Example #1
0
<?php

// $Id: exportfile.php,v 1.11 2008/06/08 10:43:39 skodak Exp $
require_once "../../config.php";
require_once "lib.php";
// disable moodle specific debug messages
disable_debugging();
$id = required_param('id', PARAM_INT);
// Course Module ID
$l = optional_param('l', '', PARAM_ALPHANUM);
$cat = optional_param('cat', 0, PARAM_ALPHANUM);
if (!($cm = get_coursemodule_from_id('glossary', $id))) {
    print_error('invalidcoursemodule');
}
if (!($course = $DB->get_record("course", array("id" => $cm->course)))) {
    print_error('coursemisconf');
}
if (!($glossary = $DB->get_record("glossary", array("id" => $cm->instance)))) {
    print_error('invalidid', 'glossary');
}
require_login($course->id, false, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
require_capability('mod/glossary:export', $context);
$filename = clean_filename(strip_tags(format_string($glossary->name, true)) . '.xml');
$content = glossary_generate_export_file($glossary, $l, $cat);
send_file($content, $filename, 0, 0, true, true);
Example #2
0
/**
 * Serves the glossary attachments. Implements needed access control ;-)
 *
 * @param object $course
 * @param object $cm
 * @param object $context
 * @param string $filearea
 * @param array $args
 * @param bool $forcedownload
 * @return bool false if file not found, does not return if found - justsend the file
 */
function glossary_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload) {
    global $CFG, $DB;

    if ($context->contextlevel != CONTEXT_MODULE) {
        return false;
    }

    require_course_login($course, true, $cm);

    if ($filearea === 'attachment' or $filearea === 'entry') {
        $entryid = (int)array_shift($args);

        require_course_login($course, true, $cm);

        if (!$entry = $DB->get_record('glossary_entries', array('id'=>$entryid))) {
            return false;
        }

        if (!$glossary = $DB->get_record('glossary', array('id'=>$cm->instance))) {
            return false;
        }

        if ($glossary->defaultapproval and !$entry->approved and !has_capability('mod/glossary:approve', $context)) {
            return false;
        }

        // this trickery here is because we need to support source glossary access

        if ($entry->glossaryid == $cm->instance) {
            $filecontext = $context;

        } else if ($entry->sourceglossaryid == $cm->instance) {
            if (!$maincm = get_coursemodule_from_instance('glossary', $entry->glossaryid)) {
                return false;
            }
            $filecontext = get_context_instance(CONTEXT_MODULE, $maincm->id);

        } else {
            return false;
        }

        $relativepath = implode('/', $args);
        $fullpath = "/$filecontext->id/mod_glossary/$filearea/$entryid/$relativepath";

        $fs = get_file_storage();
        if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
            return false;
        }

        // finally send the file
        send_stored_file($file, 0, 0, true); // download MUST be forced - security!

    } else if ($filearea === 'export') {
        require_login($course, false, $cm);
        require_capability('mod/glossary:export', $context);

        if (!$glossary = $DB->get_record('glossary', array('id'=>$cm->instance))) {
            return false;
        }

        $cat = array_shift($args);
        $cat = clean_param($cat, PARAM_ALPHANUM);

        $filename = clean_filename(strip_tags(format_string($glossary->name)).'.xml');
        $content = glossary_generate_export_file($glossary, NULL, $cat);

        send_file($content, $filename, 0, 0, true, true);
    }

    return false;
}