MDL-17457 migrated all modules to new db/install.php; added upgrade.txt file for...
[moodle.git] / file.php
CommitLineData
e7f927a0 1<?php // $Id$
2 // This script fetches files from the dataroot directory
5a254a29 3 //
4 // You should use the get_file_url() function, available in lib/filelib.php, to link to file.php.
5 // This ensures proper formatting and offers useful options.
6 //
e7f927a0 7 // Syntax: file.php/courseid/dir/dir/dir/filename.ext
69faecce 8 // file.php/courseid/dir/dir/dir/filename.ext?forcedownload=1 (download instead of inline)
e7f927a0 9 // file.php/courseid/dir (returns index.html from dir)
10 // Workaround: file.php?file=/courseid/dir/dir/dir/filename.ext
48283ff6 11 // Test: file.php/testslasharguments
e7f927a0 12
feaf5d06 13
14 //TODO: Blog attachments do not have access control implemented - anybody can read them!
15 // It might be better to move the code to separate file because the access
172dd12c 16 // control is quite complex - see bolg/index.php
feaf5d06 17
822a1063 18 require_once('config.php');
4d68dff4 19 require_once('lib/filelib.php');
f9903ed0 20
f44762bd 21 if (!isset($CFG->filelifetime)) {
e7f927a0 22 $lifetime = 86400; // Seconds for files to remain in caches
6ed3da1d 23 } else {
e7f927a0 24 $lifetime = $CFG->filelifetime;
2464c592 25 }
26
7eb0b60a 27 // disable moodle specific debug messages
28 disable_debugging();
3f8247c2 29
11e7b506 30 $relativepath = get_file_argument();
69faecce 31 $forcedownload = optional_param('forcedownload', 0, PARAM_BOOL);
172dd12c 32
e7f927a0 33 // relative path must start with '/', because of backup/restore!!!
34 if (!$relativepath) {
33aa5723 35 print_error('invalidargorconf');
e7f927a0 36 } else if ($relativepath{0} != '/') {
33aa5723 37 print_error('pathdoesnotstartslash');
f9903ed0 38 }
39
e7f927a0 40 // extract relative path components
172dd12c 41 $args = explode('/', ltrim($relativepath, '/'));
42
e7f927a0 43 if (count($args) == 0) { // always at least courseid, may search for index.html in course root
33aa5723 44 print_error('invalidarguments');
55b8ac31 45 }
a4557331 46
172dd12c 47 $courseid = (int)array_shift($args);
48 $relativepath = '/'.implode('/', $args);
49
50 // security: limit access to existing course subdirectories
51 if (!$course = $DB->get_record('course', array('id'=>$courseid))) {
33aa5723 52 print_error('invalidcourseid');
76112421 53 }
21ddaf60 54
172dd12c 55 if ($course->id != SITEID) {
f4013c10 56 require_login($course->id, true, null, false);
172dd12c 57
f57cd38b 58 } else if ($CFG->forcelogin) {
90a32fd5 59 if (!empty($CFG->sitepolicy)
60 and ($CFG->sitepolicy == $CFG->wwwroot.'/file.php'.$relativepath
61 or $CFG->sitepolicy == $CFG->wwwroot.'/file.php?file='.$relativepath)) {
62 //do not require login for policy file
63 } else {
f4013c10 64 require_login(0, true, null, false);
90a32fd5 65 }
f9903ed0 66 }
67
172dd12c 68 $context = get_context_instance(CONTEXT_COURSE, $course->id);
f9903ed0 69
172dd12c 70 $fs = get_file_storage();
fd05dffe 71
172dd12c 72 $fullpath = $context->id.'course_content0'.$relativepath;
fd05dffe 73
172dd12c 74 if (!$file = $fs->get_file_by_hash(sha1($fullpath))) {
75 if (strrpos($fullpath, '/') !== strlen($fullpath) -1 ) {
76 $fullpath .= '/';
77 }
78 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'/.'))) {
9e5fa330 79 send_file_not_found();
fd05dffe 80 }
81 }
172dd12c 82 // do not serve dirs
83 if ($file->get_filename() == '.') {
84 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'index.html'))) {
85 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'index.htm'))) {
86 if (!$file = $fs->get_file_by_hash(sha1($fullpath.'Default.htm'))) {
9e5fa330 87 send_file_not_found();
172dd12c 88 }
89 }
90 }
e7f927a0 91 }
e5890e71 92
e7f927a0 93 // ========================================
94 // finally send the file
95 // ========================================
2ea55bc0 96 session_write_close(); // unlock session during fileserving
172dd12c 97 send_stored_file($file, $lifetime, $CFG->filteruploadedfiles, $forcedownload);
e7f927a0 98
172dd12c 99