[moodle.git] / rss / file.php

<?PHP
    //This file returns the required rss feeds
    //The URL format MUST include:
    //    context: the context id
    //    user:   the user id
    //    name:   the name of the module (forum...)
    //    id:     the id (instance) of the module (forumid...)
    //If the course has a password or it doesn't
    //allow guest access then the user field is
    //required to see that the user is enrolled
    //in the course, else no check is performed.
    //This allows to limit a bit the rss access
    //to correct users. It isn't unbreakable,
    //obviously, but its the best I've thought!!

// disable moodle specific debug messages and any errors in output
define('NO_DEBUG_DISPLAY', true);//comment this out to see any error messages during RSS generation

// session not used here
define('NO_MOODLE_COOKIES', true);

require_once('../config.php');
require_once($CFG->libdir.'/filelib.php');
require_once($CFG->libdir.'/rsslib.php');

//Check RSS feeds are enabled
if (empty($CFG->enablerssfeeds)) {
    debugging('DISABLED (admin variables)');
    rss_not_found();
}

$lifetime = 3600;  // Seconds for files to remain in caches - 1 hour
$filename   = 'rss.xml';

// this is a big one big hack - NO_MOODLE_COOKIES is not compatible with capabilities MDL-7243
// it should be replaced once we get to codes in urls

$relativepath = get_file_argument();
if (!$relativepath) {
    rss_not_found();
}

// extract relative path components
$args = explode('/', trim($relativepath, '/'));
if (count($args) < 5) {
    rss_not_found();
}

$contextid   = (int)$args[0];
$token  = $args[1];
$modulename = clean_param($args[2], PARAM_FILE);
$instance   = $args[3];

$userid = rss_get_userid_from_token($token);
if (!$userid) {
    rss_not_authenticated();
}
$user = get_complete_user_data('id', $userid);
session_set_user($user);

//Set context
$context = get_context_instance_by_id($contextid);
if (!$context) {
    rss_not_found();
}
$PAGE->set_context($context);

//Get course from context
//TODO: note that in the case of the hub rss feed, the feed is not related to a course context,
//it is more a "site" context. The Hub RSS bypass the following line using context id = 2
$coursecontext = get_course_context($context);
$course = $DB->get_record('course', array('id' => $coursecontext->instanceid), '*', MUST_EXIST);

$pathname = null;

switch ($modulename) {
    case 'blog':
        $blogid = (int) $args[4];  // could be groupid / courseid  / userid  depending on $instance
        if ($args[5] != 'rss.xml') {
            $tagid = (int) $args[5];
        } else {
            $tagid = 0;
        }

        try {
            require_login($course, false, NULL, false, true);
        } catch (Exception $e) {
            rss_not_found();
        }

        //Work out the filename of the cached RSS file
        require_once($CFG->dirroot . '/blog/rsslib.php');
        $pathname = blog_generate_rss_feed($instance, $blogid, $tagid);
        break;

    case 'local_hub': //Note: I made this case generic for a probable futur refactor.
        // rss/file.php should not handle individual cases.
        //Here $modulename contain the folder path with '_' instead of '/'
        
        //Work out the filename of the cached RSS file
        $functionname = $modulename . '_rss_get_feed';
        $modulepath = str_replace('_', '/', $modulename);
        require_once($CFG->dirroot . '/' . $modulepath . '/rsslib.php');
        if (function_exists($functionname)) {
            $pathname = $functionname($args); //All the xxx_rss_get_feed() could manage
            // eveything with only $args parameter.
        }
        break;

    default:
        $instance = (int) $instance;

        $mods = get_plugin_list('mod');
        $mods = array_keys($mods);
        if (!in_array(strtolower($modulename), $mods)) {
            rss_not_found();
        }
        try {
            $cm = get_coursemodule_from_instance($modulename, $instance, 0, false, MUST_EXIST);
            require_login($course, false, $cm, false, true);
        } catch (Exception $e) {
            rss_not_found();
        }

        //Work out the filename of the cached RSS file
        $functionname = $cm->modname . '_rss_get_feed';
        require_once($CFG->dirroot . "/mod/{$cm->modname}/rsslib.php");
        if (function_exists($functionname)) {
            $pathname = $functionname($context, $cm, $instance, $args);
        }
        break;
}

//Check that file exists
if (empty($pathname) || !file_exists($pathname)) {
    rss_not_found();
}

//rss_update_token_last_access($USER->id);

//Send it to user!
send_file($pathname, $filename, $lifetime);

function rss_not_found() {
    /// error, send some XML with error message
    global $lifetime, $filename;
    send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true);
}

function rss_not_authenticated() {
    global $lifetime, $filename;
    send_file(rss_geterrorxmlfile('rsserrorauth'), $filename, $lifetime, false, true);
}
Commit	Line	Data
2e9b772f	1	<?PHP
8adcb49f	2	//This file returns the required rss feeds
8adcb49f	3	//The URL format MUST include:
fcce139a	4	// context: the context id
e7f927a0	5	// user: the user id
	6	// name: the name of the module (forum...)
	7	// id: the id (instance) of the module (forumid...)
8adcb49f	8	//If the course has a password or it doesn't
7fe0ce4e	9	//allow guest access then the user field is
8adcb49f	10	//required to see that the user is enrolled
	11	//in the course, else no check is performed.
	12	//This allows to limit a bit the rss access
	13	//to correct users. It isn't unbreakable,
	14	//obviously, but its the best I've thought!!
	15
2e9b772f	16	// disable moodle specific debug messages and any errors in output
fcce139a AD	17	define('NO_DEBUG_DISPLAY', true);//comment this out to see any error messages during RSS generation
	18
	19	// session not used here
30d24538	20	define('NO_MOODLE_COOKIES', true);
fcce139a AD	21
	22	require_once('../config.php');
	23	require_once($CFG->libdir.'/filelib.php');
	24	require_once($CFG->libdir.'/rsslib.php');
	25
	26	//Check RSS feeds are enabled
	27	if (empty($CFG->enablerssfeeds)) {
	28	debugging('DISABLED (admin variables)');
	29	rss_not_found();
	30	}
	31
	32	$lifetime = 3600; // Seconds for files to remain in caches - 1 hour
	33	$filename = 'rss.xml';
	34
	35	// this is a big one big hack - NO_MOODLE_COOKIES is not compatible with capabilities MDL-7243
	36	// it should be replaced once we get to codes in urls
	37
	38	$relativepath = get_file_argument();
	39	if (!$relativepath) {
	40	rss_not_found();
	41	}
	42
	43	// extract relative path components
	44	$args = explode('/', trim($relativepath, '/'));
	45	if (count($args) < 5) {
	46	rss_not_found();
	47	}
	48
	49	$contextid = (int)$args[0];
	50	$token = $args[1];
	51	$modulename = clean_param($args[2], PARAM_FILE);
	52	$instance = $args[3];
	53
	54	$userid = rss_get_userid_from_token($token);
	55	if (!$userid) {
	56	rss_not_authenticated();
	57	}
	58	$user = get_complete_user_data('id', $userid);
	59	session_set_user($user);
	60
e417be4c	61	//Set context
fcce139a AD	62	$context = get_context_instance_by_id($contextid);
	63	if (!$context) {
	64	rss_not_found();
	65	}
	66	$PAGE->set_context($context);
	67
e417be4c	68	//Get course from context
	69	//TODO: note that in the case of the hub rss feed, the feed is not related to a course context,
	70	//it is more a "site" context. The Hub RSS bypass the following line using context id = 2
fcce139a AD	71	$coursecontext = get_course_context($context);
	72	$course = $DB->get_record('course', array('id' => $coursecontext->instanceid), '*', MUST_EXIST);
	73
fcce139a	74	$pathname = null;
e417be4c	75
	76	switch ($modulename) {
	77	case 'blog':
	78	$blogid = (int) $args[4]; // could be groupid / courseid / userid depending on $instance
	79	if ($args[5] != 'rss.xml') {
	80	$tagid = (int) $args[5];
	81	} else {
	82	$tagid = 0;
	83	}
	84
	85	try {
	86	require_login($course, false, NULL, false, true);
	87	} catch (Exception $e) {
	88	rss_not_found();
	89	}
	90
	91	//Work out the filename of the cached RSS file
	92	require_once($CFG->dirroot . '/blog/rsslib.php');
	93	$pathname = blog_generate_rss_feed($instance, $blogid, $tagid);
	94	break;
	95
	96	case 'local_hub': //Note: I made this case generic for a probable futur refactor.
	97	// rss/file.php should not handle individual cases.
	98	//Here $modulename contain the folder path with '_' instead of '/'
	99
	100	//Work out the filename of the cached RSS file
	101	$functionname = $modulename . '_rss_get_feed';
	102	$modulepath = str_replace('_', '/', $modulename);
	103	require_once($CFG->dirroot . '/' . $modulepath . '/rsslib.php');
	104	if (function_exists($functionname)) {
	105	$pathname = $functionname($args); //All the xxx_rss_get_feed() could manage
	106	// eveything with only $args parameter.
	107	}
	108	break;
	109
	110	default:
	111	$instance = (int) $instance;
	112
	113	$mods = get_plugin_list('mod');
	114	$mods = array_keys($mods);
	115	if (!in_array(strtolower($modulename), $mods)) {
	116	rss_not_found();
	117	}
	118	try {
	119	$cm = get_coursemodule_from_instance($modulename, $instance, 0, false, MUST_EXIST);
	120	require_login($course, false, $cm, false, true);
	121	} catch (Exception $e) {
	122	rss_not_found();
	123	}
	124
	125	//Work out the filename of the cached RSS file
	126	$functionname = $cm->modname . '_rss_get_feed';
	127	require_once($CFG->dirroot . "/mod/{$cm->modname}/rsslib.php");
	128	if (function_exists($functionname)) {
	129	$pathname = $functionname($context, $cm, $instance, $args);
	130	}
	131	break;
fcce139a	132	}
6f5e0852	133
fcce139a AD	134	//Check that file exists
	135	if (empty($pathname) \|\| !file_exists($pathname)) {
	136	rss_not_found();
	137	}
8adcb49f	138
fcce139a	139	//rss_update_token_last_access($USER->id);
6619a7f4	140
fcce139a AD	141	//Send it to user!
fcce139a AD	142	send_file($pathname, $filename, $lifetime);
8adcb49f	143
fcce139a AD	144	function rss_not_found() {
	145	/// error, send some XML with error message
	146	global $lifetime, $filename;
	147	send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true);
	148	}
e7f927a0	149
fcce139a AD	150	function rss_not_authenticated() {
	151	global $lifetime, $filename;
	152	send_file(rss_geterrorxmlfile('rsserrorauth'), $filename, $lifetime, false, true);
	153	}
2e9b772f	154