function validation($data, $files) { global $CFG, $USER, $DB; $errors = parent::validation($data, $files); if (empty($data['id']) and empty($data['example'])) { // make sure there is no submission saved meanwhile from another browser window $sql = "SELECT COUNT(s.id)\n FROM {workshop_submissions} s\n JOIN {workshop} w ON (s.workshopid = w.id)\n JOIN {course_modules} cm ON (w.id = cm.instance)\n JOIN {modules} m ON (m.name = 'workshop' AND m.id = cm.module)\n WHERE cm.id = ? AND s.authorid = ? AND s.example = 0"; if ($DB->count_records_sql($sql, array($data['cmid'], $USER->id))) { $errors['title'] = get_string('err_multiplesubmissions', 'mod_workshop'); } } if (isset($data['attachment_filemanager']) and isset($this->_customdata['workshop']->submissionfiletypes)) { $whitelist = workshop::normalize_file_extensions($this->_customdata['workshop']->submissionfiletypes); if ($whitelist) { $draftfiles = file_get_drafarea_files($data['attachment_filemanager']); if ($draftfiles) { $wrongfiles = array(); foreach ($draftfiles->list as $file) { if (!workshop::is_allowed_file_type($file->filename, $whitelist)) { $wrongfiles[] = $file->filename; } } if ($wrongfiles) { $a = array('whitelist' => workshop::clean_file_extensions($whitelist), 'wrongfiles' => implode(', ', $wrongfiles)); $errors['attachment_filemanager'] = get_string('err_wrongfileextension', 'mod_workshop', $a); } } } } return $errors; }
/** * Test checking file name against the list of allowed extensions. */ public function test_is_allowed_file_type() { $this->resetAfterTest(true); $this->assertTrue(workshop::is_allowed_file_type('README.txt', '')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', [''])); $this->assertFalse(workshop::is_allowed_file_type('README.txt', '0')); $this->assertFalse(workshop::is_allowed_file_type('README.txt', 'xt')); $this->assertFalse(workshop::is_allowed_file_type('README.txt', 'old.txt')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', 'txt')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', '.TXT')); $this->assertTrue(workshop::is_allowed_file_type('README.TXT', 'txt')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', '.txt .md')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', 'HTML TXT DOC RTF')); $this->assertTrue(workshop::is_allowed_file_type('README.txt', ['HTML', '...TXT', 'DOC', 'RTF'])); $this->assertTrue(workshop::is_allowed_file_type('C:\\Moodle\\course-data.tar.gz', 'gzip zip 7z tar.gz')); $this->assertFalse(workshop::is_allowed_file_type('C:\\Moodle\\course-data.tar.gz', 'gzip zip 7z tar')); $this->assertTrue(workshop::is_allowed_file_type('~/course-data.tar.gz', 'gzip zip 7z gz')); $this->assertFalse(workshop::is_allowed_file_type('~/course-data.tar.gz', 'gzip zip 7z')); $this->assertFalse(workshop::is_allowed_file_type('Alice on the beach.jpg.exe', 'png gif jpg bmp')); $this->assertFalse(workshop::is_allowed_file_type('xfiles.exe.jpg', 'exe com bat sh')); $this->assertFalse(workshop::is_allowed_file_type('solution.odt~', 'odt, xls')); $this->assertTrue(workshop::is_allowed_file_type('solution.odt~', 'odt, odt~')); }
/** * Validate assessment form data. * * @param array $data * @param array $files * @return array */ public function validation($data, $files) { $errors = parent::validation($data, $files); if (isset($data['feedbackauthorattachment_filemanager']) and isset($this->workshop->overallfeedbackfiletypes)) { $whitelist = workshop::normalize_file_extensions($this->workshop->overallfeedbackfiletypes); if ($whitelist) { $draftfiles = file_get_drafarea_files($data['feedbackauthorattachment_filemanager']); if ($draftfiles) { $wrongfiles = array(); foreach ($draftfiles->list as $file) { if (!workshop::is_allowed_file_type($file->filename, $whitelist)) { $wrongfiles[] = $file->filename; } } if ($wrongfiles) { $a = array('whitelist' => workshop::clean_file_extensions($whitelist), 'wrongfiles' => implode(', ', $wrongfiles)); $errors['feedbackauthorattachment_filemanager'] = get_string('err_wrongfileextension', 'mod_workshop', $a); } } } } return $errors; }