[moodle.git] / repository / repository_ajax.php

<?php

/// The Web service script that is called from the filepicker front end

    require_once('../config.php');
    require_once('../lib/filelib.php');
    require_once('lib.php');
    require_login();

/// Parameters
    $action =    optional_param('action', '', PARAM_ALPHA);
    $callback  = optional_param('callback', '', PARAM_CLEANHTML);
    $client_id = optional_param('client_id', SITEID, PARAM_RAW);    // client ID
    $contextid = optional_param('ctx_id', SITEID, PARAM_INT);       // context ID
    $env   =     optional_param('env', 'filepicker', PARAM_ALPHA);  // opened in editor or moodleform
    $file  =     optional_param('file', '', PARAM_RAW);             // file to download
    $title =     optional_param('title', '', PARAM_FILE);           // new file name
    $itemid =    optional_param('itemid', '', PARAM_INT);
    $page  =     optional_param('page', '', PARAM_RAW);             // page
    $repo_id   = optional_param('repo_id', 1, PARAM_INT);           // repository ID
    $req_path  = optional_param('p', '', PARAM_RAW);                // path
    $save_path = optional_param('savepath', '/', PARAM_PATH);
    $search_text = optional_param('s', '', PARAM_CLEANHTML);

/// Headers to make it not cacheable
    header("Cache-Control: no-cache, must-revalidate");
    header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
    $err = new stdclass;
    $err->client_id = $client_id;

/// Check permissions
    if (! (isloggedin() && repository::check_context($contextid)) ) {
        $err->e = get_string('nopermissiontoaccess', 'repository');
        die(json_encode($err));
    }

/// Wait as long as it takes for this script to finish
    set_time_limit(0);

/// Check for actions that do not need repository ID
    switch ($action) {
        // delete a file from filemanger
        case 'delete':
            try {
                if (!$context = get_context_instance(CONTEXT_USER, $USER->id)) {
                }
                $contextid = $context->id;
                $fs = get_file_storage();
                if ($file = $fs->get_file($contextid, 'user_draft', $itemid, '/', $title)) {
                    if($result = $file->delete()) {
                        echo $client_id;
                    } else {
                        echo '';
                    }
                } else {
                    echo '';
                }
                exit;
            } catch (repository_exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'gsearch':     //  Global Search
            $repos = repository::get_instances(array(get_context_instance_by_id($contextid), get_system_context()));
            $list = array();
            foreach($repos as $repo){
                if ($repo->global_search()) {
                    try {
                        $ret = $repo->search($search_text);
                        array_walk($ret['list'], 'repository_attach_id', $repo->id);  // See function below
                        $tmp = array_merge($list, $ret['list']);
                        $list = $tmp;
                    } catch (repository_exception $e) {
                        $err->e = $e->getMessage();
                        die(json_encode($err));
                    }
                }
            }
            $listing = array('list'=>$list);
            $listing['gsearch'] = true;
            $listing['client_id'] = $client_id;
            die(json_encode($listing));
            break;

        case 'ccache':      // Clean cache
            $cache = new curl_cache;
            $cache->refresh();
            $action = 'list';
            break;
    }

/// Get repository instance information
    $sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
           'WHERE i.id=? AND i.typeid=r.id';
    if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
        $err->e = get_string('invalidrepositoryid', 'repository');
        die(json_encode($err));
    } else {
        $type = $repository->type;
    }

    if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
        require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
        $classname = 'repository_' . $type;
        try {
            $repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type, 'client_id'=>$client_id));
        } catch (repository_exception $e){
            $err->e = $e->getMessage();
            die(json_encode($err));
        }
    } else {
        $err->e = get_string('invalidplugin', 'repository', $type);
        die(json_encode($err));
    }

    if (!empty($callback)) {
        // call opener window to refresh repository
        // the callback url should be something like this:
        // http://xx.moodle.com/repository/ws.php?callback=yes&repo_id=1&sid=xxx
        // sid is the attached auth token from external source
        // If Moodle is working on HTTPS mode, then we are not allowed to access
        // parent window, in this case, we need to alert user to refresh the repository
        // manually.
        $strhttpsbug = get_string('cannotaccessparentwin', 'repository');
        $strrefreshnonjs = get_string('refreshnonjsfilepicker', 'repository');
        $js  =<<<EOD
<html><head>
<script type="text/javascript">
if(window.opener){
    window.opener.repository_callback($repo_id);
    window.close();
} else {
    alert("{$strhttpsbug }");
}
</script>
<body>
<noscript>
{$strrefreshnonjs}
</noscript>
</body>
</html>
EOD;
        echo $js;
        die;
    }


/// These actions all occur on the currently active repository instance
    switch ($action) {
        case 'sign':
        case 'list':
            if ($repo->check_login()) {
                try {
                    $listing = $repo->get_listing($req_path, $page);
                    $listing['client_id'] = $client_id;
                    $listing['repo_id'] = $repo_id;
                    echo json_encode($listing);
                } catch (repository_exception $e) {
                    $err->e = $e->getMessage();
                    die(json_encode($err));
                }
                break;
            } else {
                $action = 'login';
            }
        case 'login':
            try {
                $listing = $repo->print_login();
                $listing['client_id'] = $client_id;
                $listing['repo_id'] = $repo_id;
                echo json_encode($listing);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'logout':
            $logout = $repo->logout();
            $logout['client_id'] = $client_id;
            $logout['repo_id'] = $repo_id;
            echo json_encode($logout);
            break;
        case 'searchform':
            $search_form['form'] = $repo->print_search($client_id);
            $search_form['client_id'] = $client_id;
            echo json_encode($search_form);
            break;
        case 'search':
            try {
                $search_result = $repo->search($search_text);
                $search_result['search_result'] = true;
                $search_result['client_id'] = $client_id;
                $search_result['repo_id'] = $repo_id;
                echo json_encode($search_result);
            } catch (repository_exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'download':
            try {
                if ($env == 'url' /* TODO: or request_external_url by user */) {
                    if (preg_match('#(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)#', $file)) {
                        die(json_encode(array('type'=>'link', 'client_id'=>$client_id,
                            'url'=>$file, 'id'=>$file, 'file'=>$file)));
                    } else {
                        $err->e = get_string('invalidurl');
                        die(json_encode($err));
                    }
                }
                // we have two special repoisitory type need to deal with
                if ($repo->options['type'] == 'local' or $repo->options['type'] == 'draft') {
                    $fileinfo = $repo->move_to_draft($file, $title, $itemid, $save_path);
                    $info = array();
                    $info['client_id'] = $client_id;
                    $info['file'] = $fileinfo['title'];
                    $info['id'] = $itemid;
                    $info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user_draft/'.$itemid.'/'.$fileinfo['title'];
                    die(json_encode($info));
                }

                $filepath = $repo->get_file($file, $title, $itemid, $save_path);
                if ($filepath === false) {
                    $err->e = get_string('cannotdownload', 'repository');
                    die(json_encode($err));
                }
                $info = repository::move_to_filepool($filepath, $title, $itemid, $save_path);
                $info['client_id'] = $client_id;
                echo json_encode($info);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            } catch (Exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'upload':
            try {
                $upload = $repo->get_listing();
                $upload['client_id'] = $client_id;
                echo json_encode($upload);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
    }

/**
 * Small function to walk an array to attach repository ID
 */
function repository_attach_id(&$value, $key, $id){
    $value['repo_id'] = $id;
}
Commit	Line	Data
aa6c1ced	1	<?php
5bce5972	2
d0f8585d	3	/// The Web service script that is called from the filepicker front end
455860ce	4
d0f8585d	5	require_once('../config.php');
	6	require_once('../lib/filelib.php');
	7	require_once('lib.php');
d1bfc05e	8	require_login();
cf493e89	9
d0f8585d	10	/// Parameters
add6e27d	11	$action = optional_param('action', '', PARAM_ALPHA);
add6e27d	12	$callback = optional_param('callback', '', PARAM_CLEANHTML);
e189ec00	13	$client_id = optional_param('client_id', SITEID, PARAM_RAW); // client ID
a560785f	14	$contextid = optional_param('ctx_id', SITEID, PARAM_INT); // context ID
	15	$env = optional_param('env', 'filepicker', PARAM_ALPHA); // opened in editor or moodleform
	16	$file = optional_param('file', '', PARAM_RAW); // file to download
	17	$title = optional_param('title', '', PARAM_FILE); // new file name
add6e27d	18	$itemid = optional_param('itemid', '', PARAM_INT);
a560785f	19	$page = optional_param('page', '', PARAM_RAW); // page
	20	$repo_id = optional_param('repo_id', 1, PARAM_INT); // repository ID
	21	$req_path = optional_param('p', '', PARAM_RAW); // path
e5fa0e8d	22	$save_path = optional_param('savepath', '/', PARAM_PATH);
353d5cf3	23	$search_text = optional_param('s', '', PARAM_CLEANHTML);
455860ce	24
577aab9b	25	/// Headers to make it not cacheable
	26	header("Cache-Control: no-cache, must-revalidate");
	27	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
e189ec00	28	$err = new stdclass;
e189ec00	29	$err->client_id = $client_id;
0eb58cf4	30
d0f8585d	31	/// Check permissions
add6e27d	32	if (! (isloggedin() && repository::check_context($contextid)) ) {
d0f8585d	33	$err->e = get_string('nopermissiontoaccess', 'repository');
3570711a	34	die(json_encode($err));
bf1fccf0	35	}
0eb58cf4	36
577aab9b	37	/// Wait as long as it takes for this script to finish
	38	set_time_limit(0);
	39
d0f8585d	40	/// Check for actions that do not need repository ID
d0f8585d	41	switch ($action) {
b423b4af	42	// delete a file from filemanger
	43	case 'delete':
	44	try {
	45	if (!$context = get_context_instance(CONTEXT_USER, $USER->id)) {
	46	}
	47	$contextid = $context->id;
	48	$fs = get_file_storage();
	49	if ($file = $fs->get_file($contextid, 'user_draft', $itemid, '/', $title)) {
5e98ab96	50	if($result = $file->delete()) {
6b0fae57	51	echo $client_id;
5e98ab96	52	} else {
	53	echo '';
	54	}
b423b4af	55	} else {
	56	echo '';
	57	}
	58	exit;
	59	} catch (repository_exception $e) {
b423b4af	60	$err->e = $e->getMessage();
	61	die(json_encode($err));
	62	}
	63	break;
d0f8585d	64	case 'gsearch': // Global Search
add6e27d	65	$repos = repository::get_instances(array(get_context_instance_by_id($contextid), get_system_context()));
d0f8585d	66	$list = array();
	67	foreach($repos as $repo){
	68	if ($repo->global_search()) {
	69	try {
353d5cf3	70	$ret = $repo->search($search_text);
d0f8585d	71	array_walk($ret['list'], 'repository_attach_id', $repo->id); // See function below
	72	$tmp = array_merge($list, $ret['list']);
	73	$list = $tmp;
	74	} catch (repository_exception $e) {
d0f8585d	75	$err->e = $e->getMessage();
	76	die(json_encode($err));
	77	}
	78	}
	79	}
e189ec00	80	$listing = array('list'=>$list);
fc3ec2ca	81	$listing['gsearch'] = true;
e189ec00	82	$listing['client_id'] = $client_id;
e189ec00	83	die(json_encode($listing));
d0f8585d	84	break;
	85
	86	case 'ccache': // Clean cache
e189ec00	87	$cache = new curl_cache;
d0f8585d	88	$cache->refresh();
	89	$action = 'list';
	90	break;
cf493e89	91	}
d0f8585d	92
	93	/// Get repository instance information
	94	$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
b7bad38b	95	'WHERE i.id=? AND i.typeid=r.id';
b7bad38b	96	if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
d0f8585d	97	$err->e = get_string('invalidrepositoryid', 'repository');
fbd508b4	98	die(json_encode($err));
d0f8585d	99	} else {
d0f8585d	100	$type = $repository->type;
fbd508b4	101	}
d0f8585d	102
	103	if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
	104	require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
	105	$classname = 'repository_' . $type;
	106	try {
41076c58	107	$repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type, 'client_id'=>$client_id));
d0f8585d	108	} catch (repository_exception $e){
d0f8585d	109	$err->e = $e->getMessage();
d0f8585d	110	die(json_encode($err));
bf1fccf0	111	}
d0f8585d	112	} else {
3a90e17e	113	$err->e = get_string('invalidplugin', 'repository', $type);
bf1fccf0	114	die(json_encode($err));
5bce5972	115	}
d0f8585d	116
	117	if (!empty($callback)) {
	118	// call opener window to refresh repository
	119	// the callback url should be something like this:
	120	// http://xx.moodle.com/repository/ws.php?callback=yes&repo_id=1&sid=xxx
	121	// sid is the attached auth token from external source
a06878d3	122	// If Moodle is working on HTTPS mode, then we are not allowed to access
	123	// parent window, in this case, we need to alert user to refresh the repository
	124	// manually.
d1bfc05e	125	$strhttpsbug = get_string('cannotaccessparentwin', 'repository');
d1bfc05e	126	$strrefreshnonjs = get_string('refreshnonjsfilepicker', 'repository');
d0f8585d	127	$js =<<<EOD
5e98ab96	128	<html><head>
5e98ab96	129	<script type="text/javascript">
a06878d3	130	if(window.opener){
d0f8585d	131	window.opener.repository_callback($repo_id);
d0f8585d	132	window.close();
a06878d3	133	} else {
d1bfc05e	134	alert("{$strhttpsbug }");
a06878d3	135	}
5e98ab96	136	</script>
	137	<body>
	138	<noscript>
d1bfc05e	139	{$strrefreshnonjs}
5e98ab96	140	</noscript>
	141	</body>
	142	</html>
d0f8585d	143	EOD;
	144	echo $js;
	145	die;
bf1fccf0	146	}
d0f8585d	147
	148
	149	/// These actions all occur on the currently active repository instance
	150	switch ($action) {
d68c527f	151	case 'sign':
	152	case 'list':
	153	if ($repo->check_login()) {
	154	try {
e189ec00	155	$listing = $repo->get_listing($req_path, $page);
	156	$listing['client_id'] = $client_id;
	157	$listing['repo_id'] = $repo_id;
	158	echo json_encode($listing);
d68c527f	159	} catch (repository_exception $e) {
d68c527f	160	$err->e = $e->getMessage();
	161	die(json_encode($err));
	162	}
	163	break;
	164	} else {
	165	$action = 'login';
	166	}
d0f8585d	167	case 'login':
d0f8585d	168	try {
e189ec00	169	$listing = $repo->print_login();
	170	$listing['client_id'] = $client_id;
	171	$listing['repo_id'] = $repo_id;
	172	echo json_encode($listing);
d0f8585d	173	} catch (repository_exception $e){
d0f8585d	174	$err->e = $e->getMessage();
	175	die(json_encode($err));
	176	}
	177	break;
d68c527f	178	case 'logout':
e189ec00	179	$logout = $repo->logout();
e189ec00	180	$logout['client_id'] = $client_id;
870f4b56	181	$logout['repo_id'] = $repo_id;
e189ec00	182	echo json_encode($logout);
d68c527f	183	break;
d68c527f	184	case 'searchform':
d1bfc05e	185	$search_form['form'] = $repo->print_search($client_id);
b763c2d9	186	$search_form['client_id'] = $client_id;
b763c2d9	187	echo json_encode($search_form);
d68c527f	188	break;
d0f8585d	189	case 'search':
d0f8585d	190	try {
6ecf0dfa	191	$search_result = $repo->search($search_text);
eff65f0f	192	$search_result['search_result'] = true;
e189ec00	193	$search_result['client_id'] = $client_id;
e189ec00	194	$search_result['repo_id'] = $repo_id;
6ecf0dfa	195	echo json_encode($search_result);
d0f8585d	196	} catch (repository_exception $e) {
d0f8585d	197	$err->e = $e->getMessage();
	198	die(json_encode($err));
	199	}
	200	break;
d0f8585d	201	case 'download':
d0f8585d	202	try {
41076c58 DC	203	if ($env == 'url' /* TODO: or request_external_url by user */) {
	204	if (preg_match('#(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)#', $file)) {
	205	die(json_encode(array('type'=>'link', 'client_id'=>$client_id,
	206	'url'=>$file, 'id'=>$file, 'file'=>$file)));
	207	} else {
	208	$err->e = get_string('invalidurl');
	209	die(json_encode($err));
	210	}
7b58fb41	211	}
41076c58 DC	212	// we have two special repoisitory type need to deal with
	213	if ($repo->options['type'] == 'local' or $repo->options['type'] == 'draft') {
	214	$fileinfo = $repo->move_to_draft($file, $title, $itemid, $save_path);
add6e27d	215	$info = array();
	216	$info['client_id'] = $client_id;
	217	$info['file'] = $fileinfo['title'];
	218	$info['id'] = $itemid;
	219	$info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user_draft/'.$itemid.'/'.$fileinfo['title'];
41076c58 DC	220	die(json_encode($info));
	221	}
	222
	223	$filepath = $repo->get_file($file, $title, $itemid, $save_path);
	224	if ($filepath === false) {
	225	$err->e = get_string('cannotdownload', 'repository');
	226	die(json_encode($err));
d0f8585d	227	}
41076c58 DC	228	$info = repository::move_to_filepool($filepath, $title, $itemid, $save_path);
	229	$info['client_id'] = $client_id;
	230	echo json_encode($info);
d0f8585d	231	} catch (repository_exception $e){
d0f8585d	232	$err->e = $e->getMessage();
	233	die(json_encode($err));
	234	} catch (Exception $e) {
d0f8585d	235	$err->e = $e->getMessage();
	236	die(json_encode($err));
	237	}
	238	break;
	239	case 'upload':
	240	try {
e189ec00	241	$upload = $repo->get_listing();
	242	$upload['client_id'] = $client_id;
	243	echo json_encode($upload);
d0f8585d	244	} catch (repository_exception $e){
d0f8585d	245	$err->e = $e->getMessage();
	246	die(json_encode($err));
	247	}
	248	break;
5a3b9db9	249	}
d0f8585d	250
	251	/**
	252	* Small function to walk an array to attach repository ID
	253	*/
	254	function repository_attach_id(&$value, $key, $id){
	255	$value['repo_id'] = $id;
0eb58cf4	256	}