e7f927a0 |
1 | <?PHP //$Id$ |
8adcb49f |
2 | //This file returns the required rss feeds |
3 | //The URL format MUST include: |
4 | // course: the course id |
e7f927a0 |
5 | // user: the user id |
6 | // name: the name of the module (forum...) |
7 | // id: the id (instance) of the module (forumid...) |
8adcb49f |
8 | //If the course has a password or it doesn't |
9 | //allow guest access then the user field is |
10 | //required to see that the user is enrolled |
11 | //in the course, else no check is performed. |
12 | //This allows to limit a bit the rss access |
13 | //to correct users. It isn't unbreakable, |
14 | //obviously, but its the best I've thought!! |
15 | |
e7f927a0 |
16 | $nomoodlecookie = true; // Because it interferes with caching |
17 | |
18 | require_once('../config.php'); |
7ade05c5 |
19 | require_once($CFG->libdir.'/filelib.php'); |
48b29ba4 |
20 | require_once($CFG->libdir.'/rsslib.php'); |
8adcb49f |
21 | |
8adcb49f |
22 | |
e7f927a0 |
23 | $lifetime = 3600; // Seconds for files to remain in caches - 1 hour |
8adcb49f |
24 | |
e7f927a0 |
25 | $relativepath = get_file_argument('file.php'); |
8adcb49f |
26 | |
e7f927a0 |
27 | if (!$relativepath) { |
28 | not_found(); |
8adcb49f |
29 | } |
30 | |
e7f927a0 |
31 | // extract relative path components |
32 | $args = explode('/', trim($relativepath, '/')); |
33 | |
be88433c |
34 | if (count($args) < 5) { |
e7f927a0 |
35 | not_found(); |
8adcb49f |
36 | } |
37 | |
e7f927a0 |
38 | $courseid = (int)$args[0]; |
39 | $userid = (int)$args[1]; |
40 | $modulename = clean_param($args[2], PARAM_FILE); |
41 | $instance = (int)$args[3]; |
c5152930 |
42 | $filename = 'rss.xml'; |
e7f927a0 |
43 | |
44 | if (!$course = get_record("course", "id", $courseid)) { |
45 | not_found(); |
8adcb49f |
46 | } |
e7f927a0 |
47 | |
c062fee6 |
48 | //Check name of module |
49 | $mods = get_list_of_plugins("mod"); |
50 | if (!in_array(strtolower($modulename), $mods)) { |
e7f927a0 |
51 | not_found(); |
8adcb49f |
52 | } |
53 | |
c0f778a2 |
54 | //Get course_module to check it's visible |
e7f927a0 |
55 | if (!$cm = get_coursemodule_from_instance($modulename,$instance,$courseid)) { |
56 | not_found(); |
c0f778a2 |
57 | } |
c0f778a2 |
58 | |
59 | $isstudent = isstudent($courseid,$userid); |
60 | $isteacher = isteacher($courseid,$userid); |
61 | |
8adcb49f |
62 | //Check for "security" if !course->guest or course->password |
56e8032e |
63 | if ($course->id != SITEID) { |
64 | if ((!$course->guest || $course->password) && (!($isstudent || $isteacher))) { |
65 | not_found(); |
66 | } |
c0f778a2 |
67 | } |
68 | |
69 | //Check for "security" if the course is hidden or the activity is hidden |
e7f927a0 |
70 | if ((!$course->visible || !$cm->visible) && (!$isteacher)) { |
71 | not_found(); |
8adcb49f |
72 | } |
73 | |
c5152930 |
74 | $pathname = $CFG->dataroot.'/rss/'.$modulename.'/'.$instance.'.xml'; |
8adcb49f |
75 | |
e7f927a0 |
76 | //Check that file exists |
77 | if (!file_exists($pathname)) { |
78 | not_found(); |
8adcb49f |
79 | } |
80 | |
e7f927a0 |
81 | //Send it to user! |
82 | send_file($pathname, $filename, $lifetime); |
83 | |
84 | function not_found() { |
85 | /// error, send some XML with error message |
be88433c |
86 | global $lifetime, $filename; |
87 | send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true); |
e7f927a0 |
88 | } |
8adcb49f |
89 | ?> |