mirror of
https://github.com/moodle/moodle.git
synced 2025-01-21 07:28:31 +01:00
7613890851
These are the changes from MOODLE_13_STABLE, merged into trunk The tag MOODLE_13_MERGED on the MOODLE_13_STABLE branch now refers to this point The biggest changes here are the fixes for HTML editor in all standard modules
95 lines
2.9 KiB
PHP
95 lines
2.9 KiB
PHP
<?PHP //$Id$
|
|
//This file returns the required rss feeds
|
|
//The URL format MUST include:
|
|
// course: the course id
|
|
// user: the user id
|
|
// name: the name of the module (forum...)
|
|
// id: the id (instance) of the module (forumid...)
|
|
//If the course has a password or it doesn't
|
|
//allow guest access then the user field is
|
|
//required to see that the user is enrolled
|
|
//in the course, else no check is performed.
|
|
//This allows to limit a bit the rss access
|
|
//to correct users. It isn't unbreakable,
|
|
//obviously, but its the best I've thought!!
|
|
|
|
require_once("../config.php");
|
|
require_once("$CFG->dirroot/files/mimetypes.php");
|
|
|
|
$allowed = true;
|
|
$error = false;
|
|
|
|
if (empty($CFG->filelifetime)) {
|
|
$CFG->filelifetime = 86400; /// Seconds for files to remain in caches
|
|
}
|
|
|
|
if (isset($file)) { // workaround for situations where / syntax doesn't work
|
|
$pathinfo = $file;
|
|
} else {
|
|
$pathinfo = get_slash_arguments("file.php");
|
|
}
|
|
|
|
if (!$pathinfo) {
|
|
$error = true;
|
|
}
|
|
|
|
$pathinfo = urldecode($pathinfo);
|
|
|
|
if (! $args = parse_slash_arguments($pathinfo)) {
|
|
$error = true;
|
|
}
|
|
|
|
$numargs = count($args);
|
|
if ($numargs < 5 or empty($args[1])) {
|
|
$error = true;
|
|
}
|
|
|
|
$courseid = (integer)$args[0];
|
|
$userid = (integer)$args[1];
|
|
$modulename = $args[2];
|
|
$instance = (integer)$args[3];
|
|
|
|
if (! $course = get_record("course", "id", $courseid)) {
|
|
$error = true;
|
|
}
|
|
|
|
//Get course_module to check it's visible
|
|
if (! $cm = get_coursemodule_from_instance($modulename,$instance,$courseid)) {
|
|
$error = true;
|
|
}
|
|
$cmvisible = $cm->visible;
|
|
|
|
$isstudent = isstudent($courseid,$userid);
|
|
$isteacher = isteacher($courseid,$userid);
|
|
|
|
//Check for "security" if !course->guest or course->password
|
|
if (!$course->guest || $course->password) {
|
|
$allowed = ($isstudent || $isteacher);
|
|
}
|
|
|
|
//Check for "security" if the course is hidden or the activity is hidden
|
|
if ($allowed && (!$course->visible || !$cmvisible)) {
|
|
$allowed = $isteacher;
|
|
}
|
|
|
|
$pathname = $CFG->dataroot."/rss/".$modulename."/".$instance.".xml";
|
|
$filename = $args[$numargs-1];
|
|
|
|
//If the file exists and its allowed for me, download it!
|
|
if (file_exists($pathname) && $allowed && !$error) {
|
|
$lastmodified = filemtime($pathname);
|
|
$mimetype = mimeinfo("type", $filename);
|
|
|
|
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $lastmodified) . " GMT");
|
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + $CFG->filelifetime) . " GMT");
|
|
header("Cache-control: max_age = $CFG->filelifetime");
|
|
header("Pragma: ");
|
|
header("Content-disposition: inline; filename=$filename");
|
|
|
|
header("Content-length: ".filesize($pathname));
|
|
header("Content-type: $mimetype");
|
|
readfile($pathname);
|
|
}
|
|
|
|
?>
|