MDL-15218 reset change password secret if somebody just tries to guess it; merged...
[moodle.git] / repository / ws.php
CommitLineData
0eb58cf4 1<?php
1e28c767 2set_time_limit(0);
0e8ae38e 3header("Cache-Control: no-cache, must-revalidate");
4header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
0eb58cf4 5require_once('../config.php');
6cbb4efb 6require_once('../lib/filelib.php');
0eb58cf4 7require_once('lib.php');
bf1fccf0 8// set one hour here
9$CFG->repository_cache_expire = 60*60;
55b4bb1d 10// page or path
b6558c3b 11$p = optional_param('p', '', PARAM_INT);
3e515a9f 12// opened in editor or moodleform
b6558c3b 13$env = optional_param('env', 'form', PARAM_ALPHA);
3e515a9f 14// file to download
64be2d6c 15// TODO: which type should be?
16$file = optional_param('file', '', PARAM_RAW);
3e515a9f 17// rename the file name
b6558c3b 18$title = optional_param('title', '', PARAM_FILE);
19$action = optional_param('action', '', PARAM_ALPHA);
20$search = optional_param('s', '', PARAM_CLEANHTML);
3570711a 21// id of repository
22$repo_id = optional_param('repo_id', 1, PARAM_INT);
b6558c3b 23// TODO
24// what will happen if user use a fake ctx_id?
25// Think about using $SESSION save it
f3a6f85b 26$ctx_id = optional_param('ctx_id', SITEID, PARAM_INT);
f3a6f85b 27$userid = $USER->id;
5bce5972 28
c9f9f911 29if(!$repository = repository_get_instance($repo_id))
f3a6f85b 30{
bf1fccf0 31 $err = new stdclass;
32 $err->e = get_string('invalidrepositoryid', 'repository');
33 die(json_encode($err));
0eb58cf4 34}
35
bf1fccf0 36if(file_exists($CFG->dirroot.'/repository/'.
27051e43 37 $repository->type.'/repository.class.php'))
bf1fccf0 38{
39 require_once($CFG->dirroot.'/repository/'.
27051e43 40 $repository->type.'/repository.class.php');
41 $classname = 'repository_' . $repository->type;
bf1fccf0 42 try{
b6558c3b 43 $repo = new $classname($repo_id, $ctx_id, array('ajax'=>true));
bf1fccf0 44 } catch (repository_exception $e){
45 $err = new stdclass;
46 $err->e = $e->getMessage();
3570711a 47 die(json_encode($err));
bf1fccf0 48 }
0eb58cf4 49} else {
bf1fccf0 50 $err = new stdclass;
51 $err->e = get_string('invalidplugin', 'repository');
52 die(json_encode($err));
0eb58cf4 53}
54
5fd3e8f7 55if ($action == 'list' || $action == 'search') {
bf1fccf0 56 try {
57 if(!empty($p)) {
58 echo json_encode($repo->get_listing($p));
59 } else if(!empty($search)) {
60 echo json_encode($repo->get_listing('', $search));
61 } else {
62 echo json_encode($repo->get_listing());
63 }
64 } catch (repository_exception $e) {
65 $err = new stdclass;
66 $err->e = $e->getMessage();
67 die(json_encode($err));
5bce5972 68 }
75e7a38c 69
1e28c767 70} elseif($action == 'download') {
d8eb6e18 71 $path = $repo->get_file($file, $title);
64be2d6c 72 $itemid = (int)substr(hexdec(uniqid()), 0, 9)+rand(1,100);
bf1fccf0 73 try {
49a1ce19 74 $info = repository_move_to_filepool($path, $title, $itemid);
d8eb6e18 75 if($env == 'form'){
c0fa8cba 76 echo json_encode($info);
d8eb6e18 77 } elseif($env == 'editor') {
c0fa8cba 78 echo json_encode($info);
d8eb6e18 79 } else {
6cbb4efb 80 }
bf1fccf0 81 } catch (repository_exception $e){
82 $err = new stdclass;
83 $err->e = $e->getMessage();
84 die(json_encode($err));
c2762f06 85 } catch (Exception $e) {
86 $err = new stdclass;
87 $err->e = $e->getMessage();
88 die(json_encode($err));
bf1fccf0 89 }
5fd3e8f7 90} elseif ($action == 'login') {
bf1fccf0 91 try {
92 echo json_encode($repo->print_login());
93 } catch (repository_exception $e){
94 $err = new stdclass;
95 $err->e = $e->getMessage();
96 die(json_encode($err));
97 }
0eb58cf4 98}