/**
* Serves the files from the emarking file areas
*
* @package mod_emarking
* @category files
* @param stdClass $course
* the course object
* @param stdClass $cm
* the course module object
* @param stdClass $context
* the emarking's context
* @param string $filearea
* the name of the file area
* @param array $args
* extra arguments (itemid, path)
* @param bool $forcedownload
* whether or not force download
* @param array $options
* additional options affecting the file serving
*/
function emarking_pluginfile($course, $cm, $context, $filearea, array $args, $forcedownload, array $options = array())
{
global $DB, $CFG, $USER;
require_once $CFG->dirroot . '/mod/emarking/locallib.php';
require_once $CFG->dirroot . '/mod/emarking/print/locallib.php';
require_login();
// send_file defaults.
$lifetime = null;
$filter = 0;
$pathisstring = false;
$forcedownload = false;
$mimetype = '';
$dontdie = false;
// end of send_file defaults.
$filename = array_pop($args);
$itemid = array_pop($args);
$contextcategory = context_coursecat::instance($course->category);
$contextcourse = context_course::instance($course->id);
// Security! We always protect the exams filearea.
if ($filearea === 'exams') {
send_file_not_found();
}
if ($filearea === 'pages') {
$parts = explode('-', $filename);
if (count($parts) != 3) {
send_file_not_found();
}
if (!($parts[0] === intval($parts[0]) . "") || !($parts[1] === intval($parts[1]) . "")) {
send_file_not_found();
}
$subparts = explode('.', $parts[2]);
$isanonymous = substr($subparts[0], -strlen('_a')) === '_a';
$imageuser = intval($parts[0]);
$usercangrade = has_capability('mod/emarking:grade', $context);
$bothenrolled = is_enrolled($contextcourse) && is_enrolled($contextcourse, $imageuser);
if ($USER->id != $imageuser && !$usercangrade && !$isanonymous && !is_siteadmin($USER) && !$bothenrolled) {
send_file_not_found();
}
}
if ($filearea === 'response') {
$parts = explode('_', $filename);
if (count($parts) != 3) {
send_file_not_found();
}
if (!($parts[0] === "response") || !($parts[1] === intval($parts[1]) . "")) {
send_file_not_found();
}
$subparts = explode('.', $parts[2]);
$studentid = intval($subparts[0]);
$emarkingid = intval($parts[1]);
if (!($emarking = $DB->get_record('emarking', array('id' => $emarkingid)))) {
send_file_not_found();
}
if ($studentid != $USER->id && !is_siteadmin($USER) && !has_capability('mod/emarking:supervisegrading', $context)) {
send_file_not_found();
}
$forcedownload = true;
$mimetype = 'application/pdf';
}
if ($filearea === 'examstoprint') {
if (!has_capability('mod/emarking:downloadexam', $contextcategory)) {
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\invalidaccessdownload_attempted::create_from_exam($exam, $contextcourse)->trigger();
send_file_not_found();
}
$token = required_param('token', PARAM_INT);
if ($token > 9999 && $_SESSION[$USER->sesskey . "smstoken"] === $token) {
if (!($exam = $DB->get_record('emarking_exams', array('emarking' => $itemid)))) {
send_file_not_found();
}
$now = new DateTime();
$tokendate = new DateTime();
$tokendate->setTimestamp($_SESSION[$USER->sesskey . "smsdate"]);
$diff = $now->diff($tokendate);
if ($diff->i > 5 && false) {
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\invalidtokendownload_attempted::create_from_exam($exam, $contextcourse)->trigger();
send_file_not_found();
}
// Everything is fine, now we update the exam status and deliver the file.
$exam->status = EMARKING_EXAM_SENT_TO_PRINT;
$DB->update_record('emarking_exams', $exam);
} else {
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\invalidtokendownload_attempted::create_from_exam($exam, $contextcourse)->trigger();
send_file_not_found();
}
// Notify everyone that the exam was downloaded.
emarking_send_examdownloaded_notification($exam, $course, $USER);
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\exam_downloaded::create_from_exam($exam, $contextcourse)->trigger();
}
$fs = get_file_storage();
if (!($file = $fs->get_file($context->id, 'mod_emarking', $filearea, $itemid, '/', $filename))) {
echo $context->id . ".." . $filearea . ".." . $itemid . ".." . $filename;
echo "File really not found";
send_file_not_found();
}
send_file($file, $filename, $lifetime, $filter, $pathisstring, $forcedownload, $mimetype = '', $dontdie);
}
if (!($course = $DB->get_record("course", array("id" => $exam->course)))) {
print_error(get_string("invalidcourseid", "mod_emarking"));
die;
}
$contextcat = context_coursecat::instance($course->category);
$contextcourse = context_course::instance($course->id);
$url = new moodle_url("/mod/emarking/print/download.php", array("examid" => $exam->id, "token" => $token, "sesskey" => $sesskey));
$PAGE->set_context($contextcourse);
$PAGE->set_url($url);
$coursecategoryurl = new moodle_url("/mod/emarking/print/printorders.php", array("category" => $course->category));
$courseurl = new moodle_url("/mod/emarking/print/exams.php", array("course" => $course->id));
// Validate capability in the category context.
if (!(has_capability("mod/emarking:downloadexam", $contextcat) || has_capability("mod/emarking:downloadexam", $contextcourse))) {
$item = array("context" => $contextcourse, "objectid" => $exam->emarking);
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\invalidaccessdownload_attempted::create($item)->trigger();
echo json_encode(array("error" => get_string("invalidaccess", "mod_emarking")));
die;
}
// Check the exam status to validate if it is already generated.
if ($exam->status < EMARKING_EXAM_PROCESSED) {
echo json_encode(array('error' => get_string('error') . core_text::strtolower(' ' . get_string('exam', 'mod_emarking') . ' ' . get_string('examstatusbeingprocessed', 'mod_emarking'))));
die;
}
// If a token was sent and it was not valid, log and die.
if ($token > 9999 && $_SESSION[$USER->sesskey . "smstoken"] !== $token) {
$item = array("context" => $contextcourse, "objectid" => $exam->emarking);
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\invalidtokendownload_attempted::create($item)->trigger();
echo $OUTPUT->header();
echo $OUTPUT->notification(get_string("eventinvalidtokengranted", "mod_emarking"), "notifyproblem");
