Merge branch 'MDL-30646' of git://github.com/timhunt/moodle
[moodle.git] / file.php
blob55854897c5fab44fa9fde959e2a47c7c8dc03f0b
1 <?php
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 // GNU General Public License for more details.
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 /**
19 * This script fetches legacy course files in dataroot directory, it is enabled
20 * only if course->legacyfiles == 2. DO not link to this file in new code.
22 * Syntax: file.php/courseid/dir/dir/dir/filename.ext
23 * file.php/courseid/dir/dir/dir/filename.ext?forcedownload=1 (download instead of inline)
24 * file.php/courseid/dir (returns index.html from dir)
25 * Workaround: file.php?file=/courseid/dir/dir/dir/filename.ext
27 * @package core
28 * @subpackage file
29 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
30 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
33 // disable moodle specific debug messages and any errors in output
34 define('NO_DEBUG_DISPLAY', true);
36 require_once('config.php');
37 require_once('lib/filelib.php');
39 if (!isset($CFG->filelifetime)) {
40 $lifetime = 86400; // Seconds for files to remain in caches
41 } else {
42 $lifetime = $CFG->filelifetime;
45 $relativepath = get_file_argument();
46 $forcedownload = optional_param('forcedownload', 0, PARAM_BOOL);
48 // relative path must start with '/', because of backup/restore!!!
49 if (!$relativepath) {
50 print_error('invalidargorconf');
51 } else if ($relativepath{0} != '/') {
52 print_error('pathdoesnotstartslash');
55 // extract relative path components
56 $args = explode('/', ltrim($relativepath, '/'));
58 if (count($args) == 0) { // always at least courseid, may search for index.html in course root
59 print_error('invalidarguments');
62 $courseid = (int)array_shift($args);
63 $relativepath = implode('/', $args);
65 // security: limit access to existing course subdirectories
66 $course = $DB->get_record('course', array('id'=>$courseid), '*', MUST_EXIST);
68 if ($course->legacyfiles != 2) {
69 // course files disabled
70 send_file_not_found();
73 if ($course->id != SITEID) {
74 require_login($course->id, true, null, false);
76 } else if ($CFG->forcelogin) {
77 if (!empty($CFG->sitepolicy)
78 and ($CFG->sitepolicy == $CFG->wwwroot.'/file.php/'.$relativepath
79 or $CFG->sitepolicy == $CFG->wwwroot.'/file.php?file=/'.$relativepath)) {
80 //do not require login for policy file
81 } else {
82 require_login(0, true, null, false);
86 $context = get_context_instance(CONTEXT_COURSE, $course->id);
88 $fs = get_file_storage();
90 $fullpath = "/$context->id/course/legacy/0/$relativepath";
92 if (!$file = $fs->get_file_by_hash(sha1($fullpath))) {
93 if (strrpos($fullpath, '/') !== strlen($fullpath) -1 ) {
94 $fullpath .= '/';
96 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'/.'))) {
97 send_file_not_found();
100 // do not serve dirs
101 if ($file->get_filename() == '.') {
102 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'index.html'))) {
103 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'index.htm'))) {
104 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'Default.htm'))) {
105 send_file_not_found();
111 // ========================================
112 // finally send the file
113 // ========================================
114 session_get_instance()->write_close(); // unlock session during fileserving
115 send_stored_file($file, $lifetime, $CFG->filteruploadedfiles, $forcedownload);