MDL-14591 adding standard access control

[moodle.git] / portfolio / file.php

diff --git a/portfolio/file.php b/portfolio/file.php
index b53c9f5..e56cceb 100644 (file)
--- a/portfolio/file.php
+++ b/portfolio/file.php
@@ -1,27 +1,30 @@
 <?php
 require_once(dirname(dirname(__FILE__)) . '/config.php');
 <?php
 require_once(dirname(dirname(__FILE__)) . '/config.php');

+
+if (empty($CFG->enableportfolios)) {
+    print_error('disabled', 'portfolio');
+}
+

 require_once($CFG->libdir . '/portfoliolib.php');
 require_once($CFG->libdir . '/file/stored_file.php');
 require_once($CFG->libdir . '/filelib.php');
 
 $id = required_param('id', PARAM_INT);
 
 require_once($CFG->libdir . '/portfoliolib.php');
 require_once($CFG->libdir . '/file/stored_file.php');
 require_once($CFG->libdir . '/filelib.php');
 
 $id = required_param('id', PARAM_INT);
 

+require_login();
+

 $exporter = portfolio_exporter::rewaken_object($id);
 $exporter = portfolio_exporter::rewaken_object($id);

+$exporter->verify_rewaken();

 
 if ($exporter->get('instance')->is_push()) {
 
 if ($exporter->get('instance')->is_push()) {

-    $exporter->raise_error('filedenied', 'portfolio');
+    throw new portfolio_export_exception($exporter, 'filedenied', 'portfolio');

 }
 
 if (!$exporter->get('instance')->verify_file_request_params(array_merge($_GET, $_POST))) {
 }
 
 if (!$exporter->get('instance')->verify_file_request_params(array_merge($_GET, $_POST))) {

-    $exporter->raise_error('filedenied', 'portfolio');
+    throw new portfolio_export_exception($exporter, 'filedenied', 'portfolio');

 }
 
 }
 

-$file = $exporter->get('instance')->get('file');
-if (!($file instanceof stored_file)) {
-    $exporter->raise_error('filenotfound', 'portfolio');
-}
-
-send_stored_file($file, 0, 0, true, null, true);
+$exporter->get('instance')->send_file();

 $exporter->process_stage_cleanup(true);
 $exporter->process_stage_cleanup(true);

-
+exit;

 ?>
 ?>