Commit | Line | Data |
---|---|---|
2e9b772f | 1 | <?PHP |
8adcb49f | 2 | //This file returns the required rss feeds |
3 | //The URL format MUST include: | |
fcce139a | 4 | // context: the context id |
e7f927a0 | 5 | // user: the user id |
6 | // name: the name of the module (forum...) | |
7 | // id: the id (instance) of the module (forumid...) | |
8adcb49f | 8 | //If the course has a password or it doesn't |
7fe0ce4e | 9 | //allow guest access then the user field is |
8adcb49f | 10 | //required to see that the user is enrolled |
11 | //in the course, else no check is performed. | |
12 | //This allows to limit a bit the rss access | |
13 | //to correct users. It isn't unbreakable, | |
14 | //obviously, but its the best I've thought!! | |
15 | ||
2e9b772f | 16 | // disable moodle specific debug messages and any errors in output |
fcce139a AD |
17 | define('NO_DEBUG_DISPLAY', true);//comment this out to see any error messages during RSS generation |
18 | ||
19 | // session not used here | |
30d24538 | 20 | define('NO_MOODLE_COOKIES', true); |
fcce139a AD |
21 | |
22 | require_once('../config.php'); | |
23 | require_once($CFG->libdir.'/filelib.php'); | |
24 | require_once($CFG->libdir.'/rsslib.php'); | |
25 | ||
26 | //Check RSS feeds are enabled | |
27 | if (empty($CFG->enablerssfeeds)) { | |
28 | debugging('DISABLED (admin variables)'); | |
29 | rss_not_found(); | |
30 | } | |
31 | ||
32 | $lifetime = 3600; // Seconds for files to remain in caches - 1 hour | |
33 | $filename = 'rss.xml'; | |
34 | ||
35 | // this is a big one big hack - NO_MOODLE_COOKIES is not compatible with capabilities MDL-7243 | |
36 | // it should be replaced once we get to codes in urls | |
37 | ||
38 | $relativepath = get_file_argument(); | |
39 | if (!$relativepath) { | |
40 | rss_not_found(); | |
41 | } | |
42 | ||
43 | // extract relative path components | |
44 | $args = explode('/', trim($relativepath, '/')); | |
45 | if (count($args) < 5) { | |
46 | rss_not_found(); | |
47 | } | |
48 | ||
49 | $contextid = (int)$args[0]; | |
50 | $token = $args[1]; | |
51 | $modulename = clean_param($args[2], PARAM_FILE); | |
52 | $instance = $args[3]; | |
53 | ||
54 | $userid = rss_get_userid_from_token($token); | |
55 | if (!$userid) { | |
56 | rss_not_authenticated(); | |
57 | } | |
58 | $user = get_complete_user_data('id', $userid); | |
59 | session_set_user($user); | |
60 | ||
61 | $context = get_context_instance_by_id($contextid); | |
62 | if (!$context) { | |
63 | rss_not_found(); | |
64 | } | |
65 | $PAGE->set_context($context); | |
66 | ||
67 | $coursecontext = get_course_context($context); | |
68 | $course = $DB->get_record('course', array('id' => $coursecontext->instanceid), '*', MUST_EXIST); | |
69 | ||
70 | $isblog = ($modulename == 'blog'); | |
71 | if ($isblog) { | |
72 | $blogid = (int)$args[4]; // could be groupid / courseid / userid depending on $instance | |
73 | if ($args[5] != 'rss.xml') { | |
74 | $tagid = (int)$args[5]; | |
75 | } else { | |
76 | $tagid = 0; | |
77 | } | |
78 | } else { | |
79 | $instance = (int)$instance; // we know it's an id number | |
80 | } | |
81 | ||
82 | //Check name of module | |
83 | if (!$isblog) { | |
84 | $mods = get_plugin_list('mod'); | |
85 | $mods = array_keys($mods); | |
86 | if (!in_array(strtolower($modulename), $mods)) { | |
66c52fdf | 87 | rss_not_found(); |
8adcb49f | 88 | } |
df997f84 PS |
89 | try { |
90 | $cm = get_coursemodule_from_instance($modulename, $instance, 0, false, MUST_EXIST); | |
91 | require_login($course, false, $cm, false, true); | |
92 | } catch (Exception $e) { | |
66c52fdf | 93 | rss_not_found(); |
8adcb49f | 94 | } |
fcce139a | 95 | |
df997f84 PS |
96 | } else { |
97 | try { | |
98 | require_login($course, false, NULL, false, true); | |
99 | } catch (Exception $e) { | |
66c52fdf | 100 | rss_not_found(); |
8adcb49f | 101 | } |
fcce139a AD |
102 | } |
103 | ||
fcce139a AD |
104 | $pathname = null; |
105 | //Work out the filename of the cached RSS file | |
106 | if ($isblog) { | |
107 | require_once($CFG->dirroot.'/blog/rsslib.php'); | |
108 | $pathname = blog_generate_rss_feed($instance, $blogid, $tagid); | |
109 | } else { | |
110 | $functionname = $cm->modname.'_rss_get_feed'; | |
111 | require_once($CFG->dirroot."/mod/{$cm->modname}/rsslib.php"); | |
112 | if(function_exists($functionname)) { | |
113 | $pathname = $functionname($context, $cm, $instance, $args); | |
8adcb49f | 114 | } |
fcce139a | 115 | } |
6f5e0852 | 116 | |
fcce139a AD |
117 | //Check that file exists |
118 | if (empty($pathname) || !file_exists($pathname)) { | |
119 | rss_not_found(); | |
120 | } | |
8adcb49f | 121 | |
fcce139a | 122 | //rss_update_token_last_access($USER->id); |
6619a7f4 | 123 | |
fcce139a AD |
124 | //Send it to user! |
125 | send_file($pathname, $filename, $lifetime); | |
8adcb49f | 126 | |
fcce139a AD |
127 | function rss_not_found() { |
128 | /// error, send some XML with error message | |
129 | global $lifetime, $filename; | |
130 | send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true); | |
131 | } | |
e7f927a0 | 132 | |
fcce139a AD |
133 | function rss_not_authenticated() { |
134 | global $lifetime, $filename; | |
135 | send_file(rss_geterrorxmlfile('rsserrorauth'), $filename, $lifetime, false, true); | |
136 | } | |
2e9b772f | 137 |