Commit | Line | Data |
---|---|---|
2e9b772f | 1 | <?PHP |
8adcb49f | 2 | //This file returns the required rss feeds |
3 | //The URL format MUST include: | |
fcce139a | 4 | // context: the context id |
e7f927a0 | 5 | // user: the user id |
6 | // name: the name of the module (forum...) | |
7 | // id: the id (instance) of the module (forumid...) | |
8adcb49f | 8 | //If the course has a password or it doesn't |
7fe0ce4e | 9 | //allow guest access then the user field is |
8adcb49f | 10 | //required to see that the user is enrolled |
11 | //in the course, else no check is performed. | |
12 | //This allows to limit a bit the rss access | |
13 | //to correct users. It isn't unbreakable, | |
14 | //obviously, but its the best I've thought!! | |
15 | ||
2e9b772f | 16 | // disable moodle specific debug messages and any errors in output |
fcce139a AD |
17 | define('NO_DEBUG_DISPLAY', true);//comment this out to see any error messages during RSS generation |
18 | ||
19 | // session not used here | |
30d24538 | 20 | define('NO_MOODLE_COOKIES', true); |
fcce139a AD |
21 | |
22 | require_once('../config.php'); | |
23 | require_once($CFG->libdir.'/filelib.php'); | |
24 | require_once($CFG->libdir.'/rsslib.php'); | |
25 | ||
26 | //Check RSS feeds are enabled | |
27 | if (empty($CFG->enablerssfeeds)) { | |
28 | debugging('DISABLED (admin variables)'); | |
29 | rss_not_found(); | |
30 | } | |
31 | ||
32 | $lifetime = 3600; // Seconds for files to remain in caches - 1 hour | |
33 | $filename = 'rss.xml'; | |
34 | ||
35 | // this is a big one big hack - NO_MOODLE_COOKIES is not compatible with capabilities MDL-7243 | |
36 | // it should be replaced once we get to codes in urls | |
37 | ||
38 | $relativepath = get_file_argument(); | |
39 | if (!$relativepath) { | |
40 | rss_not_found(); | |
41 | } | |
42 | ||
43 | // extract relative path components | |
44 | $args = explode('/', trim($relativepath, '/')); | |
45 | if (count($args) < 5) { | |
46 | rss_not_found(); | |
47 | } | |
48 | ||
49 | $contextid = (int)$args[0]; | |
50 | $token = $args[1]; | |
aa60291e | 51 | $componentname = clean_param($args[2], PARAM_FILE); |
fcce139a AD |
52 | $instance = $args[3]; |
53 | ||
54 | $userid = rss_get_userid_from_token($token); | |
55 | if (!$userid) { | |
56 | rss_not_authenticated(); | |
57 | } | |
58 | $user = get_complete_user_data('id', $userid); | |
59 | session_set_user($user); | |
60 | ||
e417be4c | 61 | //Set context |
fcce139a AD |
62 | $context = get_context_instance_by_id($contextid); |
63 | if (!$context) { | |
64 | rss_not_found(); | |
65 | } | |
66 | $PAGE->set_context($context); | |
67 | ||
e417be4c | 68 | //Get course from context |
69 | //TODO: note that in the case of the hub rss feed, the feed is not related to a course context, | |
70 | //it is more a "site" context. The Hub RSS bypass the following line using context id = 2 | |
fcce139a AD |
71 | $coursecontext = get_course_context($context); |
72 | $course = $DB->get_record('course', array('id' => $coursecontext->instanceid), '*', MUST_EXIST); | |
73 | ||
aa60291e | 74 | //this will store the path to the cached rss feed contents |
fcce139a | 75 | $pathname = null; |
e417be4c | 76 | |
aa60291e AD |
77 | $componentdir = get_component_directory($componentname); |
78 | list($type, $plugin) = normalize_component($componentname); | |
79 | ||
80 | if (file_exists($componentdir)) { | |
81 | require_once("$componentdir/rsslib.php"); | |
82 | $functionname = $plugin.'_rss_get_feed'; | |
83 | ||
84 | if (function_exists($functionname)) { | |
85 | ||
86 | if ($componentname=='blog') { | |
87 | ||
88 | $blogid = (int) $args[4]; // could be groupid / courseid / userid depending on $instance | |
89 | if ($args[5] != 'rss.xml') { | |
90 | $tagid = (int) $args[5]; | |
91 | } else { | |
92 | $tagid = 0; | |
93 | } | |
94 | ||
95 | try { | |
96 | require_login($course, false, NULL, false, true); | |
97 | } catch (Exception $e) { | |
98 | rss_not_found(); | |
99 | } | |
100 | $pathname = $functionname($instance, $blogid, $tagid); | |
101 | } else if ($componentname=='local_hub') { | |
102 | ||
103 | $pathname = $functionname($args); | |
e417be4c | 104 | } else { |
e417be4c | 105 | |
aa60291e | 106 | $instance = (int)$instance; |
e417be4c | 107 | |
aa60291e AD |
108 | try { |
109 | $cm = get_coursemodule_from_instance($plugin, $instance, 0, false, MUST_EXIST); | |
110 | require_login($course, false, $cm, false, true); | |
111 | } catch (Exception $e) { | |
112 | rss_not_found(); | |
113 | } | |
e417be4c | 114 | |
e417be4c | 115 | $pathname = $functionname($context, $cm, $instance, $args); |
116 | } | |
aa60291e | 117 | } |
fcce139a | 118 | } |
6f5e0852 | 119 | |
fcce139a AD |
120 | //Check that file exists |
121 | if (empty($pathname) || !file_exists($pathname)) { | |
122 | rss_not_found(); | |
123 | } | |
8adcb49f | 124 | |
fcce139a | 125 | //rss_update_token_last_access($USER->id); |
6619a7f4 | 126 | |
fcce139a AD |
127 | //Send it to user! |
128 | send_file($pathname, $filename, $lifetime); | |
8adcb49f | 129 | |
fcce139a AD |
130 | function rss_not_found() { |
131 | /// error, send some XML with error message | |
132 | global $lifetime, $filename; | |
133 | send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true); | |
134 | } | |
e7f927a0 | 135 | |
fcce139a AD |
136 | function rss_not_authenticated() { |
137 | global $lifetime, $filename; | |
138 | send_file(rss_geterrorxmlfile('rsserrorauth'), $filename, $lifetime, false, true); | |
139 | } | |
2e9b772f | 140 |