moodle/file.php

<?php // $Id$
      // This script fetches files from the dataroot directory
      // Syntax:      file.php/courseid/dir/dir/dir/filename.ext
      //              file.php/courseid/dir/dir/dir/filename.ext?forcedownload=1 (download instead of inline)
      //              file.php/courseid/dir (returns index.html from dir)
      // Workaround:  file.php?file=/courseid/dir/dir/dir/filename.ext
      // Test:        file.php/testslasharguments


      //TODO: Blog attachments do not have access control implemented - anybody can read them!
      //      It might be better to move the code to separate file because the access
      //      control is quite complex - see bolg/index.php 

    require_once('config.php');
    require_once('lib/filelib.php');

    if (!isset($CFG->filelifetime)) {
        $lifetime = 86400;     // Seconds for files to remain in caches
    } else {
        $lifetime = $CFG->filelifetime;
    }

    // disable moodle specific debug messages
    disable_debugging();

    $relativepath = get_file_argument('file.php');
    $forcedownload = optional_param('forcedownload', 0, PARAM_BOOL);
    
    // relative path must start with '/', because of backup/restore!!!
    if (!$relativepath) {
        print_error('invalidargorconf');
    } else if ($relativepath{0} != '/') {
        print_error('pathdoesnotstartslash');
    }

    $pathname = $CFG->dataroot.$relativepath;

    // extract relative path components
    $args = explode('/', trim($relativepath, '/'));
    if (count($args) == 0) { // always at least courseid, may search for index.html in course root
        print_error('invalidarguments');
    }
  
    // security: limit access to existing course subdirectories
    if (($args[0]!='blog') and (!$course = $DB->get_record_sql("SELECT * FROM {course} WHERE id=?", array((int)$args[0])))) {
        print_error('invalidcourseid');
    }

    // security: prevent access to "000" or "1 something" directories
    // hack for blogs, needs proper security check too
    if (($args[0] != 'blog') and ($args[0] != $course->id)) {
        print_error('invalidcourseid');
    }

    // security: login to course if necessary
    // Note: file.php always calls require_login() with $setwantsurltome=false
    //       in order to avoid messing redirects. MDL-14495
    if ($args[0] == 'blog') {
        if (empty($CFG->bloglevel)) {
            print_error('blogdisable', 'blog');
        } else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
            require_login(0, true, null, false);
        } else if ($CFG->forcelogin) {
            require_login(0, true, null, false);
        }
    } else if ($course->id != SITEID) {
        require_login($course->id, true, null, false);
    } else if ($CFG->forcelogin) {
        if (!empty($CFG->sitepolicy)
            and ($CFG->sitepolicy == $CFG->wwwroot.'/file.php'.$relativepath
                 or $CFG->sitepolicy == $CFG->wwwroot.'/file.php?file='.$relativepath)) {
            //do not require login for policy file
        } else {
            require_login(0, true, null, false);
        }
    }

    // security: only editing teachers can access backups
    if ((count($args) >= 2) and (strtolower($args[1]) == 'backupdata')) {
        if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) {
            print_error('nopermissions');
        } else {
            $lifetime = 0; //disable browser caching for backups 
        }
    }

    if (is_dir($pathname)) {
        if (file_exists($pathname.'/index.html')) {
            $pathname = rtrim($pathname, '/').'/index.html';
            $args[] = 'index.html';
        } else if (file_exists($pathname.'/index.htm')) {
            $pathname = rtrim($pathname, '/').'/index.htm';
            $args[] = 'index.htm';
        } else if (file_exists($pathname.'/Default.htm')) {
            $pathname = rtrim($pathname, '/').'/Default.htm';
            $args[] = 'Default.htm';
        } else {
            // security: do not return directory node!
            not_found($course->id);
        }
    }

    // security: teachers can view all assignments, students only their own
    if ((count($args) >= 3)
        and (strtolower($args[1]) == 'moddata')
        and (strtolower($args[2]) == 'assignment')) {

        $lifetime = 0;  // do not cache assignments, students may reupload them
        if (!has_capability('mod/assignment:grade', get_context_instance(CONTEXT_COURSE, $course->id))
          and $args[4] != $USER->id) {
           print_error('nopermissions');
        }
    }

    // security: force download of all attachments submitted by students
    if ((count($args) >= 3)
        and (strtolower($args[1]) == 'moddata')
        and ((strtolower($args[2]) == 'forum')
            or (strtolower($args[2]) == 'assignment')
            or (strtolower($args[2]) == 'data')
            or (strtolower($args[2]) == 'glossary')
            or (strtolower($args[2]) == 'wiki')
            or (strtolower($args[2]) == 'exercise')
            or (strtolower($args[2]) == 'workshop')
            )) {
        $forcedownload  = 1; // force download of all attachments
    }
    if ($args[0] == 'blog') {
        $forcedownload  = 1; // force download of all attachments
    }    

    // security: some protection of hidden resource files
    // warning: it may break backwards compatibility
    if ((!empty($CFG->preventaccesstohiddenfiles)) 
        and (count($args) >= 2)
        and (!(strtolower($args[1]) == 'moddata' and strtolower($args[2]) != 'resource')) // do not block files from other modules!
        and (!has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_COURSE, $course->id)))) {

        $rargs = $args;
        array_shift($rargs);
        $reference = implode('/', $rargs);

        $sql = "SELECT COUNT(r.id)
                  FROM {resource} r, {course_modules} cm, {modules} m
                 WHERE r.course        = ?
                       AND m.name      = 'resource'
                       AND cm.module   = m.id
                       AND cm.instance = r.id
                       AND cm.visible  = 0
                       AND r.type      = 'file'
                       AND r.reference = ?";
        $params = array($course->id, $reference);

        if ($DB->count_records_sql($sql, $params)) {
           print_error('nopermissions');
        }
    }

    // check that file exists
    if (!file_exists($pathname)) {
        not_found($course->id);
    }

    // ========================================
    // finally send the file
    // ========================================
    session_write_close(); // unlock session during fileserving
    $filename = $args[count($args)-1];
    send_file($pathname, $filename, $lifetime, $CFG->filteruploadedfiles, false, $forcedownload);

    function not_found($courseid) {
        global $CFG;
        header('HTTP/1.0 404 not found');
        print_error('filenotfound', 'error', $CFG->wwwroot.'/course/view.php?id='.$courseid); //this is not displayed on IIS??
    }
?>
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`<?php // $Id$`
			`// This script fetches files from the dataroot directory`
			`// Syntax: file.php/courseid/dir/dir/dir/filename.ext`
new parameter forcedownload; merged from MOODLE_15_STABLE 2005-07-12 08:05:42 +00:00			`// file.php/courseid/dir/dir/dir/filename.ext?forcedownload=1 (download instead of inline)`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// file.php/courseid/dir (returns index.html from dir)`
			`// Workaround: file.php?file=/courseid/dir/dir/dir/filename.ext`
slashargument test fix 2005-02-26 20:43:30 +00:00			`// Test: file.php/testslasharguments`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00
			`//TODO: Blog attachments do not have access control implemented - anybody can read them!`
			`// It might be better to move the code to separate file because the access`
			`// control is quite complex - see bolg/index.php`

Added a file level phpdoc docblock tag. Also converted double quote strings to single quote literals. 2004-09-29 18:19:39 +00:00			`require_once('config.php');`
Call new lib/filelib.php 2005-03-07 11:34:16 +00:00			`require_once('lib/filelib.php');`
Initial revision 2001-11-22 06:23:56 +00:00
MDL-11434 $CFG->filelifetime = 0 has no effect; patch by Chris Fryer 2007-09-25 09:37:58 +00:00			`if (!isset($CFG->filelifetime)) {`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`$lifetime = 86400; // Seconds for files to remain in caches`
Cleaned up file argument processing a bit 2003-01-12 06:53:25 +00:00			`} else {`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`$lifetime = $CFG->filelifetime;`
removed moodle specific debug messages from file.php 2006-09-21 06:38:27 +00:00			`}`

debugging and error reporting level fixes and improvements MDL-6671 2006-09-23 09:38:39 +00:00			`// disable moodle specific debug messages`
			`disable_debugging();`
Changes to use a new configuration variable: CFG->slasharguments If true, then display of user pictures or filenames will use the method of providing arguments as "slash" arguments - this is much better for caching, proxies, search engines etc. Unfortunately it doesn't seem to work on some PHP installations. If false (the default), then a more compatible method is used (ie usual way of passing parameters to scripts) 2002-08-26 09:48:00 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`$relativepath = get_file_argument('file.php');`
new parameter forcedownload; merged from MOODLE_15_STABLE 2005-07-12 08:05:42 +00:00			`$forcedownload = optional_param('forcedownload', 0, PARAM_BOOL);`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00
			`// relative path must start with '/', because of backup/restore!!!`
			`if (!$relativepath) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('invalidargorconf');`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`} else if ($relativepath{0} != '/') {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('pathdoesnotstartslash');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`$pathname = $CFG->dataroot.$relativepath;`
Decode pathinfo in case it has encoded spaces etc in it 2003-11-27 17:23:36 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// extract relative path components`
			`$args = explode('/', trim($relativepath, '/'));`
			`if (count($args) == 0) { // always at least courseid, may search for index.html in course root`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('invalidarguments');`
Better error message when invalid arguments are supplied. 2002-09-05 11:56:20 +00:00			`}`
adding attachment for blogs 2006-11-20 08:31:48 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// security: limit access to existing course subdirectories`
MDL-14679 ok, here is the big patch with new dmllib and ddlib API, some code is already converted, XML db editor works; see tracker for details of regressions and TODOs 2008-05-15 21:40:00 +00:00			`if (($args[0]!='blog') and (!$course = $DB->get_record_sql("SELECT * FROM {course} WHERE id=?", array((int)$args[0])))) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('invalidcourseid');`
Some security fixes with directory listing 2004-03-16 07:20:00 +00:00			`}`

new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// security: prevent access to "000" or "1 something" directories`
adding attachment for blogs 2006-11-20 08:31:48 +00:00			`// hack for blogs, needs proper security check too`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`if (($args[0] != 'blog') and ($args[0] != $course->id)) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('invalidcourseid');`
Merged from stable 2004-09-07 14:13:19 +00:00			`}`
Several changes related to the front page, so that it now works OK. 2001-11-25 15:48:24 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// security: login to course if necessary`
New setting in require_login() to avoid certain scripts (file.php) to mess $SESSION->wantsurl. MDL-14495 ; merged from 19_STABLE 2008-04-25 18:55:36 +00:00			`// Note: file.php always calls require_login() with $setwantsurltome=false`
			`// in order to avoid messing redirects. MDL-14495`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`if ($args[0] == 'blog') {`
			`if (empty($CFG->bloglevel)) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('blogdisable', 'blog');`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`} else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {`
New setting in require_login() to avoid certain scripts (file.php) to mess $SESSION->wantsurl. MDL-14495 ; merged from 19_STABLE 2008-04-25 18:55:36 +00:00			`require_login(0, true, null, false);`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`} else if ($CFG->forcelogin) {`
New setting in require_login() to avoid certain scripts (file.php) to mess $SESSION->wantsurl. MDL-14495 ; merged from 19_STABLE 2008-04-25 18:55:36 +00:00			`require_login(0, true, null, false);`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`}`
			`} else if ($course->id != SITEID) {`
New setting in require_login() to avoid certain scripts (file.php) to mess $SESSION->wantsurl. MDL-14495 ; merged from 19_STABLE 2008-04-25 18:55:36 +00:00			`require_login($course->id, true, null, false);`
Use forcelogin on site files if it's defined bug 1486 2004-05-28 01:17:37 +00:00			`} else if ($CFG->forcelogin) {`
MDL-9168 nested site policy when forcelogin enabled; merged from MOODLE_18_STABLE 2007-04-02 16:13:41 +00:00			`if (!empty($CFG->sitepolicy)`
			`and ($CFG->sitepolicy == $CFG->wwwroot.'/file.php'.$relativepath`
			`or $CFG->sitepolicy == $CFG->wwwroot.'/file.php?file='.$relativepath)) {`
			`//do not require login for policy file`
			`} else {`
New setting in require_login() to avoid certain scripts (file.php) to mess $SESSION->wantsurl. MDL-14495 ; merged from 19_STABLE 2008-04-25 18:55:36 +00:00			`require_login(0, true, null, false);`
MDL-9168 nested site policy when forcelogin enabled; merged from MOODLE_18_STABLE 2007-04-02 16:13:41 +00:00			`}`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// security: only editing teachers can access backups`
backupdata folder is not visible in directory resource any more, the backup files were not downloadable, but they might be stored in browser cache when teacher and student were logged from the same browser and computer account - MDL-6280 ; merged from MOODLE_16_STABLE 2006-09-16 17:15:18 +00:00			`if ((count($args) >= 2) and (strtolower($args[1]) == 'backupdata')) {`
			`if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('nopermissions');`
backupdata folder is not visible in directory resource any more, the backup files were not downloadable, but they might be stored in browser cache when teacher and student were logged from the same browser and computer account - MDL-6280 ; merged from MOODLE_16_STABLE 2006-09-16 17:15:18 +00:00			`} else {`
			`$lifetime = 0; //disable browser caching for backups`
			`}`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`}`
Initial revision 2001-11-22 06:23:56 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`if (is_dir($pathname)) {`
			`if (file_exists($pathname.'/index.html')) {`
			`$pathname = rtrim($pathname, '/').'/index.html';`
			`$args[] = 'index.html';`
			`} else if (file_exists($pathname.'/index.htm')) {`
			`$pathname = rtrim($pathname, '/').'/index.htm';`
			`$args[] = 'index.htm';`
			`} else if (file_exists($pathname.'/Default.htm')) {`
			`$pathname = rtrim($pathname, '/').'/Default.htm';`
			`$args[] = 'Default.htm';`
			`} else {`
			`// security: do not return directory node!`
			`not_found($course->id);`
			`}`
			`}`
Added an option on the filters page to control whether uploaded files are parsed by filters. bug 1128 2004-03-11 02:14:15 +00:00
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00			`// security: teachers can view all assignments, students only their own`
			`if ((count($args) >= 3)`
			`and (strtolower($args[1]) == 'moddata')`
			`and (strtolower($args[2]) == 'assignment')) {`

			`$lifetime = 0; // do not cache assignments, students may reupload them`
Advanced Upload assignment type - student can't read teacher's uploaded response file MDL-6771 2006-10-01 20:04:53 +00:00			`if (!has_capability('mod/assignment:grade', get_context_instance(CONTEXT_COURSE, $course->id))`
			`and $args[4] != $USER->id) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('nopermissions');`
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00			`}`
			`}`

new parameter forcedownload; merged from MOODLE_15_STABLE 2005-07-12 08:05:42 +00:00			`// security: force download of all attachments submitted by students`
			`if ((count($args) >= 3)`
			`and (strtolower($args[1]) == 'moddata')`
			`and ((strtolower($args[2]) == 'forum')`
			`or (strtolower($args[2]) == 'assignment')`
SC #280 force downloading of database files; merged from MOODLE_16_STABLE 2006-07-30 22:44:50 +00:00			`or (strtolower($args[2]) == 'data')`
new parameter forcedownload; merged from MOODLE_15_STABLE 2005-07-12 08:05:42 +00:00			`or (strtolower($args[2]) == 'glossary')`
			`or (strtolower($args[2]) == 'wiki')`
			`or (strtolower($args[2]) == 'exercise')`
			`or (strtolower($args[2]) == 'workshop')`
			`)) {`
			`$forcedownload = 1; // force download of all attachments`
			`}`
MDL-8015 improved file uploading - changed file upload api in formslib - fixed blog attachments and related code in file.php - fixed glossary attachments - fixed embedded images in forum posts and blogs - only gif, png and jpeg; the problme was that svg were embedded using img tag which was wrong, the same applied to other picture formats unsupported by browsers (please note that student submitted svg should be never embedded in moodle page for security reasons) - other minor fixes 2006-12-28 21:21:44 +00:00			`if ($args[0] == 'blog') {`
			`$forcedownload = 1; // force download of all attachments`
			`}`
new parameter forcedownload; merged from MOODLE_15_STABLE 2005-07-12 08:05:42 +00:00
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00			`// security: some protection of hidden resource files`
			`// warning: it may break backwards compatibility`
			`if ((!empty($CFG->preventaccesstohiddenfiles))`
			`and (count($args) >= 2)`
fix for MDL-6599 - problem with hiding of resource when $CFG->preventaccesstohiddenfiles enabled 2006-09-25 08:53:10 +00:00			`and (!(strtolower($args[1]) == 'moddata' and strtolower($args[2]) != 'resource')) // do not block files from other modules!`
fixing missing bracket 2006-09-14 06:43:01 +00:00			`and (!has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_COURSE, $course->id)))) {`
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00
fix for MDL-6599 - problem with hiding of resource when $CFG->preventaccesstohiddenfiles enabled 2006-09-25 08:53:10 +00:00			`$rargs = $args;`
			`array_shift($rargs);`
			`$reference = implode('/', $rargs);`
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00
MDL-14679 ok, here is the big patch with new dmllib and ddlib API, some code is already converted, XML db editor works; see tracker for details of regressions and TODOs 2008-05-15 21:40:00 +00:00			`$sql = "SELECT COUNT(r.id)`
			`FROM {resource} r, {course_modules} cm, {modules} m`
			`WHERE r.course = ?`
			`AND m.name = 'resource'`
			`AND cm.module = m.id`
			`AND cm.instance = r.id`
			`AND cm.visible = 0`
			`AND r.type = 'file'`
			`AND r.reference = ?";`
			`$params = array($course->id, $reference);`

			`if ($DB->count_records_sql($sql, $params)) {`
"MDL-14129, fix print_error call" 2008-04-30 04:09:29 +00:00			`print_error('nopermissions');`
SC#98 protection of uploaded files in resources, please review and test 2005-02-22 23:36:20 +00:00			`}`
			`}`

new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// check that file exists`
			`if (!file_exists($pathname)) {`
			`not_found($course->id);`
			`}`
file.php now calculates content-length correctly for filtered text and HTML files. Bug 1240 2004-04-26 03:41:45 +00:00
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`// ========================================`
			`// finally send the file`
			`// ========================================`
Merged from MOODLE_14_STABLE - Unlock session during fileserving. 2005-05-17 01:00:48 +00:00			`session_write_close(); // unlock session during fileserving`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`$filename = $args[count($args)-1];`
Corrected oversight with uploaded file filters change See http://moodle.org/mod/forum/discuss.php?d=40177 2006-02-21 12:54:24 +00:00			`send_file($pathname, $filename, $lifetime, $CFG->filteruploadedfiles, false, $forcedownload);`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00
			`function not_found($courseid) {`
			`global $CFG;`
Added a file level phpdoc docblock tag. Also converted double quote strings to single quote literals. 2004-09-29 18:19:39 +00:00			`header('HTTP/1.0 404 not found');`
MDL-14129, remove all the other error() call 2008-04-04 02:54:20 +00:00			`print_error('filenotfound', 'error', $CFG->wwwroot.'/course/view.php?id='.$courseid); //this is not displayed on IIS??`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
new handling of uploaded files, please TEST, TEST, TEST 2004-12-14 18:57:51 +00:00			`?>`