. /** * Accept uploading files by web service token to the user draft file area. * * POST params: * token => the web service user token (needed for authentication) * filepath => file path (where files will be stored) * [_FILES] => for example you can send the files with , * or with curl magic: 'file_1' => '@/path/to/file', or ... * itemid => The draftid - this can be used to add a list of files * to a draft area in separate requests. If it is 0, a new draftid will be generated. * * @package core_webservice * @copyright 2011 Dongsheng Cai * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ /** * AJAX_SCRIPT - exception will be converted into JSON */ define('AJAX_SCRIPT', true); /** * NO_MOODLE_COOKIES - we don't want any cookie */ define('NO_MOODLE_COOKIES', true); require_once(__DIR__ . '/../config.php'); require_once($CFG->dirroot . '/webservice/lib.php'); // Allow CORS requests. header('Access-Control-Allow-Origin: *'); $filepath = optional_param('filepath', '/', PARAM_PATH); $itemid = optional_param('itemid', 0, PARAM_INT); echo $OUTPUT->header(); // Authenticate the user. $token = required_param('token', PARAM_ALPHANUM); $webservicelib = new webservice(); $authenticationinfo = $webservicelib->authenticate_user($token); $fileuploaddisabled = empty($authenticationinfo['service']->uploadfiles); if ($fileuploaddisabled) { throw new webservice_access_exception('Web service file upload must be enabled in external service settings'); } $context = context_user::instance($USER->id); $fs = get_file_storage(); $totalsize = 0; $files = array(); foreach ($_FILES as $fieldname => $uploadedfile) { // Check upload errors. if (!empty($_FILES[$fieldname]['error'])) { switch ($_FILES[$fieldname]['error']) { case UPLOAD_ERR_INI_SIZE: throw new moodle_exception('upload_error_ini_size', 'repository_upload'); break; case UPLOAD_ERR_FORM_SIZE: throw new moodle_exception('upload_error_form_size', 'repository_upload'); break; case UPLOAD_ERR_PARTIAL: throw new moodle_exception('upload_error_partial', 'repository_upload'); break; case UPLOAD_ERR_NO_FILE: throw new moodle_exception('upload_error_no_file', 'repository_upload'); break; case UPLOAD_ERR_NO_TMP_DIR: throw new moodle_exception('upload_error_no_tmp_dir', 'repository_upload'); break; case UPLOAD_ERR_CANT_WRITE: throw new moodle_exception('upload_error_cant_write', 'repository_upload'); break; case UPLOAD_ERR_EXTENSION: throw new moodle_exception('upload_error_extension', 'repository_upload'); break; default: throw new moodle_exception('nofile'); } } // Scan for viruses. \core\antivirus\manager::scan_file($_FILES[$fieldname]['tmp_name'], $_FILES[$fieldname]['name'], true); $file = new stdClass(); $file->filename = clean_param($_FILES[$fieldname]['name'], PARAM_FILE); // Check system maxbytes setting. if (($_FILES[$fieldname]['size'] > get_max_upload_file_size($CFG->maxbytes))) { // Oversize file will be ignored, error added to array to notify // web service client. $file->errortype = 'fileoversized'; $file->error = get_string('maxbytes', 'error'); } else { $file->filepath = $_FILES[$fieldname]['tmp_name']; // Calculate total size of upload. $totalsize += $_FILES[$fieldname]['size']; // Size of individual file. $file->size = $_FILES[$fieldname]['size']; } $files[] = $file; } $fs = get_file_storage(); if ($itemid <= 0) { $itemid = file_get_unused_draft_itemid(); } // Get any existing file size limits. $maxupload = get_user_max_upload_file_size($context, $CFG->maxbytes); // Check the size of this upload. if ($maxupload !== USER_CAN_IGNORE_FILE_SIZE_LIMITS && $totalsize > $maxupload) { throw new file_exception('userquotalimit'); } $results = array(); foreach ($files as $file) { if (!empty($file->error)) { // Including error and filename. $results[] = $file; continue; } $filerecord = new stdClass; $filerecord->component = 'user'; $filerecord->contextid = $context->id; $filerecord->userid = $USER->id; $filerecord->filearea = 'draft'; $filerecord->filename = $file->filename; $filerecord->filepath = $filepath; $filerecord->itemid = $itemid; $filerecord->license = $CFG->sitedefaultlicense; $filerecord->author = fullname($authenticationinfo['user']); $filerecord->source = serialize((object)array('source' => $file->filename)); $filerecord->filesize = $file->size; // Check if the file already exist. $existingfile = $fs->file_exists($filerecord->contextid, $filerecord->component, $filerecord->filearea, $filerecord->itemid, $filerecord->filepath, $filerecord->filename); if ($existingfile) { $file->errortype = 'filenameexist'; $file->error = get_string('filenameexist', 'webservice', $file->filename); $results[] = $file; } else { $storedfile = $fs->create_file_from_pathname($filerecord, $file->filepath); $results[] = $filerecord; // Log the event when a file is uploaded to the draft area. $logevent = \core\event\draft_file_added::create([ 'objectid' => $storedfile->get_id(), 'context' => $context, 'other' => [ 'itemid' => $filerecord->itemid, 'filename' => $filerecord->filename, 'filesize' => $filerecord->filesize, 'filepath' => $filerecord->filepath, 'contenthash' => $storedfile->get_contenthash(), ], ]); $logevent->trigger(); } } echo json_encode($results);