Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/lib/ -> javascript.php (source)

Differences Between: [Versions 310 and 401]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * This file is serving optimised JS
  19   *
  20   * @package    core_lib
  21   * @copyright  2010 Petr Skoda (skodak)
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  // disable moodle specific debug messages and any errors in output,
  26  // comment out when debugging or better look into error log!
  27  define('NO_DEBUG_DISPLAY', true);
  28  
  29  // we need just the values from config.php and minlib.php
  30  define('ABORT_AFTER_CONFIG', true);
  31  require('../config.php'); // this stops immediately at the beginning of lib/setup.php
  32  require_once("$CFG->dirroot/lib/jslib.php");
  33  
  34  if ($slashargument = min_get_slash_argument()) {
  35      $slashargument = ltrim($slashargument, '/');
  36      if (substr_count($slashargument, '/') < 1) {
  37          header('HTTP/1.0 404 not found');
  38          die('Slash argument must contain both a revision and a file path');
  39      }
  40      // image must be last because it may contain "/"
  41      list($rev, $file) = explode('/', $slashargument, 2);
  42      $rev  = min_clean_param($rev, 'INT');
  43      $file = '/'.min_clean_param($file, 'SAFEPATH');
  44  
  45  } else {
  46      $rev  = min_optional_param('rev', -1, 'INT');
  47      $file = min_optional_param('jsfile', '', 'RAW'); // 'file' would collide with URL rewriting!
  48  }
  49  
  50  if (!min_is_revision_valid_and_current($rev)) {
  51      // If the rev is invalid, normalise it to -1 to disable all caching.
  52      $rev = -1;
  53  }
  54  
  55  // some security first - pick only files with .js extension in dirroot
  56  $jsfiles = array();
  57  $files = explode(',', $file);
  58  foreach ($files as $fsfile) {
  59      $jsfile = realpath($CFG->dirroot.$fsfile);
  60      if ($jsfile === false) {
  61          // does not exist
  62          continue;
  63      }
  64      if ($CFG->dirroot === '/') {
  65          // Some shared hosting sites serve files directly from '/',
  66          // this is NOT supported, but at least allow JS when showing
  67          // errors and warnings.
  68      } else if (strpos($jsfile, $CFG->dirroot . DIRECTORY_SEPARATOR) !== 0) {
  69          // hackers - not in dirroot
  70          continue;
  71      }
  72      if (substr($jsfile, -3) !== '.js') {
  73          // hackers - not a JS file
  74          continue;
  75      }
  76      $jsfiles[] = $jsfile;
  77  }
  78  
  79  if (!$jsfiles) {
  80      // bad luck - no valid files
  81      header('HTTP/1.0 404 not found');
  82      die('No valid javascript files found');
  83  }
  84  
  85  $etag = sha1($rev.implode(',', $jsfiles));
  86  
  87  if ($rev > 0) {
  88      $candidate = $CFG->localcachedir.'/js/'.$etag;
  89  
  90      if (file_exists($candidate)) {
  91          if (!empty($_SERVER['HTTP_IF_NONE_MATCH']) || !empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
  92              // we do not actually need to verify the etag value because our files
  93              // never change in cache because we increment the rev parameter
  94              js_send_unmodified(filemtime($candidate), $etag);
  95          }
  96          js_send_cached($candidate, $etag);
  97  
  98      } else {
  99          // The JS needs minfifying, so we're gonna have to load our full Moodle
 100          // environment to process it..
 101          define('ABORT_AFTER_CONFIG_CANCEL', true);
 102  
 103          define('NO_MOODLE_COOKIES', true); // Session not used here.
 104          define('NO_UPGRADE_CHECK', true);  // Ignore upgrade check.
 105  
 106          require("$CFG->dirroot/lib/setup.php");
 107  
 108          js_write_cache_file_content($candidate, core_minify::js_files($jsfiles));
 109          // verify nothing failed in cache file creation
 110          clearstatcache();
 111          if (file_exists($candidate)) {
 112              js_send_cached($candidate, $etag);
 113          }
 114      }
 115  }
 116  
 117  $content = '';
 118  foreach ($jsfiles as $jsfile) {
 119      $content .= file_get_contents($jsfile)."\n";
 120  }
 121  js_send_uncached($content);