Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/lib/ -> setuplib.php (source)

Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 400 and 401] [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * These functions are required very early in the Moodle
  19   * setup process, before any of the main libraries are
  20   * loaded.
  21   *
  22   * @package    core
  23   * @subpackage lib
  24   * @copyright  1999 onwards Martin Dougiamas  {@link http://moodle.com}
  25   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  26   */
  27  
  28  defined('MOODLE_INTERNAL') || die();
  29  
  30  // Debug levels - always keep the values in ascending order!
  31  /** No warnings and errors at all */
  32  define('DEBUG_NONE', 0);
  33  /** Fatal errors only */
  34  define('DEBUG_MINIMAL', E_ERROR | E_PARSE);
  35  /** Errors, warnings and notices */
  36  define('DEBUG_NORMAL', E_ERROR | E_PARSE | E_WARNING | E_NOTICE);
  37  /** All problems except strict PHP warnings */
  38  define('DEBUG_ALL', E_ALL & ~E_STRICT);
  39  /** DEBUG_ALL with all debug messages and strict warnings */
  40  define('DEBUG_DEVELOPER', E_ALL | E_STRICT);
  41  
  42  /** Remove any memory limits */
  43  define('MEMORY_UNLIMITED', -1);
  44  /** Standard memory limit for given platform */
  45  define('MEMORY_STANDARD', -2);
  46  /**
  47   * Large memory limit for given platform - used in cron, upgrade, and other places that need a lot of memory.
  48   * Can be overridden with $CFG->extramemorylimit setting.
  49   */
  50  define('MEMORY_EXTRA', -3);
  51  /** Extremely large memory limit - not recommended for standard scripts */
  52  define('MEMORY_HUGE', -4);
  53  
  54  /**
  55   * Base Moodle Exception class
  56   *
  57   * Although this class is defined here, you cannot throw a moodle_exception until
  58   * after moodlelib.php has been included (which will happen very soon).
  59   *
  60   * @package    core
  61   * @subpackage lib
  62   * @copyright  2008 Petr Skoda  {@link http://skodak.org}
  63   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  64   */
  65  class moodle_exception extends Exception {
  66  
  67      /**
  68       * @var string The name of the string from error.php to print
  69       */
  70      public $errorcode;
  71  
  72      /**
  73       * @var string The name of module
  74       */
  75      public $module;
  76  
  77      /**
  78       * @var mixed Extra words and phrases that might be required in the error string
  79       */
  80      public $a;
  81  
  82      /**
  83       * @var string The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
  84       */
  85      public $link;
  86  
  87      /**
  88       * @var string Optional information to aid the debugging process
  89       */
  90      public $debuginfo;
  91  
  92      /**
  93       * Constructor
  94       * @param string $errorcode The name of the string from error.php to print
  95       * @param string $module name of module
  96       * @param string $link The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
  97       * @param mixed $a Extra words and phrases that might be required in the error string
  98       * @param string $debuginfo optional debugging information
  99       */
 100      function __construct($errorcode, $module='', $link='', $a=NULL, $debuginfo=null) {
 101          global $CFG;
 102  
 103          if (empty($module) || $module == 'moodle' || $module == 'core') {
 104              $module = 'error';
 105          }
 106  
 107          $this->errorcode = $errorcode;
 108          $this->module    = $module;
 109          $this->link      = $link;
 110          $this->a         = $a;
 111          $this->debuginfo = is_null($debuginfo) ? null : (string)$debuginfo;
 112  
 113          if (get_string_manager()->string_exists($errorcode, $module)) {
 114              $message = get_string($errorcode, $module, $a);
 115              $haserrorstring = true;
 116          } else {
 117              $message = $module . '/' . $errorcode;
 118              $haserrorstring = false;
 119          }
 120  
 121          $isinphpunittest = (defined('PHPUNIT_TEST') && PHPUNIT_TEST);
 122          $hasdebugdeveloper = (
 123              isset($CFG->debugdisplay) &&
 124              isset($CFG->debug) &&
 125              $CFG->debugdisplay &&
 126              $CFG->debug === DEBUG_DEVELOPER
 127          );
 128  
 129          if ($debuginfo) {
 130              if ($isinphpunittest || $hasdebugdeveloper) {
 131                  $message = "$message ($debuginfo)";
 132              }
 133          }
 134  
 135          if (!$haserrorstring and $isinphpunittest) {
 136              // Append the contents of $a to $debuginfo so helpful information isn't lost.
 137              // This emulates what {@link get_exception_info()} does. Unfortunately that
 138              // function is not used by phpunit.
 139              $message .= PHP_EOL.'$a contents: '.print_r($a, true);
 140          }
 141  
 142          parent::__construct($message, 0);
 143      }
 144  }
 145  
 146  /**
 147   * Course/activity access exception.
 148   *
 149   * This exception is thrown from require_login()
 150   *
 151   * @package    core_access
 152   * @copyright  2010 Petr Skoda  {@link http://skodak.org}
 153   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 154   */
 155  class require_login_exception extends moodle_exception {
 156      /**
 157       * Constructor
 158       * @param string $debuginfo Information to aid the debugging process
 159       */
 160      function __construct($debuginfo) {
 161          parent::__construct('requireloginerror', 'error', '', NULL, $debuginfo);
 162      }
 163  }
 164  
 165  /**
 166   * Session timeout exception.
 167   *
 168   * This exception is thrown from require_login()
 169   *
 170   * @package    core_access
 171   * @copyright  2015 Andrew Nicols <andrew@nicols.co.uk>
 172   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 173   */
 174  class require_login_session_timeout_exception extends require_login_exception {
 175      /**
 176       * Constructor
 177       */
 178      public function __construct() {
 179          moodle_exception::__construct('sessionerroruser', 'error');
 180      }
 181  }
 182  
 183  /**
 184   * Web service parameter exception class
 185   * @deprecated since Moodle 2.2 - use moodle exception instead
 186   * This exception must be thrown to the web service client when a web service parameter is invalid
 187   * The error string is gotten from webservice.php
 188   */
 189  class webservice_parameter_exception extends moodle_exception {
 190      /**
 191       * Constructor
 192       * @param string $errorcode The name of the string from webservice.php to print
 193       * @param string $a The name of the parameter
 194       * @param string $debuginfo Optional information to aid debugging
 195       */
 196      function __construct($errorcode=null, $a = '', $debuginfo = null) {
 197          parent::__construct($errorcode, 'webservice', '', $a, $debuginfo);
 198      }
 199  }
 200  
 201  /**
 202   * Exceptions indicating user does not have permissions to do something
 203   * and the execution can not continue.
 204   *
 205   * @package    core_access
 206   * @copyright  2009 Petr Skoda  {@link http://skodak.org}
 207   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 208   */
 209  class required_capability_exception extends moodle_exception {
 210      /**
 211       * Constructor
 212       * @param context $context The context used for the capability check
 213       * @param string $capability The required capability
 214       * @param string $errormessage The error message to show the user
 215       * @param string $stringfile
 216       */
 217      function __construct($context, $capability, $errormessage, $stringfile) {
 218          $capabilityname = get_capability_string($capability);
 219          if ($context->contextlevel == CONTEXT_MODULE and preg_match('/:view$/', $capability)) {
 220              // we can not go to mod/xx/view.php because we most probably do not have cap to view it, let's go to course instead
 221              $parentcontext = $context->get_parent_context();
 222              $link = $parentcontext->get_url();
 223          } else {
 224              $link = $context->get_url();
 225          }
 226          parent::__construct($errormessage, $stringfile, $link, $capabilityname);
 227      }
 228  }
 229  
 230  /**
 231   * Exception indicating programming error, must be fixed by a programer. For example
 232   * a core API might throw this type of exception if a plugin calls it incorrectly.
 233   *
 234   * @package    core
 235   * @subpackage lib
 236   * @copyright  2008 Petr Skoda  {@link http://skodak.org}
 237   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 238   */
 239  class coding_exception extends moodle_exception {
 240      /**
 241       * Constructor
 242       * @param string $hint short description of problem
 243       * @param string $debuginfo detailed information how to fix problem
 244       */
 245      function __construct($hint, $debuginfo=null) {
 246          parent::__construct('codingerror', 'debug', '', $hint, $debuginfo);
 247      }
 248  }
 249  
 250  /**
 251   * Exception indicating malformed parameter problem.
 252   * This exception is not supposed to be thrown when processing
 253   * user submitted data in forms. It is more suitable
 254   * for WS and other low level stuff.
 255   *
 256   * @package    core
 257   * @subpackage lib
 258   * @copyright  2009 Petr Skoda  {@link http://skodak.org}
 259   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 260   */
 261  class invalid_parameter_exception extends moodle_exception {
 262      /**
 263       * Constructor
 264       * @param string $debuginfo some detailed information
 265       */
 266      function __construct($debuginfo=null) {
 267          parent::__construct('invalidparameter', 'debug', '', null, $debuginfo);
 268      }
 269  }
 270  
 271  /**
 272   * Exception indicating malformed response problem.
 273   * This exception is not supposed to be thrown when processing
 274   * user submitted data in forms. It is more suitable
 275   * for WS and other low level stuff.
 276   */
 277  class invalid_response_exception extends moodle_exception {
 278      /**
 279       * Constructor
 280       * @param string $debuginfo some detailed information
 281       */
 282      function __construct($debuginfo=null) {
 283          parent::__construct('invalidresponse', 'debug', '', null, $debuginfo);
 284      }
 285  }
 286  
 287  /**
 288   * An exception that indicates something really weird happened. For example,
 289   * if you do switch ($context->contextlevel), and have one case for each
 290   * CONTEXT_... constant. You might throw an invalid_state_exception in the
 291   * default case, to just in case something really weird is going on, and
 292   * $context->contextlevel is invalid - rather than ignoring this possibility.
 293   *
 294   * @package    core
 295   * @subpackage lib
 296   * @copyright  2009 onwards Martin Dougiamas  {@link http://moodle.com}
 297   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 298   */
 299  class invalid_state_exception extends moodle_exception {
 300      /**
 301       * Constructor
 302       * @param string $hint short description of problem
 303       * @param string $debuginfo optional more detailed information
 304       */
 305      function __construct($hint, $debuginfo=null) {
 306          parent::__construct('invalidstatedetected', 'debug', '', $hint, $debuginfo);
 307      }
 308  }
 309  
 310  /**
 311   * An exception that indicates incorrect permissions in $CFG->dataroot
 312   *
 313   * @package    core
 314   * @subpackage lib
 315   * @copyright  2010 Petr Skoda {@link http://skodak.org}
 316   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 317   */
 318  class invalid_dataroot_permissions extends moodle_exception {
 319      /**
 320       * Constructor
 321       * @param string $debuginfo optional more detailed information
 322       */
 323      function __construct($debuginfo = NULL) {
 324          parent::__construct('invaliddatarootpermissions', 'error', '', NULL, $debuginfo);
 325      }
 326  }
 327  
 328  /**
 329   * An exception that indicates that file can not be served
 330   *
 331   * @package    core
 332   * @subpackage lib
 333   * @copyright  2010 Petr Skoda {@link http://skodak.org}
 334   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 335   */
 336  class file_serving_exception extends moodle_exception {
 337      /**
 338       * Constructor
 339       * @param string $debuginfo optional more detailed information
 340       */
 341      function __construct($debuginfo = NULL) {
 342          parent::__construct('cannotservefile', 'error', '', NULL, $debuginfo);
 343      }
 344  }
 345  
 346  /**
 347   * Default exception handler.
 348   *
 349   * @param Exception $ex
 350   * @return void -does not return. Terminates execution!
 351   */
 352  function default_exception_handler($ex) {
 353      global $CFG, $DB, $OUTPUT, $USER, $FULLME, $SESSION, $PAGE;
 354  
 355      // detect active db transactions, rollback and log as error
 356      abort_all_db_transactions();
 357  
 358      if (($ex instanceof required_capability_exception) && !CLI_SCRIPT && !AJAX_SCRIPT && !empty($CFG->autologinguests) && !empty($USER->autologinguest)) {
 359          $SESSION->wantsurl = qualified_me();
 360          redirect(get_login_url());
 361      }
 362  
 363      $info = get_exception_info($ex);
 364  
 365      // If we already tried to send the header remove it, the content length
 366      // should be either empty or the length of the error page.
 367      @header_remove('Content-Length');
 368  
 369      if (is_early_init($info->backtrace)) {
 370          echo bootstrap_renderer::early_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo, $info->errorcode);
 371      } else {
 372          if (debugging('', DEBUG_MINIMAL)) {
 373              $logerrmsg = "Default exception handler: ".$info->message.' Debug: '.$info->debuginfo."\n".format_backtrace($info->backtrace, true);
 374              error_log($logerrmsg);
 375          }
 376  
 377          try {
 378              if ($DB) {
 379                  // If you enable db debugging and exception is thrown, the print footer prints a lot of rubbish
 380                  $DB->set_debug(0);
 381              }
 382              if (AJAX_SCRIPT) {
 383                  // If we are in an AJAX script we don't want to use PREFERRED_RENDERER_TARGET.
 384                  // Because we know we will want to use ajax format.
 385                  $renderer = new core_renderer_ajax($PAGE, 'ajax');
 386              } else {
 387                  $renderer = $OUTPUT;
 388              }
 389              echo $renderer->fatal_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo,
 390                  $info->errorcode);
 391          } catch (Exception $e) {
 392              $out_ex = $e;
 393          } catch (Throwable $e) {
 394              // Engine errors in PHP7 throw exceptions of type Throwable (this "catch" will be ignored in PHP5).
 395              $out_ex = $e;
 396          }
 397  
 398          if (isset($out_ex)) {
 399              // default exception handler MUST not throw any exceptions!!
 400              // the problem here is we do not know if page already started or not, we only know that somebody messed up in outputlib or theme
 401              // so we just print at least something instead of "Exception thrown without a stack frame in Unknown on line 0":-(
 402              if (CLI_SCRIPT or AJAX_SCRIPT) {
 403                  // just ignore the error and send something back using the safest method
 404                  echo bootstrap_renderer::early_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo, $info->errorcode);
 405              } else {
 406                  echo bootstrap_renderer::early_error_content($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo);
 407                  $outinfo = get_exception_info($out_ex);
 408                  echo bootstrap_renderer::early_error_content($outinfo->message, $outinfo->moreinfourl, $outinfo->link, $outinfo->backtrace, $outinfo->debuginfo);
 409              }
 410          }
 411      }
 412  
 413      exit(1); // General error code
 414  }
 415  
 416  /**
 417   * Default error handler, prevents some white screens.
 418   * @param int $errno
 419   * @param string $errstr
 420   * @param string $errfile
 421   * @param int $errline
 422   * @return bool false means use default error handler
 423   */
 424  function default_error_handler($errno, $errstr, $errfile, $errline) {
 425      if ($errno == 4096) {
 426          //fatal catchable error
 427          throw new coding_exception('PHP catchable fatal error', $errstr);
 428      }
 429      return false;
 430  }
 431  
 432  /**
 433   * Unconditionally abort all database transactions, this function
 434   * should be called from exception handlers only.
 435   * @return void
 436   */
 437  function abort_all_db_transactions() {
 438      global $CFG, $DB, $SCRIPT;
 439  
 440      // default exception handler MUST not throw any exceptions!!
 441  
 442      if ($DB && $DB->is_transaction_started()) {
 443          error_log('Database transaction aborted automatically in ' . $CFG->dirroot . $SCRIPT);
 444          // note: transaction blocks should never change current $_SESSION
 445          $DB->force_transaction_rollback();
 446      }
 447  }
 448  
 449  /**
 450   * This function encapsulates the tests for whether an exception was thrown in
 451   * early init -- either during setup.php or during init of $OUTPUT.
 452   *
 453   * If another exception is thrown then, and if we do not take special measures,
 454   * we would just get a very cryptic message "Exception thrown without a stack
 455   * frame in Unknown on line 0". That makes debugging very hard, so we do take
 456   * special measures in default_exception_handler, with the help of this function.
 457   *
 458   * @param array $backtrace the stack trace to analyse.
 459   * @return boolean whether the stack trace is somewhere in output initialisation.
 460   */
 461  function is_early_init($backtrace) {
 462      $dangerouscode = array(
 463          array('function' => 'header', 'type' => '->'),
 464          array('class' => 'bootstrap_renderer'),
 465          array('file' => __DIR__.'/setup.php'),
 466      );
 467      foreach ($backtrace as $stackframe) {
 468          foreach ($dangerouscode as $pattern) {
 469              $matches = true;
 470              foreach ($pattern as $property => $value) {
 471                  if (!isset($stackframe[$property]) || $stackframe[$property] != $value) {
 472                      $matches = false;
 473                  }
 474              }
 475              if ($matches) {
 476                  return true;
 477              }
 478          }
 479      }
 480      return false;
 481  }
 482  
 483  /**
 484   * Returns detailed information about specified exception.
 485   *
 486   * @param Throwable $ex any sort of exception or throwable.
 487   * @return stdClass standardised info to display. Fields are clear if you look at the end of this function.
 488   */
 489  function get_exception_info($ex): stdClass {
 490      global $CFG;
 491  
 492      if ($ex instanceof moodle_exception) {
 493          $errorcode = $ex->errorcode;
 494          $module = $ex->module;
 495          $a = $ex->a;
 496          $link = $ex->link;
 497          $debuginfo = $ex->debuginfo;
 498      } else {
 499          $errorcode = 'generalexceptionmessage';
 500          $module = 'error';
 501          $a = $ex->getMessage();
 502          $link = '';
 503          $debuginfo = '';
 504      }
 505  
 506      // Append the error code to the debug info to make grepping and googling easier
 507      $debuginfo .= PHP_EOL."Error code: $errorcode";
 508  
 509      $backtrace = $ex->getTrace();
 510      $place = array('file'=>$ex->getFile(), 'line'=>$ex->getLine(), 'exception'=>get_class($ex));
 511      array_unshift($backtrace, $place);
 512  
 513      // Be careful, no guarantee moodlelib.php is loaded.
 514      if (empty($module) || $module == 'moodle' || $module == 'core') {
 515          $module = 'error';
 516      }
 517      // Search for the $errorcode's associated string
 518      // If not found, append the contents of $a to $debuginfo so helpful information isn't lost
 519      if (function_exists('get_string_manager')) {
 520          if (get_string_manager()->string_exists($errorcode, $module)) {
 521              $message = get_string($errorcode, $module, $a);
 522          } elseif ($module == 'error' && get_string_manager()->string_exists($errorcode, 'moodle')) {
 523              // Search in moodle file if error specified - needed for backwards compatibility
 524              $message = get_string($errorcode, 'moodle', $a);
 525          } else {
 526              $message = $module . '/' . $errorcode;
 527              $debuginfo .= PHP_EOL.'$a contents: '.print_r($a, true);
 528          }
 529      } else {
 530          $message = $module . '/' . $errorcode;
 531          $debuginfo .= PHP_EOL.'$a contents: '.print_r($a, true);
 532      }
 533  
 534      // Remove some absolute paths from message and debugging info.
 535      $searches = array();
 536      $replaces = array();
 537      $cfgnames = array('backuptempdir', 'tempdir', 'cachedir', 'localcachedir', 'themedir', 'dataroot', 'dirroot');
 538      foreach ($cfgnames as $cfgname) {
 539          if (property_exists($CFG, $cfgname)) {
 540              $searches[] = $CFG->$cfgname;
 541              $replaces[] = "[$cfgname]";
 542          }
 543      }
 544      if (!empty($searches)) {
 545          $message   = str_replace($searches, $replaces, $message);
 546          $debuginfo = str_replace($searches, $replaces, $debuginfo);
 547      }
 548  
 549      // Be careful, no guarantee weblib.php is loaded.
 550      if (function_exists('clean_text')) {
 551          $message = clean_text($message);
 552      } else {
 553          $message = htmlspecialchars($message, ENT_COMPAT);
 554      }
 555  
 556      if (!empty($CFG->errordocroot)) {
 557          $errordoclink = $CFG->errordocroot . '/en/';
 558      } else {
 559          // Only if the function is available. May be not for early errors.
 560          if (function_exists('current_language')) {
 561              $errordoclink = get_docs_url();
 562          } else {
 563              $errordoclink = 'https://docs.moodle.org/en/';
 564          }
 565      }
 566  
 567      if ($module === 'error') {
 568          $modulelink = 'moodle';
 569      } else {
 570          $modulelink = $module;
 571      }
 572      $moreinfourl = $errordoclink . 'error/' . $modulelink . '/' . $errorcode;
 573  
 574      if (empty($link)) {
 575          $link = get_local_referer(false) ?: ($CFG->wwwroot . '/');
 576      }
 577  
 578      // When printing an error the continue button should never link offsite.
 579      // We cannot use clean_param() here as it is not guaranteed that it has been loaded yet.
 580      if (stripos($link, $CFG->wwwroot) === 0) {
 581          // Internal HTTP, all good.
 582      } else {
 583          // External link spotted!
 584          $link = $CFG->wwwroot . '/';
 585      }
 586  
 587      $info = new stdClass();
 588      $info->message     = $message;
 589      $info->errorcode   = $errorcode;
 590      $info->backtrace   = $backtrace;
 591      $info->link        = $link;
 592      $info->moreinfourl = $moreinfourl;
 593      $info->a           = $a;
 594      $info->debuginfo   = $debuginfo;
 595  
 596      return $info;
 597  }
 598  
 599  /**
 600   * @deprecated since Moodle 3.8 MDL-61038 - please do not use this function any more.
 601   * @see \core\uuid::generate()
 602   */
 603  function generate_uuid() {
 604      throw new coding_exception('generate_uuid() cannot be used anymore. Please use ' .
 605          '\core\uuid::generate() instead.');
 606  }
 607  
 608  /**
 609   * Returns the Moodle Docs URL in the users language for a given 'More help' link.
 610   *
 611   * There are three cases:
 612   *
 613   * 1. In the normal case, $path will be a short relative path 'component/thing',
 614   * like 'mod/folder/view' 'group/import'. This gets turned into an link to
 615   * MoodleDocs in the user's language, and for the appropriate Moodle version.
 616   * E.g. 'group/import' may become 'http://docs.moodle.org/2x/en/group/import'.
 617   * The 'http://docs.moodle.org' bit comes from $CFG->docroot.
 618   *
 619   * This is the only option that should be used in standard Moodle code. The other
 620   * two options have been implemented because they are useful for third-party plugins.
 621   *
 622   * 2. $path may be an absolute URL, starting http:// or https://. In this case,
 623   * the link is used as is.
 624   *
 625   * 3. $path may start %%WWWROOT%%, in which case that is replaced by
 626   * $CFG->wwwroot to make the link.
 627   *
 628   * @param string $path the place to link to. See above for details.
 629   * @return string The MoodleDocs URL in the user's language. for example @link http://docs.moodle.org/2x/en/$path}
 630   */
 631  function get_docs_url($path = null) {
 632      global $CFG;
 633      if ($path === null) {
 634          $path = '';
 635      }
 636  
 637      $path = $path ?? '';
 638      // Absolute URLs are used unmodified.
 639      if (substr($path, 0, 7) === 'http://' || substr($path, 0, 8) === 'https://') {
 640          return $path;
 641      }
 642  
 643      // Paths starting %%WWWROOT%% have that replaced by $CFG->wwwroot.
 644      if (substr($path, 0, 11) === '%%WWWROOT%%') {
 645          return $CFG->wwwroot . substr($path, 11);
 646      }
 647  
 648      // Otherwise we do the normal case, and construct a MoodleDocs URL relative to $CFG->docroot.
 649  
 650      // Check that $CFG->branch has been set up, during installation it won't be.
 651      if (empty($CFG->branch)) {
 652          // It's not there yet so look at version.php.
 653          include($CFG->dirroot.'/version.php');
 654      } else {
 655          // We can use $CFG->branch and avoid having to include version.php.
 656          $branch = $CFG->branch;
 657      }
 658      // ensure branch is valid.
 659      if (!$branch) {
 660          // We should never get here but in case we do lets set $branch to .
 661          // the smart one's will know that this is the current directory
 662          // and the smarter ones will know that there is some smart matching
 663          // that will ensure people end up at the latest version of the docs.
 664          $branch = '.';
 665      }
 666      if (empty($CFG->doclang)) {
 667          $lang = current_language();
 668      } else {
 669          $lang = $CFG->doclang;
 670      }
 671      $end = '/' . $branch . '/' . $lang . '/' . $path;
 672      if (empty($CFG->docroot)) {
 673          return 'http://docs.moodle.org'. $end;
 674      } else {
 675          return $CFG->docroot . $end ;
 676      }
 677  }
 678  
 679  /**
 680   * Formats a backtrace ready for output.
 681   *
 682   * This function does not include function arguments because they could contain sensitive information
 683   * not suitable to be exposed in a response.
 684   *
 685   * @param array $callers backtrace array, as returned by debug_backtrace().
 686   * @param boolean $plaintext if false, generates HTML, if true generates plain text.
 687   * @return string formatted backtrace, ready for output.
 688   */
 689  function format_backtrace($callers, $plaintext = false) {
 690      // do not use $CFG->dirroot because it might not be available in destructors
 691      $dirroot = dirname(__DIR__);
 692  
 693      if (empty($callers)) {
 694          return '';
 695      }
 696  
 697      $from = $plaintext ? '' : '<ul style="text-align: left" data-rel="backtrace">';
 698      foreach ($callers as $caller) {
 699          if (!isset($caller['line'])) {
 700              $caller['line'] = '?'; // probably call_user_func()
 701          }
 702          if (!isset($caller['file'])) {
 703              $caller['file'] = 'unknownfile'; // probably call_user_func()
 704          }
 705          $line = $plaintext ? '* ' : '<li>';
 706          $line .= 'line ' . $caller['line'] . ' of ' . str_replace($dirroot, '', $caller['file']);
 707          if (isset($caller['function'])) {
 708              $line .= ': call to ';
 709              if (isset($caller['class'])) {
 710                  $line .= $caller['class'] . $caller['type'];
 711              }
 712              $line .= $caller['function'] . '()';
 713          } else if (isset($caller['exception'])) {
 714              $line .= ': '.$caller['exception'].' thrown';
 715          }
 716  
 717          // Remove any non printable chars.
 718          $line = preg_replace('/[[:^print:]]/', '', $line);
 719  
 720          $line .= $plaintext ? "\n" : '</li>';
 721          $from .= $line;
 722      }
 723      $from .= $plaintext ? '' : '</ul>';
 724  
 725      return $from;
 726  }
 727  
 728  /**
 729   * This function makes the return value of ini_get consistent if you are
 730   * setting server directives through the .htaccess file in apache.
 731   *
 732   * Current behavior for value set from php.ini On = 1, Off = [blank]
 733   * Current behavior for value set from .htaccess On = On, Off = Off
 734   * Contributed by jdell @ unr.edu
 735   *
 736   * @param string $ini_get_arg The argument to get
 737   * @return bool True for on false for not
 738   */
 739  function ini_get_bool($ini_get_arg) {
 740      $temp = ini_get($ini_get_arg);
 741  
 742      if ($temp == '1' or strtolower($temp) == 'on') {
 743          return true;
 744      }
 745      return false;
 746  }
 747  
 748  /**
 749   * This function verifies the sanity of PHP configuration
 750   * and stops execution if anything critical found.
 751   */
 752  function setup_validate_php_configuration() {
 753     // this must be very fast - no slow checks here!!!
 754  
 755     if (ini_get_bool('session.auto_start')) {
 756          throw new \moodle_exception('sessionautostartwarning', 'admin');
 757     }
 758  }
 759  
 760  /**
 761   * Initialise global $CFG variable.
 762   * @private to be used only from lib/setup.php
 763   */
 764  function initialise_cfg() {
 765      global $CFG, $DB;
 766  
 767      if (!$DB) {
 768          // This should not happen.
 769          return;
 770      }
 771  
 772      try {
 773          $localcfg = get_config('core');
 774      } catch (dml_exception $e) {
 775          // Most probably empty db, going to install soon.
 776          return;
 777      }
 778  
 779      foreach ($localcfg as $name => $value) {
 780          // Note that get_config() keeps forced settings
 781          // and normalises values to string if possible.
 782          $CFG->{$name} = $value;
 783      }
 784  }
 785  
 786  /**
 787   * Cache any immutable config locally to avoid constant DB lookups.
 788   *
 789   * Only to be used only from lib/setup.php
 790   */
 791  function initialise_local_config_cache() {
 792      global $CFG;
 793  
 794      $bootstrapcachefile = $CFG->localcachedir . '/bootstrap.php';
 795  
 796      if (!empty($CFG->siteidentifier) && !file_exists($bootstrapcachefile)) {
 797          $contents = "<?php
 798  // ********** This file is generated DO NOT EDIT **********
 799  \$CFG->siteidentifier = " . var_export($CFG->siteidentifier, true) . ";
 800  \$CFG->bootstraphash = " . var_export(hash_local_config_cache(), true) . ";
 801  // Only if the file is not stale and has not been defined.
 802  if (\$CFG->bootstraphash === hash_local_config_cache() && !defined('SYSCONTEXTID')) {
 803      define('SYSCONTEXTID', ".SYSCONTEXTID.");
 804  }
 805  ";
 806  
 807          $temp = $bootstrapcachefile . '.tmp' . uniqid();
 808          file_put_contents($temp, $contents);
 809          @chmod($temp, $CFG->filepermissions);
 810          rename($temp, $bootstrapcachefile);
 811      }
 812  }
 813  
 814  /**
 815   * Calculate a proper hash to be able to invalidate stale cached configs.
 816   *
 817   * Only to be used to verify bootstrap.php status.
 818   *
 819   * @return string md5 hash of all the sensible bits deciding if cached config is stale or no.
 820   */
 821  function hash_local_config_cache() {
 822      global $CFG;
 823  
 824      // This is pretty much {@see moodle_database::get_settings_hash()} that is used
 825      // as identifier for the database meta information MUC cache. Should be enough to
 826      // react against any of the normal changes (new prefix, change of DB type) while
 827      // *incorrectly* keeping the old dataroot directory unmodified with stale data.
 828      // This may need more stuff to be considered if it's discovered that there are
 829      // more variables making the file stale.
 830      return md5($CFG->dbtype . $CFG->dbhost . $CFG->dbuser . $CFG->dbname . $CFG->prefix);
 831  }
 832  
 833  /**
 834   * Initialises $FULLME and friends. Private function. Should only be called from
 835   * setup.php.
 836   */
 837  function initialise_fullme() {
 838      global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
 839  
 840      // Detect common config error.
 841      if (substr($CFG->wwwroot, -1) == '/') {
 842          throw new \moodle_exception('wwwrootslash', 'error');
 843      }
 844  
 845      if (CLI_SCRIPT) {
 846          initialise_fullme_cli();
 847          return;
 848      }
 849      if (!empty($CFG->overridetossl)) {
 850          if (strpos($CFG->wwwroot, 'http://') === 0) {
 851              $CFG->wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
 852          } else {
 853              unset_config('overridetossl');
 854          }
 855      }
 856  
 857      $rurl = setup_get_remote_url();
 858      $wwwroot = parse_url($CFG->wwwroot.'/');
 859  
 860      if (empty($rurl['host'])) {
 861          // missing host in request header, probably not a real browser, let's ignore them
 862  
 863      } else if (!empty($CFG->reverseproxy)) {
 864          // $CFG->reverseproxy specifies if reverse proxy server used
 865          // Used in load balancing scenarios.
 866          // Do not abuse this to try to solve lan/wan access problems!!!!!
 867  
 868      } else {
 869          if (($rurl['host'] !== $wwwroot['host']) or
 870                  (!empty($wwwroot['port']) and $rurl['port'] != $wwwroot['port']) or
 871                  (strpos($rurl['path'], $wwwroot['path']) !== 0)) {
 872  
 873              // Explain the problem and redirect them to the right URL
 874              if (!defined('NO_MOODLE_COOKIES')) {
 875                  define('NO_MOODLE_COOKIES', true);
 876              }
 877              // The login/token.php script should call the correct url/port.
 878              if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS) {
 879                  $wwwrootport = empty($wwwroot['port'])?'':$wwwroot['port'];
 880                  $calledurl = $rurl['host'];
 881                  if (!empty($rurl['port'])) {
 882                      $calledurl .=  ':'. $rurl['port'];
 883                  }
 884                  $correcturl = $wwwroot['host'];
 885                  if (!empty($wwwrootport)) {
 886                      $correcturl .=  ':'. $wwwrootport;
 887                  }
 888                  throw new moodle_exception('requirecorrectaccess', 'error', '', null,
 889                      'You called ' . $calledurl .', you should have called ' . $correcturl);
 890              }
 891              redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3);
 892          }
 893      }
 894  
 895      // Check that URL is under $CFG->wwwroot.
 896      if (strpos($rurl['path'], $wwwroot['path']) === 0) {
 897          $SCRIPT = substr($rurl['path'], strlen($wwwroot['path'])-1);
 898      } else {
 899          // Probably some weird external script
 900          $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
 901          return;
 902      }
 903  
 904      // $CFG->sslproxy specifies if external SSL appliance is used
 905      // (That is, the Moodle server uses http, with an external box translating everything to https).
 906      if (empty($CFG->sslproxy)) {
 907          if ($rurl['scheme'] === 'http' and $wwwroot['scheme'] === 'https') {
 908              if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS) {
 909                  throw new \moodle_exception('sslonlyaccess', 'error');
 910              } else {
 911                  redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3);
 912              }
 913          }
 914      } else {
 915          if ($wwwroot['scheme'] !== 'https') {
 916              throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!');
 917          }
 918          $rurl['scheme'] = 'https'; // make moodle believe it runs on https, squid or something else it doing it
 919          $_SERVER['HTTPS'] = 'on'; // Override $_SERVER to help external libraries with their HTTPS detection.
 920          $_SERVER['SERVER_PORT'] = 443; // Assume default ssl port for the proxy.
 921      }
 922  
 923      // Hopefully this will stop all those "clever" admins trying to set up moodle
 924      // with two different addresses in intranet and Internet.
 925      // Port forwarding is still allowed!
 926      if (!empty($CFG->reverseproxy) && $rurl['host'] === $wwwroot['host'] && (empty($wwwroot['port']) || $rurl['port'] === $wwwroot['port'])) {
 927          throw new \moodle_exception('reverseproxyabused', 'error');
 928      }
 929  
 930      $hostandport = $rurl['scheme'] . '://' . $wwwroot['host'];
 931      if (!empty($wwwroot['port'])) {
 932          $hostandport .= ':'.$wwwroot['port'];
 933      }
 934  
 935      $FULLSCRIPT = $hostandport . $rurl['path'];
 936      $FULLME = $hostandport . $rurl['fullpath'];
 937      $ME = $rurl['fullpath'];
 938  }
 939  
 940  /**
 941   * Initialises $FULLME and friends for command line scripts.
 942   * This is a private method for use by initialise_fullme.
 943   */
 944  function initialise_fullme_cli() {
 945      global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
 946  
 947      // Urls do not make much sense in CLI scripts
 948      $backtrace = debug_backtrace();
 949      $topfile = array_pop($backtrace);
 950      $topfile = realpath($topfile['file']);
 951      $dirroot = realpath($CFG->dirroot);
 952  
 953      if (strpos($topfile, $dirroot) !== 0) {
 954          // Probably some weird external script
 955          $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
 956      } else {
 957          $relativefile = substr($topfile, strlen($dirroot));
 958          $relativefile = str_replace('\\', '/', $relativefile); // Win fix
 959          $SCRIPT = $FULLSCRIPT = $relativefile;
 960          $FULLME = $ME = null;
 961      }
 962  }
 963  
 964  /**
 965   * Get the URL that PHP/the web server thinks it is serving. Private function
 966   * used by initialise_fullme. In your code, use $PAGE->url, $SCRIPT, etc.
 967   * @return array in the same format that parse_url returns, with the addition of
 968   *      a 'fullpath' element, which includes any slasharguments path.
 969   */
 970  function setup_get_remote_url() {
 971      $rurl = array();
 972      if (isset($_SERVER['HTTP_HOST'])) {
 973          list($rurl['host']) = explode(':', $_SERVER['HTTP_HOST']);
 974      } else {
 975          $rurl['host'] = null;
 976      }
 977      $rurl['port'] = (int)$_SERVER['SERVER_PORT'];
 978      $rurl['path'] = $_SERVER['SCRIPT_NAME']; // Script path without slash arguments
 979      $rurl['scheme'] = (empty($_SERVER['HTTPS']) or $_SERVER['HTTPS'] === 'off' or $_SERVER['HTTPS'] === 'Off' or $_SERVER['HTTPS'] === 'OFF') ? 'http' : 'https';
 980  
 981      if (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false) {
 982          //Apache server
 983          $rurl['fullpath'] = $_SERVER['REQUEST_URI'];
 984  
 985          // Fixing a known issue with:
 986          // - Apache versions lesser than 2.4.11
 987          // - PHP deployed in Apache as PHP-FPM via mod_proxy_fcgi
 988          // - PHP versions lesser than 5.6.3 and 5.5.18.
 989          if (isset($_SERVER['PATH_INFO']) && (php_sapi_name() === 'fpm-fcgi') && isset($_SERVER['SCRIPT_NAME'])) {
 990              $pathinfodec = rawurldecode($_SERVER['PATH_INFO']);
 991              $lenneedle = strlen($pathinfodec);
 992              // Checks whether SCRIPT_NAME ends with PATH_INFO, URL-decoded.
 993              if (substr($_SERVER['SCRIPT_NAME'], -$lenneedle) === $pathinfodec) {
 994                  // This is the "Apache 2.4.10- running PHP-FPM via mod_proxy_fcgi" fingerprint,
 995                  // at least on CentOS 7 (Apache/2.4.6 PHP/5.4.16) and Ubuntu 14.04 (Apache/2.4.7 PHP/5.5.9)
 996                  // => SCRIPT_NAME contains 'slash arguments' data too, which is wrongly exposed via PATH_INFO as URL-encoded.
 997                  // Fix both $_SERVER['PATH_INFO'] and $_SERVER['SCRIPT_NAME'].
 998                  $lenhaystack = strlen($_SERVER['SCRIPT_NAME']);
 999                  $pos = $lenhaystack - $lenneedle;
1000                  // Here $pos is greater than 0 but let's double check it.
1001                  if ($pos > 0) {
1002                      $_SERVER['PATH_INFO'] = $pathinfodec;
1003                      $_SERVER['SCRIPT_NAME'] = substr($_SERVER['SCRIPT_NAME'], 0, $pos);
1004                  }
1005              }
1006          }
1007  
1008      } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'iis') !== false) {
1009          //IIS - needs a lot of tweaking to make it work
1010          $rurl['fullpath'] = $_SERVER['SCRIPT_NAME'];
1011  
1012          // NOTE: we should ignore PATH_INFO because it is incorrectly encoded using 8bit filesystem legacy encoding in IIS.
1013          //       Since 2.0, we rely on IIS rewrite extensions like Helicon ISAPI_rewrite
1014          //         example rule: RewriteRule ^([^\?]+?\.php)(\/.+)$ $1\?file=$2 [QSA]
1015          //       OR
1016          //       we rely on a proper IIS 6.0+ configuration: the 'FastCGIUtf8ServerVariables' registry key.
1017          if (isset($_SERVER['PATH_INFO']) and $_SERVER['PATH_INFO'] !== '') {
1018              // Check that PATH_INFO works == must not contain the script name.
1019              if (strpos($_SERVER['PATH_INFO'], $_SERVER['SCRIPT_NAME']) === false) {
1020                  $rurl['fullpath'] .= clean_param(urldecode($_SERVER['PATH_INFO']), PARAM_PATH);
1021              }
1022          }
1023  
1024          if (isset($_SERVER['QUERY_STRING']) and $_SERVER['QUERY_STRING'] !== '') {
1025              $rurl['fullpath'] .= '?'.$_SERVER['QUERY_STRING'];
1026          }
1027          $_SERVER['REQUEST_URI'] = $rurl['fullpath']; // extra IIS compatibility
1028  
1029  /* NOTE: following servers are not fully tested! */
1030  
1031      } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) {
1032          //lighttpd - not officially supported
1033          $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1034  
1035      } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false) {
1036          //nginx - not officially supported
1037          if (!isset($_SERVER['SCRIPT_NAME'])) {
1038              die('Invalid server configuration detected, please try to add "fastcgi_param SCRIPT_NAME $fastcgi_script_name;" to the nginx server configuration.');
1039          }
1040          $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1041  
1042       } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'cherokee') !== false) {
1043           //cherokee - not officially supported
1044           $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1045  
1046       } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'zeus') !== false) {
1047           //zeus - not officially supported
1048           $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1049  
1050      } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) {
1051          //LiteSpeed - not officially supported
1052          $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1053  
1054      } else if ($_SERVER['SERVER_SOFTWARE'] === 'HTTPD') {
1055          //obscure name found on some servers - this is definitely not supported
1056          $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded
1057  
1058      } else if (strpos($_SERVER['SERVER_SOFTWARE'], 'PHP') === 0) {
1059          // built-in PHP Development Server
1060          $rurl['fullpath'] = $_SERVER['REQUEST_URI'];
1061  
1062      } else {
1063          throw new moodle_exception('unsupportedwebserver', 'error', '', $_SERVER['SERVER_SOFTWARE']);
1064      }
1065  
1066      // sanitize the url a bit more, the encoding style may be different in vars above
1067      $rurl['fullpath'] = str_replace('"', '%22', $rurl['fullpath']);
1068      $rurl['fullpath'] = str_replace('\'', '%27', $rurl['fullpath']);
1069  
1070      return $rurl;
1071  }
1072  
1073  /**
1074   * Try to work around the 'max_input_vars' restriction if necessary.
1075   */
1076  function workaround_max_input_vars() {
1077      // Make sure this gets executed only once from lib/setup.php!
1078      static $executed = false;
1079      if ($executed) {
1080          debugging('workaround_max_input_vars() must be called only once!');
1081          return;
1082      }
1083      $executed = true;
1084  
1085      if (!isset($_SERVER["CONTENT_TYPE"]) or strpos($_SERVER["CONTENT_TYPE"], 'multipart/form-data') !== false) {
1086          // Not a post or 'multipart/form-data' which is not compatible with "php://input" reading.
1087          return;
1088      }
1089  
1090      if (!isloggedin() or isguestuser()) {
1091          // Only real users post huge forms.
1092          return;
1093      }
1094  
1095      $max = (int)ini_get('max_input_vars');
1096  
1097      if ($max <= 0) {
1098          // Most probably PHP < 5.3.9 that does not implement this limit.
1099          return;
1100      }
1101  
1102      if ($max >= 200000) {
1103          // This value should be ok for all our forms, by setting it in php.ini
1104          // admins may prevent any unexpected regressions caused by this hack.
1105  
1106          // Note there is no need to worry about DDoS caused by making this limit very high
1107          // because there are very many easier ways to DDoS any Moodle server.
1108          return;
1109      }
1110  
1111      // Worst case is advanced checkboxes which use up to two max_input_vars
1112      // slots for each entry in $_POST, because of sending two fields with the
1113      // same name. So count everything twice just in case.
1114      if (count($_POST, COUNT_RECURSIVE) * 2 < $max) {
1115          return;
1116      }
1117  
1118      // Large POST request with enctype supported by php://input.
1119      // Parse php://input in chunks to bypass max_input_vars limit, which also applies to parse_str().
1120      $str = file_get_contents("php://input");
1121      if ($str === false or $str === '') {
1122          // Some weird error.
1123          return;
1124      }
1125  
1126      $delim = '&';
1127      $fun = function($p) use ($delim) {
1128          return implode($delim, $p);
1129      };
1130      $chunks = array_map($fun, array_chunk(explode($delim, $str), $max));
1131  
1132      // Clear everything from existing $_POST array, otherwise it might be included
1133      // twice (this affects array params primarily).
1134      foreach ($_POST as $key => $value) {
1135          unset($_POST[$key]);
1136          // Also clear from request array - but only the things that are in $_POST,
1137          // that way it will leave the things from a get request if any.
1138          unset($_REQUEST[$key]);
1139      }
1140  
1141      foreach ($chunks as $chunk) {
1142          $values = array();
1143          parse_str($chunk, $values);
1144  
1145          merge_query_params($_POST, $values);
1146          merge_query_params($_REQUEST, $values);
1147      }
1148  }
1149  
1150  /**
1151   * Merge parsed POST chunks.
1152   *
1153   * NOTE: this is not perfect, but it should work in most cases hopefully.
1154   *
1155   * @param array $target
1156   * @param array $values
1157   */
1158  function merge_query_params(array &$target, array $values) {
1159      if (isset($values[0]) and isset($target[0])) {
1160          // This looks like a split [] array, lets verify the keys are continuous starting with 0.
1161          $keys1 = array_keys($values);
1162          $keys2 = array_keys($target);
1163          if ($keys1 === array_keys($keys1) and $keys2 === array_keys($keys2)) {
1164              foreach ($values as $v) {
1165                  $target[] = $v;
1166              }
1167              return;
1168          }
1169      }
1170      foreach ($values as $k => $v) {
1171          if (!isset($target[$k])) {
1172              $target[$k] = $v;
1173              continue;
1174          }
1175          if (is_array($target[$k]) and is_array($v)) {
1176              merge_query_params($target[$k], $v);
1177              continue;
1178          }
1179          // We should not get here unless there are duplicates in params.
1180          $target[$k] = $v;
1181      }
1182  }
1183  
1184  /**
1185   * Initializes our performance info early.
1186   *
1187   * Pairs up with get_performance_info() which is actually
1188   * in moodlelib.php. This function is here so that we can
1189   * call it before all the libs are pulled in.
1190   *
1191   * @uses $PERF
1192   */
1193  function init_performance_info() {
1194  
1195      global $PERF, $CFG, $USER;
1196  
1197      $PERF = new stdClass();
1198      $PERF->logwrites = 0;
1199      if (function_exists('microtime')) {
1200          $PERF->starttime = microtime();
1201      }
1202      if (function_exists('memory_get_usage')) {
1203          $PERF->startmemory = memory_get_usage();
1204      }
1205      if (function_exists('posix_times')) {
1206          $PERF->startposixtimes = posix_times();
1207      }
1208  }
1209  
1210  /**
1211   * Indicates whether we are in the middle of the initial Moodle install.
1212   *
1213   * Very occasionally it is necessary avoid running certain bits of code before the
1214   * Moodle installation has completed. The installed flag is set in admin/index.php
1215   * after Moodle core and all the plugins have been installed, but just before
1216   * the person doing the initial install is asked to choose the admin password.
1217   *
1218   * @return boolean true if the initial install is not complete.
1219   */
1220  function during_initial_install() {
1221      global $CFG;
1222      return empty($CFG->rolesactive);
1223  }
1224  
1225  /**
1226   * Function to raise the memory limit to a new value.
1227   * Will respect the memory limit if it is higher, thus allowing
1228   * settings in php.ini, apache conf or command line switches
1229   * to override it.
1230   *
1231   * The memory limit should be expressed with a constant
1232   * MEMORY_STANDARD, MEMORY_EXTRA or MEMORY_HUGE.
1233   * It is possible to use strings or integers too (eg:'128M').
1234   *
1235   * @param mixed $newlimit the new memory limit
1236   * @return bool success
1237   */
1238  function raise_memory_limit($newlimit) {
1239      global $CFG;
1240  
1241      if ($newlimit == MEMORY_UNLIMITED) {
1242          ini_set('memory_limit', -1);
1243          return true;
1244  
1245      } else if ($newlimit == MEMORY_STANDARD) {
1246          if (PHP_INT_SIZE > 4) {
1247              $newlimit = get_real_size('128M'); // 64bit needs more memory
1248          } else {
1249              $newlimit = get_real_size('96M');
1250          }
1251  
1252      } else if ($newlimit == MEMORY_EXTRA) {
1253          if (PHP_INT_SIZE > 4) {
1254              $newlimit = get_real_size('384M'); // 64bit needs more memory
1255          } else {
1256              $newlimit = get_real_size('256M');
1257          }
1258          if (!empty($CFG->extramemorylimit)) {
1259              $extra = get_real_size($CFG->extramemorylimit);
1260              if ($extra > $newlimit) {
1261                  $newlimit = $extra;
1262              }
1263          }
1264  
1265      } else if ($newlimit == MEMORY_HUGE) {
1266          // MEMORY_HUGE uses 2G or MEMORY_EXTRA, whichever is bigger.
1267          $newlimit = get_real_size('2G');
1268          if (!empty($CFG->extramemorylimit)) {
1269              $extra = get_real_size($CFG->extramemorylimit);
1270              if ($extra > $newlimit) {
1271                  $newlimit = $extra;
1272              }
1273          }
1274  
1275      } else {
1276          $newlimit = get_real_size($newlimit);
1277      }
1278  
1279      if ($newlimit <= 0) {
1280          debugging('Invalid memory limit specified.');
1281          return false;
1282      }
1283  
1284      $cur = ini_get('memory_limit');
1285      if (empty($cur)) {
1286          // if php is compiled without --enable-memory-limits
1287          // apparently memory_limit is set to ''
1288          $cur = 0;
1289      } else {
1290          if ($cur == -1){
1291              return true; // unlimited mem!
1292          }
1293          $cur = get_real_size($cur);
1294      }
1295  
1296      if ($newlimit > $cur) {
1297          ini_set('memory_limit', $newlimit);
1298          return true;
1299      }
1300      return false;
1301  }
1302  
1303  /**
1304   * Function to reduce the memory limit to a new value.
1305   * Will respect the memory limit if it is lower, thus allowing
1306   * settings in php.ini, apache conf or command line switches
1307   * to override it
1308   *
1309   * The memory limit should be expressed with a string (eg:'64M')
1310   *
1311   * @param string $newlimit the new memory limit
1312   * @return bool
1313   */
1314  function reduce_memory_limit($newlimit) {
1315      if (empty($newlimit)) {
1316          return false;
1317      }
1318      $cur = ini_get('memory_limit');
1319      if (empty($cur)) {
1320          // if php is compiled without --enable-memory-limits
1321          // apparently memory_limit is set to ''
1322          $cur = 0;
1323      } else {
1324          if ($cur == -1){
1325              return true; // unlimited mem!
1326          }
1327          $cur = get_real_size($cur);
1328      }
1329  
1330      $new = get_real_size($newlimit);
1331      // -1 is smaller, but it means unlimited
1332      if ($new < $cur && $new != -1) {
1333          ini_set('memory_limit', $newlimit);
1334          return true;
1335      }
1336      return false;
1337  }
1338  
1339  /**
1340   * Converts numbers like 10M into bytes.
1341   *
1342   * @param string $size The size to be converted
1343   * @return int
1344   */
1345  function get_real_size($size = 0) {
1346      if (!$size) {
1347          return 0;
1348      }
1349  
1350      static $binaryprefixes = array(
1351          'K' => 1024 ** 1,
1352          'k' => 1024 ** 1,
1353          'M' => 1024 ** 2,
1354          'm' => 1024 ** 2,
1355          'G' => 1024 ** 3,
1356          'g' => 1024 ** 3,
1357          'T' => 1024 ** 4,
1358          't' => 1024 ** 4,
1359          'P' => 1024 ** 5,
1360          'p' => 1024 ** 5,
1361      );
1362  
1363      if (preg_match('/^([0-9]+)([KMGTP])/i', $size, $matches)) {
1364          return $matches[1] * $binaryprefixes[$matches[2]];
1365      }
1366  
1367      return (int) $size;
1368  }
1369  
1370  /**
1371   * Try to disable all output buffering and purge
1372   * all headers.
1373   *
1374   * @access private to be called only from lib/setup.php !
1375   * @return void
1376   */
1377  function disable_output_buffering() {
1378      $olddebug = error_reporting(0);
1379  
1380      // disable compression, it would prevent closing of buffers
1381      if (ini_get_bool('zlib.output_compression')) {
1382          ini_set('zlib.output_compression', 'Off');
1383      }
1384  
1385      // try to flush everything all the time
1386      ob_implicit_flush(true);
1387  
1388      // close all buffers if possible and discard any existing output
1389      // this can actually work around some whitespace problems in config.php
1390      while(ob_get_level()) {
1391          if (!ob_end_clean()) {
1392              // prevent infinite loop when buffer can not be closed
1393              break;
1394          }
1395      }
1396  
1397      // disable any other output handlers
1398      ini_set('output_handler', '');
1399  
1400      error_reporting($olddebug);
1401  
1402      // Disable buffering in nginx.
1403      header('X-Accel-Buffering: no');
1404  
1405  }
1406  
1407  /**
1408   * Check whether a major upgrade is needed.
1409   *
1410   * That is defined as an upgrade that changes something really fundamental
1411   * in the database, so nothing can possibly work until the database has
1412   * been updated, and that is defined by the hard-coded version number in
1413   * this function.
1414   *
1415   * @return bool
1416   */
1417  function is_major_upgrade_required() {
1418      global $CFG;
1419      $lastmajordbchanges = 2022101400.03; // This should be the version where the breaking changes happen.
1420  
1421      $required = empty($CFG->version);
1422      $required = $required || (float)$CFG->version < $lastmajordbchanges;
1423      $required = $required || during_initial_install();
1424      $required = $required || !empty($CFG->adminsetuppending);
1425  
1426      return $required;
1427  }
1428  
1429  /**
1430   * Redirect to the Notifications page if a major upgrade is required, and
1431   * terminate the current user session.
1432   */
1433  function redirect_if_major_upgrade_required() {
1434      global $CFG;
1435      if (is_major_upgrade_required()) {
1436          try {
1437              @\core\session\manager::terminate_current();
1438          } catch (Exception $e) {
1439              // Ignore any errors, redirect to upgrade anyway.
1440          }
1441          $url = $CFG->wwwroot . '/' . $CFG->admin . '/index.php';
1442          @header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other');
1443          @header('Location: ' . $url);
1444          echo bootstrap_renderer::plain_redirect_message(htmlspecialchars($url, ENT_COMPAT));
1445          exit;
1446      }
1447  }
1448  
1449  /**
1450   * Makes sure that upgrade process is not running
1451   *
1452   * To be inserted in the core functions that can not be called by pluigns during upgrade.
1453   * Core upgrade should not use any API functions at all.
1454   * See {@link https://moodledev.io/docs/guides/upgrade#upgrade-code-restrictions}
1455   *
1456   * @throws moodle_exception if executed from inside of upgrade script and $warningonly is false
1457   * @param bool $warningonly if true displays a warning instead of throwing an exception
1458   * @return bool true if executed from outside of upgrade process, false if from inside upgrade process and function is used for warning only
1459   */
1460  function upgrade_ensure_not_running($warningonly = false) {
1461      global $CFG;
1462      if (!empty($CFG->upgraderunning)) {
1463          if (!$warningonly) {
1464              throw new moodle_exception('cannotexecduringupgrade');
1465          } else {
1466              debugging(get_string('cannotexecduringupgrade', 'error'), DEBUG_DEVELOPER);
1467              return false;
1468          }
1469      }
1470      return true;
1471  }
1472  
1473  /**
1474   * Function to check if a directory exists and by default create it if not exists.
1475   *
1476   * Previously this was accepting paths only from dataroot, but we now allow
1477   * files outside of dataroot if you supply custom paths for some settings in config.php.
1478   * This function does not verify that the directory is writable.
1479   *
1480   * NOTE: this function uses current file stat cache,
1481   *       please use clearstatcache() before this if you expect that the
1482   *       directories may have been removed recently from a different request.
1483   *
1484   * @param string $dir absolute directory path
1485   * @param boolean $create directory if does not exist
1486   * @param boolean $recursive create directory recursively
1487   * @return boolean true if directory exists or created, false otherwise
1488   */
1489  function check_dir_exists($dir, $create = true, $recursive = true) {
1490      global $CFG;
1491  
1492      umask($CFG->umaskpermissions);
1493  
1494      if (is_dir($dir)) {
1495          return true;
1496      }
1497  
1498      if (!$create) {
1499          return false;
1500      }
1501  
1502      return mkdir($dir, $CFG->directorypermissions, $recursive);
1503  }
1504  
1505  /**
1506   * Create a new unique directory within the specified directory.
1507   *
1508   * @param string $basedir The directory to create your new unique directory within.
1509   * @param bool $exceptiononerror throw exception if error encountered
1510   * @return string The created directory
1511   * @throws invalid_dataroot_permissions
1512   */
1513  function make_unique_writable_directory($basedir, $exceptiononerror = true) {
1514      if (!is_dir($basedir) || !is_writable($basedir)) {
1515          // The basedir is not writable. We will not be able to create the child directory.
1516          if ($exceptiononerror) {
1517              throw new invalid_dataroot_permissions($basedir . ' is not writable. Unable to create a unique directory within it.');
1518          } else {
1519              return false;
1520          }
1521      }
1522  
1523      do {
1524          // Let's use uniqid() because it's "unique enough" (microtime based). The loop does handle repetitions.
1525          // Windows and old PHP don't like very long paths, so try to keep this shorter. See MDL-69975.
1526          $uniquedir = $basedir . DIRECTORY_SEPARATOR . uniqid();
1527      } while (
1528              // Ensure that basedir is still writable - if we do not check, we could get stuck in a loop here.
1529              is_writable($basedir) &&
1530  
1531              // Make the new unique directory. If the directory already exists, it will return false.
1532              !make_writable_directory($uniquedir, $exceptiononerror) &&
1533  
1534              // Ensure that the directory now exists
1535              file_exists($uniquedir) && is_dir($uniquedir)
1536          );
1537  
1538      // Check that the directory was correctly created.
1539      if (!file_exists($uniquedir) || !is_dir($uniquedir) || !is_writable($uniquedir)) {
1540          if ($exceptiononerror) {
1541              throw new invalid_dataroot_permissions('Unique directory creation failed.');
1542          } else {
1543              return false;
1544          }
1545      }
1546  
1547      return $uniquedir;
1548  }
1549  
1550  /**
1551   * Create a directory and make sure it is writable.
1552   *
1553   * @private
1554   * @param string $dir  the full path of the directory to be created
1555   * @param bool $exceptiononerror throw exception if error encountered
1556   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1557   */
1558  function make_writable_directory($dir, $exceptiononerror = true) {
1559      global $CFG;
1560  
1561      if (file_exists($dir) and !is_dir($dir)) {
1562          if ($exceptiononerror) {
1563              throw new coding_exception($dir.' directory can not be created, file with the same name already exists.');
1564          } else {
1565              return false;
1566          }
1567      }
1568  
1569      umask($CFG->umaskpermissions);
1570  
1571      if (!file_exists($dir)) {
1572          if (!@mkdir($dir, $CFG->directorypermissions, true)) {
1573              clearstatcache();
1574              // There might be a race condition when creating directory.
1575              if (!is_dir($dir)) {
1576                  if ($exceptiononerror) {
1577                      throw new invalid_dataroot_permissions($dir.' can not be created, check permissions.');
1578                  } else {
1579                      debugging('Can not create directory: '.$dir, DEBUG_DEVELOPER);
1580                      return false;
1581                  }
1582              }
1583          }
1584      }
1585  
1586      if (!is_writable($dir)) {
1587          if ($exceptiononerror) {
1588              throw new invalid_dataroot_permissions($dir.' is not writable, check permissions.');
1589          } else {
1590              return false;
1591          }
1592      }
1593  
1594      return $dir;
1595  }
1596  
1597  /**
1598   * Protect a directory from web access.
1599   * Could be extended in the future to support other mechanisms (e.g. other webservers).
1600   *
1601   * @private
1602   * @param string $dir  the full path of the directory to be protected
1603   */
1604  function protect_directory($dir) {
1605      global $CFG;
1606      // Make sure a .htaccess file is here, JUST IN CASE the files area is in the open and .htaccess is supported
1607      if (!file_exists("$dir/.htaccess")) {
1608          if ($handle = fopen("$dir/.htaccess", 'w')) {   // For safety
1609              @fwrite($handle, "deny from all\r\nAllowOverride None\r\nNote: this file is broken intentionally, we do not want anybody to undo it in subdirectory!\r\n");
1610              @fclose($handle);
1611              @chmod("$dir/.htaccess", $CFG->filepermissions);
1612          }
1613      }
1614  }
1615  
1616  /**
1617   * Create a directory under dataroot and make sure it is writable.
1618   * Do not use for temporary and cache files - see make_temp_directory() and make_cache_directory().
1619   *
1620   * @param string $directory  the full path of the directory to be created under $CFG->dataroot
1621   * @param bool $exceptiononerror throw exception if error encountered
1622   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1623   */
1624  function make_upload_directory($directory, $exceptiononerror = true) {
1625      global $CFG;
1626  
1627      if (strpos($directory, 'temp/') === 0 or $directory === 'temp') {
1628          debugging('Use make_temp_directory() for creation of temporary directory and $CFG->tempdir to get the location.');
1629  
1630      } else if (strpos($directory, 'cache/') === 0 or $directory === 'cache') {
1631          debugging('Use make_cache_directory() for creation of cache directory and $CFG->cachedir to get the location.');
1632  
1633      } else if (strpos($directory, 'localcache/') === 0 or $directory === 'localcache') {
1634          debugging('Use make_localcache_directory() for creation of local cache directory and $CFG->localcachedir to get the location.');
1635      }
1636  
1637      protect_directory($CFG->dataroot);
1638      return make_writable_directory("$CFG->dataroot/$directory", $exceptiononerror);
1639  }
1640  
1641  /**
1642   * Get a per-request storage directory in the tempdir.
1643   *
1644   * The directory is automatically cleaned up during the shutdown handler.
1645   *
1646   * @param   bool    $exceptiononerror throw exception if error encountered
1647   * @param   bool    $forcecreate Force creation of a new parent directory
1648   * @return  string  Returns full path to directory if successful, false if not; may throw exception
1649   */
1650  function get_request_storage_directory($exceptiononerror = true, bool $forcecreate = false) {
1651      global $CFG;
1652  
1653      static $requestdir = null;
1654  
1655      $writabledirectoryexists = (null !== $requestdir);
1656      $writabledirectoryexists = $writabledirectoryexists && file_exists($requestdir);
1657      $writabledirectoryexists = $writabledirectoryexists && is_dir($requestdir);
1658      $writabledirectoryexists = $writabledirectoryexists && is_writable($requestdir);
1659      $createnewdirectory = $forcecreate || !$writabledirectoryexists;
1660  
1661      if ($createnewdirectory) {
1662  
1663          // Let's add the first chars of siteidentifier only. This is to help separate
1664          // paths on systems which host multiple moodles. We don't use the full id
1665          // as Windows and old PHP don't like very long paths. See MDL-69975.
1666          $basedir = $CFG->localrequestdir . '/' . substr($CFG->siteidentifier, 0, 4);
1667  
1668          make_writable_directory($basedir);
1669          protect_directory($basedir);
1670  
1671          if ($dir = make_unique_writable_directory($basedir, $exceptiononerror)) {
1672              // Register a shutdown handler to remove the directory.
1673              \core_shutdown_manager::register_function('remove_dir', [$dir]);
1674          }
1675  
1676          $requestdir = $dir;
1677      }
1678  
1679      return $requestdir;
1680  }
1681  
1682  /**
1683   * Create a per-request directory and make sure it is writable.
1684   * This can only be used during the current request and will be tidied away
1685   * automatically afterwards.
1686   *
1687   * A new, unique directory is always created within a shared base request directory.
1688   *
1689   * In some exceptional cases an alternative base directory may be required. This can be accomplished using the
1690   * $forcecreate parameter. Typically this will only be requried where the file may be required during a shutdown handler
1691   * which may or may not be registered after a previous request directory has been created.
1692   *
1693   * @param   bool    $exceptiononerror throw exception if error encountered
1694   * @param   bool    $forcecreate Force creation of a new parent directory
1695   * @return  string  The full path to directory if successful, false if not; may throw exception
1696   */
1697  function make_request_directory(bool $exceptiononerror = true, bool $forcecreate = false) {
1698      $basedir = get_request_storage_directory($exceptiononerror, $forcecreate);
1699      return make_unique_writable_directory($basedir, $exceptiononerror);
1700  }
1701  
1702  /**
1703   * Get the full path of a directory under $CFG->backuptempdir.
1704   *
1705   * @param string $directory  the relative path of the directory under $CFG->backuptempdir
1706   * @return string|false Returns full path to directory given a valid string; otherwise, false.
1707   */
1708  function get_backup_temp_directory($directory) {
1709      global $CFG;
1710      if (($directory === null) || ($directory === false)) {
1711          return false;
1712      }
1713      return "$CFG->backuptempdir/$directory";
1714  }
1715  
1716  /**
1717   * Create a directory under $CFG->backuptempdir and make sure it is writable.
1718   *
1719   * Do not use for storing generic temp files - see make_temp_directory() instead for this purpose.
1720   *
1721   * Backup temporary files must be on a shared storage.
1722   *
1723   * @param string $directory  the relative path of the directory to be created under $CFG->backuptempdir
1724   * @param bool $exceptiononerror throw exception if error encountered
1725   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1726   */
1727  function make_backup_temp_directory($directory, $exceptiononerror = true) {
1728      global $CFG;
1729      if ($CFG->backuptempdir !== "$CFG->tempdir/backup") {
1730          check_dir_exists($CFG->backuptempdir, true, true);
1731          protect_directory($CFG->backuptempdir);
1732      } else {
1733          protect_directory($CFG->tempdir);
1734      }
1735      return make_writable_directory("$CFG->backuptempdir/$directory", $exceptiononerror);
1736  }
1737  
1738  /**
1739   * Create a directory under tempdir and make sure it is writable.
1740   *
1741   * Where possible, please use make_request_directory() and limit the scope
1742   * of your data to the current HTTP request.
1743   *
1744   * Do not use for storing cache files - see make_cache_directory(), and
1745   * make_localcache_directory() instead for this purpose.
1746   *
1747   * Temporary files must be on a shared storage, and heavy usage is
1748   * discouraged due to the performance impact upon clustered environments.
1749   *
1750   * @param string $directory  the full path of the directory to be created under $CFG->tempdir
1751   * @param bool $exceptiononerror throw exception if error encountered
1752   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1753   */
1754  function make_temp_directory($directory, $exceptiononerror = true) {
1755      global $CFG;
1756      if ($CFG->tempdir !== "$CFG->dataroot/temp") {
1757          check_dir_exists($CFG->tempdir, true, true);
1758          protect_directory($CFG->tempdir);
1759      } else {
1760          protect_directory($CFG->dataroot);
1761      }
1762      return make_writable_directory("$CFG->tempdir/$directory", $exceptiononerror);
1763  }
1764  
1765  /**
1766   * Create a directory under cachedir and make sure it is writable.
1767   *
1768   * Note: this cache directory is shared by all cluster nodes.
1769   *
1770   * @param string $directory  the full path of the directory to be created under $CFG->cachedir
1771   * @param bool $exceptiononerror throw exception if error encountered
1772   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1773   */
1774  function make_cache_directory($directory, $exceptiononerror = true) {
1775      global $CFG;
1776      if ($CFG->cachedir !== "$CFG->dataroot/cache") {
1777          check_dir_exists($CFG->cachedir, true, true);
1778          protect_directory($CFG->cachedir);
1779      } else {
1780          protect_directory($CFG->dataroot);
1781      }
1782      return make_writable_directory("$CFG->cachedir/$directory", $exceptiononerror);
1783  }
1784  
1785  /**
1786   * Create a directory under localcachedir and make sure it is writable.
1787   * The files in this directory MUST NOT change, use revisions or content hashes to
1788   * work around this limitation - this means you can only add new files here.
1789   *
1790   * The content of this directory gets purged automatically on all cluster nodes
1791   * after calling purge_all_caches() before new data is written to this directory.
1792   *
1793   * Note: this local cache directory does not need to be shared by cluster nodes.
1794   *
1795   * @param string $directory the relative path of the directory to be created under $CFG->localcachedir
1796   * @param bool $exceptiononerror throw exception if error encountered
1797   * @return string|false Returns full path to directory if successful, false if not; may throw exception
1798   */
1799  function make_localcache_directory($directory, $exceptiononerror = true) {
1800      global $CFG;
1801  
1802      make_writable_directory($CFG->localcachedir, $exceptiononerror);
1803  
1804      if ($CFG->localcachedir !== "$CFG->dataroot/localcache") {
1805          protect_directory($CFG->localcachedir);
1806      } else {
1807          protect_directory($CFG->dataroot);
1808      }
1809  
1810      if (!isset($CFG->localcachedirpurged)) {
1811          $CFG->localcachedirpurged = 0;
1812      }
1813      $timestampfile = "$CFG->localcachedir/.lastpurged";
1814  
1815      if (!file_exists($timestampfile)) {
1816          touch($timestampfile);
1817          @chmod($timestampfile, $CFG->filepermissions);
1818  
1819      } else if (filemtime($timestampfile) <  $CFG->localcachedirpurged) {
1820          // This means our local cached dir was not purged yet.
1821          remove_dir($CFG->localcachedir, true);
1822          if ($CFG->localcachedir !== "$CFG->dataroot/localcache") {
1823              protect_directory($CFG->localcachedir);
1824          }
1825          touch($timestampfile);
1826          @chmod($timestampfile, $CFG->filepermissions);
1827          clearstatcache();
1828      }
1829  
1830      if ($directory === '') {
1831          return $CFG->localcachedir;
1832      }
1833  
1834      return make_writable_directory("$CFG->localcachedir/$directory", $exceptiononerror);
1835  }
1836  
1837  /**
1838   * Webserver access user logging
1839   */
1840  function set_access_log_user() {
1841      global $USER, $CFG;
1842      if ($USER && isset($USER->username)) {
1843          $logmethod = '';
1844          $logvalue = 0;
1845          if (!empty($CFG->apacheloguser) && function_exists('apache_note')) {
1846              $logmethod = 'apache';
1847              $logvalue = $CFG->apacheloguser;
1848          }
1849          if (!empty($CFG->headerloguser)) {
1850              $logmethod = 'header';
1851              $logvalue = $CFG->headerloguser;
1852          }
1853          if (!empty($logmethod)) {
1854              $loguserid = $USER->id;
1855              $logusername = clean_filename($USER->username);
1856              $logname = '';
1857              if (isset($USER->firstname)) {
1858                  // We can assume both will be set
1859                  // - even if to empty.
1860                  $logname = clean_filename($USER->firstname . " " . $USER->lastname);
1861              }
1862              if (\core\session\manager::is_loggedinas()) {
1863                  $realuser = \core\session\manager::get_realuser();
1864                  $logusername = clean_filename($realuser->username." as ".$logusername);
1865                  $logname = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$logname);
1866                  $loguserid = clean_filename($realuser->id." as ".$loguserid);
1867              }
1868              switch ($logvalue) {
1869                  case 3:
1870                      $logname = $logusername;
1871                      break;
1872                  case 2:
1873                      $logname = $logname;
1874                      break;
1875                  case 1:
1876                  default:
1877                      $logname = $loguserid;
1878                      break;
1879              }
1880              if ($logmethod == 'apache') {
1881                  apache_note('MOODLEUSER', $logname);
1882              }
1883  
1884              if ($logmethod == 'header' && !headers_sent()) {
1885                  header("X-MOODLEUSER: $logname");
1886              }
1887          }
1888      }
1889  }
1890  
1891  /**
1892   * This class solves the problem of how to initialise $OUTPUT.
1893   *
1894   * The problem is caused be two factors
1895   * <ol>
1896   * <li>On the one hand, we cannot be sure when output will start. In particular,
1897   * an error, which needs to be displayed, could be thrown at any time.</li>
1898   * <li>On the other hand, we cannot be sure when we will have all the information
1899   * necessary to correctly initialise $OUTPUT. $OUTPUT depends on the theme, which
1900   * (potentially) depends on the current course, course categories, and logged in user.
1901   * It also depends on whether the current page requires HTTPS.</li>
1902   * </ol>
1903   *
1904   * So, it is hard to find a single natural place during Moodle script execution,
1905   * which we can guarantee is the right time to initialise $OUTPUT. Instead we
1906   * adopt the following strategy
1907   * <ol>
1908   * <li>We will initialise $OUTPUT the first time it is used.</li>
1909   * <li>If, after $OUTPUT has been initialised, the script tries to change something
1910   * that $OUTPUT depends on, we throw an exception making it clear that the script
1911   * did something wrong.
1912   * </ol>
1913   *
1914   * The only problem with that is, how do we initialise $OUTPUT on first use if,
1915   * it is going to be used like $OUTPUT->somthing(...)? Well that is where this
1916   * class comes in. Initially, we set up $OUTPUT = new bootstrap_renderer(). Then,
1917   * when any method is called on that object, we initialise $OUTPUT, and pass the call on.
1918   *
1919   * Note that this class is used before lib/outputlib.php has been loaded, so we
1920   * must be careful referring to classes/functions from there, they may not be
1921   * defined yet, and we must avoid fatal errors.
1922   *
1923   * @copyright 2009 Tim Hunt
1924   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
1925   * @since     Moodle 2.0
1926   */
1927  class bootstrap_renderer {
1928      /**
1929       * Handles re-entrancy. Without this, errors or debugging output that occur
1930       * during the initialisation of $OUTPUT, cause infinite recursion.
1931       * @var boolean
1932       */
1933      protected $initialising = false;
1934  
1935      /**
1936       * Have we started output yet?
1937       * @return boolean true if the header has been printed.
1938       */
1939      public function has_started() {
1940          return false;
1941      }
1942  
1943      /**
1944       * Constructor - to be used by core code only.
1945       * @param string $method The method to call
1946       * @param array $arguments Arguments to pass to the method being called
1947       * @return string
1948       */
1949      public function __call($method, $arguments) {
1950          global $OUTPUT, $PAGE;
1951  
1952          $recursing = false;
1953          if ($method == 'notification') {
1954              // Catch infinite recursion caused by debugging output during print_header.
1955              $backtrace = debug_backtrace();
1956              array_shift($backtrace);
1957              array_shift($backtrace);
1958              $recursing = is_early_init($backtrace);
1959          }
1960  
1961          $earlymethods = array(
1962              'fatal_error' => 'early_error',
1963              'notification' => 'early_notification',
1964          );
1965  
1966          // If lib/outputlib.php has been loaded, call it.
1967          if (!empty($PAGE) && !$recursing) {
1968              if (array_key_exists($method, $earlymethods)) {
1969                  //prevent PAGE->context warnings - exceptions might appear before we set any context
1970                  $PAGE->set_context(null);
1971              }
1972              $PAGE->initialise_theme_and_output();
1973              return call_user_func_array(array($OUTPUT, $method), $arguments);
1974          }
1975  
1976          $this->initialising = true;
1977  
1978          // Too soon to initialise $OUTPUT, provide a couple of key methods.
1979          if (array_key_exists($method, $earlymethods)) {
1980              return call_user_func_array(array('bootstrap_renderer', $earlymethods[$method]), $arguments);
1981          }
1982  
1983          throw new coding_exception('Attempt to start output before enough information is known to initialise the theme.');
1984      }
1985  
1986      /**
1987       * Returns nicely formatted error message in a div box.
1988       * @static
1989       * @param string $message error message
1990       * @param string $moreinfourl (ignored in early errors)
1991       * @param string $link (ignored in early errors)
1992       * @param array $backtrace
1993       * @param string $debuginfo
1994       * @return string
1995       */
1996      public static function early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo = null) {
1997          global $CFG;
1998  
1999          $content = "<div class='alert-danger'>$message</div>";
2000          // Check whether debug is set.
2001          $debug = (!empty($CFG->debug) && $CFG->debug >= DEBUG_DEVELOPER);
2002          // Also check we have it set in the config file. This occurs if the method to read the config table from the
2003          // database fails, reading from the config table is the first database interaction we have.
2004          $debug = $debug || (!empty($CFG->config_php_settings['debug'])  && $CFG->config_php_settings['debug'] >= DEBUG_DEVELOPER );
2005          if ($debug) {
2006              if (!empty($debuginfo)) {
2007                  // Remove all nasty JS.
2008                  if (function_exists('s')) { // Function may be not available for some early errors.
2009                      $debuginfo = s($debuginfo);
2010                  } else {
2011                      // Because weblib is not available for these early errors, we
2012                      // just duplicate s() code here to be safe.
2013                      $debuginfo = preg_replace('/&amp;#(\d+|x[0-9a-f]+);/i', '&#$1;',
2014                      htmlspecialchars($debuginfo, ENT_QUOTES | ENT_HTML401 | ENT_SUBSTITUTE));
2015                  }
2016                  $debuginfo = str_replace("\n", '<br />', $debuginfo); // keep newlines
2017                  $content .= '<div class="notifytiny">Debug info: ' . $debuginfo . '</div>';
2018              }
2019              if (!empty($backtrace)) {
2020                  $content .= '<div class="notifytiny">Stack trace: ' . format_backtrace($backtrace, false) . '</div>';
2021              }
2022          }
2023  
2024          return $content;
2025      }
2026  
2027      /**
2028       * This function should only be called by this class, or from exception handlers
2029       * @static
2030       * @param string $message error message
2031       * @param string $moreinfourl (ignored in early errors)
2032       * @param string $link (ignored in early errors)
2033       * @param array $backtrace
2034       * @param string $debuginfo extra information for developers
2035       * @return string
2036       */
2037      public static function early_error($message, $moreinfourl, $link, $backtrace, $debuginfo = null, $errorcode = null) {
2038          global $CFG;
2039  
2040          if (CLI_SCRIPT) {
2041              echo "!!! $message !!!\n";
2042              if (!empty($CFG->debug) and $CFG->debug >= DEBUG_DEVELOPER) {
2043                  if (!empty($debuginfo)) {
2044                      echo "\nDebug info: $debuginfo";
2045                  }
2046                  if (!empty($backtrace)) {
2047                      echo "\nStack trace: " . format_backtrace($backtrace, true);
2048                  }
2049              }
2050              return;
2051  
2052          } else if (AJAX_SCRIPT) {
2053              $e = new stdClass();
2054              $e->error      = $message;
2055              $e->stacktrace = NULL;
2056              $e->debuginfo  = NULL;
2057              if (!empty($CFG->debug) and $CFG->debug >= DEBUG_DEVELOPER) {
2058                  if (!empty($debuginfo)) {
2059                      $e->debuginfo = $debuginfo;
2060                  }
2061                  if (!empty($backtrace)) {
2062                      $e->stacktrace = format_backtrace($backtrace, true);
2063                  }
2064              }
2065              $e->errorcode  = $errorcode;
2066              @header('Content-Type: application/json; charset=utf-8');
2067              echo json_encode($e);
2068              return;
2069          }
2070  
2071          // In the name of protocol correctness, monitoring and performance
2072          // profiling, set the appropriate error headers for machine consumption.
2073          $protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0');
2074          @header($protocol . ' 500 Internal Server Error');
2075  
2076          // better disable any caching
2077          @header('Content-Type: text/html; charset=utf-8');
2078          @header('X-UA-Compatible: IE=edge');
2079          @header('Cache-Control: no-store, no-cache, must-revalidate');
2080          @header('Cache-Control: post-check=0, pre-check=0', false);
2081          @header('Pragma: no-cache');
2082          @header('Expires: Mon, 20 Aug 1969 09:23:00 GMT');
2083          @header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
2084  
2085          if (function_exists('get_string')) {
2086              $strerror = get_string('error');
2087          } else {
2088              $strerror = 'Error';
2089          }
2090  
2091          $content = self::early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo);
2092  
2093          return self::plain_page($strerror, $content);
2094      }
2095  
2096      /**
2097       * Early notification message
2098       * @static
2099       * @param string $message
2100       * @param string $classes usually notifyproblem or notifysuccess
2101       * @return string
2102       */
2103      public static function early_notification($message, $classes = 'notifyproblem') {
2104          return '<div class="' . $classes . '">' . $message . '</div>';
2105      }
2106  
2107      /**
2108       * Page should redirect message.
2109       * @static
2110       * @param string $encodedurl redirect url
2111       * @return string
2112       */
2113      public static function plain_redirect_message($encodedurl) {
2114          $message = '<div style="margin-top: 3em; margin-left:auto; margin-right:auto; text-align:center;">' . get_string('pageshouldredirect') . '<br /><a href="'.
2115                  $encodedurl .'">'. get_string('continue') .'</a></div>';
2116          return self::plain_page(get_string('redirect'), $message);
2117      }
2118  
2119      /**
2120       * Early redirection page, used before full init of $PAGE global
2121       * @static
2122       * @param string $encodedurl redirect url
2123       * @param string $message redirect message
2124       * @param int $delay time in seconds
2125       * @return string redirect page
2126       */
2127      public static function early_redirect_message($encodedurl, $message, $delay) {
2128          $meta = '<meta http-equiv="refresh" content="'. $delay .'; url='. $encodedurl .'" />';
2129          $content = self::early_error_content($message, null, null, null);
2130          $content .= self::plain_redirect_message($encodedurl);
2131  
2132          return self::plain_page(get_string('redirect'), $content, $meta);
2133      }
2134  
2135      /**
2136       * Output basic html page.
2137       * @static
2138       * @param string $title page title
2139       * @param string $content page content
2140       * @param string $meta meta tag
2141       * @return string html page
2142       */
2143      public static function plain_page($title, $content, $meta = '') {
2144          global $CFG;
2145  
2146          if (function_exists('get_string') && function_exists('get_html_lang')) {
2147              $htmllang = get_html_lang();
2148          } else {
2149              $htmllang = '';
2150          }
2151  
2152          $footer = '';
2153          if (function_exists('get_performance_info')) { // Function may be not available for some early errors.
2154              if (MDL_PERF_TEST) {
2155                  $perfinfo = get_performance_info();
2156                  $footer = '<footer>' . $perfinfo['html'] . '</footer>';
2157              }
2158          }
2159  
2160          ob_start();
2161          include($CFG->dirroot . '/error/plainpage.php');
2162          $html = ob_get_contents();
2163          ob_end_clean();
2164  
2165          return $html;
2166      }
2167  }
2168  
2169  /**
2170   * Add http stream instrumentation
2171   *
2172   * This detects which any reads or writes to a php stream which uses
2173   * the 'http' handler. Ideally 100% of traffic uses the Moodle curl
2174   * libraries which do not use php streams.
2175   *
2176   * @param array $code stream callback code
2177   */
2178  function proxy_log_callback($code) {
2179      if ($code == STREAM_NOTIFY_CONNECT) {
2180          $trace = debug_backtrace();
2181          $function = $trace[count($trace) - 1];
2182          $error = "Unsafe internet IO detected: {$function['function']} with arguments " . join(', ', $function['args']) . "\n";
2183          error_log($error . format_backtrace($trace, true)); // phpcs:ignore
2184      }
2185  }