MDL-22991, validate data that was encoded in base64
[moodle.git] / repository / local / lib.php
1 <?php
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 // GNU General Public License for more details.
14 //
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
18 /**
19  * repository_local class is used to browse moodle files
20  *
21  * @since 2.0
22  * @package moodlecore
23  * @subpackage repository
24  * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
25  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26  */
28 class repository_local extends repository {
30     /**
31      * local plugin doesn't require login, so list all files
32      * @return mixed
33      */
34     public function print_login() {
35         return $this->get_listing();
36     }
38     /**
39      * Get file listing
40      *
41      * @param string $encodedpath
42      * @return mixed
43      */
44     public function get_listing($encodedpath = '') {
45         global $CFG, $USER, $OUTPUT;
46         $ret = array();
47         $ret['dynload'] = true;
48         $ret['nosearch'] = true;
49         $ret['nologin'] = true;
50         $list = array();
52         if (!empty($encodedpath)) {
53             $params = unserialize(base64_decode($encodedpath));
54             if (is_array($params)) {
55                 $itemid   = clean_param($params['itemid'], PARAM_INT);
56                 $filename = clean_param($params['filename'], PARAM_FILE);
57                 $filearea = clean_param($params['filearea'], PARAM_ALPHAEXT);
58                 $filepath = clean_param($params['filepath'], PARAM_PATH);;
59                 $context  = get_context_instance_by_id(clean_param($params['contextid'], PARAM_INT));
60             }
61         } else {
62             $itemid   = null;
63             $filename = null;
64             $filearea = null;
65             $filepath = null;
66             $context  = get_system_context();
67         }
69         $browser = get_file_browser();
71         if ($fileinfo = $browser->get_file_info($context, $filearea, $itemid, $filepath, $filename)) {
72             echo_fb($fileinfo);
73             // build path navigation
74             $pathnodes = array();
75             $encodedpath = base64_encode(serialize($fileinfo->get_params()));
76             $pathnodes[] = array('name'=>$fileinfo->get_visible_name(), 'path'=>$encodedpath);
77             $level = $fileinfo->get_parent();
78             while ($level) {
79                 $encodedpath = base64_encode(serialize($level->get_params()));
80                 $pathnodes[] = array('name'=>$level->get_visible_name(), 'path'=>$encodedpath);
81                 $level = $level->get_parent();
82             }
83             if (!empty($pathnodes) && is_array($pathnodes)) {
84                 $pathnodes = array_reverse($pathnodes);
85                 $ret['path'] = $pathnodes;
86             }
87             // build file tree
88             $children = $fileinfo->get_children();
89             foreach ($children as $child) {
90                 $shorttitle = $this->get_short_filename($child->get_visible_name(), 12);
91                 if ($child->is_directory()) {
92                     $params = $child->get_params();
93                     $subdir_children = $child->get_children();
94                     //if (empty($subdir_children)) {
95                         //continue;
96                     //}
97                     $encodedpath = base64_encode(serialize($params));
98                     // hide user_private area from local plugin, user should
99                     // use private file plugin to access private files
100                     //if ($params['filearea'] == 'user_private') {
101                         //continue;
102                     //}
103                     $node = array(
104                         'title' => $child->get_visible_name(),
105                         'shorttitle'=>$shorttitle,
106                         'size' => 0,
107                         'date' => '',
108                         'path' => $encodedpath,
109                         'children'=>array(),
110                         'thumbnail' => $OUTPUT->pix_url('f/folder-32') . ''
111                     );
112                     $list[] = $node;
113                 } else {
114                     $encodedpath = base64_encode(serialize($child->get_params()));
115                     $icon = 'f/'.str_replace('.gif', '', mimeinfo('icon', $child->get_visible_name())).'-32';
116                     $node = array(
117                         'title' => $child->get_visible_name(),
118                         'shorttitle'=>$shorttitle,
119                         'size' => 0,
120                         'date' => '',
121                         'source'=> $encodedpath,
122                         'thumbnail' => $OUTPUT->pix_url($icon) . '',
123                     );
124                     $list[] = $node;
125                 }
126             }
127         }
128         $ret['list'] = array_filter($list, array($this, 'filter'));
129         return $ret;
130     }
132     /**
133      * Set repository name
134      *
135      * @return string repository name
136      */
137     public function get_name(){
138         return get_string('pluginname', 'repository_local');;
139     }
141     /**
142      * Local file don't support to link to external links
143      *
144      * @return int
145      */
146     public function supported_returntypes() {
147         return FILE_INTERNAL;
148     }
150     /**
151      * Copy a file to file area
152      *
153      * @global object $USER
154      * @global object $DB
155      * @param string $encoded The metainfo of file, it is base64 encoded php seriablized data
156      * @param string $new_filename The intended name of file
157      * @param string $new_itemid itemid
158      * @param string $new_filepath the new path in draft area
159      * @return array The information of file
160      */
161     public function copy_to_area($encoded, $new_filearea='draft', $new_itemid = '', $new_filepath = '/', $new_filename = '') {
162         global $USER, $DB;
163         $info = array();
165         $browser = get_file_browser();
166         $user_context = get_context_instance(CONTEXT_USER, $USER->id);
168         // the final file
169         $params = unserialize(base64_decode($encoded));
170         $contextid  = clean_param($params['contextid'], PARAM_INT);
171         $fileitemid = clean_param($params['itemid'], PARAM_INT);
172         $filename = clean_param($params['filename'], PARAM_FILE);
173         $filepath = clean_param($params['filepath'], PARAM_PATH);;
174         $filearea = clean_param($params['filearea'], PARAM_ALPHAEXT);
176         $context = get_context_instance_by_id($contextid);
178         $file_info = $browser->get_file_info($context, $filearea, $fileitemid, $filepath, $filename);
179         $file_info->copy_to_storage($user_context->id, $new_filearea, $new_itemid, $new_filepath, $new_filename);
181         $info['itemid'] = $new_itemid;
182         $info['title']  = $new_filename;
183         $info['contextid'] = $user_context->id;
184         $info['filesize'] = $file_info->get_filesize();
186         return $info;
187     }