Differences Between: [Versions 400 and 402] [Versions 400 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Form for editing HTML block instances. 19 * 20 * @copyright 2010 Petr Skoda (http://skodak.org) 21 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 22 * @package block_html 23 * @category files 24 * @param stdClass $course course object 25 * @param stdClass $birecord_or_cm block instance record 26 * @param stdClass $context context object 27 * @param string $filearea file area 28 * @param array $args extra arguments 29 * @param bool $forcedownload whether or not force download 30 * @param array $options additional options affecting the file serving 31 * @return bool 32 * @todo MDL-36050 improve capability check on stick blocks, so we can check user capability before sending images. 33 */ 34 function block_html_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options=array()) { 35 global $DB, $CFG, $USER; 36 37 if ($context->contextlevel != CONTEXT_BLOCK) { 38 send_file_not_found(); 39 } 40 41 // If block is in course context, then check if user has capability to access course. 42 if ($context->get_course_context(false)) { 43 require_course_login($course); 44 } else if ($CFG->forcelogin) { 45 require_login(); 46 } else { 47 // Get parent context and see if user have proper permission. 48 $parentcontext = $context->get_parent_context(); 49 if ($parentcontext->contextlevel === CONTEXT_COURSECAT) { 50 // Check if category is visible and user can view this category. 51 if (!core_course_category::get($parentcontext->instanceid, IGNORE_MISSING)) { 52 send_file_not_found(); 53 } 54 } else if ($parentcontext->contextlevel === CONTEXT_USER && $parentcontext->instanceid != $USER->id) { 55 // The block is in the context of a user, it is only visible to the user who it belongs to. 56 send_file_not_found(); 57 } 58 // At this point there is no way to check SYSTEM context, so ignoring it. 59 } 60 61 if ($filearea !== 'content') { 62 send_file_not_found(); 63 } 64 65 $fs = get_file_storage(); 66 67 $filename = array_pop($args); 68 $filepath = $args ? '/'.implode('/', $args).'/' : '/'; 69 70 if (!$file = $fs->get_file($context->id, 'block_html', 'content', 0, $filepath, $filename) or $file->is_directory()) { 71 send_file_not_found(); 72 } 73 74 if ($parentcontext = context::instance_by_id($birecord_or_cm->parentcontextid, IGNORE_MISSING)) { 75 if ($parentcontext->contextlevel == CONTEXT_USER) { 76 // force download on all personal pages including /my/ 77 //because we do not have reliable way to find out from where this is used 78 $forcedownload = true; 79 } 80 } else { 81 // weird, there should be parent context, better force dowload then 82 $forcedownload = true; 83 } 84 85 // NOTE: it woudl be nice to have file revisions here, for now rely on standard file lifetime, 86 // do not lower it because the files are dispalyed very often. 87 \core\session\manager::write_close(); 88 send_stored_file($file, null, 0, $forcedownload, $options); 89 } 90 91 /** 92 * Perform global search replace such as when migrating site to new URL. 93 * @param $search 94 * @param $replace 95 * @return void 96 */ 97 function block_html_global_db_replace($search, $replace) { 98 global $DB; 99 100 $instances = $DB->get_recordset('block_instances', array('blockname' => 'html')); 101 foreach ($instances as $instance) { 102 // TODO: intentionally hardcoded until MDL-26800 is fixed 103 $config = unserialize_object(base64_decode($instance->configdata)); 104 if (isset($config->text) and is_string($config->text)) { 105 $config->text = str_replace($search, $replace, $config->text); 106 $DB->update_record('block_instances', ['id' => $instance->id, 107 'configdata' => base64_encode(serialize($config)), 'timemodified' => time()]); 108 } 109 } 110 $instances->close(); 111 } 112 113 /** 114 * Given an array with a file path, it returns the itemid and the filepath for the defined filearea. 115 * 116 * @param string $filearea The filearea. 117 * @param array $args The path (the part after the filearea and before the filename). 118 * @return array The itemid and the filepath inside the $args path, for the defined filearea. 119 */ 120 function block_html_get_path_from_pluginfile(string $filearea, array $args) : array { 121 // This block never has an itemid (the number represents the revision but it's not stored in database). 122 array_shift($args); 123 124 // Get the filepath. 125 if (empty($args)) { 126 $filepath = '/'; 127 } else { 128 $filepath = '/' . implode('/', $args) . '/'; 129 } 130 131 return [ 132 'itemid' => 0, 133 'filepath' => $filepath, 134 ]; 135 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body