/** * Serves the lesson attachments. Implements needed access control ;-) * * @package mod_lesson * @category files * @param stdClass $course course object * @param stdClass $cm course module object * @param stdClass $context context object * @param string $filearea file area * @param array $args extra arguments * @param bool $forcedownload whether or not force download * @param array $options additional options affecting the file serving * @return bool false if file not found, does not return if found - justsend the file */ function lesson_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload, array $options = array()) { global $CFG, $DB; if ($context->contextlevel != CONTEXT_MODULE) { return false; } $fileareas = lesson_get_file_areas(); if (!array_key_exists($filearea, $fileareas)) { return false; } if (!($lesson = $DB->get_record('lesson', array('id' => $cm->instance)))) { return false; } require_course_login($course, true, $cm); if ($filearea === 'page_contents') { $pageid = (int) array_shift($args); if (!($page = $DB->get_record('lesson_pages', array('id' => $pageid)))) { return false; } $fullpath = "/{$context->id}/mod_lesson/{$filearea}/{$pageid}/" . implode('/', $args); } else { if ($filearea === 'mediafile') { array_shift($args); // ignore itemid - caching only $fullpath = "/{$context->id}/mod_lesson/{$filearea}/0/" . implode('/', $args); } else { return false; } } $fs = get_file_storage(); if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) { return false; } // finally send the file send_stored_file($file, 0, 0, $forcedownload, $options); // download MUST be forced - security! }
/** * Returns a file_info_stored object for the file being requested here * * @package mod_lesson * @category files * @global stdClass $CFG * @param file_browse $browser file browser instance * @param array $areas file areas * @param stdClass $course course object * @param stdClass $cm course module object * @param stdClass $context context object * @param string $filearea file area * @param int $itemid item ID * @param string $filepath file path * @param string $filename file name * @return file_info_stored */ function lesson_get_file_info($browser, $areas, $course, $cm, $context, $filearea, $itemid, $filepath, $filename) { global $CFG, $DB; if (!has_capability('moodle/course:managefiles', $context)) { // No peaking here for students! return null; } // Mediafile area does not have sub directories, so let's select the default itemid to prevent // the user from selecting a directory to access the mediafile content. if ($filearea == 'mediafile' && is_null($itemid)) { $itemid = 0; } if (is_null($itemid)) { return new mod_lesson_file_info($browser, $course, $cm, $context, $areas, $filearea); } $fs = get_file_storage(); $filepath = is_null($filepath) ? '/' : $filepath; $filename = is_null($filename) ? '.' : $filename; if (!($storedfile = $fs->get_file($context->id, 'mod_lesson', $filearea, $itemid, $filepath, $filename))) { return null; } $itemname = $filearea; if ($filearea == 'page_contents') { $itemname = $DB->get_field('lesson_pages', 'title', array('lessonid' => $cm->instance, 'id' => $itemid)); $itemname = format_string($itemname, true, array('context' => $context)); } else { $areas = lesson_get_file_areas(); if (isset($areas[$filearea])) { $itemname = $areas[$filearea]; } } $urlbase = $CFG->wwwroot . '/pluginfile.php'; return new file_info_stored($browser, $context, $storedfile, $urlbase, $itemname, $itemid, true, true, false); }