Example #1
0
/**
 * Serves the lesson attachments. Implements needed access control ;-)
 *
 * @package mod_lesson
 * @category files
 * @param stdClass $course course object
 * @param stdClass $cm course module object
 * @param stdClass $context context object
 * @param string $filearea file area
 * @param array $args extra arguments
 * @param bool $forcedownload whether or not force download
 * @param array $options additional options affecting the file serving
 * @return bool false if file not found, does not return if found - justsend the file
 */
function lesson_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
    global $CFG, $DB;
    if ($context->contextlevel != CONTEXT_MODULE) {
        return false;
    }
    $fileareas = lesson_get_file_areas();
    if (!array_key_exists($filearea, $fileareas)) {
        return false;
    }
    if (!($lesson = $DB->get_record('lesson', array('id' => $cm->instance)))) {
        return false;
    }
    require_course_login($course, true, $cm);
    if ($filearea === 'page_contents') {
        $pageid = (int) array_shift($args);
        if (!($page = $DB->get_record('lesson_pages', array('id' => $pageid)))) {
            return false;
        }
        $fullpath = "/{$context->id}/mod_lesson/{$filearea}/{$pageid}/" . implode('/', $args);
    } else {
        if ($filearea === 'mediafile') {
            array_shift($args);
            // ignore itemid - caching only
            $fullpath = "/{$context->id}/mod_lesson/{$filearea}/0/" . implode('/', $args);
        } else {
            return false;
        }
    }
    $fs = get_file_storage();
    if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
        return false;
    }
    // finally send the file
    send_stored_file($file, 0, 0, $forcedownload, $options);
    // download MUST be forced - security!
}
Example #2
0
/**
 * Returns a file_info_stored object for the file being requested here
 *
 * @package  mod_lesson
 * @category files
 * @global stdClass $CFG
 * @param file_browse $browser file browser instance
 * @param array $areas file areas
 * @param stdClass $course course object
 * @param stdClass $cm course module object
 * @param stdClass $context context object
 * @param string $filearea file area
 * @param int $itemid item ID
 * @param string $filepath file path
 * @param string $filename file name
 * @return file_info_stored
 */
function lesson_get_file_info($browser, $areas, $course, $cm, $context, $filearea, $itemid, $filepath, $filename)
{
    global $CFG, $DB;
    if (!has_capability('moodle/course:managefiles', $context)) {
        // No peaking here for students!
        return null;
    }
    // Mediafile area does not have sub directories, so let's select the default itemid to prevent
    // the user from selecting a directory to access the mediafile content.
    if ($filearea == 'mediafile' && is_null($itemid)) {
        $itemid = 0;
    }
    if (is_null($itemid)) {
        return new mod_lesson_file_info($browser, $course, $cm, $context, $areas, $filearea);
    }
    $fs = get_file_storage();
    $filepath = is_null($filepath) ? '/' : $filepath;
    $filename = is_null($filename) ? '.' : $filename;
    if (!($storedfile = $fs->get_file($context->id, 'mod_lesson', $filearea, $itemid, $filepath, $filename))) {
        return null;
    }
    $itemname = $filearea;
    if ($filearea == 'page_contents') {
        $itemname = $DB->get_field('lesson_pages', 'title', array('lessonid' => $cm->instance, 'id' => $itemid));
        $itemname = format_string($itemname, true, array('context' => $context));
    } else {
        $areas = lesson_get_file_areas();
        if (isset($areas[$filearea])) {
            $itemname = $areas[$filearea];
        }
    }
    $urlbase = $CFG->wwwroot . '/pluginfile.php';
    return new file_info_stored($browser, $context, $storedfile, $urlbase, $itemname, $itemid, true, true, false);
}