');
2078 @header
('X-UA-Compatible: IE=edge');
2079 @header
('Cache-Control: no-store, no-cache, must-revalidate');
2080 @header
('Cache-Control: post-check=0, pre-check=0', false);
2081 @header
('Pragma: no-cache');
2082 @header
('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
2083 @header
('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
2085 if (function_exists('get_string')) {
2086 $strerror = get_string('error');
2088 $strerror = 'Error';
2091 $content = self
::early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo);
2093 return self
::plain_page($strerror, $content);
2097 * Early notification message
2099 * @param string $message
2100 * @param string $classes usually notifyproblem or notifysuccess
2103 public static function early_notification($message, $classes = 'notifyproblem') {
2104 return '<div class="' . $classes . '">' . $message . '</div>';
2108 * Page should redirect message.
2110 * @param string $encodedurl redirect url
2113 public static function plain_redirect_message($encodedurl) {
2114 $message = '<div style="margin-top: 3em; margin-left:auto; margin-right:auto; text-align:center;">' . get_string('pageshouldredirect') . '<br /><a href="'.
2115 $encodedurl .'">'. get_string('continue') .'</a></div>';
2116 return self
::plain_page(get_string('redirect'), $message);
2120 * Early redirection page, used before full init of $PAGE global
2122 * @param string $encodedurl redirect url
2123 * @param string $message redirect message
2124 * @param int $delay time in seconds
2125 * @return string redirect page
2127 public static function early_redirect_message($encodedurl, $message, $delay) {
2128 $meta = '<meta http-equiv="refresh" content="'. $delay .'; url='. $encodedurl .'" />';
2129 $content = self
::early_error_content($message, null, null, null);
2130 $content .= self
::plain_redirect_message($encodedurl);
2132 return self
::plain_page(get_string('redirect'), $content, $meta);
2136 * Output basic html page.
2138 * @param string $title page title
2139 * @param string $content page content
2140 * @param string $meta meta tag
2141 * @return string html page
2143 public static function plain_page($title, $content, $meta = '') {
2146 if (function_exists('get_string') && function_exists('get_html_lang')) {
2147 $htmllang = get_html_lang();
2153 if (function_exists('get_performance_info')) { // Function may be not available for some early errors.
2154 if (MDL_PERF_TEST
) {
2155 $perfinfo = get_performance_info();
2156 $footer = '<footer>' . $perfinfo['html'] . '</footer>';
2161 include($CFG->dirroot
. '/error/plainpage.php');
2162 $html = ob_get_contents();
2170 * Add http stream instrumentation
2172 * This detects which any reads or writes to a php stream which uses
2173 * the 'http' handler. Ideally 100% of traffic uses the Moodle curl
2174 * libraries which do not use php streams.
2176 * @param array $code stream callback code
2178 function proxy_log_callback($code) {
2179 if ($code == STREAM_NOTIFY_CONNECT
) {
2180 $trace = debug_backtrace();
2181 $function = $trace[count($trace) - 1];
2182 $error = "Unsafe internet IO detected: {$function['function']} with arguments " . join(', ', $function['args']) . "\n";
2183 error_log($error . format_backtrace($trace, true)); // phpcs:ignore