moodle/repository/ws.php

<?php  // $Id$

/// The Web service script that is called from the filepicker front end

    require_once('../config.php');
    require_once('../lib/filelib.php');
    require_once('lib.php');

/// Parameters
    $page  = optional_param('page', '', PARAM_RAW);           // page
    $client_id = optional_param('client_id', SITEID, PARAM_RAW);    // client ID
    $env   = optional_param('env', 'filepicker', PARAM_ALPHA);// opened in editor or moodleform
    $file  = optional_param('file', '', PARAM_RAW);           // file to download
    $title = optional_param('title', '', PARAM_FILE);         // new file name
    $itemid = optional_param('itemid', '', PARAM_INT);
    $action = optional_param('action', '', PARAM_ALPHA);
    $ctx_id = optional_param('ctx_id', SITEID, PARAM_INT);    // context ID
    $repo_id   = optional_param('repo_id', 1, PARAM_INT);     // repository ID
    $req_path  = optional_param('p', '', PARAM_RAW);          // path
    $callback  = optional_param('callback', '', PARAM_CLEANHTML);
    $search_text = optional_param('s', '', PARAM_CLEANHTML);

/// Headers to make it not cacheable
    header("Cache-Control: no-cache, must-revalidate");
    header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
    $err = new stdclass;
    $err->client_id = $client_id;

/// Check permissions
    if (! (isloggedin() && repository::check_context($ctx_id)) ) {
        $err->e = get_string('nopermissiontoaccess', 'repository');
        die(json_encode($err));
    }

/// Wait as long as it takes for this script to finish
    set_time_limit(0);

/// Check for actions that do not need repository ID
    switch ($action) {
        // delete a file from filemanger
        case 'delete':
            try {
                if (!$context = get_context_instance(CONTEXT_USER, $USER->id)) {
                }
                $contextid = $context->id;
                $fs = get_file_storage();
                if ($file = $fs->get_file($contextid, 'user_draft', $itemid, '/', $title)) {
                    $file->delete();
                    echo 200;
                } else {
                    echo '';
                }
                exit;
            } catch (repository_exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'gsearch':     //  Global Search
            $repos = repository::get_instances(array(get_context_instance_by_id($ctx_id), get_system_context()));
            $list = array();
            foreach($repos as $repo){
                if ($repo->global_search()) {
                    try {
                        $ret = $repo->search($search_text);
                        array_walk($ret['list'], 'repository_attach_id', $repo->id);  // See function below
                        $tmp = array_merge($list, $ret['list']);
                        $list = $tmp;
                    } catch (repository_exception $e) {
                        $err->e = $e->getMessage();
                        die(json_encode($err));
                    }
                }
            }
            $listing = array('list'=>$list);
            $listing['client_id'] = $client_id;
            die(json_encode($listing));
            break;

        case 'ccache':      // Clean cache
            $cache = new curl_cache;
            $cache->refresh();
            $action = 'list';
            break;
    }

/// Get repository instance information
    $sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
           'WHERE i.id=? AND i.typeid=r.id';
    if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
        $err->e = get_string('invalidrepositoryid', 'repository');
        die(json_encode($err));
    } else {
        $type = $repository->type;
    }

    if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
        require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
        $classname = 'repository_' . $type;
        try {
            $repo = new $classname($repo_id, $ctx_id, array('ajax'=>true, 'name'=>$repository->name));
        } catch (repository_exception $e){
            $err->e = $e->getMessage();
            die(json_encode($err));
        }
    } else {
        $err->e = get_string('invalidplugin', 'repository', $type);
        die(json_encode($err));
    }

    if (!empty($callback)) {
        // call opener window to refresh repository
        // the callback url should be something like this:
        // http://xx.moodle.com/repository/ws.php?callback=yes&repo_id=1&sid=xxx
        // sid is the attached auth token from external source
        $js  =<<<EOD
<html><head><script type="text/javascript">
    window.opener.repository_callback($repo_id);
    window.close();
</script><body></body></html>
EOD;
        echo $js;
        die;
    }


/// These actions all occur on the currently active repository instance
    switch ($action) {
        case 'sign':
        case 'list':
            if ($repo->check_login()) {
                try {
                    $listing = $repo->get_listing($req_path, $page);
                    $listing['client_id'] = $client_id;
                    $listing['repo_id'] = $repo_id;
                    echo json_encode($listing);
                } catch (repository_exception $e) {
                    $err->e = $e->getMessage();
                    die(json_encode($err));
                }
                break;
            } else {
                $action = 'login';
            }
        case 'login':
            try {
                $listing = $repo->print_login();
                $listing['client_id'] = $client_id;
                $listing['repo_id'] = $repo_id;
                echo json_encode($listing);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'logout':
            $logout = $repo->logout();
            $logout['client_id'] = $client_id;
            echo json_encode($logout);
            break;
        case 'searchform':
            $search_form['form'] = $repo->print_search();
            $search_form['client_id'] = $client_id;
            echo json_encode($search_form);
            break;
        case 'search':
            try {
                $search_result = $repo->search($search_text);
                $search_result['search_result'] = 'test';
                $search_result['client_id'] = $client_id;
                $search_result['repo_id'] = $repo_id;
                echo json_encode($search_result);
            } catch (repository_exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'download':
            $path = $repo->get_file($file, $title);
            if (empty($itemid)) {
                $itemid = (int)substr(hexdec(uniqid()), 0, 9)+rand(1,100);
            }
            try {
                if (preg_match('#(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)#', $path)) {
                    echo json_encode(array('client_id'=>$client_id, 'url'=>$path, 'id'=>$path, 'file'=>$path));
                } else {
                    $info = repository::move_to_filepool($path, $title, $itemid);
                    $info['client_id'] = $client_id;
                    if ($env == 'filepicker' || $env == 'filemanager'){
                        echo json_encode($info);
                    } else if ($env == 'editor') {
                        echo json_encode($info);
                    }
                }
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            } catch (Exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'upload':
            try {
                $upload = $repo->get_listing();
                $upload['client_id'] = $client_id;
                echo json_encode($upload);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
    }

/**
 * Small function to walk an array to attach repository ID
 */
function repository_attach_id(&$value, $key, $id){
    $value['repo_id'] = $id;
}
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`<?php // $Id$`
MDL-15488, paging for flickr plugin 2008-07-09 07:48:33 +00:00
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`/// The Web service script that is called from the filepicker front end`
MDL-13766, global search enabled. 2008-09-08 05:38:13 +00:00
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`require_once('../config.php');`
			`require_once('../lib/filelib.php');`
			`require_once('lib.php');`
MDL-13766 popup authentication support (draft) 2008-09-09 03:25:03 +00:00
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`/// Parameters`
"REPOSITORY/MDL-13766, separate page and path in get_listing function" 2009-02-18 06:52:54 +00:00			`$page = optional_param('page', '', PARAM_RAW); // page`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$client_id = optional_param('client_id', SITEID, PARAM_RAW); // client ID`
REPOSITORY, FILEMANGER FORM ELEMENT/MDL-16597 new ajax filemanager. 2008-12-02 07:05:15 +00:00			`$env = optional_param('env', 'filepicker', PARAM_ALPHA);// opened in editor or moodleform`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$file = optional_param('file', '', PARAM_RAW); // file to download`
			`$title = optional_param('title', '', PARAM_FILE); // new file name`
REPOSITORY, FILEMANGER FORM ELEMENT/MDL-16597 new ajax filemanager. 2008-12-02 07:05:15 +00:00			`$itemid = optional_param('itemid', '', PARAM_INT);`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$action = optional_param('action', '', PARAM_ALPHA);`
"REPOSITORY/MDL-13766, separate page and path in get_listing function" 2009-02-18 06:52:54 +00:00			`$ctx_id = optional_param('ctx_id', SITEID, PARAM_INT); // context ID`
			`$repo_id = optional_param('repo_id', 1, PARAM_INT); // repository ID`
			`$req_path = optional_param('p', '', PARAM_RAW); // path`
			`$callback = optional_param('callback', '', PARAM_CLEANHTML);`
MDL-13766 1. Clean up source code 2. use search api replace old get_listing api 2008-09-16 03:11:17 +00:00			`$search_text = optional_param('s', '', PARAM_CLEANHTML);`
MDL-13766, global search enabled. 2008-09-08 05:38:13 +00:00
MDL-13766 Tidying 2008-09-15 06:58:26 +00:00			`/// Headers to make it not cacheable`
			`header("Cache-Control: no-cache, must-revalidate");`
			`header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$err = new stdclass;`
			`$err->client_id = $client_id;`
MDL-15488 1. Create a ajax file picker, which can switch views(list and thumbnail now), transfer json data between server and client side 2. Improve curl.class.php 3. Improve boxnet plugin, which won't need to redirect box.net to authenticate from now on 4. Improve flickr plugin 2008-07-07 06:34:39 +00:00
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`/// Check permissions`
MDL_13766 Refactoring of core repository code and added first unit tests 2008-11-26 07:03:10 +00:00			`if (! (isloggedin() && repository::check_context($ctx_id)) ) {`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$err->e = get_string('nopermissiontoaccess', 'repository');`
"MDL-13766, make params unique" 2008-08-02 15:52:14 +00:00			`die(json_encode($err));`
MDL-13766, use exception model to report error. 2008-07-23 04:43:53 +00:00			`}`
MDL-15488 1. Create a ajax file picker, which can switch views(list and thumbnail now), transfer json data between server and client side 2. Improve curl.class.php 3. Improve boxnet plugin, which won't need to redirect box.net to authenticate from now on 4. Improve flickr plugin 2008-07-07 06:34:39 +00:00
MDL-13766 Tidying 2008-09-15 06:58:26 +00:00			`/// Wait as long as it takes for this script to finish`
			`set_time_limit(0);`

MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`/// Check for actions that do not need repository ID`
			`switch ($action) {`
REPOSITORY, FILEMANGER FORM ELEMENT/MDL-16597 new ajax filemanager. 2008-12-02 07:05:15 +00:00			`// delete a file from filemanger`
			`case 'delete':`
			`try {`
			`if (!$context = get_context_instance(CONTEXT_USER, $USER->id)) {`
			`}`
			`$contextid = $context->id;`
			`$fs = get_file_storage();`
			`if ($file = $fs->get_file($contextid, 'user_draft', $itemid, '/', $title)) {`
			`$file->delete();`
			`echo 200;`
			`} else {`
			`echo '';`
			`}`
			`exit;`
			`} catch (repository_exception $e) {`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`case 'gsearch': // Global Search`
MDL_13766 Refactoring of core repository code and added first unit tests 2008-11-26 07:03:10 +00:00			`$repos = repository::get_instances(array(get_context_instance_by_id($ctx_id), get_system_context()));`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$list = array();`
			`foreach($repos as $repo){`
			`if ($repo->global_search()) {`
			`try {`
MDL-13766 1. Clean up source code 2. use search api replace old get_listing api 2008-09-16 03:11:17 +00:00			`$ret = $repo->search($search_text);`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`array_walk($ret['list'], 'repository_attach_id', $repo->id); // See function below`
			`$tmp = array_merge($list, $ret['list']);`
			`$list = $tmp;`
			`} catch (repository_exception $e) {`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`}`
			`}`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$listing = array('list'=>$list);`
			`$listing['client_id'] = $client_id;`
			`die(json_encode($listing));`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`break;`

			`case 'ccache': // Clean cache`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$cache = new curl_cache;`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$cache->refresh();`
			`$action = 'list';`
			`break;`
MDL-13766 popup authentication support (draft) 2008-09-09 03:25:03 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00
			`/// Get repository instance information`
			`$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.`
DML fix 2009-03-28 22:18:53 +00:00			`'WHERE i.id=? AND i.typeid=r.id';`
			`if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`$err->e = get_string('invalidrepositoryid', 'repository');`
MDL-13766 introduce new search API 2008-09-12 08:16:09 +00:00			`die(json_encode($err));`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} else {`
			`$type = $repository->type;`
MDL-13766 introduce new search API 2008-09-12 08:16:09 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00
			`if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {`
			`require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');`
			`$classname = 'repository_' . $type;`
			`try {`
			`$repo = new $classname($repo_id, $ctx_id, array('ajax'=>true, 'name'=>$repository->name));`
			`} catch (repository_exception $e){`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
MDL-13766, use exception model to report error. 2008-07-23 04:43:53 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} else {`
"REPOSITORY/MDL-17466, display which plugin is valid" 2009-04-01 05:40:37 +00:00			`$err->e = get_string('invalidplugin', 'repository', $type);`
MDL-13766, use exception model to report error. 2008-07-23 04:43:53 +00:00			`die(json_encode($err));`
MDL-15488, paging for flickr plugin 2008-07-09 07:48:33 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00
			`if (!empty($callback)) {`
			`// call opener window to refresh repository`
			`// the callback url should be something like this:`
			`// http://xx.moodle.com/repository/ws.php?callback=yes&repo_id=1&sid=xxx`
			`// sid is the attached auth token from external source`
			`$js =<<<EOD`
			`<html><head><script type="text/javascript">`
			`window.opener.repository_callback($repo_id);`
			`window.close();`
			`</script><body></body></html>`
			`EOD;`
			`echo $js;`
			`die;`
MDL-13766, use exception model to report error. 2008-07-23 04:43:53 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00

			`/// These actions all occur on the currently active repository instance`
			`switch ($action) {`
MDL-13766 1. create logout() and check_login() function 2. Remove the code use global varibal 2008-09-15 09:31:41 +00:00			`case 'sign':`
			`case 'list':`
			`if ($repo->check_login()) {`
			`try {`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$listing = $repo->get_listing($req_path, $page);`
			`$listing['client_id'] = $client_id;`
			`$listing['repo_id'] = $repo_id;`
			`echo json_encode($listing);`
MDL-13766 1. create logout() and check_login() function 2. Remove the code use global varibal 2008-09-15 09:31:41 +00:00			`} catch (repository_exception $e) {`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
			`} else {`
			`$action = 'login';`
			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`case 'login':`
			`try {`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$listing = $repo->print_login();`
			`$listing['client_id'] = $client_id;`
			`$listing['repo_id'] = $repo_id;`
			`echo json_encode($listing);`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} catch (repository_exception $e){`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
MDL-13766 1. create logout() and check_login() function 2. Remove the code use global varibal 2008-09-15 09:31:41 +00:00			`case 'logout':`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$logout = $repo->logout();`
			`$logout['client_id'] = $client_id;`
			`echo json_encode($logout);`
MDL-13766 1. create logout() and check_login() function 2. Remove the code use global varibal 2008-09-15 09:31:41 +00:00			`break;`
			`case 'searchform':`
"MDL-18486, file picker searching form" 2009-04-21 05:53:35 +00:00			`$search_form['form'] = $repo->print_search();`
			`$search_form['client_id'] = $client_id;`
			`echo json_encode($search_form);`
MDL-13766 1. create logout() and check_login() function 2. Remove the code use global varibal 2008-09-15 09:31:41 +00:00			`break;`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`case 'search':`
			`try {`
MDL-15488, move search_result flag to ws.php 2008-09-22 01:10:52 +00:00			`$search_result = $repo->search($search_text);`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$search_result['search_result'] = 'test';`
			`$search_result['client_id'] = $client_id;`
			`$search_result['repo_id'] = $repo_id;`
MDL-15488, move search_result flag to ws.php 2008-09-22 01:10:52 +00:00			`echo json_encode($search_result);`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} catch (repository_exception $e) {`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
			`case 'download':`
			`$path = $repo->get_file($file, $title);`
REPOSITORY, FILEMANGER FORM ELEMENT/MDL-16597 new ajax filemanager. 2008-12-02 07:05:15 +00:00			`if (empty($itemid)) {`
			`$itemid = (int)substr(hexdec(uniqid()), 0, 9)+rand(1,100);`
			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`try {`
"MDL-16650, return raw URLs directly" 2008-10-20 01:40:19 +00:00			`if (preg_match('#(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)#', $path)) {`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`echo json_encode(array('client_id'=>$client_id, 'url'=>$path, 'id'=>$path, 'file'=>$path));`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} else {`
MDL_13766 Refactoring of core repository code and added first unit tests 2008-11-26 07:03:10 +00:00			`$info = repository::move_to_filepool($path, $title, $itemid);`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$info['client_id'] = $client_id;`
REPOSITORY, FILEMANGER FORM ELEMENT/MDL-16597 new ajax filemanager. 2008-12-02 07:05:15 +00:00			`if ($env == 'filepicker' \|\| $env == 'filemanager'){`
"MDL-16650, return raw URLs directly" 2008-10-20 01:40:19 +00:00			`echo json_encode($info);`
			`} else if ($env == 'editor') {`
			`echo json_encode($info);`
			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`}`
			`} catch (repository_exception $e){`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`} catch (Exception $e) {`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
			`case 'upload':`
			`try {`
"MDL-18486, remove php varible from file picker code, all javascript code goes into a static file" 2009-04-20 08:53:21 +00:00			`$upload = $repo->get_listing();`
			`$upload['client_id'] = $client_id;`
			`echo json_encode($upload);`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00			`} catch (repository_exception $e){`
			`$err->e = $e->getMessage();`
			`die(json_encode($err));`
			`}`
			`break;`
MDL-13766 Upload plugin added 2008-09-01 08:19:28 +00:00			`}`
MDL-13766 Cleaned up the formatting a bit for readability 2008-09-15 06:56:08 +00:00
			`/**`
			`* Small function to walk an array to attach repository ID`
			`*/`
			`function repository_attach_id(&$value, $key, $id){`
			`$value['repo_id'] = $id;`
MDL-15488 1. Create a ajax file picker, which can switch views(list and thumbnail now), transfer json data between server and client side 2. Improve curl.class.php 3. Improve boxnet plugin, which won't need to redirect box.net to authenticate from now on 4. Improve flickr plugin 2008-07-07 06:34:39 +00:00			`}`