Home Explore Help
Register Sign In
piratas
/
moodle
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
moodle
/
draftfile.php

draftfile.php 2.5 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 
  1. <?php
    2. 

  2. 

  3. // This file is part of Moodle - http://moodle.org/
    4. 

  4. //
    5. 

  5. // Moodle is free software: you can redistribute it and/or modify
    6. 

  6. // it under the terms of the GNU General Public License as published by
    7. 

  7. // the Free Software Foundation, either version 3 of the License, or
    8. 

  8. // (at your option) any later version.
    9. 

  9. //
    10. 

  10. // Moodle is distributed in the hope that it will be useful,
    11. 

  11. // but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13. // GNU General Public License for more details.
    14. 

  14. //
    15. 

  15. // You should have received a copy of the GNU General Public License
    16. 

  16. // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
    17. 

  17. 

  18. /**
    19. 

  19.  * This script serves draft files of current user
    20. 

  20.  *
    21. 

  21.  * @package    core
    22. 

  22.  * @subpackage file
    23. 

  23.  * @copyright  2008 Petr Skoda (http://skodak.org)
    24. 

  24.  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
    25. 

  25.  */
    26. 

  26. 

  27. // disable moodle specific debug messages and any errors in output
    28. 

  28. define('NO_DEBUG_DISPLAY', true);
    29. 

  29. 

  30. require_once('config.php');
    31. 

  31. require_once('lib/filelib.php');
    32. 

  32. 

  33. require_login();
    34. 

  34. if (isguestuser()) {
    35. 

  35.     print_error('noguest');
    36. 

  36. }
    37. 

  37. 

  38. $relativepath = get_file_argument();
    39. 

  39. $preview = optional_param('preview', null, PARAM_ALPHANUM);
    40. 

  40. 

  41. // relative path must start with '/'
    42. 

  42. if (!$relativepath) {
    43. 

  43.     print_error('invalidargorconf');
    44. 

  44. } else if ($relativepath{0} != '/') {
    45. 

  45.     print_error('pathdoesnotstartslash');
    46. 

  46. }
    47. 

  47. 

  48. // extract relative path components
    49. 

  49. $args = explode('/', ltrim($relativepath, '/'));
    50. 

  50. 

  51. if (count($args) == 0) { // always at least user id
    52. 

  52.     print_error('invalidarguments');
    53. 

  53. }
    54. 

  54. 

  55. $contextid = (int)array_shift($args);
    56. 

  56. $component = array_shift($args);
    57. 

  57. $filearea  = array_shift($args);
    58. 

  58. $draftid   = (int)array_shift($args);
    59. 

  59. 

  60. if ($component !== 'user' or $filearea !== 'draft') {
    61. 

  61.     send_file_not_found();
    62. 

  62. }
    63. 

  63. 

  64. $context = context::instance_by_id($contextid);
    65. 

  65. if ($context->contextlevel != CONTEXT_USER) {
    66. 

  66.     send_file_not_found();
    67. 

  67. }
    68. 

  68. 

  69. $userid = $context->instanceid;
    70. 

  70. if ($USER->id != $userid) {
    71. 

  71.     print_error('invaliduserid');
    72. 

  72. }
    73. 

  73. 

  74. 

  75. $fs = get_file_storage();
    76. 

  76. 

  77. $relativepath = implode('/', $args);
    78. 

  78. $fullpath = "/$context->id/user/draft/$draftid/$relativepath";
    79. 

  79. 

  80. if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->get_filename() == '.') {
    81. 

  81.     send_file_not_found();
    82. 

  82. }
    83. 

  83. 

  84. // ========================================
    85. 

  85. // finally send the file
    86. 

  86. // ========================================
    87. 

  87. \core\session\manager::write_close(); // Unlock session during file serving.
    88. 

  88. send_stored_file($file, 0, false, true, array('preview' => $preview)); // force download - security first!
    89. 

  89.