search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'MDL-19391-master-1' of git://git.luns.net.uk/moodle
[moodle.git] / lib / filelib.php
blobcb30f23a572ee18d35bda8e9c0ec68aec7bca1a5
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Functions for file handling.
19 *
20 * @package core_files
21 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25 defined('MOODLE_INTERNAL') || die();
26
27 /**
28 * BYTESERVING_BOUNDARY - string unique string constant.
29 */
30 define('BYTESERVING_BOUNDARY', 's1k2o3d4a5k6s7');
31
32 require_once("$CFG->libdir/filestorage/file_exceptions.php");
33 require_once("$CFG->libdir/filestorage/file_storage.php");
34 require_once("$CFG->libdir/filestorage/zip_packer.php");
35 require_once("$CFG->libdir/filebrowser/file_browser.php");
36
37 /**
38 * Encodes file serving url
39 *
40 * @deprecated use moodle_url factory methods instead
41 *
42 * @todo MDL-31071 deprecate this function
43 * @global stdClass $CFG
44 * @param string $urlbase
45 * @param string $path /filearea/itemid/dir/dir/file.exe
46 * @param bool $forcedownload
47 * @param bool $https https url required
48 * @return string encoded file url
49 */
50 function file_encode_url($urlbase, $path, $forcedownload=false, $https=false) {
51 global $CFG;
52
53 //TODO: deprecate this
54
55 if ($CFG->slasharguments) {
56 $parts = explode('/', $path);
57 $parts = array_map('rawurlencode', $parts);
58 $path = implode('/', $parts);
59 $return = $urlbase.$path;
60 if ($forcedownload) {
61 $return .= '?forcedownload=1';
62 }
63 } else {
64 $path = rawurlencode($path);
65 $return = $urlbase.'?file='.$path;
66 if ($forcedownload) {
67 $return .= '&amp;forcedownload=1';
68 }
69 }
70
71 if ($https) {
72 $return = str_replace('http://', 'https://', $return);
73 }
74
75 return $return;
76 }
77
78 /**
79 * Prepares 'editor' formslib element from data in database
80 *
81 * The passed $data record must contain field foobar, foobarformat and optionally foobartrust. This
82 * function then copies the embedded files into draft area (assigning itemids automatically),
83 * creates the form element foobar_editor and rewrites the URLs so the embedded images can be
84 * displayed.
85 * In your mform definition, you must have an 'editor' element called foobar_editor. Then you call
86 * your mform's set_data() supplying the object returned by this function.
87 *
88 * @category files
89 * @param stdClass $data database field that holds the html text with embedded media
90 * @param string $field the name of the database field that holds the html text with embedded media
91 * @param array $options editor options (like maxifiles, maxbytes etc.)
92 * @param stdClass $context context of the editor
93 * @param string $component
94 * @param string $filearea file area name
95 * @param int $itemid item id, required if item exists
96 * @return stdClass modified data object
97 */
98 function file_prepare_standard_editor($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
99 $options = (array)$options;
100 if (!isset($options['trusttext'])) {
101 $options['trusttext'] = false;
102 }
103 if (!isset($options['forcehttps'])) {
104 $options['forcehttps'] = false;
105 }
106 if (!isset($options['subdirs'])) {
107 $options['subdirs'] = false;
108 }
109 if (!isset($options['maxfiles'])) {
110 $options['maxfiles'] = 0; // no files by default
111 }
112 if (!isset($options['noclean'])) {
113 $options['noclean'] = false;
114 }
115
116 //sanity check for passed context. This function doesn't expect $option['context'] to be set
117 //But this function is called before creating editor hence, this is one of the best places to check
118 //if context is used properly. This check notify developer that they missed passing context to editor.
119 if (isset($context) && !isset($options['context'])) {
120 //if $context is not null then make sure $option['context'] is also set.
121 debugging('Context for editor is not set in editoroptions. Hence editor will not respect editor filters', DEBUG_DEVELOPER);
122 } else if (isset($options['context']) && isset($context)) {
123 //If both are passed then they should be equal.
124 if ($options['context']->id != $context->id) {
125 $exceptionmsg = 'Editor context ['.$options['context']->id.'] is not equal to passed context ['.$context->id.']';
126 throw new coding_exception($exceptionmsg);
127 }
128 }
129
130 if (is_null($itemid) or is_null($context)) {
131 $contextid = null;
132 $itemid = null;
133 if (!isset($data)) {
134 $data = new stdClass();
135 }
136 if (!isset($data->{$field})) {
137 $data->{$field} = '';
138 }
139 if (!isset($data->{$field.'format'})) {
140 $data->{$field.'format'} = editors_get_preferred_format();
141 }
142 if (!$options['noclean']) {
143 $data->{$field} = clean_text($data->{$field}, $data->{$field.'format'});
144 }
145
146 } else {
147 if ($options['trusttext']) {
148 // noclean ignored if trusttext enabled
149 if (!isset($data->{$field.'trust'})) {
150 $data->{$field.'trust'} = 0;
151 }
152 $data = trusttext_pre_edit($data, $field, $context);
153 } else {
154 if (!$options['noclean']) {
155 $data->{$field} = clean_text($data->{$field}, $data->{$field.'format'});
156 }
157 }
158 $contextid = $context->id;
159 }
160
161 if ($options['maxfiles'] != 0) {
162 $draftid_editor = file_get_submitted_draft_itemid($field);
163 $currenttext = file_prepare_draft_area($draftid_editor, $contextid, $component, $filearea, $itemid, $options, $data->{$field});
164 $data->{$field.'_editor'} = array('text'=>$currenttext, 'format'=>$data->{$field.'format'}, 'itemid'=>$draftid_editor);
165 } else {
166 $data->{$field.'_editor'} = array('text'=>$data->{$field}, 'format'=>$data->{$field.'format'}, 'itemid'=>0);
167 }
168
169 return $data;
170 }
171
172 /**
173 * Prepares the content of the 'editor' form element with embedded media files to be saved in database
174 *
175 * This function moves files from draft area to the destination area and
176 * encodes URLs to the draft files so they can be safely saved into DB. The
177 * form has to contain the 'editor' element named foobar_editor, where 'foobar'
178 * is the name of the database field to hold the wysiwyg editor content. The
179 * editor data comes as an array with text, format and itemid properties. This
180 * function automatically adds $data properties foobar, foobarformat and
181 * foobartrust, where foobar has URL to embedded files encoded.
182 *
183 * @category files
184 * @param stdClass $data raw data submitted by the form
185 * @param string $field name of the database field containing the html with embedded media files
186 * @param array $options editor options (trusttext, subdirs, maxfiles, maxbytes etc.)
187 * @param stdClass $context context, required for existing data
188 * @param string $component file component
189 * @param string $filearea file area name
190 * @param int $itemid item id, required if item exists
191 * @return stdClass modified data object
192 */
193 function file_postupdate_standard_editor($data, $field, array $options, $context, $component=null, $filearea=null, $itemid=null) {
194 $options = (array)$options;
195 if (!isset($options['trusttext'])) {
196 $options['trusttext'] = false;
197 }
198 if (!isset($options['forcehttps'])) {
199 $options['forcehttps'] = false;
200 }
201 if (!isset($options['subdirs'])) {
202 $options['subdirs'] = false;
203 }
204 if (!isset($options['maxfiles'])) {
205 $options['maxfiles'] = 0; // no files by default
206 }
207 if (!isset($options['maxbytes'])) {
208 $options['maxbytes'] = 0; // unlimited
209 }
210
211 if ($options['trusttext']) {
212 $data->{$field.'trust'} = trusttext_trusted($context);
213 } else {
214 $data->{$field.'trust'} = 0;
215 }
216
217 $editor = $data->{$field.'_editor'};
218
219 if ($options['maxfiles'] == 0 or is_null($filearea) or is_null($itemid) or empty($editor['itemid'])) {
220 $data->{$field} = $editor['text'];
221 } else {
222 $data->{$field} = file_save_draft_area_files($editor['itemid'], $context->id, $component, $filearea, $itemid, $options, $editor['text'], $options['forcehttps']);
223 }
224 $data->{$field.'format'} = $editor['format'];
225
226 return $data;
227 }
228
229 /**
230 * Saves text and files modified by Editor formslib element
231 *
232 * @category files
233 * @param stdClass $data $database entry field
234 * @param string $field name of data field
235 * @param array $options various options
236 * @param stdClass $context context - must already exist
237 * @param string $component
238 * @param string $filearea file area name
239 * @param int $itemid must already exist, usually means data is in db
240 * @return stdClass modified data obejct
241 */
242 function file_prepare_standard_filemanager($data, $field, array $options, $context=null, $component=null, $filearea=null, $itemid=null) {
243 $options = (array)$options;
244 if (!isset($options['subdirs'])) {
245 $options['subdirs'] = false;
246 }
247 if (is_null($itemid) or is_null($context)) {
248 $itemid = null;
249 $contextid = null;
250 } else {
251 $contextid = $context->id;
252 }
253
254 $draftid_editor = file_get_submitted_draft_itemid($field.'_filemanager');
255 file_prepare_draft_area($draftid_editor, $contextid, $component, $filearea, $itemid, $options);
256 $data->{$field.'_filemanager'} = $draftid_editor;
257
258 return $data;
259 }
260
261 /**
262 * Saves files modified by File manager formslib element
263 *
264 * @todo MDL-31073 review this function
265 * @category files
266 * @param stdClass $data $database entry field
267 * @param string $field name of data field
268 * @param array $options various options
269 * @param stdClass $context context - must already exist
270 * @param string $component
271 * @param string $filearea file area name
272 * @param int $itemid must already exist, usually means data is in db
273 * @return stdClass modified data obejct
274 */
275 function file_postupdate_standard_filemanager($data, $field, array $options, $context, $component, $filearea, $itemid) {
276 $options = (array)$options;
277 if (!isset($options['subdirs'])) {
278 $options['subdirs'] = false;
279 }
280 if (!isset($options['maxfiles'])) {
281 $options['maxfiles'] = -1; // unlimited
282 }
283 if (!isset($options['maxbytes'])) {
284 $options['maxbytes'] = 0; // unlimited
285 }
286
287 if (empty($data->{$field.'_filemanager'})) {
288 $data->$field = '';
289
290 } else {
291 file_save_draft_area_files($data->{$field.'_filemanager'}, $context->id, $component, $filearea, $itemid, $options);
292 $fs = get_file_storage();
293
294 if ($fs->get_area_files($context->id, $component, $filearea, $itemid)) {
295 $data->$field = '1'; // TODO: this is an ugly hack (skodak)
296 } else {
297 $data->$field = '';
298 }
299 }
300
301 return $data;
302 }
303
304 /**
305 * Generate a draft itemid
306 *
307 * @category files
308 * @global moodle_database $DB
309 * @global stdClass $USER
310 * @return int a random but available draft itemid that can be used to create a new draft
311 * file area.
312 */
313 function file_get_unused_draft_itemid() {
314 global $DB, $USER;
315
316 if (isguestuser() or !isloggedin()) {
317 // guests and not-logged-in users can not be allowed to upload anything!!!!!!
318 print_error('noguest');
319 }
320
321 $contextid = get_context_instance(CONTEXT_USER, $USER->id)->id;
322
323 $fs = get_file_storage();
324 $draftitemid = rand(1, 999999999);
325 while ($files = $fs->get_area_files($contextid, 'user', 'draft', $draftitemid)) {
326 $draftitemid = rand(1, 999999999);
327 }
328
329 return $draftitemid;
330 }
331
332 /**
333 * Initialise a draft file area from a real one by copying the files. A draft
334 * area will be created if one does not already exist. Normally you should
335 * get $draftitemid by calling file_get_submitted_draft_itemid('elementname');
336 *
337 * @category files
338 * @global stdClass $CFG
339 * @global stdClass $USER
340 * @param int $draftitemid the id of the draft area to use, or 0 to create a new one, in which case this parameter is updated.
341 * @param int $contextid This parameter and the next two identify the file area to copy files from.
342 * @param string $component
343 * @param string $filearea helps indentify the file area.
344 * @param int $itemid helps identify the file area. Can be null if there are no files yet.
345 * @param array $options text and file options ('subdirs'=>false, 'forcehttps'=>false)
346 * @param string $text some html content that needs to have embedded links rewritten to point to the draft area.
347 * @return string|null returns string if $text was passed in, the rewritten $text is returned. Otherwise NULL.
348 */
349 function file_prepare_draft_area(&$draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null) {
350 global $CFG, $USER, $CFG;
351
352 $options = (array)$options;
353 if (!isset($options['subdirs'])) {
354 $options['subdirs'] = false;
355 }
356 if (!isset($options['forcehttps'])) {
357 $options['forcehttps'] = false;
358 }
359
360 $usercontext = get_context_instance(CONTEXT_USER, $USER->id);
361 $fs = get_file_storage();
362
363 if (empty($draftitemid)) {
364 // create a new area and copy existing files into
365 $draftitemid = file_get_unused_draft_itemid();
366 $file_record = array('contextid'=>$usercontext->id, 'component'=>'user', 'filearea'=>'draft', 'itemid'=>$draftitemid);
367 if (!is_null($itemid) and $files = $fs->get_area_files($contextid, $component, $filearea, $itemid)) {
368 foreach ($files as $file) {
369 if ($file->is_directory() and $file->get_filepath() === '/') {
370 // we need a way to mark the age of each draft area,
371 // by not copying the root dir we force it to be created automatically with current timestamp
372 continue;
373 }
374 if (!$options['subdirs'] and ($file->is_directory() or $file->get_filepath() !== '/')) {
375 continue;
376 }
377 $fs->create_file_from_storedfile($file_record, $file);
378 }
379 }
380 if (!is_null($text)) {
381 // at this point there should not be any draftfile links yet,
382 // because this is a new text from database that should still contain the @@pluginfile@@ links
383 // this happens when developers forget to post process the text
384 $text = str_replace("\"$CFG->httpswwwroot/draftfile.php", "\"$CFG->httpswwwroot/brokenfile.php#", $text);
385 }
386 } else {
387 // nothing to do
388 }
389
390 if (is_null($text)) {
391 return null;
392 }
393
394 // relink embedded files - editor can not handle @@PLUGINFILE@@ !
395 return file_rewrite_pluginfile_urls($text, 'draftfile.php', $usercontext->id, 'user', 'draft', $draftitemid, $options);
396 }
397
398 /**
399 * Convert encoded URLs in $text from the @@PLUGINFILE@@/... form to an actual URL.
400 *
401 * @category files
402 * @global stdClass $CFG
403 * @param string $text The content that may contain ULRs in need of rewriting.
404 * @param string $file The script that should be used to serve these files. pluginfile.php, draftfile.php, etc.
405 * @param int $contextid This parameter and the next two identify the file area to use.
406 * @param string $component
407 * @param string $filearea helps identify the file area.
408 * @param int $itemid helps identify the file area.
409 * @param array $options text and file options ('forcehttps'=>false)
410 * @return string the processed text.
411 */
412 function file_rewrite_pluginfile_urls($text, $file, $contextid, $component, $filearea, $itemid, array $options=null) {
413 global $CFG;
414
415 $options = (array)$options;
416 if (!isset($options['forcehttps'])) {
417 $options['forcehttps'] = false;
418 }
419
420 if (!$CFG->slasharguments) {
421 $file = $file . '?file=';
422 }
423
424 $baseurl = "$CFG->wwwroot/$file/$contextid/$component/$filearea/";
425
426 if ($itemid !== null) {
427 $baseurl .= "$itemid/";
428 }
429
430 if ($options['forcehttps']) {
431 $baseurl = str_replace('http://', 'https://', $baseurl);
432 }
433
434 return str_replace('@@PLUGINFILE@@/', $baseurl, $text);
435 }
436
437 /**
438 * Returns information about files in a draft area.
439 *
440 * @global stdClass $CFG
441 * @global stdClass $USER
442 * @param int $draftitemid the draft area item id.
443 * @return array with the following entries:
444 * 'filecount' => number of files in the draft area.
445 * (more information will be added as needed).
446 */
447 function file_get_draft_area_info($draftitemid) {
448 global $CFG, $USER;
449
450 $usercontext = get_context_instance(CONTEXT_USER, $USER->id);
451 $fs = get_file_storage();
452
453 $results = array();
454
455 // The number of files
456 $draftfiles = $fs->get_area_files($usercontext->id, 'user', 'draft', $draftitemid, 'id', false);
457 $results['filecount'] = count($draftfiles);
458 $results['filesize'] = 0;
459 foreach ($draftfiles as $file) {
460 $results['filesize'] += $file->get_filesize();
461 }
462
463 return $results;
464 }
465
466 /**
467 * Get used space of files
468 * @global moodle_database $DB
469 * @global stdClass $USER
470 * @return int total bytes
471 */
472 function file_get_user_used_space() {
473 global $DB, $USER;
474
475 $usercontext = get_context_instance(CONTEXT_USER, $USER->id);
476 $sql = "SELECT SUM(files1.filesize) AS totalbytes FROM {files} files1
477 JOIN (SELECT contenthash, filename, MAX(id) AS id
478 FROM {files}
479 WHERE contextid = ? AND component = ? AND filearea != ?
480 GROUP BY contenthash, filename) files2 ON files1.id = files2.id";
481 $params = array('contextid'=>$usercontext->id, 'component'=>'user', 'filearea'=>'draft');
482 $record = $DB->get_record_sql($sql, $params);
483 return (int)$record->totalbytes;
484 }
485
486 /**
487 * Convert any string to a valid filepath
488 * @todo review this function
489 * @param string $str
490 * @return string path
491 */
492 function file_correct_filepath($str) { //TODO: what is this? (skodak)
493 if ($str == '/' or empty($str)) {
494 return '/';
495 } else {
496 return '/'.trim($str, './@#$ ').'/';
497 }
498 }
499
500 /**
501 * Generate a folder tree of draft area of current USER recursively
502 *
503 * @todo MDL-31073 use normal return value instead, this does not fit the rest of api here (skodak)
504 * @param int $draftitemid
505 * @param string $filepath
506 * @param mixed $data
507 */
508 function file_get_drafarea_folders($draftitemid, $filepath, &$data) {
509 global $USER, $OUTPUT, $CFG;
510 $data->children = array();
511 $context = get_context_instance(CONTEXT_USER, $USER->id);
512 $fs = get_file_storage();
513 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
514 foreach ($files as $file) {
515 if ($file->is_directory()) {
516 $item = new stdClass();
517 $item->sortorder = $file->get_sortorder();
518 $item->filepath = $file->get_filepath();
519
520 $foldername = explode('/', trim($item->filepath, '/'));
521 $item->fullname = trim(array_pop($foldername), '/');
522
523 $item->id = uniqid();
524 file_get_drafarea_folders($draftitemid, $item->filepath, $item);
525 $data->children[] = $item;
526 } else {
527 continue;
528 }
529 }
530 }
531 }
532
533 /**
534 * Listing all files (including folders) in current path (draft area)
535 * used by file manager
536 * @param int $draftitemid
537 * @param string $filepath
538 * @return stdClass
539 */
540 function file_get_drafarea_files($draftitemid, $filepath = '/') {
541 global $USER, $OUTPUT, $CFG;
542
543 $context = get_context_instance(CONTEXT_USER, $USER->id);
544 $fs = get_file_storage();
545
546 $data = new stdClass();
547 $data->path = array();
548 $data->path[] = array('name'=>get_string('files'), 'path'=>'/');
549
550 // will be used to build breadcrumb
551 $trail = '';
552 if ($filepath !== '/') {
553 $filepath = file_correct_filepath($filepath);
554 $parts = explode('/', $filepath);
555 foreach ($parts as $part) {
556 if ($part != '' && $part != null) {
557 $trail .= ('/'.$part.'/');
558 $data->path[] = array('name'=>$part, 'path'=>$trail);
559 }
560 }
561 }
562
563 $list = array();
564 $maxlength = 12;
565 if ($files = $fs->get_directory_files($context->id, 'user', 'draft', $draftitemid, $filepath, false)) {
566 foreach ($files as $file) {
567 $item = new stdClass();
568 $item->filename = $file->get_filename();
569 $item->filepath = $file->get_filepath();
570 $item->fullname = trim($item->filename, '/');
571 $filesize = $file->get_filesize();
572 $item->filesize = $filesize ? display_size($filesize) : '';
573
574 $icon = mimeinfo_from_type('icon', $file->get_mimetype());
575 $item->icon = $OUTPUT->pix_url('f/' . $icon)->out();
576 $item->sortorder = $file->get_sortorder();
577
578 if ($icon == 'zip') {
579 $item->type = 'zip';
580 } else {
581 $item->type = 'file';
582 }
583
584 if ($file->is_directory()) {
585 $item->filesize = 0;
586 $item->icon = $OUTPUT->pix_url('f/folder')->out();
587 $item->type = 'folder';
588 $foldername = explode('/', trim($item->filepath, '/'));
589 $item->fullname = trim(array_pop($foldername), '/');
590 } else {
591 // do NOT use file browser here!
592 $item->url = moodle_url::make_draftfile_url($draftitemid, $item->filepath, $item->filename)->out();
593 }
594 $list[] = $item;
595 }
596 }
597 $data->itemid = $draftitemid;
598 $data->list = $list;
599 return $data;
600 }
601
602 /**
603 * Returns draft area itemid for a given element.
604 *
605 * @category files
606 * @param string $elname name of formlib editor element, or a hidden form field that stores the draft area item id, etc.
607 * @return int the itemid, or 0 if there is not one yet.
608 */
609 function file_get_submitted_draft_itemid($elname) {
610 // this is a nasty hack, ideally all new elements should use arrays here or there should be a new parameter
611 if (!isset($_REQUEST[$elname])) {
612 return 0;
613 }
614 if (is_array($_REQUEST[$elname])) {
615 $param = optional_param_array($elname, 0, PARAM_INT);
616 if (!empty($param['itemid'])) {
617 $param = $param['itemid'];
618 } else {
619 debugging('Missing itemid, maybe caused by unset maxfiles option', DEBUG_DEVELOPER);
620 return false;
621 }
622
623 } else {
624 $param = optional_param($elname, 0, PARAM_INT);
625 }
626
627 if ($param) {
628 require_sesskey();
629 }
630
631 return $param;
632 }
633
634 /**
635 * Saves files from a draft file area to a real one (merging the list of files).
636 * Can rewrite URLs in some content at the same time if desired.
637 *
638 * @category files
639 * @global stdClass $USER
640 * @param int $draftitemid the id of the draft area to use. Normally obtained
641 * from file_get_submitted_draft_itemid('elementname') or similar.
642 * @param int $contextid This parameter and the next two identify the file area to save to.
643 * @param string $component
644 * @param string $filearea indentifies the file area.
645 * @param int $itemid helps identifies the file area.
646 * @param array $options area options (subdirs=>false, maxfiles=-1, maxbytes=0)
647 * @param string $text some html content that needs to have embedded links rewritten
648 * to the @@PLUGINFILE@@ form for saving in the database.
649 * @param bool $forcehttps force https urls.
650 * @return string|null if $text was passed in, the rewritten $text is returned. Otherwise NULL.
651 */
652 function file_save_draft_area_files($draftitemid, $contextid, $component, $filearea, $itemid, array $options=null, $text=null, $forcehttps=false) {
653 global $USER;
654
655 $usercontext = get_context_instance(CONTEXT_USER, $USER->id);
656 $fs = get_file_storage();
657
658 $options = (array)$options;
659 if (!isset($options['subdirs'])) {
660 $options['subdirs'] = false;
661 }
662 if (!isset($options['maxfiles'])) {
663 $options['maxfiles'] = -1; // unlimited
664 }
665 if (!isset($options['maxbytes'])) {
666 $options['maxbytes'] = 0; // unlimited
667 }
668
669 $draftfiles = $fs->get_area_files($usercontext->id, 'user', 'draft', $draftitemid, 'id');
670 $oldfiles = $fs->get_area_files($contextid, $component, $filearea, $itemid, 'id');
671
672 if (count($draftfiles) < 2) {
673 // means there are no files - one file means root dir only ;-)
674 $fs->delete_area_files($contextid, $component, $filearea, $itemid);
675
676 } else if (count($oldfiles) < 2) {
677 $filecount = 0;
678 // there were no files before - one file means root dir only ;-)
679 $file_record = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid);
680 foreach ($draftfiles as $file) {
681 if (!$options['subdirs']) {
682 if ($file->get_filepath() !== '/' or $file->is_directory()) {
683 continue;
684 }
685 }
686 if ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize()) {
687 // oversized file - should not get here at all
688 continue;
689 }
690 if ($options['maxfiles'] != -1 and $options['maxfiles'] <= $filecount) {
691 // more files - should not get here at all
692 break;
693 }
694 if (!$file->is_directory()) {
695 $filecount++;
696 }
697 $fs->create_file_from_storedfile($file_record, $file);
698 }
699
700 } else {
701 // we have to merge old and new files - we want to keep file ids for files that were not changed
702 // we change time modified for all new and changed files, we keep time created as is
703 $file_record = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'timemodified'=>time());
704
705 $newhashes = array();
706 foreach ($draftfiles as $file) {
707 $newhash = $fs->get_pathname_hash($contextid, $component, $filearea, $itemid, $file->get_filepath(), $file->get_filename());
708 $newhashes[$newhash] = $file;
709 }
710 $filecount = 0;
711 foreach ($oldfiles as $oldfile) {
712 $oldhash = $oldfile->get_pathnamehash();
713 if (!isset($newhashes[$oldhash])) {
714 // delete files not needed any more - deleted by user
715 $oldfile->delete();
716 continue;
717 }
718 $newfile = $newhashes[$oldhash];
719 if ($oldfile->get_contenthash() != $newfile->get_contenthash() or $oldfile->get_sortorder() != $newfile->get_sortorder()
720 or $oldfile->get_status() != $newfile->get_status() or $oldfile->get_license() != $newfile->get_license()
721 or $oldfile->get_author() != $newfile->get_author() or $oldfile->get_source() != $newfile->get_source()) {
722 // file was changed, use updated with new timemodified data
723 $oldfile->delete();
724 continue;
725 }
726 // unchanged file or directory - we keep it as is
727 unset($newhashes[$oldhash]);
728 if (!$oldfile->is_directory()) {
729 $filecount++;
730 }
731 }
732
733 // now add new/changed files
734 // the size and subdirectory tests are extra safety only, the UI should prevent it
735 foreach ($newhashes as $file) {
736 if (!$options['subdirs']) {
737 if ($file->get_filepath() !== '/' or $file->is_directory()) {
738 continue;
739 }
740 }
741 if ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize()) {
742 // oversized file - should not get here at all
743 continue;
744 }
745 if ($options['maxfiles'] != -1 and $options['maxfiles'] <= $filecount) {
746 // more files - should not get here at all
747 break;
748 }
749 if (!$file->is_directory()) {
750 $filecount++;
751 }
752 $fs->create_file_from_storedfile($file_record, $file);
753 }
754 }
755
756 // note: do not purge the draft area - we clean up areas later in cron,
757 // the reason is that user might press submit twice and they would loose the files,
758 // also sometimes we might want to use hacks that save files into two different areas
759
760 if (is_null($text)) {
761 return null;
762 } else {
763 return file_rewrite_urls_to_pluginfile($text, $draftitemid, $forcehttps);
764 }
765 }
766
767 /**
768 * Convert the draft file area URLs in some content to @@PLUGINFILE@@ tokens
769 * ready to be saved in the database. Normally, this is done automatically by
770 * {@link file_save_draft_area_files()}.
771 *
772 * @category files
773 * @param string $text the content to process.
774 * @param int $draftitemid the draft file area the content was using.
775 * @param bool $forcehttps whether the content contains https URLs. Default false.
776 * @return string the processed content.
777 */
778 function file_rewrite_urls_to_pluginfile($text, $draftitemid, $forcehttps = false) {
779 global $CFG, $USER;
780
781 $usercontext = get_context_instance(CONTEXT_USER, $USER->id);
782
783 $wwwroot = $CFG->wwwroot;
784 if ($forcehttps) {
785 $wwwroot = str_replace('http://', 'https://', $wwwroot);
786 }
787
788 // relink embedded files if text submitted - no absolute links allowed in database!
789 $text = str_ireplace("$wwwroot/draftfile.php/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
790
791 if (strpos($text, 'draftfile.php?file=') !== false) {
792 $matches = array();
793 preg_match_all("!$wwwroot/draftfile.php\?file=%2F{$usercontext->id}%2Fuser%2Fdraft%2F{$draftitemid}%2F[^'\",&<>|`\s:\\\\]+!iu", $text, $matches);
794 if ($matches) {
795 foreach ($matches[0] as $match) {
796 $replace = str_ireplace('%2F', '/', $match);
797 $text = str_replace($match, $replace, $text);
798 }
799 }
800 $text = str_ireplace("$wwwroot/draftfile.php?file=/$usercontext->id/user/draft/$draftitemid/", '@@PLUGINFILE@@/', $text);
801 }
802
803 return $text;
804 }
805
806 /**
807 * Set file sort order
808 *
809 * @global moodle_database $DB
810 * @param int $contextid the context id
811 * @param string $component file component
812 * @param string $filearea file area.
813 * @param int $itemid itemid.
814 * @param string $filepath file path.
815 * @param string $filename file name.
816 * @param int $sortorder the sort order of file.
817 * @return bool
818 */
819 function file_set_sortorder($contextid, $component, $filearea, $itemid, $filepath, $filename, $sortorder) {
820 global $DB;
821 $conditions = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea, 'itemid'=>$itemid, 'filepath'=>$filepath, 'filename'=>$filename);
822 if ($file_record = $DB->get_record('files', $conditions)) {
823 $sortorder = (int)$sortorder;
824 $file_record->sortorder = $sortorder;
825 $DB->update_record('files', $file_record);
826 return true;
827 }
828 return false;
829 }
830
831 /**
832 * reset file sort order number to 0
833 * @global moodle_database $DB
834 * @param int $contextid the context id
835 * @param string $component
836 * @param string $filearea file area.
837 * @param int|bool $itemid itemid.
838 * @return bool
839 */
840 function file_reset_sortorder($contextid, $component, $filearea, $itemid=false) {
841 global $DB;
842
843 $conditions = array('contextid'=>$contextid, 'component'=>$component, 'filearea'=>$filearea);
844 if ($itemid !== false) {
845 $conditions['itemid'] = $itemid;
846 }
847
848 $file_records = $DB->get_records('files', $conditions);
849 foreach ($file_records as $file_record) {
850 $file_record->sortorder = 0;
851 $DB->update_record('files', $file_record);
852 }
853 return true;
854 }
855
856 /**
857 * Returns description of upload error
858 *
859 * @param int $errorcode found in $_FILES['filename.ext']['error']
860 * @return string error description string, '' if ok
861 */
862 function file_get_upload_error($errorcode) {
863
864 switch ($errorcode) {
865 case 0: // UPLOAD_ERR_OK - no error
866 $errmessage = '';
867 break;
868
869 case 1: // UPLOAD_ERR_INI_SIZE
870 $errmessage = get_string('uploadserverlimit');
871 break;
872
873 case 2: // UPLOAD_ERR_FORM_SIZE
874 $errmessage = get_string('uploadformlimit');
875 break;
876
877 case 3: // UPLOAD_ERR_PARTIAL
878 $errmessage = get_string('uploadpartialfile');
879 break;
880
881 case 4: // UPLOAD_ERR_NO_FILE
882 $errmessage = get_string('uploadnofilefound');
883 break;
884
885 // Note: there is no error with a value of 5
886
887 case 6: // UPLOAD_ERR_NO_TMP_DIR
888 $errmessage = get_string('uploadnotempdir');
889 break;
890
891 case 7: // UPLOAD_ERR_CANT_WRITE
892 $errmessage = get_string('uploadcantwrite');
893 break;
894
895 case 8: // UPLOAD_ERR_EXTENSION
896 $errmessage = get_string('uploadextension');
897 break;
898
899 default:
900 $errmessage = get_string('uploadproblem');
901 }
902
903 return $errmessage;
904 }
905
906 /**
907 * Recursive function formating an array in POST parameter
908 * @param array $arraydata - the array that we are going to format and add into &$data array
909 * @param string $currentdata - a row of the final postdata array at instant T
910 * when finish, it's assign to $data under this format: name[keyname][][]...[]='value'
911 * @param array $data - the final data array containing all POST parameters : 1 row = 1 parameter
912 */
913 function format_array_postdata_for_curlcall($arraydata, $currentdata, &$data) {
914 foreach ($arraydata as $k=>$v) {
915 $newcurrentdata = $currentdata;
916 if (is_array($v)) { //the value is an array, call the function recursively
917 $newcurrentdata = $newcurrentdata.'['.urlencode($k).']';
918 format_array_postdata_for_curlcall($v, $newcurrentdata, $data);
919 } else { //add the POST parameter to the $data array
920 $data[] = $newcurrentdata.'['.urlencode($k).']='.urlencode($v);
921 }
922 }
923 }
924
925 /**
926 * Transform a PHP array into POST parameter
927 * (see the recursive function format_array_postdata_for_curlcall)
928 * @param array $postdata
929 * @return array containing all POST parameters (1 row = 1 POST parameter)
930 */
931 function format_postdata_for_curlcall($postdata) {
932 $data = array();
933 foreach ($postdata as $k=>$v) {
934 if (is_array($v)) {
935 $currentdata = urlencode($k);
936 format_array_postdata_for_curlcall($v, $currentdata, $data);
937 } else {
938 $data[] = urlencode($k).'='.urlencode($v);
939 }
940 }
941 $convertedpostdata = implode('&', $data);
942 return $convertedpostdata;
943 }
944
945 /**
946 * Fetches content of file from Internet (using proxy if defined). Uses cURL extension if present.
947 * Due to security concerns only downloads from http(s) sources are supported.
948 *
949 * @todo MDL-31073 add version test for '7.10.5'
950 * @category files
951 * @param string $url file url starting with http(s)://
952 * @param array $headers http headers, null if none. If set, should be an
953 * associative array of header name => value pairs.
954 * @param array $postdata array means use POST request with given parameters
955 * @param bool $fullresponse return headers, responses, etc in a similar way snoopy does
956 * (if false, just returns content)
957 * @param int $timeout timeout for complete download process including all file transfer
958 * (default 5 minutes)
959 * @param int $connecttimeout timeout for connection to server; this is the timeout that
960 * usually happens if the remote server is completely down (default 20 seconds);
961 * may not work when using proxy
962 * @param bool $skipcertverify If true, the peer's SSL certificate will not be checked.
963 * Only use this when already in a trusted location.
964 * @param string $tofile store the downloaded content to file instead of returning it.
965 * @param bool $calctimeout false by default, true enables an extra head request to try and determine
966 * filesize and appropriately larger timeout based on $CFG->curltimeoutkbitrate
967 * @return mixed false if request failed or content of the file as string if ok. True if file downloaded into $tofile successfully.
968 */
969 function download_file_content($url, $headers=null, $postdata=null, $fullresponse=false, $timeout=300, $connecttimeout=20, $skipcertverify=false, $tofile=NULL, $calctimeout=false) {
970 global $CFG;
971
972 // some extra security
973 $newlines = array("\r", "\n");
974 if (is_array($headers) ) {
975 foreach ($headers as $key => $value) {
976 $headers[$key] = str_replace($newlines, '', $value);
977 }
978 }
979 $url = str_replace($newlines, '', $url);
980 if (!preg_match('|^https?://|i', $url)) {
981 if ($fullresponse) {
982 $response = new stdClass();
983 $response->status = 0;
984 $response->headers = array();
985 $response->response_code = 'Invalid protocol specified in url';
986 $response->results = '';
987 $response->error = 'Invalid protocol specified in url';
988 return $response;
989 } else {
990 return false;
991 }
992 }
993
994 // check if proxy (if used) should be bypassed for this url
995 $proxybypass = is_proxybypass($url);
996
997 if (!$ch = curl_init($url)) {
998 debugging('Can not init curl.');
999 return false;
1000 }
1001
1002 // set extra headers
1003 if (is_array($headers) ) {
1004 $headers2 = array();
1005 foreach ($headers as $key => $value) {
1006 $headers2[] = "$key: $value";
1007 }
1008 curl_setopt($ch, CURLOPT_HTTPHEADER, $headers2);
1009 }
1010
1011 if ($skipcertverify) {
1012 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1013 }
1014
1015 // use POST if requested
1016 if (is_array($postdata)) {
1017 $postdata = format_postdata_for_curlcall($postdata);
1018 curl_setopt($ch, CURLOPT_POST, true);
1019 curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
1020 }
1021
1022 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1023 curl_setopt($ch, CURLOPT_HEADER, false);
1024 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $connecttimeout);
1025
1026 if (!ini_get('open_basedir') and !ini_get('safe_mode')) {
1027 // TODO: add version test for '7.10.5'
1028 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
1029 curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
1030 }
1031
1032 if (!empty($CFG->proxyhost) and !$proxybypass) {
1033 // SOCKS supported in PHP5 only
1034 if (!empty($CFG->proxytype) and ($CFG->proxytype == 'SOCKS5')) {
1035 if (defined('CURLPROXY_SOCKS5')) {
1036 curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
1037 } else {
1038 curl_close($ch);
1039 if ($fullresponse) {
1040 $response = new stdClass();
1041 $response->status = '0';
1042 $response->headers = array();
1043 $response->response_code = 'SOCKS5 proxy is not supported in PHP4';
1044 $response->results = '';
1045 $response->error = 'SOCKS5 proxy is not supported in PHP4';
1046 return $response;
1047 } else {
1048 debugging("SOCKS5 proxy is not supported in PHP4.", DEBUG_ALL);
1049 return false;
1050 }
1051 }
1052 }
1053
1054 curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, false);
1055
1056 if (empty($CFG->proxyport)) {
1057 curl_setopt($ch, CURLOPT_PROXY, $CFG->proxyhost);
1058 } else {
1059 curl_setopt($ch, CURLOPT_PROXY, $CFG->proxyhost.':'.$CFG->proxyport);
1060 }
1061
1062 if (!empty($CFG->proxyuser) and !empty($CFG->proxypassword)) {
1063 curl_setopt($ch, CURLOPT_PROXYUSERPWD, $CFG->proxyuser.':'.$CFG->proxypassword);
1064 if (defined('CURLOPT_PROXYAUTH')) {
1065 // any proxy authentication if PHP 5.1
1066 curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_NTLM);
1067 }
1068 }
1069 }
1070
1071 // set up header and content handlers
1072 $received = new stdClass();
1073 $received->headers = array(); // received headers array
1074 $received->tofile = $tofile;
1075 $received->fh = null;
1076 curl_setopt($ch, CURLOPT_HEADERFUNCTION, partial('download_file_content_header_handler', $received));
1077 if ($tofile) {
1078 curl_setopt($ch, CURLOPT_WRITEFUNCTION, partial('download_file_content_write_handler', $received));
1079 }
1080
1081 if (!isset($CFG->curltimeoutkbitrate)) {
1082 //use very slow rate of 56kbps as a timeout speed when not set
1083 $bitrate = 56;
1084 } else {
1085 $bitrate = $CFG->curltimeoutkbitrate;
1086 }
1087
1088 // try to calculate the proper amount for timeout from remote file size.
1089 // if disabled or zero, we won't do any checks nor head requests.
1090 if ($calctimeout && $bitrate > 0) {
1091 //setup header request only options
1092 curl_setopt_array ($ch, array(
1093 CURLOPT_RETURNTRANSFER => false,
1094 CURLOPT_NOBODY => true)
1095 );
1096
1097 curl_exec($ch);
1098 $info = curl_getinfo($ch);
1099 $err = curl_error($ch);
1100
1101 if ($err === '' && $info['download_content_length'] > 0) { //no curl errors
1102 $timeout = max($timeout, ceil($info['download_content_length'] * 8 / ($bitrate * 1024))); //adjust for large files only - take max timeout.
1103 }
1104 //reinstate affected curl options
1105 curl_setopt_array ($ch, array(
1106 CURLOPT_RETURNTRANSFER => true,
1107 CURLOPT_NOBODY => false)
1108 );
1109 }
1110
1111 curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
1112 $result = curl_exec($ch);
1113
1114 // try to detect encoding problems
1115 if ((curl_errno($ch) == 23 or curl_errno($ch) == 61) and defined('CURLOPT_ENCODING')) {
1116 curl_setopt($ch, CURLOPT_ENCODING, 'none');
1117 $result = curl_exec($ch);
1118 }
1119
1120 if ($received->fh) {
1121 fclose($received->fh);
1122 }
1123
1124 if (curl_errno($ch)) {
1125 $error = curl_error($ch);
1126 $error_no = curl_errno($ch);
1127 curl_close($ch);
1128
1129 if ($fullresponse) {
1130 $response = new stdClass();
1131 if ($error_no == 28) {
1132 $response->status = '-100'; // mimic snoopy
1133 } else {
1134 $response->status = '0';
1135 }
1136 $response->headers = array();
1137 $response->response_code = $error;
1138 $response->results = false;
1139 $response->error = $error;
1140 return $response;
1141 } else {
1142 debugging("cURL request for \"$url\" failed with: $error ($error_no)", DEBUG_ALL);
1143 return false;
1144 }
1145
1146 } else {
1147 $info = curl_getinfo($ch);
1148 curl_close($ch);
1149
1150 if (empty($info['http_code'])) {
1151 // for security reasons we support only true http connections (Location: file:// exploit prevention)
1152 $response = new stdClass();
1153 $response->status = '0';
1154 $response->headers = array();
1155 $response->response_code = 'Unknown cURL error';
1156 $response->results = false; // do NOT change this, we really want to ignore the result!
1157 $response->error = 'Unknown cURL error';
1158
1159 } else {
1160 $response = new stdClass();;
1161 $response->status = (string)$info['http_code'];
1162 $response->headers = $received->headers;
1163 $response->response_code = $received->headers[0];
1164 $response->results = $result;
1165 $response->error = '';
1166 }
1167
1168 if ($fullresponse) {
1169 return $response;
1170 } else if ($info['http_code'] != 200) {
1171 debugging("cURL request for \"$url\" failed, HTTP response code: ".$response->response_code, DEBUG_ALL);
1172 return false;
1173 } else {
1174 return $response->results;
1175 }
1176 }
1177 }
1178
1179 /**
1180 * internal implementation
1181 * @param stdClass $received
1182 * @param resource $ch
1183 * @param mixed $header
1184 * @return int header length
1185 */
1186 function download_file_content_header_handler($received, $ch, $header) {
1187 $received->headers[] = $header;
1188 return strlen($header);
1189 }
1190
1191 /**
1192 * internal implementation
1193 * @param stdClass $received
1194 * @param resource $ch
1195 * @param mixed $data
1196 */
1197 function download_file_content_write_handler($received, $ch, $data) {
1198 if (!$received->fh) {
1199 $received->fh = fopen($received->tofile, 'w');
1200 if ($received->fh === false) {
1201 // bad luck, file creation or overriding failed
1202 return 0;
1203 }
1204 }
1205 if (fwrite($received->fh, $data) === false) {
1206 // bad luck, write failed, let's abort completely
1207 return 0;
1208 }
1209 return strlen($data);
1210 }
1211
1212 /**
1213 * Returns a list of information about file t ypes based on extensions
1214 *
1215 * @category files
1216 * @return array List of information about file types based on extensions.
1217 * Associative array of extension (lower-case) to associative array
1218 * from 'element name' to data. Current element names are 'type' and 'icon'.
1219 * Unknown types should use the 'xxx' entry which includes defaults.
1220 */
1221 function get_mimetypes_array() {
1222 static $mimearray = array (
1223 'xxx' => array ('type'=>'document/unknown', 'icon'=>'unknown'),
1224 '3gp' => array ('type'=>'video/quicktime', 'icon'=>'video'),
1225 'aac' => array ('type'=>'audio/aac', 'icon'=>'audio'),
1226 'ai' => array ('type'=>'application/postscript', 'icon'=>'image'),
1227 'aif' => array ('type'=>'audio/x-aiff', 'icon'=>'audio'),
1228 'aiff' => array ('type'=>'audio/x-aiff', 'icon'=>'audio'),
1229 'aifc' => array ('type'=>'audio/x-aiff', 'icon'=>'audio'),
1230 'applescript' => array ('type'=>'text/plain', 'icon'=>'text'),
1231 'asc' => array ('type'=>'text/plain', 'icon'=>'text'),
1232 'asm' => array ('type'=>'text/plain', 'icon'=>'text'),
1233 'au' => array ('type'=>'audio/au', 'icon'=>'audio'),
1234 'avi' => array ('type'=>'video/x-ms-wm', 'icon'=>'avi'),
1235 'bmp' => array ('type'=>'image/bmp', 'icon'=>'image'),
1236 'c' => array ('type'=>'text/plain', 'icon'=>'text'),
1237 'cct' => array ('type'=>'shockwave/director', 'icon'=>'flash'),
1238 'cpp' => array ('type'=>'text/plain', 'icon'=>'text'),
1239 'cs' => array ('type'=>'application/x-csh', 'icon'=>'text'),
1240 'css' => array ('type'=>'text/css', 'icon'=>'text'),
1241 'csv' => array ('type'=>'text/csv', 'icon'=>'excel'),
1242 'dv' => array ('type'=>'video/x-dv', 'icon'=>'video'),
1243 'dmg' => array ('type'=>'application/octet-stream', 'icon'=>'dmg'),
1244
1245 'doc' => array ('type'=>'application/msword', 'icon'=>'word'),
1246 'docx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'icon'=>'docx'),
1247 'docm' => array ('type'=>'application/vnd.ms-word.document.macroEnabled.12', 'icon'=>'docm'),
1248 'dotx' => array ('type'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.template', 'icon'=>'dotx'),
1249 'dotm' => array ('type'=>'application/vnd.ms-word.template.macroEnabled.12', 'icon'=>'dotm'),
1250
1251 'dcr' => array ('type'=>'application/x-director', 'icon'=>'flash'),
1252 'dif' => array ('type'=>'video/x-dv', 'icon'=>'video'),
1253 'dir' => array ('type'=>'application/x-director', 'icon'=>'flash'),
1254 'dxr' => array ('type'=>'application/x-director', 'icon'=>'flash'),
1255 'eps' => array ('type'=>'application/postscript', 'icon'=>'pdf'),
1256 'fdf' => array ('type'=>'application/pdf', 'icon'=>'pdf'),
1257 'flv' => array ('type'=>'video/x-flv', 'icon'=>'video'),
1258 'f4v' => array ('type'=>'video/mp4', 'icon'=>'video'),
1259 'gif' => array ('type'=>'image/gif', 'icon'=>'image'),
1260 'gtar' => array ('type'=>'application/x-gtar', 'icon'=>'zip'),
1261 'tgz' => array ('type'=>'application/g-zip', 'icon'=>'zip'),
1262 'gz' => array ('type'=>'application/g-zip', 'icon'=>'zip'),
1263 'gzip' => array ('type'=>'application/g-zip', 'icon'=>'zip'),
1264 'h' => array ('type'=>'text/plain', 'icon'=>'text'),
1265 'hpp' => array ('type'=>'text/plain', 'icon'=>'text'),
1266 'hqx' => array ('type'=>'application/mac-binhex40', 'icon'=>'zip'),
1267 'htc' => array ('type'=>'text/x-component', 'icon'=>'text'),
1268 'html' => array ('type'=>'text/html', 'icon'=>'html'),
1269 'xhtml'=> array ('type'=>'application/xhtml+xml', 'icon'=>'html'),
1270 'htm' => array ('type'=>'text/html', 'icon'=>'html'),
1271 'ico' => array ('type'=>'image/vnd.microsoft.icon', 'icon'=>'image'),
1272 'ics' => array ('type'=>'text/calendar', 'icon'=>'text'),
1273 'isf' => array ('type'=>'application/inspiration', 'icon'=>'isf'),
1274 'ist' => array ('type'=>'application/inspiration.template', 'icon'=>'isf'),
1275 'java' => array ('type'=>'text/plain', 'icon'=>'text'),
1276 'jcb' => array ('type'=>'text/xml', 'icon'=>'jcb'),
1277 'jcl' => array ('type'=>'text/xml', 'icon'=>'jcl'),
1278 'jcw' => array ('type'=>'text/xml', 'icon'=>'jcw'),
1279 'jmt' => array ('type'=>'text/xml', 'icon'=>'jmt'),
1280 'jmx' => array ('type'=>'text/xml', 'icon'=>'jmx'),
1281 'jpe' => array ('type'=>'image/jpeg', 'icon'=>'image'),
1282 'jpeg' => array ('type'=>'image/jpeg', 'icon'=>'image'),
1283 'jpg' => array ('type'=>'image/jpeg', 'icon'=>'image'),
1284 'jqz' => array ('type'=>'text/xml', 'icon'=>'jqz'),
1285 'js' => array ('type'=>'application/x-javascript', 'icon'=>'text'),
1286 'latex'=> array ('type'=>'application/x-latex', 'icon'=>'text'),
1287 'm' => array ('type'=>'text/plain', 'icon'=>'text'),
1288 'mbz' => array ('type'=>'application/vnd.moodle.backup', 'icon'=>'moodle'),
1289 'mov' => array ('type'=>'video/quicktime', 'icon'=>'video'),
1290 'movie'=> array ('type'=>'video/x-sgi-movie', 'icon'=>'video'),
1291 'm3u' => array ('type'=>'audio/x-mpegurl', 'icon'=>'audio'),
1292 'mp3' => array ('type'=>'audio/mp3', 'icon'=>'audio'),
1293 'mp4' => array ('type'=>'video/mp4', 'icon'=>'video'),
1294 'm4v' => array ('type'=>'video/mp4', 'icon'=>'video'),
1295 'm4a' => array ('type'=>'audio/mp4', 'icon'=>'audio'),
1296 'mpeg' => array ('type'=>'video/mpeg', 'icon'=>'video'),
1297 'mpe' => array ('type'=>'video/mpeg', 'icon'=>'video'),
1298 'mpg' => array ('type'=>'video/mpeg', 'icon'=>'video'),
1299
1300 'odt' => array ('type'=>'application/vnd.oasis.opendocument.text', 'icon'=>'odt'),
1301 'ott' => array ('type'=>'application/vnd.oasis.opendocument.text-template', 'icon'=>'odt'),
1302 'oth' => array ('type'=>'application/vnd.oasis.opendocument.text-web', 'icon'=>'odt'),
1303 'odm' => array ('type'=>'application/vnd.oasis.opendocument.text-master', 'icon'=>'odm'),
1304 'odg' => array ('type'=>'application/vnd.oasis.opendocument.graphics', 'icon'=>'odg'),
1305 'otg' => array ('type'=>'application/vnd.oasis.opendocument.graphics-template', 'icon'=>'odg'),
1306 'odp' => array ('type'=>'application/vnd.oasis.opendocument.presentation', 'icon'=>'odp'),
1307 'otp' => array ('type'=>'application/vnd.oasis.opendocument.presentation-template', 'icon'=>'odp'),
1308 'ods' => array ('type'=>'application/vnd.oasis.opendocument.spreadsheet', 'icon'=>'ods'),
1309 'ots' => array ('type'=>'application/vnd.oasis.opendocument.spreadsheet-template', 'icon'=>'ods'),
1310 'odc' => array ('type'=>'application/vnd.oasis.opendocument.chart', 'icon'=>'odc'),
1311 'odf' => array ('type'=>'application/vnd.oasis.opendocument.formula', 'icon'=>'odf'),
1312 'odb' => array ('type'=>'application/vnd.oasis.opendocument.database', 'icon'=>'odb'),
1313 'odi' => array ('type'=>'application/vnd.oasis.opendocument.image', 'icon'=>'odi'),
1314 'oga' => array ('type'=>'audio/ogg', 'icon'=>'audio'),
1315 'ogg' => array ('type'=>'audio/ogg', 'icon'=>'audio'),
1316 'ogv' => array ('type'=>'video/ogg', 'icon'=>'video'),
1317
1318 'pct' => array ('type'=>'image/pict', 'icon'=>'image'),
1319 'pdf' => array ('type'=>'application/pdf', 'icon'=>'pdf'),
1320 'php' => array ('type'=>'text/plain', 'icon'=>'text'),
1321 'pic' => array ('type'=>'image/pict', 'icon'=>'image'),
1322 'pict' => array ('type'=>'image/pict', 'icon'=>'image'),
1323 'png' => array ('type'=>'image/png', 'icon'=>'image'),
1324
1325 'pps' => array ('type'=>'application/vnd.ms-powerpoint', 'icon'=>'powerpoint'),
1326 'ppt' => array ('type'=>'application/vnd.ms-powerpoint', 'icon'=>'powerpoint'),
1327 'pptx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'icon'=>'pptx'),
1328 'pptm' => array ('type'=>'application/vnd.ms-powerpoint.presentation.macroEnabled.12', 'icon'=>'pptm'),
1329 'potx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.template', 'icon'=>'potx'),
1330 'potm' => array ('type'=>'application/vnd.ms-powerpoint.template.macroEnabled.12', 'icon'=>'potm'),
1331 'ppam' => array ('type'=>'application/vnd.ms-powerpoint.addin.macroEnabled.12', 'icon'=>'ppam'),
1332 'ppsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.presentationml.slideshow', 'icon'=>'ppsx'),
1333 'ppsm' => array ('type'=>'application/vnd.ms-powerpoint.slideshow.macroEnabled.12', 'icon'=>'ppsm'),
1334
1335 'ps' => array ('type'=>'application/postscript', 'icon'=>'pdf'),
1336 'qt' => array ('type'=>'video/quicktime', 'icon'=>'video'),
1337 'ra' => array ('type'=>'audio/x-realaudio-plugin', 'icon'=>'audio'),
1338 'ram' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'audio'),
1339 'rhb' => array ('type'=>'text/xml', 'icon'=>'xml'),
1340 'rm' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'audio'),
1341 'rmvb' => array ('type'=>'application/vnd.rn-realmedia-vbr', 'icon'=>'video'),
1342 'rtf' => array ('type'=>'text/rtf', 'icon'=>'text'),
1343 'rtx' => array ('type'=>'text/richtext', 'icon'=>'text'),
1344 'rv' => array ('type'=>'audio/x-pn-realaudio-plugin', 'icon'=>'video'),
1345 'sh' => array ('type'=>'application/x-sh', 'icon'=>'text'),
1346 'sit' => array ('type'=>'application/x-stuffit', 'icon'=>'zip'),
1347 'smi' => array ('type'=>'application/smil', 'icon'=>'text'),
1348 'smil' => array ('type'=>'application/smil', 'icon'=>'text'),
1349 'sqt' => array ('type'=>'text/xml', 'icon'=>'xml'),
1350 'svg' => array ('type'=>'image/svg+xml', 'icon'=>'image'),
1351 'svgz' => array ('type'=>'image/svg+xml', 'icon'=>'image'),
1352 'swa' => array ('type'=>'application/x-director', 'icon'=>'flash'),
1353 'swf' => array ('type'=>'application/x-shockwave-flash', 'icon'=>'flash'),
1354 'swfl' => array ('type'=>'application/x-shockwave-flash', 'icon'=>'flash'),
1355
1356 'sxw' => array ('type'=>'application/vnd.sun.xml.writer', 'icon'=>'odt'),
1357 'stw' => array ('type'=>'application/vnd.sun.xml.writer.template', 'icon'=>'odt'),
1358 'sxc' => array ('type'=>'application/vnd.sun.xml.calc', 'icon'=>'odt'),
1359 'stc' => array ('type'=>'application/vnd.sun.xml.calc.template', 'icon'=>'odt'),
1360 'sxd' => array ('type'=>'application/vnd.sun.xml.draw', 'icon'=>'odt'),
1361 'std' => array ('type'=>'application/vnd.sun.xml.draw.template', 'icon'=>'odt'),
1362 'sxi' => array ('type'=>'application/vnd.sun.xml.impress', 'icon'=>'odt'),
1363 'sti' => array ('type'=>'application/vnd.sun.xml.impress.template', 'icon'=>'odt'),
1364 'sxg' => array ('type'=>'application/vnd.sun.xml.writer.global', 'icon'=>'odt'),
1365 'sxm' => array ('type'=>'application/vnd.sun.xml.math', 'icon'=>'odt'),
1366
1367 'tar' => array ('type'=>'application/x-tar', 'icon'=>'zip'),
1368 'tif' => array ('type'=>'image/tiff', 'icon'=>'image'),
1369 'tiff' => array ('type'=>'image/tiff', 'icon'=>'image'),
1370 'tex' => array ('type'=>'application/x-tex', 'icon'=>'text'),
1371 'texi' => array ('type'=>'application/x-texinfo', 'icon'=>'text'),
1372 'texinfo' => array ('type'=>'application/x-texinfo', 'icon'=>'text'),
1373 'tsv' => array ('type'=>'text/tab-separated-values', 'icon'=>'text'),
1374 'txt' => array ('type'=>'text/plain', 'icon'=>'text'),
1375 'wav' => array ('type'=>'audio/wav', 'icon'=>'audio'),
1376 'webm' => array ('type'=>'video/webm', 'icon'=>'video'),
1377 'wmv' => array ('type'=>'video/x-ms-wmv', 'icon'=>'avi'),
1378 'asf' => array ('type'=>'video/x-ms-asf', 'icon'=>'avi'),
1379 'xdp' => array ('type'=>'application/pdf', 'icon'=>'pdf'),
1380 'xfd' => array ('type'=>'application/pdf', 'icon'=>'pdf'),
1381 'xfdf' => array ('type'=>'application/pdf', 'icon'=>'pdf'),
1382
1383 'xls' => array ('type'=>'application/vnd.ms-excel', 'icon'=>'excel'),
1384 'xlsx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'icon'=>'xlsx'),
1385 'xlsm' => array ('type'=>'application/vnd.ms-excel.sheet.macroEnabled.12', 'icon'=>'xlsm'),
1386 'xltx' => array ('type'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.template', 'icon'=>'xltx'),
1387 'xltm' => array ('type'=>'application/vnd.ms-excel.template.macroEnabled.12', 'icon'=>'xltm'),
1388 'xlsb' => array ('type'=>'application/vnd.ms-excel.sheet.binary.macroEnabled.12', 'icon'=>'xlsb'),
1389 'xlam' => array ('type'=>'application/vnd.ms-excel.addin.macroEnabled.12', 'icon'=>'xlam'),
1390
1391 'xml' => array ('type'=>'application/xml', 'icon'=>'xml'),
1392 'xsl' => array ('type'=>'text/xml', 'icon'=>'xml'),
1393 'zip' => array ('type'=>'application/zip', 'icon'=>'zip')
1394 );
1395 return $mimearray;
1396 }
1397
1398 /**
1399 * Obtains information about a filetype based on its extension. Will
1400 * use a default if no information is present about that particular
1401 * extension.
1402 *
1403 * @category files
1404 * @param string $element Desired information (usually 'icon'
1405 * for icon filename or 'type' for MIME type)
1406 * @param string $filename Filename we're looking up
1407 * @return string Requested piece of information from array
1408 */
1409 function mimeinfo($element, $filename) {
1410 global $CFG;
1411 $mimeinfo = get_mimetypes_array();
1412
1413 if (preg_match('/\.([a-z0-9]+)$/i', $filename, $match)) {
1414 if (isset($mimeinfo[strtolower($match[1])][$element])) {
1415 return $mimeinfo[strtolower($match[1])][$element];
1416 } else {
1417 if ($element == 'icon32') {
1418 if (isset($mimeinfo[strtolower($match[1])]['icon'])) {
1419 $filename = $mimeinfo[strtolower($match[1])]['icon'];
1420 } else {
1421 $filename = 'unknown';
1422 }
1423 $filename .= '-32';
1424 if (file_exists($CFG->dirroot.'/pix/f/'.$filename.'.png') or file_exists($CFG->dirroot.'/pix/f/'.$filename.'.gif')) {
1425 return $filename;
1426 } else {
1427 return 'unknown-32';
1428 }
1429 } else {
1430 return $mimeinfo['xxx'][$element]; // By default
1431 }
1432 }
1433 } else {
1434 if ($element == 'icon32') {
1435 return 'unknown-32';
1436 }
1437 return $mimeinfo['xxx'][$element]; // By default
1438 }
1439 }
1440
1441 /**
1442 * Obtains information about a filetype based on the MIME type rather than
1443 * the other way around.
1444 *
1445 * @category files
1446 * @param string $element Desired information (usually 'icon')
1447 * @param string $mimetype MIME type we're looking up
1448 * @return string Requested piece of information from array
1449 */
1450 function mimeinfo_from_type($element, $mimetype) {
1451 $mimeinfo = get_mimetypes_array();
1452
1453 foreach($mimeinfo as $values) {
1454 if ($values['type']==$mimetype) {
1455 if (isset($values[$element])) {
1456 return $values[$element];
1457 }
1458 break;
1459 }
1460 }
1461 return $mimeinfo['xxx'][$element]; // Default
1462 }
1463
1464 /**
1465 * Get information about a filetype based on the icon file.
1466 *
1467 * @category files
1468 * @param string $element Desired information (usually 'icon')
1469 * @param string $icon Icon file name without extension
1470 * @param bool $all return all matching entries (defaults to false - best (by ext)/last match)
1471 * @return string Requested piece of information from array
1472 */
1473 function mimeinfo_from_icon($element, $icon, $all=false) {
1474 $mimeinfo = get_mimetypes_array();
1475
1476 if (preg_match("/\/(.*)/", $icon, $matches)) {
1477 $icon = $matches[1];
1478 }
1479 // Try to get the extension
1480 $extension = '';
1481 if (($cutat = strrpos($icon, '.')) !== false && $cutat < strlen($icon)-1) {
1482 $extension = substr($icon, $cutat + 1);
1483 }
1484 $info = array($mimeinfo['xxx'][$element]); // Default
1485 foreach($mimeinfo as $key => $values) {
1486 if ($values['icon']==$icon) {
1487 if (isset($values[$element])) {
1488 $info[$key] = $values[$element];
1489 }
1490 //No break, for example for 'excel' we don't want 'csv'!
1491 }
1492 }
1493 if ($all) {
1494 if (count($info) > 1) {
1495 array_shift($info); // take off document/unknown if we have better options
1496 }
1497 return array_values($info); // Keep keys out when requesting all
1498 }
1499
1500 // Requested only one, try to get the best by extension coincidence, else return the last
1501 if ($extension && isset($info[$extension])) {
1502 return $info[$extension];
1503 }
1504
1505 return array_pop($info); // Return last match (mimicking behaviour/comment inside foreach loop)
1506 }
1507
1508 /**
1509 * Returns the relative icon path for a given mime type
1510 *
1511 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1512 * a return the full path to an icon.
1513 *
1514 * <code>
1515 * $mimetype = 'image/jpg';
1516 * $icon = $OUTPUT->pix_url(file_mimetype_icon($mimetype));
1517 * echo '<img src="'.$icon.'" alt="'.$mimetype.'" />';
1518 * </code>
1519 *
1520 * @category files
1521 * @todo MDL-31074 When an $OUTPUT->icon method is available this function should be altered
1522 * to conform with that.
1523 * @param string $mimetype The mimetype to fetch an icon for
1524 * @param int $size The size of the icon. Not yet implemented
1525 * @return string The relative path to the icon
1526 */
1527 function file_mimetype_icon($mimetype, $size = NULL) {
1528 global $CFG;
1529
1530 $icon = mimeinfo_from_type('icon', $mimetype);
1531 if ($size) {
1532 if (file_exists("$CFG->dirroot/pix/f/$icon-$size.png") or file_exists("$CFG->dirroot/pix/f/$icon-$size.gif")) {
1533 $icon = "$icon-$size";
1534 }
1535 }
1536 return 'f/'.$icon;
1537 }
1538
1539 /**
1540 * Returns the relative icon path for a given file name
1541 *
1542 * This function should be used in conjunction with $OUTPUT->pix_url to produce
1543 * a return the full path to an icon.
1544 *
1545 * <code>
1546 * $filename = 'jpg';
1547 * $icon = $OUTPUT->pix_url(file_extension_icon($filename));
1548 * echo '<img src="'.$icon.'" alt="blah" />';
1549 * </code>
1550 *
1551 * @todo MDL-31074 When an $OUTPUT->icon method is available this function should be altered
1552 * to conform with that.
1553 * @todo MDL-31074 Implement $size
1554 * @category files
1555 * @param string $filename The filename to get the icon for
1556 * @param int $size The size of the icon. Defaults to null can also be 32
1557 * @return string
1558 */
1559 function file_extension_icon($filename, $size = NULL) {
1560 global $CFG;
1561
1562 $icon = mimeinfo('icon', $filename);
1563 if ($size) {
1564 if (file_exists("$CFG->dirroot/pix/f/$icon-$size.png") or file_exists("$CFG->dirroot/pix/f/$icon-$size.gif")) {
1565 $icon = "$icon-$size";
1566 }
1567 }
1568 return 'f/'.$icon;
1569 }
1570
1571 /**
1572 * Obtains descriptions for file types (e.g. 'Microsoft Word document') from the
1573 * mimetypes.php language file.
1574 *
1575 * @param string $mimetype MIME type (can be obtained using the mimeinfo function)
1576 * @param bool $capitalise If true, capitalises first character of result
1577 * @return string Text description
1578 */
1579 function get_mimetype_description($mimetype, $capitalise=false) {
1580 if (get_string_manager()->string_exists($mimetype, 'mimetypes')) {
1581 $result = get_string($mimetype, 'mimetypes');
1582 } else {
1583 $result = get_string('document/unknown','mimetypes');
1584 }
1585 if ($capitalise) {
1586 $result=ucfirst($result);
1587 }
1588 return $result;
1589 }
1590
1591 /**
1592 * Requested file is not found or not accessible, does not return, terminates script
1593 *
1594 * @global stdClass $CFG
1595 * @global stdClass $COURSE
1596 */
1597 function send_file_not_found() {
1598 global $CFG, $COURSE;
1599 send_header_404();
1600 print_error('filenotfound', 'error', $CFG->wwwroot.'/course/view.php?id='.$COURSE->id); //this is not displayed on IIS??
1601 }
1602 /**
1603 * Helper function to send correct 404 for server.
1604 */
1605 function send_header_404() {
1606 if (substr(php_sapi_name(), 0, 3) == 'cgi') {
1607 header("Status: 404 Not Found");
1608 } else {
1609 header('HTTP/1.0 404 not found');
1610 }
1611 }
1612
1613 /**
1614 * Check output buffering settings before sending file.
1615 * Please note you should not send any other headers after calling this function.
1616 *
1617 * To be called only from lib/filelib.php !
1618 */
1619 function prepare_file_content_sending() {
1620 // We needed to be able to send headers up until now
1621 if (headers_sent()) {
1622 throw new file_serving_exception('Headers already sent, can not serve file.');
1623 }
1624
1625 $olddebug = error_reporting(0);
1626
1627 // IE compatibility HACK - it does not like zlib compression much
1628 // there is also a problem with the length header in older PHP versions
1629 if (ini_get_bool('zlib.output_compression')) {
1630 ini_set('zlib.output_compression', 'Off');
1631 }
1632
1633 // flush and close all buffers if possible
1634 while(ob_get_level()) {
1635 if (!ob_end_flush()) {
1636 // prevent infinite loop when buffer can not be closed
1637 break;
1638 }
1639 }
1640
1641 error_reporting($olddebug);
1642
1643 //NOTE: we can not reliable test headers_sent() here because
1644 // the headers might be sent which trying to close the buffers,
1645 // this happens especially if browser does not support gzip or deflate
1646 }
1647
1648 /**
1649 * Handles the sending of temporary file to user, download is forced.
1650 * File is deleted after abort or successful sending, does not return, script terminated
1651 *
1652 * @param string $path path to file, preferably from moodledata/temp/something; or content of file itself
1653 * @param string $filename proposed file name when saving file
1654 * @param bool $pathisstring If the path is string
1655 */
1656 function send_temp_file($path, $filename, $pathisstring=false) {
1657 global $CFG;
1658
1659 // close session - not needed anymore
1660 @session_get_instance()->write_close();
1661
1662 if (!$pathisstring) {
1663 if (!file_exists($path)) {
1664 send_header_404();
1665 print_error('filenotfound', 'error', $CFG->wwwroot.'/');
1666 }
1667 // executed after normal finish or abort
1668 @register_shutdown_function('send_temp_file_finished', $path);
1669 }
1670
1671 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
1672 if (check_browser_version('MSIE')) {
1673 $filename = urlencode($filename);
1674 }
1675
1676 $filesize = $pathisstring ? strlen($path) : filesize($path);
1677
1678 header('Content-Disposition: attachment; filename='.$filename);
1679 header('Content-Length: '.$filesize);
1680 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
1681 header('Cache-Control: max-age=10');
1682 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
1683 header('Pragma: ');
1684 } else { //normal http - prevent caching at all cost
1685 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
1686 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
1687 header('Pragma: no-cache');
1688 }
1689 header('Accept-Ranges: none'); // Do not allow byteserving
1690
1691 //flush the buffers - save memory and disable sid rewrite
1692 // this also disables zlib compression
1693 prepare_file_content_sending();
1694
1695 // send the contents
1696 if ($pathisstring) {
1697 echo $path;
1698 } else {
1699 @readfile($path);
1700 }
1701
1702 die; //no more chars to output
1703 }
1704
1705 /**
1706 * Internal callback function used by send_temp_file()
1707 *
1708 * @param string $path
1709 */
1710 function send_temp_file_finished($path) {
1711 if (file_exists($path)) {
1712 @unlink($path);
1713 }
1714 }
1715
1716 /**
1717 * Handles the sending of file data to the user's browser, including support for
1718 * byteranges etc.
1719 *
1720 * @category files
1721 * @global stdClass $CFG
1722 * @global stdClass $COURSE
1723 * @global moodle_session $SESSION
1724 * @param string $path Path of file on disk (including real filename), or actual content of file as string
1725 * @param string $filename Filename to send
1726 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
1727 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
1728 * @param bool $pathisstring If true (default false), $path is the content to send and not the pathname
1729 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
1730 * @param string $mimetype Include to specify the MIME type; leave blank to have it guess the type from $filename
1731 * @param bool $dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
1732 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
1733 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
1734 * and should not be reopened.
1735 * @return null script execution stopped unless $dontdie is true
1736 */
1737 function send_file($path, $filename, $lifetime = 'default' , $filter=0, $pathisstring=false, $forcedownload=false, $mimetype='', $dontdie=false) {
1738 global $CFG, $COURSE, $SESSION;
1739
1740 if ($dontdie) {
1741 ignore_user_abort(true);
1742 }
1743
1744 // MDL-11789, apply $CFG->filelifetime here
1745 if ($lifetime === 'default') {
1746 if (!empty($CFG->filelifetime)) {
1747 $lifetime = $CFG->filelifetime;
1748 } else {
1749 $lifetime = 86400;
1750 }
1751 }
1752
1753 session_get_instance()->write_close(); // unlock session during fileserving
1754
1755 // Use given MIME type if specified, otherwise guess it using mimeinfo.
1756 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
1757 // only Firefox saves all files locally before opening when content-disposition: attachment stated
1758 $isFF = check_browser_version('Firefox', '1.5'); // only FF > 1.5 properly tested
1759 $mimetype = ($forcedownload and !$isFF) ? 'application/x-forcedownload' :
1760 ($mimetype ? $mimetype : mimeinfo('type', $filename));
1761
1762 $lastmodified = $pathisstring ? time() : filemtime($path);
1763 $filesize = $pathisstring ? strlen($path) : filesize($path);
1764
1765 /* - MDL-13949
1766 //Adobe Acrobat Reader XSS prevention
1767 if ($mimetype=='application/pdf' or mimeinfo('type', $filename)=='application/pdf') {
1768 //please note that it prevents opening of pdfs in browser when http referer disabled
1769 //or file linked from another site; browser caching of pdfs is now disabled too
1770 if (!empty($_SERVER['HTTP_RANGE'])) {
1771 //already byteserving
1772 $lifetime = 1; // >0 needed for byteserving
1773 } else if (empty($_SERVER['HTTP_REFERER']) or strpos($_SERVER['HTTP_REFERER'], $CFG->wwwroot)!==0) {
1774 $mimetype = 'application/x-forcedownload';
1775 $forcedownload = true;
1776 $lifetime = 0;
1777 } else {
1778 $lifetime = 1; // >0 needed for byteserving
1779 }
1780 }
1781 */
1782
1783 if ($lifetime > 0 && !empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
1784 // get unixtime of request header; clip extra junk off first
1785 $since = strtotime(preg_replace('/;.*$/','',$_SERVER["HTTP_IF_MODIFIED_SINCE"]));
1786 if ($since && $since >= $lastmodified) {
1787 header('HTTP/1.1 304 Not Modified');
1788 header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
1789 header('Cache-Control: max-age='.$lifetime);
1790 header('Content-Type: '.$mimetype);
1791 if ($dontdie) {
1792 return;
1793 }
1794 die;
1795 }
1796 }
1797
1798 //do not put '@' before the next header to detect incorrect moodle configurations,
1799 //error should be better than "weird" empty lines for admins/users
1800 header('Last-Modified: '. gmdate('D, d M Y H:i:s', $lastmodified) .' GMT');
1801
1802 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
1803 if (check_browser_version('MSIE')) {
1804 $filename = rawurlencode($filename);
1805 }
1806
1807 if ($forcedownload) {
1808 header('Content-Disposition: attachment; filename="'.$filename.'"');
1809 } else {
1810 header('Content-Disposition: inline; filename="'.$filename.'"');
1811 }
1812
1813 if ($lifetime > 0) {
1814 header('Cache-Control: max-age='.$lifetime);
1815 header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
1816 header('Pragma: ');
1817
1818 if (empty($CFG->disablebyteserving) && !$pathisstring && $mimetype != 'text/plain' && $mimetype != 'text/html') {
1819
1820 header('Accept-Ranges: bytes');
1821
1822 if (!empty($_SERVER['HTTP_RANGE']) && strpos($_SERVER['HTTP_RANGE'],'bytes=') !== FALSE) {
1823 // byteserving stuff - for acrobat reader and download accelerators
1824 // see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
1825 // inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
1826 $ranges = false;
1827 if (preg_match_all('/(\d*)-(\d*)/', $_SERVER['HTTP_RANGE'], $ranges, PREG_SET_ORDER)) {
1828 foreach ($ranges as $key=>$value) {
1829 if ($ranges[$key][1] == '') {
1830 //suffix case
1831 $ranges[$key][1] = $filesize - $ranges[$key][2];
1832 $ranges[$key][2] = $filesize - 1;
1833 } else if ($ranges[$key][2] == '' || $ranges[$key][2] > $filesize - 1) {
1834 //fix range length
1835 $ranges[$key][2] = $filesize - 1;
1836 }
1837 if ($ranges[$key][2] != '' && $ranges[$key][2] < $ranges[$key][1]) {
1838 //invalid byte-range ==> ignore header
1839 $ranges = false;
1840 break;
1841 }
1842 //prepare multipart header
1843 $ranges[$key][0] = "\r\n--".BYTESERVING_BOUNDARY."\r\nContent-Type: $mimetype\r\n";
1844 $ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/$filesize\r\n\r\n";
1845 }
1846 } else {
1847 $ranges = false;
1848 }
1849 if ($ranges) {
1850 $handle = fopen($path, 'rb');
1851 byteserving_send_file($handle, $mimetype, $ranges, $filesize);
1852 }
1853 }
1854 } else {
1855 /// Do not byteserve (disabled, strings, text and html files).
1856 header('Accept-Ranges: none');
1857 }
1858 } else { // Do not cache files in proxies and browsers
1859 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
1860 header('Cache-Control: max-age=10');
1861 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
1862 header('Pragma: ');
1863 } else { //normal http - prevent caching at all cost
1864 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
1865 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
1866 header('Pragma: no-cache');
1867 }
1868 header('Accept-Ranges: none'); // Do not allow byteserving when caching disabled
1869 }
1870
1871 if (empty($filter)) {
1872 if ($mimetype == 'text/plain') {
1873 header('Content-Type: Text/plain; charset=utf-8'); //add encoding
1874 } else {
1875 header('Content-Type: '.$mimetype);
1876 }
1877 header('Content-Length: '.$filesize);
1878
1879 //flush the buffers - save memory and disable sid rewrite
1880 //this also disables zlib compression
1881 prepare_file_content_sending();
1882
1883 // send the contents
1884 if ($pathisstring) {
1885 echo $path;
1886 } else {
1887 @readfile($path);
1888 }
1889
1890 } else { // Try to put the file through filters
1891 if ($mimetype == 'text/html') {
1892 $options = new stdClass();
1893 $options->noclean = true;
1894 $options->nocache = true; // temporary workaround for MDL-5136
1895 $text = $pathisstring ? $path : implode('', file($path));
1896
1897 $text = file_modify_html_header($text);
1898 $output = format_text($text, FORMAT_HTML, $options, $COURSE->id);
1899
1900 header('Content-Length: '.strlen($output));
1901 header('Content-Type: text/html');
1902
1903 //flush the buffers - save memory and disable sid rewrite
1904 //this also disables zlib compression
1905 prepare_file_content_sending();
1906
1907 // send the contents
1908 echo $output;
1909 // only filter text if filter all files is selected
1910 } else if (($mimetype == 'text/plain') and ($filter == 1)) {
1911 $options = new stdClass();
1912 $options->newlines = false;
1913 $options->noclean = true;
1914 $text = htmlentities($pathisstring ? $path : implode('', file($path)));
1915 $output = '<pre>'. format_text($text, FORMAT_MOODLE, $options, $COURSE->id) .'</pre>';
1916
1917 header('Content-Length: '.strlen($output));
1918 header('Content-Type: text/html; charset=utf-8'); //add encoding
1919
1920 //flush the buffers - save memory and disable sid rewrite
1921 //this also disables zlib compression
1922 prepare_file_content_sending();
1923
1924 // send the contents
1925 echo $output;
1926
1927 } else { // Just send it out raw
1928 header('Content-Length: '.$filesize);
1929 header('Content-Type: '.$mimetype);
1930
1931 //flush the buffers - save memory and disable sid rewrite
1932 //this also disables zlib compression
1933 prepare_file_content_sending();
1934
1935 // send the contents
1936 if ($pathisstring) {
1937 echo $path;
1938 }else {
1939 @readfile($path);
1940 }
1941 }
1942 }
1943 if ($dontdie) {
1944 return;
1945 }
1946 die; //no more chars to output!!!
1947 }
1948
1949 /**
1950 * Handles the sending of file data to the user's browser, including support for
1951 * byteranges etc.
1952 *
1953 * The $options parameter supports the following keys:
1954 * (string|null) preview - send the preview of the file (e.g. "thumb" for a thumbnail)
1955 * (string|null) filename - overrides the implicit filename
1956 * (bool) dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
1957 * if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
1958 * you must detect this case when control is returned using connection_aborted. Please not that session is closed
1959 * and should not be reopened.
1960 *
1961 * @category files
1962 * @global stdClass $CFG
1963 * @global stdClass $COURSE
1964 * @global moodle_session $SESSION
1965 * @param stored_file $stored_file local file object
1966 * @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
1967 * @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
1968 * @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
1969 * @param array $options additional options affecting the file serving
1970 * @return null script execution stopped unless $options['dontdie'] is true
1971 */
1972 function send_stored_file($stored_file, $lifetime=86400 , $filter=0, $forcedownload=false, array $options=array()) {
1973 global $CFG, $COURSE, $SESSION;
1974
1975 if (empty($options['filename'])) {
1976 $filename = null;
1977 } else {
1978 $filename = $options['filename'];
1979 }
1980
1981 if (empty($options['dontdie'])) {
1982 $dontdie = false;
1983 } else {
1984 $dontdie = true;
1985 }
1986
1987 if (!empty($options['preview'])) {
1988 // replace the file with its preview
1989 $fs = get_file_storage();
1990 $stored_file = $fs->get_file_preview($stored_file, $options['preview']);
1991 if (!$stored_file) {
1992 // unable to create a preview of the file
1993 send_header_404();
1994 die();
1995 } else {
1996 // preview images have fixed cache lifetime and they ignore forced download
1997 // (they are generated by GD and therefore they are considered reasonably safe).
1998 $lifetime = DAYSECS;
1999 $filter = 0;
2000 $forcedownload = false;
2001 }
2002 }
2003
2004 if (!$stored_file or $stored_file->is_directory()) {
2005 // nothing to serve
2006 if ($dontdie) {
2007 return;
2008 }
2009 die;
2010 }
2011
2012 if ($dontdie) {
2013 ignore_user_abort(true);
2014 }
2015
2016 session_get_instance()->write_close(); // unlock session during fileserving
2017
2018 // Use given MIME type if specified, otherwise guess it using mimeinfo.
2019 // IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
2020 // only Firefox saves all files locally before opening when content-disposition: attachment stated
2021 $filename = is_null($filename) ? $stored_file->get_filename() : $filename;
2022 $isFF = check_browser_version('Firefox', '1.5'); // only FF > 1.5 properly tested
2023 $mimetype = ($forcedownload and !$isFF) ? 'application/x-forcedownload' :
2024 ($stored_file->get_mimetype() ? $stored_file->get_mimetype() : mimeinfo('type', $filename));
2025
2026 $lastmodified = $stored_file->get_timemodified();
2027 $filesize = $stored_file->get_filesize();
2028
2029 if ($lifetime > 0 && !empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
2030 // get unixtime of request header; clip extra junk off first
2031 $since = strtotime(preg_replace('/;.*$/','',$_SERVER["HTTP_IF_MODIFIED_SINCE"]));
2032 if ($since && $since >= $lastmodified) {
2033 header('HTTP/1.1 304 Not Modified');
2034 header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
2035 header('Cache-Control: max-age='.$lifetime);
2036 header('Content-Type: '.$mimetype);
2037 if ($dontdie) {
2038 return;
2039 }
2040 die;
2041 }
2042 }
2043
2044 //do not put '@' before the next header to detect incorrect moodle configurations,
2045 //error should be better than "weird" empty lines for admins/users
2046 header('Last-Modified: '. gmdate('D, d M Y H:i:s', $lastmodified) .' GMT');
2047
2048 // if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
2049 if (check_browser_version('MSIE')) {
2050 $filename = rawurlencode($filename);
2051 }
2052
2053 if ($forcedownload) {
2054 header('Content-Disposition: attachment; filename="'.$filename.'"');
2055 } else {
2056 header('Content-Disposition: inline; filename="'.$filename.'"');
2057 }
2058
2059 if ($lifetime > 0) {
2060 header('Cache-Control: max-age='.$lifetime);
2061 header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
2062 header('Pragma: ');
2063
2064 if (empty($CFG->disablebyteserving) && $mimetype != 'text/plain' && $mimetype != 'text/html') {
2065
2066 header('Accept-Ranges: bytes');
2067
2068 if (!empty($_SERVER['HTTP_RANGE']) && strpos($_SERVER['HTTP_RANGE'],'bytes=') !== FALSE) {
2069 // byteserving stuff - for acrobat reader and download accelerators
2070 // see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
2071 // inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
2072 $ranges = false;
2073 if (preg_match_all('/(\d*)-(\d*)/', $_SERVER['HTTP_RANGE'], $ranges, PREG_SET_ORDER)) {
2074 foreach ($ranges as $key=>$value) {
2075 if ($ranges[$key][1] == '') {
2076 //suffix case
2077 $ranges[$key][1] = $filesize - $ranges[$key][2];
2078 $ranges[$key][2] = $filesize - 1;
2079 } else if ($ranges[$key][2] == '' || $ranges[$key][2] > $filesize - 1) {
2080 //fix range length
2081 $ranges[$key][2] = $filesize - 1;
2082 }
2083 if ($ranges[$key][2] != '' && $ranges[$key][2] < $ranges[$key][1]) {
2084 //invalid byte-range ==> ignore header
2085 $ranges = false;
2086 break;
2087 }
2088 //prepare multipart header
2089 $ranges[$key][0] = "\r\n--".BYTESERVING_BOUNDARY."\r\nContent-Type: $mimetype\r\n";
2090 $ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/$filesize\r\n\r\n";
2091 }
2092 } else {
2093 $ranges = false;
2094 }
2095 if ($ranges) {
2096 byteserving_send_file($stored_file->get_content_file_handle(), $mimetype, $ranges, $filesize);
2097 }
2098 }
2099 } else {
2100 /// Do not byteserve (disabled, strings, text and html files).
2101 header('Accept-Ranges: none');
2102 }
2103 } else { // Do not cache files in proxies and browsers
2104 if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
2105 header('Cache-Control: max-age=10');
2106 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
2107 header('Pragma: ');
2108 } else { //normal http - prevent caching at all cost
2109 header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
2110 header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
2111 header('Pragma: no-cache');
2112 }
2113 header('Accept-Ranges: none'); // Do not allow byteserving when caching disabled
2114 }
2115
2116 if (empty($filter)) {
2117 if ($mimetype == 'text/plain') {
2118 header('Content-Type: Text/plain; charset=utf-8'); //add encoding
2119 } else {
2120 header('Content-Type: '.$mimetype);
2121 }
2122 header('Content-Length: '.$filesize);
2123
2124 //flush the buffers - save memory and disable sid rewrite
2125 //this also disables zlib compression
2126 prepare_file_content_sending();
2127
2128 // send the contents
2129 $stored_file->readfile();
2130
2131 } else { // Try to put the file through filters
2132 if ($mimetype == 'text/html') {
2133 $options = new stdClass();
2134 $options->noclean = true;
2135 $options->nocache = true; // temporary workaround for MDL-5136
2136 $text = $stored_file->get_content();
2137 $text = file_modify_html_header($text);
2138 $output = format_text($text, FORMAT_HTML, $options, $COURSE->id);
2139
2140 header('Content-Length: '.strlen($output));
2141 header('Content-Type: text/html');
2142
2143 //flush the buffers - save memory and disable sid rewrite
2144 //this also disables zlib compression
2145 prepare_file_content_sending();
2146
2147 // send the contents
2148 echo $output;
2149
2150 } else if (($mimetype == 'text/plain') and ($filter == 1)) {
2151 // only filter text if filter all files is selected
2152 $options = new stdClass();
2153 $options->newlines = false;
2154 $options->noclean = true;
2155 $text = $stored_file->get_content();
2156 $output = '<pre>'. format_text($text, FORMAT_MOODLE, $options, $COURSE->id) .'</pre>';
2157
2158 header('Content-Length: '.strlen($output));
2159 header('Content-Type: text/html; charset=utf-8'); //add encoding
2160
2161 //flush the buffers - save memory and disable sid rewrite
2162 //this also disables zlib compression
2163 prepare_file_content_sending();
2164
2165 // send the contents
2166 echo $output;
2167
2168 } else { // Just send it out raw
2169 header('Content-Length: '.$filesize);
2170 header('Content-Type: '.$mimetype);
2171
2172 //flush the buffers - save memory and disable sid rewrite
2173 //this also disables zlib compression
2174 prepare_file_content_sending();
2175
2176 // send the contents
2177 $stored_file->readfile();
2178 }
2179 }
2180 if ($dontdie) {
2181 return;
2182 }
2183 die; //no more chars to output!!!
2184 }
2185
2186 /**
2187 * Retrieves an array of records from a CSV file and places
2188 * them into a given table structure
2189 *
2190 * @global stdClass $CFG
2191 * @global moodle_database $DB
2192 * @param string $file The path to a CSV file
2193 * @param string $table The table to retrieve columns from
2194 * @return bool|array Returns an array of CSV records or false
2195 */
2196 function get_records_csv($file, $table) {
2197 global $CFG, $DB;
2198
2199 if (!$metacolumns = $DB->get_columns($table)) {
2200 return false;
2201 }
2202
2203 if(!($handle = @fopen($file, 'r'))) {
2204 print_error('get_records_csv failed to open '.$file);
2205 }
2206
2207 $fieldnames = fgetcsv($handle, 4096);
2208 if(empty($fieldnames)) {
2209 fclose($handle);
2210 return false;
2211 }
2212
2213 $columns = array();
2214
2215 foreach($metacolumns as $metacolumn) {
2216 $ord = array_search($metacolumn->name, $fieldnames);
2217 if(is_int($ord)) {
2218 $columns[$metacolumn->name] = $ord;
2219 }
2220 }
2221
2222 $rows = array();
2223
2224 while (($data = fgetcsv($handle, 4096)) !== false) {
2225 $item = new stdClass;
2226 foreach($columns as $name => $ord) {
2227 $item->$name = $data[$ord];
2228 }
2229 $rows[] = $item;
2230 }
2231
2232 fclose($handle);
2233 return $rows;
2234 }
2235
2236 /**
2237 * Create a file with CSV contents
2238 *
2239 * @global stdClass $CFG
2240 * @global moodle_database $DB
2241 * @param string $file The file to put the CSV content into
2242 * @param array $records An array of records to write to a CSV file
2243 * @param string $table The table to get columns from
2244 * @return bool success
2245 */
2246 function put_records_csv($file, $records, $table = NULL) {
2247 global $CFG, $DB;
2248
2249 if (empty($records)) {
2250 return true;
2251 }
2252
2253 $metacolumns = NULL;
2254 if ($table !== NULL && !$metacolumns = $DB->get_columns($table)) {
2255 return false;
2256 }
2257
2258 echo "x";
2259
2260 if(!($fp = @fopen($CFG->tempdir.'/'.$file, 'w'))) {
2261 print_error('put_records_csv failed to open '.$file);
2262 }
2263
2264 $proto = reset($records);
2265 if(is_object($proto)) {
2266 $fields_records = array_keys(get_object_vars($proto));
2267 }
2268 else if(is_array($proto)) {
2269 $fields_records = array_keys($proto);
2270 }
2271 else {
2272 return false;
2273 }
2274 echo "x";
2275
2276 if(!empty($metacolumns)) {
2277 $fields_table = array_map(create_function('$a', 'return $a->name;'), $metacolumns);
2278 $fields = array_intersect($fields_records, $fields_table);
2279 }
2280 else {
2281 $fields = $fields_records;
2282 }
2283
2284 fwrite($fp, implode(',', $fields));
2285 fwrite($fp, "\r\n");
2286
2287 foreach($records as $record) {
2288 $array = (array)$record;
2289 $values = array();
2290 foreach($fields as $field) {
2291 if(strpos($array[$field], ',')) {
2292 $values[] = '"'.str_replace('"', '\"', $array[$field]).'"';
2293 }
2294 else {
2295 $values[] = $array[$field];
2296 }
2297 }
2298 fwrite($fp, implode(',', $values)."\r\n");
2299 }
2300
2301 fclose($fp);
2302 return true;
2303 }
2304
2305
2306 /**
2307 * Recursively delete the file or folder with path $location. That is,
2308 * if it is a file delete it. If it is a folder, delete all its content
2309 * then delete it. If $location does not exist to start, that is not
2310 * considered an error.
2311 *
2312 * @param string $location the path to remove.
2313 * @return bool
2314 */
2315 function fulldelete($location) {
2316 if (empty($location)) {
2317 // extra safety against wrong param
2318 return false;
2319 }
2320 if (is_dir($location)) {
2321 $currdir = opendir($location);
2322 while (false !== ($file = readdir($currdir))) {
2323 if ($file <> ".." && $file <> ".") {
2324 $fullfile = $location."/".$file;
2325 if (is_dir($fullfile)) {
2326 if (!fulldelete($fullfile)) {
2327 return false;
2328 }
2329 } else {
2330 if (!unlink($fullfile)) {
2331 return false;
2332 }
2333 }
2334 }
2335 }
2336 closedir($currdir);
2337 if (! rmdir($location)) {
2338 return false;
2339 }
2340
2341 } else if (file_exists($location)) {
2342 if (!unlink($location)) {
2343 return false;
2344 }
2345 }
2346 return true;
2347 }
2348
2349 /**
2350 * Send requested byterange of file.
2351 *
2352 * @param resource $handle A file handle
2353 * @param string $mimetype The mimetype for the output
2354 * @param array $ranges An array of ranges to send
2355 * @param string $filesize The size of the content if only one range is used
2356 * @todo MDL-31088 check if "multipart/x-byteranges" is more compatible with current readers/browsers/servers
2357 */
2358 function byteserving_send_file($handle, $mimetype, $ranges, $filesize) {
2359 $chunksize = 1*(1024*1024); // 1MB chunks - must be less than 2MB!
2360 if ($handle === false) {
2361 die;
2362 }
2363 if (count($ranges) == 1) { //only one range requested
2364 $length = $ranges[0][2] - $ranges[0][1] + 1;
2365 header('HTTP/1.1 206 Partial content');
2366 header('Content-Length: '.$length);
2367 header('Content-Range: bytes '.$ranges[0][1].'-'.$ranges[0][2].'/'.$filesize);
2368 header('Content-Type: '.$mimetype);
2369
2370 //flush the buffers - save memory and disable sid rewrite
2371 //this also disables zlib compression
2372 prepare_file_content_sending();
2373
2374 $buffer = '';
2375 fseek($handle, $ranges[0][1]);
2376 while (!feof($handle) && $length > 0) {
2377 @set_time_limit(60*60); //reset time limit to 60 min - should be enough for 1 MB chunk
2378 $buffer = fread($handle, ($chunksize < $length ? $chunksize : $length));
2379 echo $buffer;
2380 flush();
2381 $length -= strlen($buffer);
2382 }
2383 fclose($handle);
2384 die;
2385 } else { // multiple ranges requested - not tested much
2386 $totallength = 0;
2387 foreach($ranges as $range) {
2388 $totallength += strlen($range[0]) + $range[2] - $range[1] + 1;
2389 }
2390 $totallength += strlen("\r\n--".BYTESERVING_BOUNDARY."--\r\n");
2391 header('HTTP/1.1 206 Partial content');
2392 header('Content-Length: '.$totallength);
2393 header('Content-Type: multipart/byteranges; boundary='.BYTESERVING_BOUNDARY);
2394 //TODO: check if "multipart/x-byteranges" is more compatible with current readers/browsers/servers
2395
2396 //flush the buffers - save memory and disable sid rewrite
2397 //this also disables zlib compression
2398 prepare_file_content_sending();
2399
2400 foreach($ranges as $range) {
2401 $length = $range[2] - $range[1] + 1;
2402 echo $range[0];
2403 $buffer = '';
2404 fseek($handle, $range[1]);
2405 while (!feof($handle) && $length > 0) {
2406 @set_time_limit(60*60); //reset time limit to 60 min - should be enough for 1 MB chunk
2407 $buffer = fread($handle, ($chunksize < $length ? $chunksize : $length));
2408 echo $buffer;
2409 flush();
2410 $length -= strlen($buffer);
2411 }
2412 }
2413 echo "\r\n--".BYTESERVING_BOUNDARY."--\r\n";
2414 fclose($handle);
2415 die;
2416 }
2417 }
2418
2419 /**
2420 * add includes (js and css) into uploaded files
2421 * before returning them, useful for themes and utf.js includes
2422 *
2423 * @global stdClass $CFG
2424 * @param string $text text to search and replace
2425 * @return string text with added head includes
2426 * @todo MDL-21120
2427 */
2428 function file_modify_html_header($text) {
2429 // first look for <head> tag
2430 global $CFG;
2431
2432 $stylesheetshtml = '';
2433 /* foreach ($CFG->stylesheets as $stylesheet) {
2434 //TODO: MDL-21120
2435 $stylesheetshtml .= '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'" />'."\n";
2436 }*/
2437
2438 $ufo = '';
2439 if (filter_is_enabled('filter/mediaplugin')) {
2440 // this script is needed by most media filter plugins.
2441 $attributes = array('type'=>'text/javascript', 'src'=>$CFG->httpswwwroot . '/lib/ufo.js');
2442 $ufo = html_writer::tag('script', '', $attributes) . "\n";
2443 }
2444
2445 preg_match('/\<head\>|\<HEAD\>/', $text, $matches);
2446 if ($matches) {
2447 $replacement = '<head>'.$ufo.$stylesheetshtml;
2448 $text = preg_replace('/\<head\>|\<HEAD\>/', $replacement, $text, 1);
2449 return $text;
2450 }
2451
2452 // if not, look for <html> tag, and stick <head> right after
2453 preg_match('/\<html\>|\<HTML\>/', $text, $matches);
2454 if ($matches) {
2455 // replace <html> tag with <html><head>includes</head>
2456 $replacement = '<html>'."\n".'<head>'.$ufo.$stylesheetshtml.'</head>';
2457 $text = preg_replace('/\<html\>|\<HTML\>/', $replacement, $text, 1);
2458 return $text;
2459 }
2460
2461 // if not, look for <body> tag, and stick <head> before body
2462 preg_match('/\<body\>|\<BODY\>/', $text, $matches);
2463 if ($matches) {
2464 $replacement = '<head>'.$ufo.$stylesheetshtml.'</head>'."\n".'<body>';
2465 $text = preg_replace('/\<body\>|\<BODY\>/', $replacement, $text, 1);
2466 return $text;
2467 }
2468
2469 // if not, just stick a <head> tag at the beginning
2470 $text = '<head>'.$ufo.$stylesheetshtml.'</head>'."\n".$text;
2471 return $text;
2472 }
2473
2474 /**
2475 * RESTful cURL class
2476 *
2477 * This is a wrapper class for curl, it is quite easy to use:
2478 * <code>
2479 * $c = new curl;
2480 * // enable cache
2481 * $c = new curl(array('cache'=>true));
2482 * // enable cookie
2483 * $c = new curl(array('cookie'=>true));
2484 * // enable proxy
2485 * $c = new curl(array('proxy'=>true));
2486 *
2487 * // HTTP GET Method
2488 * $html = $c->get('http://example.com');
2489 * // HTTP POST Method
2490 * $html = $c->post('http://example.com/', array('q'=>'words', 'name'=>'moodle'));
2491 * // HTTP PUT Method
2492 * $html = $c->put('http://example.com/', array('file'=>'/var/www/test.txt');
2493 * </code>
2494 *
2495 * @package core_files
2496 * @category files
2497 * @copyright Dongsheng Cai <dongsheng@moodle.com>
2498 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
2499 */
2500 class curl {
2501 /** @var bool Caches http request contents */
2502 public $cache = false;
2503 /** @var bool Uses proxy */
2504 public $proxy = false;
2505 /** @var string library version */
2506 public $version = '0.4 dev';
2507 /** @var array http's response */
2508 public $response = array();
2509 /** @var array http header */
2510 public $header = array();
2511 /** @var string cURL information */
2512 public $info;
2513 /** @var string error */
2514 public $error;
2515
2516 /** @var array cURL options */
2517 private $options;
2518 /** @var string Proxy host */
2519 private $proxy_host = '';
2520 /** @var string Proxy auth */
2521 private $proxy_auth = '';
2522 /** @var string Proxy type */
2523 private $proxy_type = '';
2524 /** @var bool Debug mode on */
2525 private $debug = false;
2526 /** @var bool|string Path to cookie file */
2527 private $cookie = false;
2528
2529 /**
2530 * Constructor
2531 *
2532 * @global stdClass $CFG
2533 * @param array $options
2534 */
2535 public function __construct($options = array()){
2536 global $CFG;
2537 if (!function_exists('curl_init')) {
2538 $this->error = 'cURL module must be enabled!';
2539 trigger_error($this->error, E_USER_ERROR);
2540 return false;
2541 }
2542 // the options of curl should be init here.
2543 $this->resetopt();
2544 if (!empty($options['debug'])) {
2545 $this->debug = true;
2546 }
2547 if(!empty($options['cookie'])) {
2548 if($options['cookie'] === true) {
2549 $this->cookie = $CFG->dataroot.'/curl_cookie.txt';
2550 } else {
2551 $this->cookie = $options['cookie'];
2552 }
2553 }
2554 if (!empty($options['cache'])) {
2555 if (class_exists('curl_cache')) {
2556 if (!empty($options['module_cache'])) {
2557 $this->cache = new curl_cache($options['module_cache']);
2558 } else {
2559 $this->cache = new curl_cache('misc');
2560 }
2561 }
2562 }
2563 if (!empty($CFG->proxyhost)) {
2564 if (empty($CFG->proxyport)) {
2565 $this->proxy_host = $CFG->proxyhost;
2566 } else {
2567 $this->proxy_host = $CFG->proxyhost.':'.$CFG->proxyport;
2568 }
2569 if (!empty($CFG->proxyuser) and !empty($CFG->proxypassword)) {
2570 $this->proxy_auth = $CFG->proxyuser.':'.$CFG->proxypassword;
2571 $this->setopt(array(
2572 'proxyauth'=> CURLAUTH_BASIC | CURLAUTH_NTLM,
2573 'proxyuserpwd'=>$this->proxy_auth));
2574 }
2575 if (!empty($CFG->proxytype)) {
2576 if ($CFG->proxytype == 'SOCKS5') {
2577 $this->proxy_type = CURLPROXY_SOCKS5;
2578 } else {
2579 $this->proxy_type = CURLPROXY_HTTP;
2580 $this->setopt(array('httpproxytunnel'=>false));
2581 }
2582 $this->setopt(array('proxytype'=>$this->proxy_type));
2583 }
2584 }
2585 if (!empty($this->proxy_host)) {
2586 $this->proxy = array('proxy'=>$this->proxy_host);
2587 }
2588 }
2589 /**
2590 * Resets the CURL options that have already been set
2591 */
2592 public function resetopt(){
2593 $this->options = array();
2594 $this->options['CURLOPT_USERAGENT'] = 'MoodleBot/1.0';
2595 // True to include the header in the output
2596 $this->options['CURLOPT_HEADER'] = 0;
2597 // True to Exclude the body from the output
2598 $this->options['CURLOPT_NOBODY'] = 0;
2599 // TRUE to follow any "Location: " header that the server
2600 // sends as part of the HTTP header (note this is recursive,
2601 // PHP will follow as many "Location: " headers that it is sent,
2602 // unless CURLOPT_MAXREDIRS is set).
2603 //$this->options['CURLOPT_FOLLOWLOCATION'] = 1;
2604 $this->options['CURLOPT_MAXREDIRS'] = 10;
2605 $this->options['CURLOPT_ENCODING'] = '';
2606 // TRUE to return the transfer as a string of the return
2607 // value of curl_exec() instead of outputting it out directly.
2608 $this->options['CURLOPT_RETURNTRANSFER'] = 1;
2609 $this->options['CURLOPT_BINARYTRANSFER'] = 0;
2610 $this->options['CURLOPT_SSL_VERIFYPEER'] = 0;
2611 $this->options['CURLOPT_SSL_VERIFYHOST'] = 2;
2612 $this->options['CURLOPT_CONNECTTIMEOUT'] = 30;
2613 }
2614
2615 /**
2616 * Reset Cookie
2617 */
2618 public function resetcookie() {
2619 if (!empty($this->cookie)) {
2620 if (is_file($this->cookie)) {
2621 $fp = fopen($this->cookie, 'w');
2622 if (!empty($fp)) {
2623 fwrite($fp, '');
2624 fclose($fp);
2625 }
2626 }
2627 }
2628 }
2629
2630 /**
2631 * Set curl options
2632 *
2633 * @param array $options If array is null, this function will
2634 * reset the options to default value.
2635 */
2636 public function setopt($options = array()) {
2637 if (is_array($options)) {
2638 foreach($options as $name => $val){
2639 if (stripos($name, 'CURLOPT_') === false) {
2640 $name = strtoupper('CURLOPT_'.$name);
2641 }
2642 $this->options[$name] = $val;
2643 }
2644 }
2645 }
2646
2647 /**
2648 * Reset http method
2649 */
2650 public function cleanopt(){
2651 unset($this->options['CURLOPT_HTTPGET']);
2652 unset($this->options['CURLOPT_POST']);
2653 unset($this->options['CURLOPT_POSTFIELDS']);
2654 unset($this->options['CURLOPT_PUT']);
2655 unset($this->options['CURLOPT_INFILE']);
2656 unset($this->options['CURLOPT_INFILESIZE']);
2657 unset($this->options['CURLOPT_CUSTOMREQUEST']);
2658 }
2659
2660 /**
2661 * Set HTTP Request Header
2662 *
2663 * @param array $header
2664 */
2665 public function setHeader($header) {
2666 if (is_array($header)){
2667 foreach ($header as $v) {
2668 $this->setHeader($v);
2669 }
2670 } else {
2671 $this->header[] = $header;
2672 }
2673 }
2674
2675 /**
2676 * Set HTTP Response Header
2677 *
2678 */
2679 public function getResponse(){
2680 return $this->response;
2681 }
2682
2683 /**
2684 * private callback function
2685 * Formatting HTTP Response Header
2686 *
2687 * @param resource $ch Apparently not used
2688 * @param string $header
2689 * @return int The strlen of the header
2690 */
2691 private function formatHeader($ch, $header)
2692 {
2693 $this->count++;
2694 if (strlen($header) > 2) {
2695 list($key, $value) = explode(" ", rtrim($header, "\r\n"), 2);
2696 $key = rtrim($key, ':');
2697 if (!empty($this->response[$key])) {
2698 if (is_array($this->response[$key])){
2699 $this->response[$key][] = $value;
2700 } else {
2701 $tmp = $this->response[$key];
2702 $this->response[$key] = array();
2703 $this->response[$key][] = $tmp;
2704 $this->response[$key][] = $value;
2705
2706 }
2707 } else {
2708 $this->response[$key] = $value;
2709 }
2710 }
2711 return strlen($header);
2712 }
2713
2714 /**
2715 * Set options for individual curl instance
2716 *
2717 * @param resource $curl A curl handle
2718 * @param array $options
2719 * @return resource The curl handle
2720 */
2721 private function apply_opt($curl, $options) {
2722 // Clean up
2723 $this->cleanopt();
2724 // set cookie
2725 if (!empty($this->cookie) || !empty($options['cookie'])) {
2726 $this->setopt(array('cookiejar'=>$this->cookie,
2727 'cookiefile'=>$this->cookie
2728 ));
2729 }
2730
2731 // set proxy
2732 if (!empty($this->proxy) || !empty($options['proxy'])) {
2733 $this->setopt($this->proxy);
2734 }
2735 $this->setopt($options);
2736 // reset before set options
2737 curl_setopt($curl, CURLOPT_HEADERFUNCTION, array(&$this,'formatHeader'));
2738 // set headers
2739 if (empty($this->header)){
2740 $this->setHeader(array(
2741 'User-Agent: MoodleBot/1.0',
2742 'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
2743 'Connection: keep-alive'
2744 ));
2745 }
2746 curl_setopt($curl, CURLOPT_HTTPHEADER, $this->header);
2747
2748 if ($this->debug){
2749 echo '<h1>Options</h1>';
2750 var_dump($this->options);
2751 echo '<h1>Header</h1>';
2752 var_dump($this->header);
2753 }
2754
2755 // set options
2756 foreach($this->options as $name => $val) {
2757 if (is_string($name)) {
2758 $name = constant(strtoupper($name));
2759 }
2760 curl_setopt($curl, $name, $val);
2761 }
2762 return $curl;
2763 }
2764
2765 /**
2766 * Download multiple files in parallel
2767 *
2768 * Calls {@link multi()} with specific download headers
2769 *
2770 * <code>
2771 * $c = new curl;
2772 * $c->download(array(
2773 * array('url'=>'http://localhost/', 'file'=>fopen('a', 'wb')),
2774 * array('url'=>'http://localhost/20/', 'file'=>fopen('b', 'wb'))
2775 * ));
2776 * </code>
2777 *
2778 * @param array $requests An array of files to request
2779 * @param array $options An array of options to set
2780 * @return array An array of results
2781 */
2782 public function download($requests, $options = array()) {
2783 $options['CURLOPT_BINARYTRANSFER'] = 1;
2784 $options['RETURNTRANSFER'] = false;
2785 return $this->multi($requests, $options);
2786 }
2787
2788 /**
2789 * Mulit HTTP Requests
2790 * This function could run multi-requests in parallel.
2791 *
2792 * @param array $requests An array of files to request
2793 * @param array $options An array of options to set
2794 * @return array An array of results
2795 */
2796 protected function multi($requests, $options = array()) {
2797 $count = count($requests);
2798 $handles = array();
2799 $results = array();
2800 $main = curl_multi_init();
2801 for ($i = 0; $i < $count; $i++) {
2802 $url = $requests[$i];
2803 foreach($url as $n=>$v){
2804 $options[$n] = $url[$n];
2805 }
2806 $handles[$i] = curl_init($url['url']);
2807 $this->apply_opt($handles[$i], $options);
2808 curl_multi_add_handle($main, $handles[$i]);
2809 }
2810 $running = 0;
2811 do {
2812 curl_multi_exec($main, $running);
2813 } while($running > 0);
2814 for ($i = 0; $i < $count; $i++) {
2815 if (!empty($options['CURLOPT_RETURNTRANSFER'])) {
2816 $results[] = true;
2817 } else {
2818 $results[] = curl_multi_getcontent($handles[$i]);
2819 }
2820 curl_multi_remove_handle($main, $handles[$i]);
2821 }
2822 curl_multi_close($main);
2823 return $results;
2824 }
2825
2826 /**
2827 * Single HTTP Request
2828 *
2829 * @param string $url The URL to request
2830 * @param array $options
2831 * @return bool
2832 */
2833 protected function request($url, $options = array()){
2834 // create curl instance
2835 $curl = curl_init($url);
2836 $options['url'] = $url;
2837 $this->apply_opt($curl, $options);
2838 if ($this->cache && $ret = $this->cache->get($this->options)) {
2839 return $ret;
2840 } else {
2841 $ret = curl_exec($curl);
2842 if ($this->cache) {
2843 $this->cache->set($this->options, $ret);
2844 }
2845 }
2846
2847 $this->info = curl_getinfo($curl);
2848 $this->error = curl_error($curl);
2849
2850 if ($this->debug){
2851 echo '<h1>Return Data</h1>';
2852 var_dump($ret);
2853 echo '<h1>Info</h1>';
2854 var_dump($this->info);
2855 echo '<h1>Error</h1>';
2856 var_dump($this->error);
2857 }
2858
2859 curl_close($curl);
2860
2861 if (empty($this->error)){
2862 return $ret;
2863 } else {
2864 return $this->error;
2865 // exception is not ajax friendly
2866 //throw new moodle_exception($this->error, 'curl');
2867 }
2868 }
2869
2870 /**
2871 * HTTP HEAD method
2872 *
2873 * @see request()
2874 *
2875 * @param string $url
2876 * @param array $options
2877 * @return bool
2878 */
2879 public function head($url, $options = array()){
2880 $options['CURLOPT_HTTPGET'] = 0;
2881 $options['CURLOPT_HEADER'] = 1;
2882 $options['CURLOPT_NOBODY'] = 1;
2883 return $this->request($url, $options);
2884 }
2885
2886 /**
2887 * HTTP POST method
2888 *
2889 * @param string $url
2890 * @param array|string $params
2891 * @param array $options
2892 * @return bool
2893 */
2894 public function post($url, $params = '', $options = array()){
2895 $options['CURLOPT_POST'] = 1;
2896 if (is_array($params)) {
2897 $this->_tmp_file_post_params = array();
2898 foreach ($params as $key => $value) {
2899 if ($value instanceof stored_file) {
2900 $value->add_to_curl_request($this, $key);
2901 } else {
2902 $this->_tmp_file_post_params[$key] = $value;
2903 }
2904 }
2905 $options['CURLOPT_POSTFIELDS'] = $this->_tmp_file_post_params;
2906 unset($this->_tmp_file_post_params);
2907 } else {
2908 // $params is the raw post data
2909 $options['CURLOPT_POSTFIELDS'] = $params;
2910 }
2911 return $this->request($url, $options);
2912 }
2913
2914 /**
2915 * HTTP GET method
2916 *
2917 * @param string $url
2918 * @param array $params
2919 * @param array $options
2920 * @return bool
2921 */
2922 public function get($url, $params = array(), $options = array()){
2923 $options['CURLOPT_HTTPGET'] = 1;
2924
2925 if (!empty($params)){
2926 $url .= (stripos($url, '?') !== false) ? '&' : '?';
2927 $url .= http_build_query($params, '', '&');
2928 }
2929 return $this->request($url, $options);
2930 }
2931
2932 /**
2933 * HTTP PUT method
2934 *
2935 * @param string $url
2936 * @param array $params
2937 * @param array $options
2938 * @return bool
2939 */
2940 public function put($url, $params = array(), $options = array()){
2941 $file = $params['file'];
2942 if (!is_file($file)){
2943 return null;
2944 }
2945 $fp = fopen($file, 'r');
2946 $size = filesize($file);
2947 $options['CURLOPT_PUT'] = 1;
2948 $options['CURLOPT_INFILESIZE'] = $size;
2949 $options['CURLOPT_INFILE'] = $fp;
2950 if (!isset($this->options['CURLOPT_USERPWD'])){
2951 $this->setopt(array('CURLOPT_USERPWD'=>'anonymous: noreply@moodle.org'));
2952 }
2953 $ret = $this->request($url, $options);
2954 fclose($fp);
2955 return $ret;
2956 }
2957
2958 /**
2959 * HTTP DELETE method
2960 *
2961 * @param string $url
2962 * @param array $param
2963 * @param array $options
2964 * @return bool
2965 */
2966 public function delete($url, $param = array(), $options = array()){
2967 $options['CURLOPT_CUSTOMREQUEST'] = 'DELETE';
2968 if (!isset($options['CURLOPT_USERPWD'])) {
2969 $options['CURLOPT_USERPWD'] = 'anonymous: noreply@moodle.org';
2970 }
2971 $ret = $this->request($url, $options);
2972 return $ret;
2973 }
2974
2975 /**
2976 * HTTP TRACE method
2977 *
2978 * @param string $url
2979 * @param array $options
2980 * @return bool
2981 */
2982 public function trace($url, $options = array()){
2983 $options['CURLOPT_CUSTOMREQUEST'] = 'TRACE';
2984 $ret = $this->request($url, $options);
2985 return $ret;
2986 }
2987
2988 /**
2989 * HTTP OPTIONS method
2990 *
2991 * @param string $url
2992 * @param array $options
2993 * @return bool
2994 */
2995 public function options($url, $options = array()){
2996 $options['CURLOPT_CUSTOMREQUEST'] = 'OPTIONS';
2997 $ret = $this->request($url, $options);
2998 return $ret;
2999 }
3000
3001 /**
3002 * Get curl information
3003 *
3004 * @return string
3005 */
3006 public function get_info() {
3007 return $this->info;
3008 }
3009 }
3010
3011 /**
3012 * This class is used by cURL class, use case:
3013 *
3014 * <code>
3015 * $CFG->repositorycacheexpire = 120;
3016 * $CFG->curlcache = 120;
3017 *
3018 * $c = new curl(array('cache'=>true), 'module_cache'=>'repository');
3019 * $ret = $c->get('http://www.google.com');
3020 * </code>
3021 *
3022 * @package core_files
3023 * @copyright Dongsheng Cai <dongsheng@moodle.com>
3024 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
3025 */
3026 class curl_cache {
3027 /** @var string Path to cache directory */
3028 public $dir = '';
3029
3030 /**
3031 * Constructor
3032 *
3033 * @global stdClass $CFG
3034 * @param string $module which module is using curl_cache
3035 */
3036 function __construct($module = 'repository'){
3037 global $CFG;
3038 if (!empty($module)) {
3039 $this->dir = $CFG->cachedir.'/'.$module.'/';
3040 } else {
3041 $this->dir = $CFG->cachedir.'/misc/';
3042 }
3043 if (!file_exists($this->dir)) {
3044 mkdir($this->dir, $CFG->directorypermissions, true);
3045 }
3046 if ($module == 'repository') {
3047 if (empty($CFG->repositorycacheexpire)) {
3048 $CFG->repositorycacheexpire = 120;
3049 }
3050 $this->ttl = $CFG->repositorycacheexpire;
3051 } else {
3052 if (empty($CFG->curlcache)) {
3053 $CFG->curlcache = 120;
3054 }
3055 $this->ttl = $CFG->curlcache;
3056 }
3057 }
3058
3059 /**
3060 * Get cached value
3061 *
3062 * @global stdClass $CFG
3063 * @global stdClass $USER
3064 * @param mixed $param
3065 * @return bool|string
3066 */
3067 public function get($param){
3068 global $CFG, $USER;
3069 $this->cleanup($this->ttl);
3070 $filename = 'u'.$USER->id.'_'.md5(serialize($param));
3071 if(file_exists($this->dir.$filename)) {
3072 $lasttime = filemtime($this->dir.$filename);
3073 if(time()-$lasttime > $this->ttl)
3074 {
3075 return false;
3076 } else {
3077 $fp = fopen($this->dir.$filename, 'r');
3078 $size = filesize($this->dir.$filename);
3079 $content = fread($fp, $size);
3080 return unserialize($content);
3081 }
3082 }
3083 return false;
3084 }
3085
3086 /**
3087 * Set cache value
3088 *
3089 * @global object $CFG
3090 * @global object $USER
3091 * @param mixed $param
3092 * @param mixed $val
3093 */
3094 public function set($param, $val){
3095 global $CFG, $USER;
3096 $filename = 'u'.$USER->id.'_'.md5(serialize($param));
3097 $fp = fopen($this->dir.$filename, 'w');
3098 fwrite($fp, serialize($val));
3099 fclose($fp);
3100 }
3101
3102 /**
3103 * Remove cache files
3104 *
3105 * @param int $expire The number os seconds before expiry
3106 */
3107 public function cleanup($expire){
3108 if($dir = opendir($this->dir)){
3109 while (false !== ($file = readdir($dir))) {
3110 if(!is_dir($file) && $file != '.' && $file != '..') {
3111 $lasttime = @filemtime($this->dir.$file);
3112 if(time() - $lasttime > $expire){
3113 @unlink($this->dir.$file);
3114 }
3115 }
3116 }
3117 }
3118 }
3119 /**
3120 * delete current user's cache file
3121 *
3122 * @global object $CFG
3123 * @global object $USER
3124 */
3125 public function refresh(){
3126 global $CFG, $USER;
3127 if($dir = opendir($this->dir)){
3128 while (false !== ($file = readdir($dir))) {
3129 if(!is_dir($file) && $file != '.' && $file != '..') {
3130 if(strpos($file, 'u'.$USER->id.'_')!==false){
3131 @unlink($this->dir.$file);
3132 }
3133 }
3134 }
3135 }
3136 }
3137 }
3138
3139 /**
3140 * This class is used to parse lib/file/file_types.mm which help get file extensions by file types.
3141 *
3142 * The file_types.mm file can be edited by freemind in graphic environment.
3143 *
3144 * @package core_files
3145 * @category files
3146 * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
3147 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
3148 */
3149 class filetype_parser {
3150 /**
3151 * Check file_types.mm file, setup variables
3152 *
3153 * @global stdClass $CFG
3154 * @param string $file
3155 */
3156 public function __construct($file = '') {
3157 global $CFG;
3158 if (empty($file)) {
3159 $this->file = $CFG->libdir.'/filestorage/file_types.mm';
3160 } else {
3161 $this->file = $file;
3162 }
3163 $this->tree = array();
3164 $this->result = array();
3165 }
3166
3167 /**
3168 * A private function to browse xml nodes
3169 *
3170 * @param array $parent
3171 * @param array $types
3172 */
3173 private function _browse_nodes($parent, $types) {
3174 $key = (string)$parent['TEXT'];
3175 if(isset($parent->node)) {
3176 $this->tree[$key] = array();
3177 if (in_array((string)$parent['TEXT'], $types)) {
3178 $this->_select_nodes($parent, $this->result);
3179 } else {
3180 foreach($parent->node as $v){
3181 $this->_browse_nodes($v, $types);
3182 }
3183 }
3184 } else {
3185 $this->tree[] = $key;
3186 }
3187 }
3188
3189 /**
3190 * A private function to select text nodes
3191 *
3192 * @param array $parent
3193 */
3194 private function _select_nodes($parent){
3195 if(isset($parent->node)) {
3196 foreach($parent->node as $v){
3197 $this->_select_nodes($v, $this->result);
3198 }
3199 } else {
3200 $this->result[] = (string)$parent['TEXT'];
3201 }
3202 }
3203
3204
3205 /**
3206 * Get file extensions by file types names.
3207 *
3208 * @param array $types
3209 * @return mixed
3210 */
3211 public function get_extensions($types) {
3212 if (!is_array($types)) {
3213 $types = array($types);
3214 }
3215 $this->result = array();
3216 if ((is_array($types) && in_array('*', $types)) ||
3217 $types == '*' || empty($types)) {
3218 return array('*');
3219 }
3220 foreach ($types as $key=>$value){
3221 if (strpos($value, '.') !== false) {
3222 $this->result[] = $value;
3223 unset($types[$key]);
3224 }
3225 }
3226 if (file_exists($this->file)) {
3227 $xml = simplexml_load_file($this->file);
3228 foreach($xml->node->node as $v){
3229 if (in_array((string)$v['TEXT'], $types)) {
3230 $this->_select_nodes($v);
3231 } else {
3232 $this->_browse_nodes($v, $types);
3233 }
3234 }
3235 } else {
3236 exit('Failed to open file lib/filestorage/file_types.mm');
3237 }
3238 return $this->result;
3239 }
3240 }
3241
3242 /**
3243 * This function delegates file serving to individual plugins
3244 *
3245 * @param string $relativepath
3246 * @param bool $forcedownload
3247 * @param null|string $preview the preview mode, defaults to serving the original file
3248 * @todo MDL-31088 file serving improments
3249 */
3250 function file_pluginfile($relativepath, $forcedownload, $preview = null) {
3251 global $DB, $CFG, $USER;
3252 // relative path must start with '/'
3253 if (!$relativepath) {
3254 print_error('invalidargorconf');
3255 } else if ($relativepath[0] != '/') {
3256 print_error('pathdoesnotstartslash');
3257 }
3258
3259 // extract relative path components
3260 $args = explode('/', ltrim($relativepath, '/'));
3261
3262 if (count($args) < 3) { // always at least context, component and filearea
3263 print_error('invalidarguments');
3264 }
3265
3266 $contextid = (int)array_shift($args);
3267 $component = clean_param(array_shift($args), PARAM_COMPONENT);
3268 $filearea = clean_param(array_shift($args), PARAM_AREA);
3269
3270 list($context, $course, $cm) = get_context_info_array($contextid);
3271
3272 $fs = get_file_storage();
3273
3274 // ========================================================================================================================
3275 if ($component === 'blog') {
3276 // Blog file serving
3277 if ($context->contextlevel != CONTEXT_SYSTEM) {
3278 send_file_not_found();
3279 }
3280 if ($filearea !== 'attachment' and $filearea !== 'post') {
3281 send_file_not_found();
3282 }
3283
3284 if (empty($CFG->bloglevel)) {
3285 print_error('siteblogdisable', 'blog');
3286 }
3287
3288 $entryid = (int)array_shift($args);
3289 if (!$entry = $DB->get_record('post', array('module'=>'blog', 'id'=>$entryid))) {
3290 send_file_not_found();
3291 }
3292 if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
3293 require_login();
3294 if (isguestuser()) {
3295 print_error('noguest');
3296 }
3297 if ($CFG->bloglevel == BLOG_USER_LEVEL) {
3298 if ($USER->id != $entry->userid) {
3299 send_file_not_found();
3300 }
3301 }
3302 }
3303
3304 if ('publishstate' === 'public') {
3305 if ($CFG->forcelogin) {
3306 require_login();
3307 }
3308
3309 } else if ('publishstate' === 'site') {
3310 require_login();
3311 //ok
3312 } else if ('publishstate' === 'draft') {
3313 require_login();
3314 if ($USER->id != $entry->userid) {
3315 send_file_not_found();
3316 }
3317 }
3318
3319 $filename = array_pop($args);
3320 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3321
3322 if (!$file = $fs->get_file($context->id, $component, $filearea, $entryid, $filepath, $filename) or $file->is_directory()) {
3323 send_file_not_found();
3324 }
3325
3326 send_stored_file($file, 10*60, 0, true, array('preview' => $preview)); // download MUST be forced - security!
3327
3328 // ========================================================================================================================
3329 } else if ($component === 'grade') {
3330 if (($filearea === 'outcome' or $filearea === 'scale') and $context->contextlevel == CONTEXT_SYSTEM) {
3331 // Global gradebook files
3332 if ($CFG->forcelogin) {
3333 require_login();
3334 }
3335
3336 $fullpath = "/$context->id/$component/$filearea/".implode('/', $args);
3337
3338 if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
3339 send_file_not_found();
3340 }
3341
3342 session_get_instance()->write_close(); // unlock session during fileserving
3343 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3344
3345 } else if ($filearea === 'feedback' and $context->contextlevel == CONTEXT_COURSE) {
3346 //TODO: nobody implemented this yet in grade edit form!!
3347 send_file_not_found();
3348
3349 if ($CFG->forcelogin || $course->id != SITEID) {
3350 require_login($course);
3351 }
3352
3353 $fullpath = "/$context->id/$component/$filearea/".implode('/', $args);
3354
3355 if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
3356 send_file_not_found();
3357 }
3358
3359 session_get_instance()->write_close(); // unlock session during fileserving
3360 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3361 } else {
3362 send_file_not_found();
3363 }
3364
3365 // ========================================================================================================================
3366 } else if ($component === 'tag') {
3367 if ($filearea === 'description' and $context->contextlevel == CONTEXT_SYSTEM) {
3368
3369 // All tag descriptions are going to be public but we still need to respect forcelogin
3370 if ($CFG->forcelogin) {
3371 require_login();
3372 }
3373
3374 $fullpath = "/$context->id/tag/description/".implode('/', $args);
3375
3376 if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
3377 send_file_not_found();
3378 }
3379
3380 session_get_instance()->write_close(); // unlock session during fileserving
3381 send_stored_file($file, 60*60, 0, true, array('preview' => $preview));
3382
3383 } else {
3384 send_file_not_found();
3385 }
3386
3387 // ========================================================================================================================
3388 } else if ($component === 'calendar') {
3389 if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_SYSTEM) {
3390
3391 // All events here are public the one requirement is that we respect forcelogin
3392 if ($CFG->forcelogin) {
3393 require_login();
3394 }
3395
3396 // Get the event if from the args array
3397 $eventid = array_shift($args);
3398
3399 // Load the event from the database
3400 if (!$event = $DB->get_record('event', array('id'=>(int)$eventid, 'eventtype'=>'site'))) {
3401 send_file_not_found();
3402 }
3403 // Check that we got an event and that it's userid is that of the user
3404
3405 // Get the file and serve if successful
3406 $filename = array_pop($args);
3407 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3408 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3409 send_file_not_found();
3410 }
3411
3412 session_get_instance()->write_close(); // unlock session during fileserving
3413 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3414
3415 } else if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_USER) {
3416
3417 // Must be logged in, if they are not then they obviously can't be this user
3418 require_login();
3419
3420 // Don't want guests here, potentially saves a DB call
3421 if (isguestuser()) {
3422 send_file_not_found();
3423 }
3424
3425 // Get the event if from the args array
3426 $eventid = array_shift($args);
3427
3428 // Load the event from the database - user id must match
3429 if (!$event = $DB->get_record('event', array('id'=>(int)$eventid, 'userid'=>$USER->id, 'eventtype'=>'user'))) {
3430 send_file_not_found();
3431 }
3432
3433 // Get the file and serve if successful
3434 $filename = array_pop($args);
3435 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3436 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3437 send_file_not_found();
3438 }
3439
3440 session_get_instance()->write_close(); // unlock session during fileserving
3441 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3442
3443 } else if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_COURSE) {
3444
3445 // Respect forcelogin and require login unless this is the site.... it probably
3446 // should NEVER be the site
3447 if ($CFG->forcelogin || $course->id != SITEID) {
3448 require_login($course);
3449 }
3450
3451 // Must be able to at least view the course
3452 if (!is_enrolled($context) and !is_viewing($context)) {
3453 //TODO: hmm, do we really want to block guests here?
3454 send_file_not_found();
3455 }
3456
3457 // Get the event id
3458 $eventid = array_shift($args);
3459
3460 // Load the event from the database we need to check whether it is
3461 // a) valid course event
3462 // b) a group event
3463 // Group events use the course context (there is no group context)
3464 if (!$event = $DB->get_record('event', array('id'=>(int)$eventid, 'courseid'=>$course->id))) {
3465 send_file_not_found();
3466 }
3467
3468 // If its a group event require either membership of view all groups capability
3469 if ($event->eventtype === 'group') {
3470 if (!has_capability('moodle/site:accessallgroups', $context) && !groups_is_member($event->groupid, $USER->id)) {
3471 send_file_not_found();
3472 }
3473 } else if ($event->eventtype === 'course') {
3474 //ok
3475 } else {
3476 // some other type
3477 send_file_not_found();
3478 }
3479
3480 // If we get this far we can serve the file
3481 $filename = array_pop($args);
3482 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3483 if (!$file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename) or $file->is_directory()) {
3484 send_file_not_found();
3485 }
3486
3487 session_get_instance()->write_close(); // unlock session during fileserving
3488 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3489
3490 } else {
3491 send_file_not_found();
3492 }
3493
3494 // ========================================================================================================================
3495 } else if ($component === 'user') {
3496 if ($filearea === 'icon' and $context->contextlevel == CONTEXT_USER) {
3497 $redirect = false;
3498 if (count($args) == 1) {
3499 $themename = theme_config::DEFAULT_THEME;
3500 $filename = array_shift($args);
3501 } else {
3502 $themename = array_shift($args);
3503 $filename = array_shift($args);
3504 }
3505 if ((!empty($CFG->forcelogin) and !isloggedin()) ||
3506 (!empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser()))) {
3507 // protect images if login required and not logged in;
3508 // also if login is required for profile images and is not logged in or guest
3509 // do not use require_login() because it is expensive and not suitable here anyway
3510 $redirect = true;
3511 }
3512 if (!$redirect and ($filename !== 'f1' and $filename !== 'f2')) {
3513 $filename = 'f1';
3514 $redirect = true;
3515 }
3516 if (!$redirect && !$file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename.'/.png')) {
3517 if (!$file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename.'/.jpg')) {
3518 $redirect = true;
3519 }
3520 }
3521 if ($redirect) {
3522 $theme = theme_config::load($themename);
3523 redirect($theme->pix_url('u/'.$filename, 'moodle'));
3524 }
3525 send_stored_file($file, 60*60*24, 0, false, array('preview' => $preview)); // enable long caching, there are many images on each page
3526
3527 } else if ($filearea === 'private' and $context->contextlevel == CONTEXT_USER) {
3528 require_login();
3529
3530 if (isguestuser()) {
3531 send_file_not_found();
3532 }
3533
3534 if ($USER->id !== $context->instanceid) {
3535 send_file_not_found();
3536 }
3537
3538 $filename = array_pop($args);
3539 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3540 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
3541 send_file_not_found();
3542 }
3543
3544 session_get_instance()->write_close(); // unlock session during fileserving
3545 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
3546
3547 } else if ($filearea === 'profile' and $context->contextlevel == CONTEXT_USER) {
3548
3549 if ($CFG->forcelogin) {
3550 require_login();
3551 }
3552
3553 $userid = $context->instanceid;
3554
3555 if ($USER->id == $userid) {
3556 // always can access own
3557
3558 } else if (!empty($CFG->forceloginforprofiles)) {
3559 require_login();
3560
3561 if (isguestuser()) {
3562 send_file_not_found();
3563 }
3564
3565 // we allow access to site profile of all course contacts (usually teachers)
3566 if (!has_coursecontact_role($userid) && !has_capability('moodle/user:viewdetails', $context)) {
3567 send_file_not_found();
3568 }
3569
3570 $canview = false;
3571 if (has_capability('moodle/user:viewdetails', $context)) {
3572 $canview = true;
3573 } else {
3574 $courses = enrol_get_my_courses();
3575 }
3576
3577 while (!$canview && count($courses) > 0) {
3578 $course = array_shift($courses);
3579 if (has_capability('moodle/user:viewdetails', get_context_instance(CONTEXT_COURSE, $course->id))) {
3580 $canview = true;
3581 }
3582 }
3583 }
3584
3585 $filename = array_pop($args);
3586 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3587 if (!$file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename) or $file->is_directory()) {
3588 send_file_not_found();
3589 }
3590
3591 session_get_instance()->write_close(); // unlock session during fileserving
3592 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
3593
3594 } else if ($filearea === 'profile' and $context->contextlevel == CONTEXT_COURSE) {
3595 $userid = (int)array_shift($args);
3596 $usercontext = get_context_instance(CONTEXT_USER, $userid);
3597
3598 if ($CFG->forcelogin) {
3599 require_login();
3600 }
3601
3602 if (!empty($CFG->forceloginforprofiles)) {
3603 require_login();
3604 if (isguestuser()) {
3605 print_error('noguest');
3606 }
3607
3608 //TODO: review this logic of user profile access prevention
3609 if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
3610 print_error('usernotavailable');
3611 }
3612 if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
3613 print_error('cannotviewprofile');
3614 }
3615 if (!is_enrolled($context, $userid)) {
3616 print_error('notenrolledprofile');
3617 }
3618 if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
3619 print_error('groupnotamember');
3620 }
3621 }
3622
3623 $filename = array_pop($args);
3624 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3625 if (!$file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename) or $file->is_directory()) {
3626 send_file_not_found();
3627 }
3628
3629 session_get_instance()->write_close(); // unlock session during fileserving
3630 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
3631
3632 } else if ($filearea === 'backup' and $context->contextlevel == CONTEXT_USER) {
3633 require_login();
3634
3635 if (isguestuser()) {
3636 send_file_not_found();
3637 }
3638 $userid = $context->instanceid;
3639
3640 if ($USER->id != $userid) {
3641 send_file_not_found();
3642 }
3643
3644 $filename = array_pop($args);
3645 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3646 if (!$file = $fs->get_file($context->id, 'user', 'backup', 0, $filepath, $filename) or $file->is_directory()) {
3647 send_file_not_found();
3648 }
3649
3650 session_get_instance()->write_close(); // unlock session during fileserving
3651 send_stored_file($file, 0, 0, true, array('preview' => $preview)); // must force download - security!
3652
3653 } else {
3654 send_file_not_found();
3655 }
3656
3657 // ========================================================================================================================
3658 } else if ($component === 'coursecat') {
3659 if ($context->contextlevel != CONTEXT_COURSECAT) {
3660 send_file_not_found();
3661 }
3662
3663 if ($filearea === 'description') {
3664 if ($CFG->forcelogin) {
3665 // no login necessary - unless login forced everywhere
3666 require_login();
3667 }
3668
3669 $filename = array_pop($args);
3670 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3671 if (!$file = $fs->get_file($context->id, 'coursecat', 'description', 0, $filepath, $filename) or $file->is_directory()) {
3672 send_file_not_found();
3673 }
3674
3675 session_get_instance()->write_close(); // unlock session during fileserving
3676 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3677 } else {
3678 send_file_not_found();
3679 }
3680
3681 // ========================================================================================================================
3682 } else if ($component === 'course') {
3683 if ($context->contextlevel != CONTEXT_COURSE) {
3684 send_file_not_found();
3685 }
3686
3687 if ($filearea === 'summary') {
3688 if ($CFG->forcelogin) {
3689 require_login();
3690 }
3691
3692 $filename = array_pop($args);
3693 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3694 if (!$file = $fs->get_file($context->id, 'course', 'summary', 0, $filepath, $filename) or $file->is_directory()) {
3695 send_file_not_found();
3696 }
3697
3698 session_get_instance()->write_close(); // unlock session during fileserving
3699 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3700
3701 } else if ($filearea === 'section') {
3702 if ($CFG->forcelogin) {
3703 require_login($course);
3704 } else if ($course->id != SITEID) {
3705 require_login($course);
3706 }
3707
3708 $sectionid = (int)array_shift($args);
3709
3710 if (!$section = $DB->get_record('course_sections', array('id'=>$sectionid, 'course'=>$course->id))) {
3711 send_file_not_found();
3712 }
3713
3714 if ($course->numsections < $section->section) {
3715 if (!has_capability('moodle/course:update', $context)) {
3716 // block access to unavailable sections if can not edit course
3717 send_file_not_found();
3718 }
3719 }
3720
3721 $filename = array_pop($args);
3722 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3723 if (!$file = $fs->get_file($context->id, 'course', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
3724 send_file_not_found();
3725 }
3726
3727 session_get_instance()->write_close(); // unlock session during fileserving
3728 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3729
3730 } else {
3731 send_file_not_found();
3732 }
3733
3734 } else if ($component === 'group') {
3735 if ($context->contextlevel != CONTEXT_COURSE) {
3736 send_file_not_found();
3737 }
3738
3739 require_course_login($course, true, null, false);
3740
3741 $groupid = (int)array_shift($args);
3742
3743 $group = $DB->get_record('groups', array('id'=>$groupid, 'courseid'=>$course->id), '*', MUST_EXIST);
3744 if (($course->groupmodeforce and $course->groupmode == SEPARATEGROUPS) and !has_capability('moodle/site:accessallgroups', $context) and !groups_is_member($group->id, $USER->id)) {
3745 // do not allow access to separate group info if not member or teacher
3746 send_file_not_found();
3747 }
3748
3749 if ($filearea === 'description') {
3750
3751 require_login($course);
3752
3753 $filename = array_pop($args);
3754 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3755 if (!$file = $fs->get_file($context->id, 'group', 'description', $group->id, $filepath, $filename) or $file->is_directory()) {
3756 send_file_not_found();
3757 }
3758
3759 session_get_instance()->write_close(); // unlock session during fileserving
3760 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3761
3762 } else if ($filearea === 'icon') {
3763 $filename = array_pop($args);
3764
3765 if ($filename !== 'f1' and $filename !== 'f2') {
3766 send_file_not_found();
3767 }
3768 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.png')) {
3769 if (!$file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename.'.jpg')) {
3770 send_file_not_found();
3771 }
3772 }
3773
3774 session_get_instance()->write_close(); // unlock session during fileserving
3775 send_stored_file($file, 60*60, 0, false, array('preview' => $preview));
3776
3777 } else {
3778 send_file_not_found();
3779 }
3780
3781 } else if ($component === 'grouping') {
3782 if ($context->contextlevel != CONTEXT_COURSE) {
3783 send_file_not_found();
3784 }
3785
3786 require_login($course);
3787
3788 $groupingid = (int)array_shift($args);
3789
3790 // note: everybody has access to grouping desc images for now
3791 if ($filearea === 'description') {
3792
3793 $filename = array_pop($args);
3794 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3795 if (!$file = $fs->get_file($context->id, 'grouping', 'description', $groupingid, $filepath, $filename) or $file->is_directory()) {
3796 send_file_not_found();
3797 }
3798
3799 session_get_instance()->write_close(); // unlock session during fileserving
3800 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3801
3802 } else {
3803 send_file_not_found();
3804 }
3805
3806 // ========================================================================================================================
3807 } else if ($component === 'backup') {
3808 if ($filearea === 'course' and $context->contextlevel == CONTEXT_COURSE) {
3809 require_login($course);
3810 require_capability('moodle/backup:downloadfile', $context);
3811
3812 $filename = array_pop($args);
3813 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3814 if (!$file = $fs->get_file($context->id, 'backup', 'course', 0, $filepath, $filename) or $file->is_directory()) {
3815 send_file_not_found();
3816 }
3817
3818 session_get_instance()->write_close(); // unlock session during fileserving
3819 send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
3820
3821 } else if ($filearea === 'section' and $context->contextlevel == CONTEXT_COURSE) {
3822 require_login($course);
3823 require_capability('moodle/backup:downloadfile', $context);
3824
3825 $sectionid = (int)array_shift($args);
3826
3827 $filename = array_pop($args);
3828 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3829 if (!$file = $fs->get_file($context->id, 'backup', 'section', $sectionid, $filepath, $filename) or $file->is_directory()) {
3830 send_file_not_found();
3831 }
3832
3833 session_get_instance()->write_close();
3834 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3835
3836 } else if ($filearea === 'activity' and $context->contextlevel == CONTEXT_MODULE) {
3837 require_login($course, false, $cm);
3838 require_capability('moodle/backup:downloadfile', $context);
3839
3840 $filename = array_pop($args);
3841 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3842 if (!$file = $fs->get_file($context->id, 'backup', 'activity', 0, $filepath, $filename) or $file->is_directory()) {
3843 send_file_not_found();
3844 }
3845
3846 session_get_instance()->write_close();
3847 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3848
3849 } else if ($filearea === 'automated' and $context->contextlevel == CONTEXT_COURSE) {
3850 // Backup files that were generated by the automated backup systems.
3851
3852 require_login($course);
3853 require_capability('moodle/site:config', $context);
3854
3855 $filename = array_pop($args);
3856 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3857 if (!$file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename) or $file->is_directory()) {
3858 send_file_not_found();
3859 }
3860
3861 session_get_instance()->write_close(); // unlock session during fileserving
3862 send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
3863
3864 } else {
3865 send_file_not_found();
3866 }
3867
3868 // ========================================================================================================================
3869 } else if ($component === 'question') {
3870 require_once($CFG->libdir . '/questionlib.php');
3871 question_pluginfile($course, $context, 'question', $filearea, $args, $forcedownload);
3872 send_file_not_found();
3873
3874 // ========================================================================================================================
3875 } else if ($component === 'grading') {
3876 if ($filearea === 'description') {
3877 // files embedded into the form definition description
3878
3879 if ($context->contextlevel == CONTEXT_SYSTEM) {
3880 require_login();
3881
3882 } else if ($context->contextlevel >= CONTEXT_COURSE) {
3883 require_login($course, false, $cm);
3884
3885 } else {
3886 send_file_not_found();
3887 }
3888
3889 $formid = (int)array_shift($args);
3890
3891 $sql = "SELECT ga.id
3892 FROM {grading_areas} ga
3893 JOIN {grading_definitions} gd ON (gd.areaid = ga.id)
3894 WHERE gd.id = ? AND ga.contextid = ?";
3895 $areaid = $DB->get_field_sql($sql, array($formid, $context->id), IGNORE_MISSING);
3896
3897 if (!$areaid) {
3898 send_file_not_found();
3899 }
3900
3901 $fullpath = "/$context->id/$component/$filearea/$formid/".implode('/', $args);
3902
3903 if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
3904 send_file_not_found();
3905 }
3906
3907 session_get_instance()->write_close(); // unlock session during fileserving
3908 send_stored_file($file, 60*60, 0, $forcedownload, array('preview' => $preview));
3909 }
3910
3911 // ========================================================================================================================
3912 } else if (strpos($component, 'mod_') === 0) {
3913 $modname = substr($component, 4);
3914 if (!file_exists("$CFG->dirroot/mod/$modname/lib.php")) {
3915 send_file_not_found();
3916 }
3917 require_once("$CFG->dirroot/mod/$modname/lib.php");
3918
3919 if ($context->contextlevel == CONTEXT_MODULE) {
3920 if ($cm->modname !== $modname) {
3921 // somebody tries to gain illegal access, cm type must match the component!
3922 send_file_not_found();
3923 }
3924 }
3925
3926 if ($filearea === 'intro') {
3927 if (!plugin_supports('mod', $modname, FEATURE_MOD_INTRO, true)) {
3928 send_file_not_found();
3929 }
3930 require_course_login($course, true, $cm);
3931
3932 // all users may access it
3933 $filename = array_pop($args);
3934 $filepath = $args ? '/'.implode('/', $args).'/' : '/';
3935 if (!$file = $fs->get_file($context->id, 'mod_'.$modname, 'intro', 0, $filepath, $filename) or $file->is_directory()) {
3936 send_file_not_found();
3937 }
3938
3939 $lifetime = isset($CFG->filelifetime) ? $CFG->filelifetime : 86400;
3940
3941 // finally send the file
3942 send_stored_file($file, $lifetime, 0, false, array('preview' => $preview));
3943 }
3944
3945 $filefunction = $component.'_pluginfile';
3946 $filefunctionold = $modname.'_pluginfile';
3947 if (function_exists($filefunction)) {
3948 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3949 $filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
3950 } else if (function_exists($filefunctionold)) {
3951 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3952 $filefunctionold($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
3953 }
3954
3955 send_file_not_found();
3956
3957 // ========================================================================================================================
3958 } else if (strpos($component, 'block_') === 0) {
3959 $blockname = substr($component, 6);
3960 // note: no more class methods in blocks please, that is ....
3961 if (!file_exists("$CFG->dirroot/blocks/$blockname/lib.php")) {
3962 send_file_not_found();
3963 }
3964 require_once("$CFG->dirroot/blocks/$blockname/lib.php");
3965
3966 if ($context->contextlevel == CONTEXT_BLOCK) {
3967 $birecord = $DB->get_record('block_instances', array('id'=>$context->instanceid), '*',MUST_EXIST);
3968 if ($birecord->blockname !== $blockname) {
3969 // somebody tries to gain illegal access, cm type must match the component!
3970 send_file_not_found();
3971 }
3972 } else {
3973 $birecord = null;
3974 }
3975
3976 $filefunction = $component.'_pluginfile';
3977 if (function_exists($filefunction)) {
3978 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
3979 $filefunction($course, $birecord, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
3980 }
3981
3982 send_file_not_found();
3983
3984 // ========================================================================================================================
3985 } else if (strpos($component, '_') === false) {
3986 // all core subsystems have to be specified above, no more guessing here!
3987 send_file_not_found();
3988
3989 } else {
3990 // try to serve general plugin file in arbitrary context
3991 $dir = get_component_directory($component);
3992 if (!file_exists("$dir/lib.php")) {
3993 send_file_not_found();
3994 }
3995 include_once("$dir/lib.php");
3996
3997 $filefunction = $component.'_pluginfile';
3998 if (function_exists($filefunction)) {
3999 // if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
4000 $filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
4001 }
4002
4003 send_file_not_found();
4004 }
4005
4006 }
Read-only mirror of the Moodle CVS