MDL-61150 xmldb: Let's check the PATH attribute of XMLDB files

Starting with Moodle 3.5 the XMLDB->PATH attribute is checked
to be correct and pointing to the correct plugin directory.

It only was used for writing PHP savepoints code, but better we
ask for strict correctness.

With this patch applied, neither the XMLDB Editor neither install
will be able to load a file with wrong PATH anymore.

lib/upgrade.txt

@@ -13,6 +13,8 @@ information provided here is intended especially for developers.
       groups_groupings_groups_removed, groups_groups_deleted, groups_groupings_deleted.
 * The following functions have been finally deprecated and can not be used any more:
   - notify()
+* XMLDB now validates the PATH attribute on every install.xml file. Both the XMLDB editor and installation will fail
+  when a problem is detected with it. Please ensure your plugins contain correct directory relative paths.
 
 === 3.4 ===
 

lib/xmldb/xmldb_structure.php

@@ -231,6 +231,16 @@ class xmldb_structure extends xmldb_object {
             $this->debug($this->errormsg);
             $result = false;
         }
+        // Normalize paths to compare them.
+        $filepath = realpath($this->name); // File path comes in name.
+        $filename = basename($filepath);
+        $structurepath = realpath($CFG->dirroot . DIRECTORY_SEPARATOR . $this->path . DIRECTORY_SEPARATOR . $filename);
+        if ($filepath !== $structurepath) {
+            $relativepath = dirname(str_replace(realpath($CFG->dirroot) . DIRECTORY_SEPARATOR, '', $filepath));
+            $this->errormsg = 'PATH attribute does not match file directory: ' . $relativepath;
+            $this->debug($this->errormsg);
+            $result = false;
+        }
         if (isset($xmlarr['XMLDB']['@']['VERSION'])) {
             $this->version = trim($xmlarr['XMLDB']['@']['VERSION']);
         } else {