Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403] [Versions 402 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * These functions are required very early in the Moodle 19 * setup process, before any of the main libraries are 20 * loaded. 21 * 22 * @package core 23 * @subpackage lib 24 * @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com} 25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 26 */ 27 28 defined('MOODLE_INTERNAL') || die(); 29 30 // Debug levels - always keep the values in ascending order! 31 /** No warnings and errors at all */ 32 define('DEBUG_NONE', 0); 33 /** Fatal errors only */ 34 define('DEBUG_MINIMAL', E_ERROR | E_PARSE); 35 /** Errors, warnings and notices */ 36 define('DEBUG_NORMAL', E_ERROR | E_PARSE | E_WARNING | E_NOTICE); 37 /** All problems except strict PHP warnings */ 38 define('DEBUG_ALL', E_ALL & ~E_STRICT); 39 /** DEBUG_ALL with all debug messages and strict warnings */ 40 define('DEBUG_DEVELOPER', E_ALL | E_STRICT); 41 42 /** Remove any memory limits */ 43 define('MEMORY_UNLIMITED', -1); 44 /** Standard memory limit for given platform */ 45 define('MEMORY_STANDARD', -2); 46 /** 47 * Large memory limit for given platform - used in cron, upgrade, and other places that need a lot of memory. 48 * Can be overridden with $CFG->extramemorylimit setting. 49 */ 50 define('MEMORY_EXTRA', -3); 51 /** Extremely large memory limit - not recommended for standard scripts */ 52 define('MEMORY_HUGE', -4); 53 54 /** 55 * Base Moodle Exception class 56 * 57 * Although this class is defined here, you cannot throw a moodle_exception until 58 * after moodlelib.php has been included (which will happen very soon). 59 * 60 * @package core 61 * @subpackage lib 62 * @copyright 2008 Petr Skoda {@link http://skodak.org} 63 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 64 */ 65 class moodle_exception extends Exception { 66 67 /** 68 * @var string The name of the string from error.php to print 69 */ 70 public $errorcode; 71 72 /** 73 * @var string The name of module 74 */ 75 public $module; 76 77 /** 78 * @var mixed Extra words and phrases that might be required in the error string 79 */ 80 public $a; 81 82 /** 83 * @var string The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page. 84 */ 85 public $link; 86 87 /** 88 * @var string Optional information to aid the debugging process 89 */ 90 public $debuginfo; 91 92 /** 93 * Constructor 94 * @param string $errorcode The name of the string from error.php to print 95 * @param string $module name of module 96 * @param string $link The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page. 97 * @param mixed $a Extra words and phrases that might be required in the error string 98 * @param string $debuginfo optional debugging information 99 */ 100 function __construct($errorcode, $module='', $link='', $a=NULL, $debuginfo=null) { 101 global $CFG; 102 103 if (empty($module) || $module == 'moodle' || $module == 'core') { 104 $module = 'error'; 105 } 106 107 $this->errorcode = $errorcode; 108 $this->module = $module; 109 $this->link = $link; 110 $this->a = $a; 111 $this->debuginfo = is_null($debuginfo) ? null : (string)$debuginfo; 112 113 if (get_string_manager()->string_exists($errorcode, $module)) { 114 $message = get_string($errorcode, $module, $a); 115 $haserrorstring = true; 116 } else { 117 $message = $module . '/' . $errorcode; 118 $haserrorstring = false; 119 } 120 121 $isinphpunittest = (defined('PHPUNIT_TEST') && PHPUNIT_TEST); 122 $hasdebugdeveloper = ( 123 isset($CFG->debugdisplay) && 124 isset($CFG->debug) && 125 $CFG->debugdisplay && 126 $CFG->debug === DEBUG_DEVELOPER 127 ); 128 129 if ($debuginfo) { 130 if ($isinphpunittest || $hasdebugdeveloper) { 131 $message = "$message ($debuginfo)"; 132 } 133 } 134 135 if (!$haserrorstring and $isinphpunittest) { 136 // Append the contents of $a to $debuginfo so helpful information isn't lost. 137 // This emulates what {@link get_exception_info()} does. Unfortunately that 138 // function is not used by phpunit. 139 $message .= PHP_EOL.'$a contents: '.print_r($a, true); 140 } 141 142 parent::__construct($message, 0); 143 } 144 } 145 146 /** 147 * Course/activity access exception. 148 * 149 * This exception is thrown from require_login() 150 * 151 * @package core_access 152 * @copyright 2010 Petr Skoda {@link http://skodak.org} 153 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 154 */ 155 class require_login_exception extends moodle_exception { 156 /** 157 * Constructor 158 * @param string $debuginfo Information to aid the debugging process 159 */ 160 function __construct($debuginfo) { 161 parent::__construct('requireloginerror', 'error', '', NULL, $debuginfo); 162 } 163 } 164 165 /** 166 * Session timeout exception. 167 * 168 * This exception is thrown from require_login() 169 * 170 * @package core_access 171 * @copyright 2015 Andrew Nicols <andrew@nicols.co.uk> 172 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 173 */ 174 class require_login_session_timeout_exception extends require_login_exception { 175 /** 176 * Constructor 177 */ 178 public function __construct() { 179 moodle_exception::__construct('sessionerroruser', 'error'); 180 } 181 } 182 183 /** 184 * Web service parameter exception class 185 * @deprecated since Moodle 2.2 - use moodle exception instead 186 * This exception must be thrown to the web service client when a web service parameter is invalid 187 * The error string is gotten from webservice.php 188 */ 189 class webservice_parameter_exception extends moodle_exception { 190 /** 191 * Constructor 192 * @param string $errorcode The name of the string from webservice.php to print 193 * @param string $a The name of the parameter 194 * @param string $debuginfo Optional information to aid debugging 195 */ 196 function __construct($errorcode=null, $a = '', $debuginfo = null) { 197 parent::__construct($errorcode, 'webservice', '', $a, $debuginfo); 198 } 199 } 200 201 /** 202 * Exceptions indicating user does not have permissions to do something 203 * and the execution can not continue. 204 * 205 * @package core_access 206 * @copyright 2009 Petr Skoda {@link http://skodak.org} 207 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 208 */ 209 class required_capability_exception extends moodle_exception { 210 /** 211 * Constructor 212 * @param context $context The context used for the capability check 213 * @param string $capability The required capability 214 * @param string $errormessage The error message to show the user 215 * @param string $stringfile 216 */ 217 function __construct($context, $capability, $errormessage, $stringfile) { 218 $capabilityname = get_capability_string($capability); 219 if ($context->contextlevel == CONTEXT_MODULE and preg_match('/:view$/', $capability)) { 220 // we can not go to mod/xx/view.php because we most probably do not have cap to view it, let's go to course instead 221 $parentcontext = $context->get_parent_context(); 222 $link = $parentcontext->get_url(); 223 } else { 224 $link = $context->get_url(); 225 } 226 parent::__construct($errormessage, $stringfile, $link, $capabilityname); 227 } 228 } 229 230 /** 231 * Exception indicating programming error, must be fixed by a programer. For example 232 * a core API might throw this type of exception if a plugin calls it incorrectly. 233 * 234 * @package core 235 * @subpackage lib 236 * @copyright 2008 Petr Skoda {@link http://skodak.org} 237 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 238 */ 239 class coding_exception extends moodle_exception { 240 /** 241 * Constructor 242 * @param string $hint short description of problem 243 * @param string $debuginfo detailed information how to fix problem 244 */ 245 function __construct($hint, $debuginfo=null) { 246 parent::__construct('codingerror', 'debug', '', $hint, $debuginfo); 247 } 248 } 249 250 /** 251 * Exception indicating malformed parameter problem. 252 * This exception is not supposed to be thrown when processing 253 * user submitted data in forms. It is more suitable 254 * for WS and other low level stuff. 255 * 256 * @package core 257 * @subpackage lib 258 * @copyright 2009 Petr Skoda {@link http://skodak.org} 259 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 260 */ 261 class invalid_parameter_exception extends moodle_exception { 262 /** 263 * Constructor 264 * @param string $debuginfo some detailed information 265 */ 266 function __construct($debuginfo=null) { 267 parent::__construct('invalidparameter', 'debug', '', null, $debuginfo); 268 } 269 } 270 271 /** 272 * Exception indicating malformed response problem. 273 * This exception is not supposed to be thrown when processing 274 * user submitted data in forms. It is more suitable 275 * for WS and other low level stuff. 276 */ 277 class invalid_response_exception extends moodle_exception { 278 /** 279 * Constructor 280 * @param string $debuginfo some detailed information 281 */ 282 function __construct($debuginfo=null) { 283 parent::__construct('invalidresponse', 'debug', '', null, $debuginfo); 284 } 285 } 286 287 /** 288 * An exception that indicates something really weird happened. For example, 289 * if you do switch ($context->contextlevel), and have one case for each 290 * CONTEXT_... constant. You might throw an invalid_state_exception in the 291 * default case, to just in case something really weird is going on, and 292 * $context->contextlevel is invalid - rather than ignoring this possibility. 293 * 294 * @package core 295 * @subpackage lib 296 * @copyright 2009 onwards Martin Dougiamas {@link http://moodle.com} 297 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 298 */ 299 class invalid_state_exception extends moodle_exception { 300 /** 301 * Constructor 302 * @param string $hint short description of problem 303 * @param string $debuginfo optional more detailed information 304 */ 305 function __construct($hint, $debuginfo=null) { 306 parent::__construct('invalidstatedetected', 'debug', '', $hint, $debuginfo); 307 } 308 } 309 310 /** 311 * An exception that indicates incorrect permissions in $CFG->dataroot 312 * 313 * @package core 314 * @subpackage lib 315 * @copyright 2010 Petr Skoda {@link http://skodak.org} 316 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 317 */ 318 class invalid_dataroot_permissions extends moodle_exception { 319 /** 320 * Constructor 321 * @param string $debuginfo optional more detailed information 322 */ 323 function __construct($debuginfo = NULL) { 324 parent::__construct('invaliddatarootpermissions', 'error', '', NULL, $debuginfo); 325 } 326 } 327 328 /** 329 * An exception that indicates that file can not be served 330 * 331 * @package core 332 * @subpackage lib 333 * @copyright 2010 Petr Skoda {@link http://skodak.org} 334 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 335 */ 336 class file_serving_exception extends moodle_exception { 337 /** 338 * Constructor 339 * @param string $debuginfo optional more detailed information 340 */ 341 function __construct($debuginfo = NULL) { 342 parent::__construct('cannotservefile', 'error', '', NULL, $debuginfo); 343 } 344 } 345 346 /** 347 * Default exception handler. 348 * 349 * @param Exception $ex 350 * @return void -does not return. Terminates execution! 351 */ 352 function default_exception_handler($ex) { 353 global $CFG, $DB, $OUTPUT, $USER, $FULLME, $SESSION, $PAGE; 354 355 // detect active db transactions, rollback and log as error 356 abort_all_db_transactions(); 357 358 if (($ex instanceof required_capability_exception) && !CLI_SCRIPT && !AJAX_SCRIPT && !empty($CFG->autologinguests) && !empty($USER->autologinguest)) { 359 $SESSION->wantsurl = qualified_me(); 360 redirect(get_login_url()); 361 } 362 363 $info = get_exception_info($ex); 364 365 // If we already tried to send the header remove it, the content length 366 // should be either empty or the length of the error page. 367 @header_remove('Content-Length'); 368 369 if (is_early_init($info->backtrace)) { 370 echo bootstrap_renderer::early_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo, $info->errorcode); 371 } else { 372 if (debugging('', DEBUG_MINIMAL)) { 373 $logerrmsg = "Default exception handler: ".$info->message.' Debug: '.$info->debuginfo."\n".format_backtrace($info->backtrace, true); 374 error_log($logerrmsg); 375 } 376 377 try { 378 if ($DB) { 379 // If you enable db debugging and exception is thrown, the print footer prints a lot of rubbish 380 $DB->set_debug(0); 381 } 382 if (AJAX_SCRIPT) { 383 // If we are in an AJAX script we don't want to use PREFERRED_RENDERER_TARGET. 384 // Because we know we will want to use ajax format. 385 $renderer = new core_renderer_ajax($PAGE, 'ajax'); 386 } else { 387 $renderer = $OUTPUT; 388 } 389 echo $renderer->fatal_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo, 390 $info->errorcode); 391 } catch (Exception $e) { 392 $out_ex = $e; 393 } catch (Throwable $e) { 394 // Engine errors in PHP7 throw exceptions of type Throwable (this "catch" will be ignored in PHP5). 395 $out_ex = $e; 396 } 397 398 if (isset($out_ex)) { 399 // default exception handler MUST not throw any exceptions!! 400 // the problem here is we do not know if page already started or not, we only know that somebody messed up in outputlib or theme 401 // so we just print at least something instead of "Exception thrown without a stack frame in Unknown on line 0":-( 402 if (CLI_SCRIPT or AJAX_SCRIPT) { 403 // just ignore the error and send something back using the safest method 404 echo bootstrap_renderer::early_error($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo, $info->errorcode); 405 } else { 406 echo bootstrap_renderer::early_error_content($info->message, $info->moreinfourl, $info->link, $info->backtrace, $info->debuginfo); 407 $outinfo = get_exception_info($out_ex); 408 echo bootstrap_renderer::early_error_content($outinfo->message, $outinfo->moreinfourl, $outinfo->link, $outinfo->backtrace, $outinfo->debuginfo); 409 } 410 } 411 } 412 413 exit(1); // General error code 414 } 415 416 /** 417 * Default error handler, prevents some white screens. 418 * @param int $errno 419 * @param string $errstr 420 * @param string $errfile 421 * @param int $errline 422 * @return bool false means use default error handler 423 */ 424 function default_error_handler($errno, $errstr, $errfile, $errline) { 425 if ($errno == 4096) { 426 //fatal catchable error 427 throw new coding_exception('PHP catchable fatal error', $errstr); 428 } 429 return false; 430 } 431 432 /** 433 * Unconditionally abort all database transactions, this function 434 * should be called from exception handlers only. 435 * @return void 436 */ 437 function abort_all_db_transactions() { 438 global $CFG, $DB, $SCRIPT; 439 440 // default exception handler MUST not throw any exceptions!! 441 442 if ($DB && $DB->is_transaction_started()) { 443 error_log('Database transaction aborted automatically in ' . $CFG->dirroot . $SCRIPT); 444 // note: transaction blocks should never change current $_SESSION 445 $DB->force_transaction_rollback(); 446 } 447 } 448 449 /** 450 * This function encapsulates the tests for whether an exception was thrown in 451 * early init -- either during setup.php or during init of $OUTPUT. 452 * 453 * If another exception is thrown then, and if we do not take special measures, 454 * we would just get a very cryptic message "Exception thrown without a stack 455 * frame in Unknown on line 0". That makes debugging very hard, so we do take 456 * special measures in default_exception_handler, with the help of this function. 457 * 458 * @param array $backtrace the stack trace to analyse. 459 * @return boolean whether the stack trace is somewhere in output initialisation. 460 */ 461 function is_early_init($backtrace) { 462 $dangerouscode = array( 463 array('function' => 'header', 'type' => '->'), 464 array('class' => 'bootstrap_renderer'), 465 array('file' => __DIR__.'/setup.php'), 466 ); 467 foreach ($backtrace as $stackframe) { 468 foreach ($dangerouscode as $pattern) { 469 $matches = true; 470 foreach ($pattern as $property => $value) { 471 if (!isset($stackframe[$property]) || $stackframe[$property] != $value) { 472 $matches = false; 473 } 474 } 475 if ($matches) { 476 return true; 477 } 478 } 479 } 480 return false; 481 } 482 483 /** 484 * Returns detailed information about specified exception. 485 * 486 * @param Throwable $ex any sort of exception or throwable. 487 * @return stdClass standardised info to display. Fields are clear if you look at the end of this function. 488 */ 489 function get_exception_info($ex): stdClass { 490 global $CFG; 491 492 if ($ex instanceof moodle_exception) { 493 $errorcode = $ex->errorcode; 494 $module = $ex->module; 495 $a = $ex->a; 496 $link = $ex->link; 497 $debuginfo = $ex->debuginfo; 498 } else { 499 $errorcode = 'generalexceptionmessage'; 500 $module = 'error'; 501 $a = $ex->getMessage(); 502 $link = ''; 503 $debuginfo = ''; 504 } 505 506 // Append the error code to the debug info to make grepping and googling easier 507 $debuginfo .= PHP_EOL."Error code: $errorcode"; 508 509 $backtrace = $ex->getTrace(); 510 $place = array('file'=>$ex->getFile(), 'line'=>$ex->getLine(), 'exception'=>get_class($ex)); 511 array_unshift($backtrace, $place); 512 513 // Be careful, no guarantee moodlelib.php is loaded. 514 if (empty($module) || $module == 'moodle' || $module == 'core') { 515 $module = 'error'; 516 } 517 // Search for the $errorcode's associated string 518 // If not found, append the contents of $a to $debuginfo so helpful information isn't lost 519 if (function_exists('get_string_manager')) { 520 if (get_string_manager()->string_exists($errorcode, $module)) { 521 $message = get_string($errorcode, $module, $a); 522 } elseif ($module == 'error' && get_string_manager()->string_exists($errorcode, 'moodle')) { 523 // Search in moodle file if error specified - needed for backwards compatibility 524 $message = get_string($errorcode, 'moodle', $a); 525 } else { 526 $message = $module . '/' . $errorcode; 527 $debuginfo .= PHP_EOL.'$a contents: '.print_r($a, true); 528 } 529 } else { 530 $message = $module . '/' . $errorcode; 531 $debuginfo .= PHP_EOL.'$a contents: '.print_r($a, true); 532 } 533 534 // Remove some absolute paths from message and debugging info. 535 $searches = array(); 536 $replaces = array(); 537 $cfgnames = array('backuptempdir', 'tempdir', 'cachedir', 'localcachedir', 'themedir', 'dataroot', 'dirroot'); 538 foreach ($cfgnames as $cfgname) { 539 if (property_exists($CFG, $cfgname)) { 540 $searches[] = $CFG->$cfgname; 541 $replaces[] = "[$cfgname]"; 542 } 543 } 544 if (!empty($searches)) { 545 $message = str_replace($searches, $replaces, $message); 546 $debuginfo = str_replace($searches, $replaces, $debuginfo); 547 } 548 549 // Be careful, no guarantee weblib.php is loaded. 550 if (function_exists('clean_text')) { 551 $message = clean_text($message); 552 } else { 553 $message = htmlspecialchars($message, ENT_COMPAT); 554 } 555 556 if (!empty($CFG->errordocroot)) { 557 $errordoclink = $CFG->errordocroot . '/en/'; 558 } else { 559 // Only if the function is available. May be not for early errors. 560 if (function_exists('current_language')) { 561 $errordoclink = get_docs_url(); 562 } else { 563 $errordoclink = 'https://docs.moodle.org/en/'; 564 } 565 } 566 567 if ($module === 'error') { 568 $modulelink = 'moodle'; 569 } else { 570 $modulelink = $module; 571 } 572 $moreinfourl = $errordoclink . 'error/' . $modulelink . '/' . $errorcode; 573 574 if (empty($link)) { 575 $link = get_local_referer(false) ?: ($CFG->wwwroot . '/'); 576 } 577 578 // When printing an error the continue button should never link offsite. 579 // We cannot use clean_param() here as it is not guaranteed that it has been loaded yet. 580 if (stripos($link, $CFG->wwwroot) === 0) { 581 // Internal HTTP, all good. 582 } else { 583 // External link spotted! 584 $link = $CFG->wwwroot . '/'; 585 } 586 587 $info = new stdClass(); 588 $info->message = $message; 589 $info->errorcode = $errorcode; 590 $info->backtrace = $backtrace; 591 $info->link = $link; 592 $info->moreinfourl = $moreinfourl; 593 $info->a = $a; 594 $info->debuginfo = $debuginfo; 595 596 return $info; 597 } 598 599 /** 600 * @deprecated since Moodle 3.8 MDL-61038 - please do not use this function any more. 601 * @see \core\uuid::generate() 602 */ 603 function generate_uuid() { 604 throw new coding_exception('generate_uuid() cannot be used anymore. Please use ' . 605 '\core\uuid::generate() instead.'); 606 } 607 608 /** 609 * Returns the Moodle Docs URL in the users language for a given 'More help' link. 610 * 611 * There are three cases: 612 * 613 * 1. In the normal case, $path will be a short relative path 'component/thing', 614 * like 'mod/folder/view' 'group/import'. This gets turned into an link to 615 * MoodleDocs in the user's language, and for the appropriate Moodle version. 616 * E.g. 'group/import' may become 'http://docs.moodle.org/2x/en/group/import'. 617 * The 'http://docs.moodle.org' bit comes from $CFG->docroot. 618 * 619 * This is the only option that should be used in standard Moodle code. The other 620 * two options have been implemented because they are useful for third-party plugins. 621 * 622 * 2. $path may be an absolute URL, starting http:// or https://. In this case, 623 * the link is used as is. 624 * 625 * 3. $path may start %%WWWROOT%%, in which case that is replaced by 626 * $CFG->wwwroot to make the link. 627 * 628 * @param string $path the place to link to. See above for details. 629 * @return string The MoodleDocs URL in the user's language. for example @link http://docs.moodle.org/2x/en/$path} 630 */ 631 function get_docs_url($path = null) { 632 global $CFG; 633 if ($path === null) { 634 $path = ''; 635 } 636 637 $path = $path ?? ''; 638 // Absolute URLs are used unmodified. 639 if (substr($path, 0, 7) === 'http://' || substr($path, 0, 8) === 'https://') { 640 return $path; 641 } 642 643 // Paths starting %%WWWROOT%% have that replaced by $CFG->wwwroot. 644 if (substr($path, 0, 11) === '%%WWWROOT%%') { 645 return $CFG->wwwroot . substr($path, 11); 646 } 647 648 // Otherwise we do the normal case, and construct a MoodleDocs URL relative to $CFG->docroot. 649 650 // Check that $CFG->branch has been set up, during installation it won't be. 651 if (empty($CFG->branch)) { 652 // It's not there yet so look at version.php. 653 include($CFG->dirroot.'/version.php'); 654 } else { 655 // We can use $CFG->branch and avoid having to include version.php. 656 $branch = $CFG->branch; 657 } 658 // ensure branch is valid. 659 if (!$branch) { 660 // We should never get here but in case we do lets set $branch to . 661 // the smart one's will know that this is the current directory 662 // and the smarter ones will know that there is some smart matching 663 // that will ensure people end up at the latest version of the docs. 664 $branch = '.'; 665 } 666 if (empty($CFG->doclang)) { 667 $lang = current_language(); 668 } else { 669 $lang = $CFG->doclang; 670 } 671 $end = '/' . $branch . '/' . $lang . '/' . $path; 672 if (empty($CFG->docroot)) { 673 return 'http://docs.moodle.org'. $end; 674 } else { 675 return $CFG->docroot . $end ; 676 } 677 } 678 679 /** 680 * Formats a backtrace ready for output. 681 * 682 * This function does not include function arguments because they could contain sensitive information 683 * not suitable to be exposed in a response. 684 * 685 * @param array $callers backtrace array, as returned by debug_backtrace(). 686 * @param boolean $plaintext if false, generates HTML, if true generates plain text. 687 * @return string formatted backtrace, ready for output. 688 */ 689 function format_backtrace($callers, $plaintext = false) { 690 // do not use $CFG->dirroot because it might not be available in destructors 691 $dirroot = dirname(__DIR__); 692 693 if (empty($callers)) { 694 return ''; 695 } 696 697 $from = $plaintext ? '' : '<ul style="text-align: left" data-rel="backtrace">'; 698 foreach ($callers as $caller) { 699 if (!isset($caller['line'])) { 700 $caller['line'] = '?'; // probably call_user_func() 701 } 702 if (!isset($caller['file'])) { 703 $caller['file'] = 'unknownfile'; // probably call_user_func() 704 } 705 $line = $plaintext ? '* ' : '<li>'; 706 $line .= 'line ' . $caller['line'] . ' of ' . str_replace($dirroot, '', $caller['file']); 707 if (isset($caller['function'])) { 708 $line .= ': call to '; 709 if (isset($caller['class'])) { 710 $line .= $caller['class'] . $caller['type']; 711 } 712 $line .= $caller['function'] . '()'; 713 } else if (isset($caller['exception'])) { 714 $line .= ': '.$caller['exception'].' thrown'; 715 } 716 717 // Remove any non printable chars. 718 $line = preg_replace('/[[:^print:]]/', '', $line); 719 720 $line .= $plaintext ? "\n" : '</li>'; 721 $from .= $line; 722 } 723 $from .= $plaintext ? '' : '</ul>'; 724 725 return $from; 726 } 727 728 /** 729 * This function makes the return value of ini_get consistent if you are 730 * setting server directives through the .htaccess file in apache. 731 * 732 * Current behavior for value set from php.ini On = 1, Off = [blank] 733 * Current behavior for value set from .htaccess On = On, Off = Off 734 * Contributed by jdell @ unr.edu 735 * 736 * @param string $ini_get_arg The argument to get 737 * @return bool True for on false for not 738 */ 739 function ini_get_bool($ini_get_arg) { 740 $temp = ini_get($ini_get_arg); 741 742 if ($temp == '1' or strtolower($temp) == 'on') { 743 return true; 744 } 745 return false; 746 } 747 748 /** 749 * This function verifies the sanity of PHP configuration 750 * and stops execution if anything critical found. 751 */ 752 function setup_validate_php_configuration() { 753 // this must be very fast - no slow checks here!!! 754 755 if (ini_get_bool('session.auto_start')) { 756 throw new \moodle_exception('sessionautostartwarning', 'admin'); 757 } 758 } 759 760 /** 761 * Initialise global $CFG variable. 762 * @private to be used only from lib/setup.php 763 */ 764 function initialise_cfg() { 765 global $CFG, $DB; 766 767 if (!$DB) { 768 // This should not happen. 769 return; 770 } 771 772 try { 773 $localcfg = get_config('core'); 774 } catch (dml_exception $e) { 775 // Most probably empty db, going to install soon. 776 return; 777 } 778 779 foreach ($localcfg as $name => $value) { 780 // Note that get_config() keeps forced settings 781 // and normalises values to string if possible. 782 $CFG->{$name} = $value; 783 } 784 } 785 786 /** 787 * Cache any immutable config locally to avoid constant DB lookups. 788 * 789 * Only to be used only from lib/setup.php 790 */ 791 function initialise_local_config_cache() { 792 global $CFG; 793 794 $bootstrapcachefile = $CFG->localcachedir . '/bootstrap.php'; 795 796 if (!empty($CFG->siteidentifier) && !file_exists($bootstrapcachefile)) { 797 $contents = "<?php 798 // ********** This file is generated DO NOT EDIT ********** 799 \$CFG->siteidentifier = " . var_export($CFG->siteidentifier, true) . "; 800 \$CFG->bootstraphash = " . var_export(hash_local_config_cache(), true) . "; 801 // Only if the file is not stale and has not been defined. 802 if (\$CFG->bootstraphash === hash_local_config_cache() && !defined('SYSCONTEXTID')) { 803 define('SYSCONTEXTID', ".SYSCONTEXTID."); 804 } 805 "; 806 807 $temp = $bootstrapcachefile . '.tmp' . uniqid(); 808 file_put_contents($temp, $contents); 809 @chmod($temp, $CFG->filepermissions); 810 rename($temp, $bootstrapcachefile); 811 } 812 } 813 814 /** 815 * Calculate a proper hash to be able to invalidate stale cached configs. 816 * 817 * Only to be used to verify bootstrap.php status. 818 * 819 * @return string md5 hash of all the sensible bits deciding if cached config is stale or no. 820 */ 821 function hash_local_config_cache() { 822 global $CFG; 823 824 // This is pretty much {@see moodle_database::get_settings_hash()} that is used 825 // as identifier for the database meta information MUC cache. Should be enough to 826 // react against any of the normal changes (new prefix, change of DB type) while 827 // *incorrectly* keeping the old dataroot directory unmodified with stale data. 828 // This may need more stuff to be considered if it's discovered that there are 829 // more variables making the file stale. 830 return md5($CFG->dbtype . $CFG->dbhost . $CFG->dbuser . $CFG->dbname . $CFG->prefix); 831 } 832 833 /** 834 * Initialises $FULLME and friends. Private function. Should only be called from 835 * setup.php. 836 */ 837 function initialise_fullme() { 838 global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT; 839 840 // Detect common config error. 841 if (substr($CFG->wwwroot, -1) == '/') { 842 throw new \moodle_exception('wwwrootslash', 'error'); 843 } 844 845 if (CLI_SCRIPT) { 846 initialise_fullme_cli(); 847 return; 848 } 849 if (!empty($CFG->overridetossl)) { 850 if (strpos($CFG->wwwroot, 'http://') === 0) { 851 $CFG->wwwroot = str_replace('http:', 'https:', $CFG->wwwroot); 852 } else { 853 unset_config('overridetossl'); 854 } 855 } 856 857 $rurl = setup_get_remote_url(); 858 $wwwroot = parse_url($CFG->wwwroot.'/'); 859 860 if (empty($rurl['host'])) { 861 // missing host in request header, probably not a real browser, let's ignore them 862 863 } else if (!empty($CFG->reverseproxy)) { 864 // $CFG->reverseproxy specifies if reverse proxy server used 865 // Used in load balancing scenarios. 866 // Do not abuse this to try to solve lan/wan access problems!!!!! 867 868 } else { 869 if (($rurl['host'] !== $wwwroot['host']) or 870 (!empty($wwwroot['port']) and $rurl['port'] != $wwwroot['port']) or 871 (strpos($rurl['path'], $wwwroot['path']) !== 0)) { 872 873 // Explain the problem and redirect them to the right URL 874 if (!defined('NO_MOODLE_COOKIES')) { 875 define('NO_MOODLE_COOKIES', true); 876 } 877 // The login/token.php script should call the correct url/port. 878 if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS) { 879 $wwwrootport = empty($wwwroot['port'])?'':$wwwroot['port']; 880 $calledurl = $rurl['host']; 881 if (!empty($rurl['port'])) { 882 $calledurl .= ':'. $rurl['port']; 883 } 884 $correcturl = $wwwroot['host']; 885 if (!empty($wwwrootport)) { 886 $correcturl .= ':'. $wwwrootport; 887 } 888 throw new moodle_exception('requirecorrectaccess', 'error', '', null, 889 'You called ' . $calledurl .', you should have called ' . $correcturl); 890 } 891 redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3); 892 } 893 } 894 895 // Check that URL is under $CFG->wwwroot. 896 if (strpos($rurl['path'], $wwwroot['path']) === 0) { 897 $SCRIPT = substr($rurl['path'], strlen($wwwroot['path'])-1); 898 } else { 899 // Probably some weird external script 900 $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null; 901 return; 902 } 903 904 // $CFG->sslproxy specifies if external SSL appliance is used 905 // (That is, the Moodle server uses http, with an external box translating everything to https). 906 if (empty($CFG->sslproxy)) { 907 if ($rurl['scheme'] === 'http' and $wwwroot['scheme'] === 'https') { 908 if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS) { 909 throw new \moodle_exception('sslonlyaccess', 'error'); 910 } else { 911 redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3); 912 } 913 } 914 } else { 915 if ($wwwroot['scheme'] !== 'https') { 916 throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!'); 917 } 918 $rurl['scheme'] = 'https'; // make moodle believe it runs on https, squid or something else it doing it 919 $_SERVER['HTTPS'] = 'on'; // Override $_SERVER to help external libraries with their HTTPS detection. 920 $_SERVER['SERVER_PORT'] = 443; // Assume default ssl port for the proxy. 921 } 922 923 // Using Moodle in "reverse proxy" mode, it's expected that the HTTP Host Moodle receives is different 924 // from the wwwroot configured host. Those URLs being identical could be the consequence of various 925 // issues, including: 926 // - Intentionally trying to set up moodle with 2 distinct addresses for intranet and Internet: this 927 // configuration is unsupported and will lead to bigger problems down the road (the proper solution 928 // for this is adjusting the network routes, and avoid relying on the application for network concerns). 929 // - Misconfiguration of the reverse proxy that would be forwarding the Host header: while it is 930 // standard in many cases that the reverse proxy would do that, in our case, the reverse proxy 931 // must leave the Host header pointing to the internal name of the server. 932 // Port forwarding is allowed, though. 933 if (!empty($CFG->reverseproxy) && $rurl['host'] === $wwwroot['host'] && (empty($wwwroot['port']) || $rurl['port'] === $wwwroot['port'])) { 934 throw new \moodle_exception('reverseproxyabused', 'error'); 935 } 936 937 $hostandport = $rurl['scheme'] . '://' . $wwwroot['host']; 938 if (!empty($wwwroot['port'])) { 939 $hostandport .= ':'.$wwwroot['port']; 940 } 941 942 $FULLSCRIPT = $hostandport . $rurl['path']; 943 $FULLME = $hostandport . $rurl['fullpath']; 944 $ME = $rurl['fullpath']; 945 } 946 947 /** 948 * Initialises $FULLME and friends for command line scripts. 949 * This is a private method for use by initialise_fullme. 950 */ 951 function initialise_fullme_cli() { 952 global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT; 953 954 // Urls do not make much sense in CLI scripts 955 $backtrace = debug_backtrace(); 956 $topfile = array_pop($backtrace); 957 $topfile = realpath($topfile['file']); 958 $dirroot = realpath($CFG->dirroot); 959 960 if (strpos($topfile, $dirroot) !== 0) { 961 // Probably some weird external script 962 $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null; 963 } else { 964 $relativefile = substr($topfile, strlen($dirroot)); 965 $relativefile = str_replace('\\', '/', $relativefile); // Win fix 966 $SCRIPT = $FULLSCRIPT = $relativefile; 967 $FULLME = $ME = null; 968 } 969 } 970 971 /** 972 * Get the URL that PHP/the web server thinks it is serving. Private function 973 * used by initialise_fullme. In your code, use $PAGE->url, $SCRIPT, etc. 974 * @return array in the same format that parse_url returns, with the addition of 975 * a 'fullpath' element, which includes any slasharguments path. 976 */ 977 function setup_get_remote_url() { 978 $rurl = array(); 979 if (isset($_SERVER['HTTP_HOST'])) { 980 list($rurl['host']) = explode(':', $_SERVER['HTTP_HOST']); 981 } else { 982 $rurl['host'] = null; 983 } 984 $rurl['port'] = (int)$_SERVER['SERVER_PORT']; 985 $rurl['path'] = $_SERVER['SCRIPT_NAME']; // Script path without slash arguments 986 $rurl['scheme'] = (empty($_SERVER['HTTPS']) or $_SERVER['HTTPS'] === 'off' or $_SERVER['HTTPS'] === 'Off' or $_SERVER['HTTPS'] === 'OFF') ? 'http' : 'https'; 987 988 if (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false) { 989 //Apache server 990 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; 991 992 // Fixing a known issue with: 993 // - Apache versions lesser than 2.4.11 994 // - PHP deployed in Apache as PHP-FPM via mod_proxy_fcgi 995 // - PHP versions lesser than 5.6.3 and 5.5.18. 996 if (isset($_SERVER['PATH_INFO']) && (php_sapi_name() === 'fpm-fcgi') && isset($_SERVER['SCRIPT_NAME'])) { 997 $pathinfodec = rawurldecode($_SERVER['PATH_INFO']); 998 $lenneedle = strlen($pathinfodec); 999 // Checks whether SCRIPT_NAME ends with PATH_INFO, URL-decoded. 1000 if (substr($_SERVER['SCRIPT_NAME'], -$lenneedle) === $pathinfodec) { 1001 // This is the "Apache 2.4.10- running PHP-FPM via mod_proxy_fcgi" fingerprint, 1002 // at least on CentOS 7 (Apache/2.4.6 PHP/5.4.16) and Ubuntu 14.04 (Apache/2.4.7 PHP/5.5.9) 1003 // => SCRIPT_NAME contains 'slash arguments' data too, which is wrongly exposed via PATH_INFO as URL-encoded. 1004 // Fix both $_SERVER['PATH_INFO'] and $_SERVER['SCRIPT_NAME']. 1005 $lenhaystack = strlen($_SERVER['SCRIPT_NAME']); 1006 $pos = $lenhaystack - $lenneedle; 1007 // Here $pos is greater than 0 but let's double check it. 1008 if ($pos > 0) { 1009 $_SERVER['PATH_INFO'] = $pathinfodec; 1010 $_SERVER['SCRIPT_NAME'] = substr($_SERVER['SCRIPT_NAME'], 0, $pos); 1011 } 1012 } 1013 } 1014 1015 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'iis') !== false) { 1016 //IIS - needs a lot of tweaking to make it work 1017 $rurl['fullpath'] = $_SERVER['SCRIPT_NAME']; 1018 1019 // NOTE: we should ignore PATH_INFO because it is incorrectly encoded using 8bit filesystem legacy encoding in IIS. 1020 // Since 2.0, we rely on IIS rewrite extensions like Helicon ISAPI_rewrite 1021 // example rule: RewriteRule ^([^\?]+?\.php)(\/.+)$ $1\?file=$2 [QSA] 1022 // OR 1023 // we rely on a proper IIS 6.0+ configuration: the 'FastCGIUtf8ServerVariables' registry key. 1024 if (isset($_SERVER['PATH_INFO']) and $_SERVER['PATH_INFO'] !== '') { 1025 // Check that PATH_INFO works == must not contain the script name. 1026 if (strpos($_SERVER['PATH_INFO'], $_SERVER['SCRIPT_NAME']) === false) { 1027 $rurl['fullpath'] .= clean_param(urldecode($_SERVER['PATH_INFO']), PARAM_PATH); 1028 } 1029 } 1030 1031 if (isset($_SERVER['QUERY_STRING']) and $_SERVER['QUERY_STRING'] !== '') { 1032 $rurl['fullpath'] .= '?'.$_SERVER['QUERY_STRING']; 1033 } 1034 $_SERVER['REQUEST_URI'] = $rurl['fullpath']; // extra IIS compatibility 1035 1036 /* NOTE: following servers are not fully tested! */ 1037 1038 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) { 1039 //lighttpd - not officially supported 1040 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1041 1042 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false) { 1043 //nginx - not officially supported 1044 if (!isset($_SERVER['SCRIPT_NAME'])) { 1045 die('Invalid server configuration detected, please try to add "fastcgi_param SCRIPT_NAME $fastcgi_script_name;" to the nginx server configuration.'); 1046 } 1047 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1048 1049 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'cherokee') !== false) { 1050 //cherokee - not officially supported 1051 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1052 1053 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'zeus') !== false) { 1054 //zeus - not officially supported 1055 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1056 1057 } else if (stripos($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) { 1058 //LiteSpeed - not officially supported 1059 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1060 1061 } else if ($_SERVER['SERVER_SOFTWARE'] === 'HTTPD') { 1062 //obscure name found on some servers - this is definitely not supported 1063 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; // TODO: verify this is always properly encoded 1064 1065 } else if (strpos($_SERVER['SERVER_SOFTWARE'], 'PHP') === 0) { 1066 // built-in PHP Development Server 1067 $rurl['fullpath'] = $_SERVER['REQUEST_URI']; 1068 1069 } else { 1070 throw new moodle_exception('unsupportedwebserver', 'error', '', $_SERVER['SERVER_SOFTWARE']); 1071 } 1072 1073 // sanitize the url a bit more, the encoding style may be different in vars above 1074 $rurl['fullpath'] = str_replace('"', '%22', $rurl['fullpath']); 1075 $rurl['fullpath'] = str_replace('\'', '%27', $rurl['fullpath']); 1076 1077 return $rurl; 1078 } 1079 1080 /** 1081 * Try to work around the 'max_input_vars' restriction if necessary. 1082 */ 1083 function workaround_max_input_vars() { 1084 // Make sure this gets executed only once from lib/setup.php! 1085 static $executed = false; 1086 if ($executed) { 1087 debugging('workaround_max_input_vars() must be called only once!'); 1088 return; 1089 } 1090 $executed = true; 1091 1092 if (!isset($_SERVER["CONTENT_TYPE"]) or strpos($_SERVER["CONTENT_TYPE"], 'multipart/form-data') !== false) { 1093 // Not a post or 'multipart/form-data' which is not compatible with "php://input" reading. 1094 return; 1095 } 1096 1097 if (!isloggedin() or isguestuser()) { 1098 // Only real users post huge forms. 1099 return; 1100 } 1101 1102 $max = (int)ini_get('max_input_vars'); 1103 1104 if ($max <= 0) { 1105 // Most probably PHP < 5.3.9 that does not implement this limit. 1106 return; 1107 } 1108 1109 if ($max >= 200000) { 1110 // This value should be ok for all our forms, by setting it in php.ini 1111 // admins may prevent any unexpected regressions caused by this hack. 1112 1113 // Note there is no need to worry about DDoS caused by making this limit very high 1114 // because there are very many easier ways to DDoS any Moodle server. 1115 return; 1116 } 1117 1118 // Worst case is advanced checkboxes which use up to two max_input_vars 1119 // slots for each entry in $_POST, because of sending two fields with the 1120 // same name. So count everything twice just in case. 1121 if (count($_POST, COUNT_RECURSIVE) * 2 < $max) { 1122 return; 1123 } 1124 1125 // Large POST request with enctype supported by php://input. 1126 // Parse php://input in chunks to bypass max_input_vars limit, which also applies to parse_str(). 1127 $str = file_get_contents("php://input"); 1128 if ($str === false or $str === '') { 1129 // Some weird error. 1130 return; 1131 } 1132 1133 $delim = '&'; 1134 $fun = function($p) use ($delim) { 1135 return implode($delim, $p); 1136 }; 1137 $chunks = array_map($fun, array_chunk(explode($delim, $str), $max)); 1138 1139 // Clear everything from existing $_POST array, otherwise it might be included 1140 // twice (this affects array params primarily). 1141 foreach ($_POST as $key => $value) { 1142 unset($_POST[$key]); 1143 // Also clear from request array - but only the things that are in $_POST, 1144 // that way it will leave the things from a get request if any. 1145 unset($_REQUEST[$key]); 1146 } 1147 1148 foreach ($chunks as $chunk) { 1149 $values = array(); 1150 parse_str($chunk, $values); 1151 1152 merge_query_params($_POST, $values); 1153 merge_query_params($_REQUEST, $values); 1154 } 1155 } 1156 1157 /** 1158 * Merge parsed POST chunks. 1159 * 1160 * NOTE: this is not perfect, but it should work in most cases hopefully. 1161 * 1162 * @param array $target 1163 * @param array $values 1164 */ 1165 function merge_query_params(array &$target, array $values) { 1166 if (isset($values[0]) and isset($target[0])) { 1167 // This looks like a split [] array, lets verify the keys are continuous starting with 0. 1168 $keys1 = array_keys($values); 1169 $keys2 = array_keys($target); 1170 if ($keys1 === array_keys($keys1) and $keys2 === array_keys($keys2)) { 1171 foreach ($values as $v) { 1172 $target[] = $v; 1173 } 1174 return; 1175 } 1176 } 1177 foreach ($values as $k => $v) { 1178 if (!isset($target[$k])) { 1179 $target[$k] = $v; 1180 continue; 1181 } 1182 if (is_array($target[$k]) and is_array($v)) { 1183 merge_query_params($target[$k], $v); 1184 continue; 1185 } 1186 // We should not get here unless there are duplicates in params. 1187 $target[$k] = $v; 1188 } 1189 } 1190 1191 /** 1192 * Initializes our performance info early. 1193 * 1194 * Pairs up with get_performance_info() which is actually 1195 * in moodlelib.php. This function is here so that we can 1196 * call it before all the libs are pulled in. 1197 * 1198 * @uses $PERF 1199 */ 1200 function init_performance_info() { 1201 1202 global $PERF, $CFG, $USER; 1203 1204 $PERF = new stdClass(); 1205 if (function_exists('microtime')) { 1206 $PERF->starttime = microtime(); 1207 } 1208 if (function_exists('memory_get_usage')) { 1209 $PERF->startmemory = memory_get_usage(); 1210 } 1211 if (function_exists('posix_times')) { 1212 $PERF->startposixtimes = posix_times(); 1213 } 1214 } 1215 1216 /** 1217 * Indicates whether we are in the middle of the initial Moodle install. 1218 * 1219 * Very occasionally it is necessary avoid running certain bits of code before the 1220 * Moodle installation has completed. The installed flag is set in admin/index.php 1221 * after Moodle core and all the plugins have been installed, but just before 1222 * the person doing the initial install is asked to choose the admin password. 1223 * 1224 * @return boolean true if the initial install is not complete. 1225 */ 1226 function during_initial_install() { 1227 global $CFG; 1228 return empty($CFG->rolesactive); 1229 } 1230 1231 /** 1232 * Function to raise the memory limit to a new value. 1233 * Will respect the memory limit if it is higher, thus allowing 1234 * settings in php.ini, apache conf or command line switches 1235 * to override it. 1236 * 1237 * The memory limit should be expressed with a constant 1238 * MEMORY_STANDARD, MEMORY_EXTRA or MEMORY_HUGE. 1239 * It is possible to use strings or integers too (eg:'128M'). 1240 * 1241 * @param mixed $newlimit the new memory limit 1242 * @return bool success 1243 */ 1244 function raise_memory_limit($newlimit) { 1245 global $CFG; 1246 1247 if ($newlimit == MEMORY_UNLIMITED) { 1248 ini_set('memory_limit', -1); 1249 return true; 1250 1251 } else if ($newlimit == MEMORY_STANDARD) { 1252 if (PHP_INT_SIZE > 4) { 1253 $newlimit = get_real_size('128M'); // 64bit needs more memory 1254 } else { 1255 $newlimit = get_real_size('96M'); 1256 } 1257 1258 } else if ($newlimit == MEMORY_EXTRA) { 1259 if (PHP_INT_SIZE > 4) { 1260 $newlimit = get_real_size('384M'); // 64bit needs more memory 1261 } else { 1262 $newlimit = get_real_size('256M'); 1263 } 1264 if (!empty($CFG->extramemorylimit)) { 1265 $extra = get_real_size($CFG->extramemorylimit); 1266 if ($extra > $newlimit) { 1267 $newlimit = $extra; 1268 } 1269 } 1270 1271 } else if ($newlimit == MEMORY_HUGE) { 1272 // MEMORY_HUGE uses 2G or MEMORY_EXTRA, whichever is bigger. 1273 $newlimit = get_real_size('2G'); 1274 if (!empty($CFG->extramemorylimit)) { 1275 $extra = get_real_size($CFG->extramemorylimit); 1276 if ($extra > $newlimit) { 1277 $newlimit = $extra; 1278 } 1279 } 1280 1281 } else { 1282 $newlimit = get_real_size($newlimit); 1283 } 1284 1285 if ($newlimit <= 0) { 1286 debugging('Invalid memory limit specified.'); 1287 return false; 1288 } 1289 1290 $cur = ini_get('memory_limit'); 1291 if (empty($cur)) { 1292 // if php is compiled without --enable-memory-limits 1293 // apparently memory_limit is set to '' 1294 $cur = 0; 1295 } else { 1296 if ($cur == -1){ 1297 return true; // unlimited mem! 1298 } 1299 $cur = get_real_size($cur); 1300 } 1301 1302 if ($newlimit > $cur) { 1303 ini_set('memory_limit', $newlimit); 1304 return true; 1305 } 1306 return false; 1307 } 1308 1309 /** 1310 * Function to reduce the memory limit to a new value. 1311 * Will respect the memory limit if it is lower, thus allowing 1312 * settings in php.ini, apache conf or command line switches 1313 * to override it 1314 * 1315 * The memory limit should be expressed with a string (eg:'64M') 1316 * 1317 * @param string $newlimit the new memory limit 1318 * @return bool 1319 */ 1320 function reduce_memory_limit($newlimit) { 1321 if (empty($newlimit)) { 1322 return false; 1323 } 1324 $cur = ini_get('memory_limit'); 1325 if (empty($cur)) { 1326 // if php is compiled without --enable-memory-limits 1327 // apparently memory_limit is set to '' 1328 $cur = 0; 1329 } else { 1330 if ($cur == -1){ 1331 return true; // unlimited mem! 1332 } 1333 $cur = get_real_size($cur); 1334 } 1335 1336 $new = get_real_size($newlimit); 1337 // -1 is smaller, but it means unlimited 1338 if ($new < $cur && $new != -1) { 1339 ini_set('memory_limit', $newlimit); 1340 return true; 1341 } 1342 return false; 1343 } 1344 1345 /** 1346 * Converts numbers like 10M into bytes. 1347 * 1348 * @param string $size The size to be converted 1349 * @return int 1350 */ 1351 function get_real_size($size = 0) { 1352 if (!$size) { 1353 return 0; 1354 } 1355 1356 static $binaryprefixes = array( 1357 'K' => 1024 ** 1, 1358 'k' => 1024 ** 1, 1359 'M' => 1024 ** 2, 1360 'm' => 1024 ** 2, 1361 'G' => 1024 ** 3, 1362 'g' => 1024 ** 3, 1363 'T' => 1024 ** 4, 1364 't' => 1024 ** 4, 1365 'P' => 1024 ** 5, 1366 'p' => 1024 ** 5, 1367 ); 1368 1369 if (preg_match('/^([0-9]+)([KMGTP])/i', $size, $matches)) { 1370 return $matches[1] * $binaryprefixes[$matches[2]]; 1371 } 1372 1373 return (int) $size; 1374 } 1375 1376 /** 1377 * Try to disable all output buffering and purge 1378 * all headers. 1379 * 1380 * @access private to be called only from lib/setup.php ! 1381 * @return void 1382 */ 1383 function disable_output_buffering() { 1384 $olddebug = error_reporting(0); 1385 1386 // disable compression, it would prevent closing of buffers 1387 if (ini_get_bool('zlib.output_compression')) { 1388 ini_set('zlib.output_compression', 'Off'); 1389 } 1390 1391 // try to flush everything all the time 1392 ob_implicit_flush(true); 1393 1394 // close all buffers if possible and discard any existing output 1395 // this can actually work around some whitespace problems in config.php 1396 while(ob_get_level()) { 1397 if (!ob_end_clean()) { 1398 // prevent infinite loop when buffer can not be closed 1399 break; 1400 } 1401 } 1402 1403 // disable any other output handlers 1404 ini_set('output_handler', ''); 1405 1406 error_reporting($olddebug); 1407 1408 // Disable buffering in nginx. 1409 header('X-Accel-Buffering: no'); 1410 1411 } 1412 1413 /** 1414 * Check whether a major upgrade is needed. 1415 * 1416 * That is defined as an upgrade that changes something really fundamental 1417 * in the database, so nothing can possibly work until the database has 1418 * been updated, and that is defined by the hard-coded version number in 1419 * this function. 1420 * 1421 * @return bool 1422 */ 1423 function is_major_upgrade_required() { 1424 global $CFG; 1425 $lastmajordbchanges = 2022101400.03; // This should be the version where the breaking changes happen. 1426 1427 $required = empty($CFG->version); 1428 $required = $required || (float)$CFG->version < $lastmajordbchanges; 1429 $required = $required || during_initial_install(); 1430 $required = $required || !empty($CFG->adminsetuppending); 1431 1432 return $required; 1433 } 1434 1435 /** 1436 * Redirect to the Notifications page if a major upgrade is required, and 1437 * terminate the current user session. 1438 */ 1439 function redirect_if_major_upgrade_required() { 1440 global $CFG; 1441 if (is_major_upgrade_required()) { 1442 try { 1443 @\core\session\manager::terminate_current(); 1444 } catch (Exception $e) { 1445 // Ignore any errors, redirect to upgrade anyway. 1446 } 1447 $url = $CFG->wwwroot . '/' . $CFG->admin . '/index.php'; 1448 @header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other'); 1449 @header('Location: ' . $url); 1450 echo bootstrap_renderer::plain_redirect_message(htmlspecialchars($url, ENT_COMPAT)); 1451 exit; 1452 } 1453 } 1454 1455 /** 1456 * Makes sure that upgrade process is not running 1457 * 1458 * To be inserted in the core functions that can not be called by pluigns during upgrade. 1459 * Core upgrade should not use any API functions at all. 1460 * See {@link https://moodledev.io/docs/guides/upgrade#upgrade-code-restrictions} 1461 * 1462 * @throws moodle_exception if executed from inside of upgrade script and $warningonly is false 1463 * @param bool $warningonly if true displays a warning instead of throwing an exception 1464 * @return bool true if executed from outside of upgrade process, false if from inside upgrade process and function is used for warning only 1465 */ 1466 function upgrade_ensure_not_running($warningonly = false) { 1467 global $CFG; 1468 if (!empty($CFG->upgraderunning)) { 1469 if (!$warningonly) { 1470 throw new moodle_exception('cannotexecduringupgrade'); 1471 } else { 1472 debugging(get_string('cannotexecduringupgrade', 'error'), DEBUG_DEVELOPER); 1473 return false; 1474 } 1475 } 1476 return true; 1477 } 1478 1479 /** 1480 * Function to check if a directory exists and by default create it if not exists. 1481 * 1482 * Previously this was accepting paths only from dataroot, but we now allow 1483 * files outside of dataroot if you supply custom paths for some settings in config.php. 1484 * This function does not verify that the directory is writable. 1485 * 1486 * NOTE: this function uses current file stat cache, 1487 * please use clearstatcache() before this if you expect that the 1488 * directories may have been removed recently from a different request. 1489 * 1490 * @param string $dir absolute directory path 1491 * @param boolean $create directory if does not exist 1492 * @param boolean $recursive create directory recursively 1493 * @return boolean true if directory exists or created, false otherwise 1494 */ 1495 function check_dir_exists($dir, $create = true, $recursive = true) { 1496 global $CFG; 1497 1498 umask($CFG->umaskpermissions); 1499 1500 if (is_dir($dir)) { 1501 return true; 1502 } 1503 1504 if (!$create) { 1505 return false; 1506 } 1507 1508 return mkdir($dir, $CFG->directorypermissions, $recursive); 1509 } 1510 1511 /** 1512 * Create a new unique directory within the specified directory. 1513 * 1514 * @param string $basedir The directory to create your new unique directory within. 1515 * @param bool $exceptiononerror throw exception if error encountered 1516 * @return string The created directory 1517 * @throws invalid_dataroot_permissions 1518 */ 1519 function make_unique_writable_directory($basedir, $exceptiononerror = true) { 1520 if (!is_dir($basedir) || !is_writable($basedir)) { 1521 // The basedir is not writable. We will not be able to create the child directory. 1522 if ($exceptiononerror) { 1523 throw new invalid_dataroot_permissions($basedir . ' is not writable. Unable to create a unique directory within it.'); 1524 } else { 1525 return false; 1526 } 1527 } 1528 1529 do { 1530 // Let's use uniqid() because it's "unique enough" (microtime based). The loop does handle repetitions. 1531 // Windows and old PHP don't like very long paths, so try to keep this shorter. See MDL-69975. 1532 $uniquedir = $basedir . DIRECTORY_SEPARATOR . uniqid(); 1533 } while ( 1534 // Ensure that basedir is still writable - if we do not check, we could get stuck in a loop here. 1535 is_writable($basedir) && 1536 1537 // Make the new unique directory. If the directory already exists, it will return false. 1538 !make_writable_directory($uniquedir, $exceptiononerror) && 1539 1540 // Ensure that the directory now exists 1541 file_exists($uniquedir) && is_dir($uniquedir) 1542 ); 1543 1544 // Check that the directory was correctly created. 1545 if (!file_exists($uniquedir) || !is_dir($uniquedir) || !is_writable($uniquedir)) { 1546 if ($exceptiononerror) { 1547 throw new invalid_dataroot_permissions('Unique directory creation failed.'); 1548 } else { 1549 return false; 1550 } 1551 } 1552 1553 return $uniquedir; 1554 } 1555 1556 /** 1557 * Create a directory and make sure it is writable. 1558 * 1559 * @private 1560 * @param string $dir the full path of the directory to be created 1561 * @param bool $exceptiononerror throw exception if error encountered 1562 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1563 */ 1564 function make_writable_directory($dir, $exceptiononerror = true) { 1565 global $CFG; 1566 1567 if (file_exists($dir) and !is_dir($dir)) { 1568 if ($exceptiononerror) { 1569 throw new coding_exception($dir.' directory can not be created, file with the same name already exists.'); 1570 } else { 1571 return false; 1572 } 1573 } 1574 1575 umask($CFG->umaskpermissions); 1576 1577 if (!file_exists($dir)) { 1578 if (!@mkdir($dir, $CFG->directorypermissions, true)) { 1579 clearstatcache(); 1580 // There might be a race condition when creating directory. 1581 if (!is_dir($dir)) { 1582 if ($exceptiononerror) { 1583 throw new invalid_dataroot_permissions($dir.' can not be created, check permissions.'); 1584 } else { 1585 debugging('Can not create directory: '.$dir, DEBUG_DEVELOPER); 1586 return false; 1587 } 1588 } 1589 } 1590 } 1591 1592 if (!is_writable($dir)) { 1593 if ($exceptiononerror) { 1594 throw new invalid_dataroot_permissions($dir.' is not writable, check permissions.'); 1595 } else { 1596 return false; 1597 } 1598 } 1599 1600 return $dir; 1601 } 1602 1603 /** 1604 * Protect a directory from web access. 1605 * Could be extended in the future to support other mechanisms (e.g. other webservers). 1606 * 1607 * @private 1608 * @param string $dir the full path of the directory to be protected 1609 */ 1610 function protect_directory($dir) { 1611 global $CFG; 1612 // Make sure a .htaccess file is here, JUST IN CASE the files area is in the open and .htaccess is supported 1613 if (!file_exists("$dir/.htaccess")) { 1614 if ($handle = fopen("$dir/.htaccess", 'w')) { // For safety 1615 @fwrite($handle, "deny from all\r\nAllowOverride None\r\nNote: this file is broken intentionally, we do not want anybody to undo it in subdirectory!\r\n"); 1616 @fclose($handle); 1617 @chmod("$dir/.htaccess", $CFG->filepermissions); 1618 } 1619 } 1620 } 1621 1622 /** 1623 * Create a directory under dataroot and make sure it is writable. 1624 * Do not use for temporary and cache files - see make_temp_directory() and make_cache_directory(). 1625 * 1626 * @param string $directory the full path of the directory to be created under $CFG->dataroot 1627 * @param bool $exceptiononerror throw exception if error encountered 1628 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1629 */ 1630 function make_upload_directory($directory, $exceptiononerror = true) { 1631 global $CFG; 1632 1633 if (strpos($directory, 'temp/') === 0 or $directory === 'temp') { 1634 debugging('Use make_temp_directory() for creation of temporary directory and $CFG->tempdir to get the location.'); 1635 1636 } else if (strpos($directory, 'cache/') === 0 or $directory === 'cache') { 1637 debugging('Use make_cache_directory() for creation of cache directory and $CFG->cachedir to get the location.'); 1638 1639 } else if (strpos($directory, 'localcache/') === 0 or $directory === 'localcache') { 1640 debugging('Use make_localcache_directory() for creation of local cache directory and $CFG->localcachedir to get the location.'); 1641 } 1642 1643 protect_directory($CFG->dataroot); 1644 return make_writable_directory("$CFG->dataroot/$directory", $exceptiononerror); 1645 } 1646 1647 /** 1648 * Get a per-request storage directory in the tempdir. 1649 * 1650 * The directory is automatically cleaned up during the shutdown handler. 1651 * 1652 * @param bool $exceptiononerror throw exception if error encountered 1653 * @param bool $forcecreate Force creation of a new parent directory 1654 * @return string Returns full path to directory if successful, false if not; may throw exception 1655 */ 1656 function get_request_storage_directory($exceptiononerror = true, bool $forcecreate = false) { 1657 global $CFG; 1658 1659 static $requestdir = null; 1660 1661 $writabledirectoryexists = (null !== $requestdir); 1662 $writabledirectoryexists = $writabledirectoryexists && file_exists($requestdir); 1663 $writabledirectoryexists = $writabledirectoryexists && is_dir($requestdir); 1664 $writabledirectoryexists = $writabledirectoryexists && is_writable($requestdir); 1665 $createnewdirectory = $forcecreate || !$writabledirectoryexists; 1666 1667 if ($createnewdirectory) { 1668 1669 // Let's add the first chars of siteidentifier only. This is to help separate 1670 // paths on systems which host multiple moodles. We don't use the full id 1671 // as Windows and old PHP don't like very long paths. See MDL-69975. 1672 $basedir = $CFG->localrequestdir . '/' . substr($CFG->siteidentifier, 0, 4); 1673 1674 make_writable_directory($basedir); 1675 protect_directory($basedir); 1676 1677 if ($dir = make_unique_writable_directory($basedir, $exceptiononerror)) { 1678 // Register a shutdown handler to remove the directory. 1679 \core_shutdown_manager::register_function('remove_dir', [$dir]); 1680 } 1681 1682 $requestdir = $dir; 1683 } 1684 1685 return $requestdir; 1686 } 1687 1688 /** 1689 * Create a per-request directory and make sure it is writable. 1690 * This can only be used during the current request and will be tidied away 1691 * automatically afterwards. 1692 * 1693 * A new, unique directory is always created within a shared base request directory. 1694 * 1695 * In some exceptional cases an alternative base directory may be required. This can be accomplished using the 1696 * $forcecreate parameter. Typically this will only be requried where the file may be required during a shutdown handler 1697 * which may or may not be registered after a previous request directory has been created. 1698 * 1699 * @param bool $exceptiononerror throw exception if error encountered 1700 * @param bool $forcecreate Force creation of a new parent directory 1701 * @return string The full path to directory if successful, false if not; may throw exception 1702 */ 1703 function make_request_directory(bool $exceptiononerror = true, bool $forcecreate = false) { 1704 $basedir = get_request_storage_directory($exceptiononerror, $forcecreate); 1705 return make_unique_writable_directory($basedir, $exceptiononerror); 1706 } 1707 1708 /** 1709 * Get the full path of a directory under $CFG->backuptempdir. 1710 * 1711 * @param string $directory the relative path of the directory under $CFG->backuptempdir 1712 * @return string|false Returns full path to directory given a valid string; otherwise, false. 1713 */ 1714 function get_backup_temp_directory($directory) { 1715 global $CFG; 1716 if (($directory === null) || ($directory === false)) { 1717 return false; 1718 } 1719 return "$CFG->backuptempdir/$directory"; 1720 } 1721 1722 /** 1723 * Create a directory under $CFG->backuptempdir and make sure it is writable. 1724 * 1725 * Do not use for storing generic temp files - see make_temp_directory() instead for this purpose. 1726 * 1727 * Backup temporary files must be on a shared storage. 1728 * 1729 * @param string $directory the relative path of the directory to be created under $CFG->backuptempdir 1730 * @param bool $exceptiononerror throw exception if error encountered 1731 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1732 */ 1733 function make_backup_temp_directory($directory, $exceptiononerror = true) { 1734 global $CFG; 1735 if ($CFG->backuptempdir !== "$CFG->tempdir/backup") { 1736 check_dir_exists($CFG->backuptempdir, true, true); 1737 protect_directory($CFG->backuptempdir); 1738 } else { 1739 protect_directory($CFG->tempdir); 1740 } 1741 return make_writable_directory("$CFG->backuptempdir/$directory", $exceptiononerror); 1742 } 1743 1744 /** 1745 * Create a directory under tempdir and make sure it is writable. 1746 * 1747 * Where possible, please use make_request_directory() and limit the scope 1748 * of your data to the current HTTP request. 1749 * 1750 * Do not use for storing cache files - see make_cache_directory(), and 1751 * make_localcache_directory() instead for this purpose. 1752 * 1753 * Temporary files must be on a shared storage, and heavy usage is 1754 * discouraged due to the performance impact upon clustered environments. 1755 * 1756 * @param string $directory the full path of the directory to be created under $CFG->tempdir 1757 * @param bool $exceptiononerror throw exception if error encountered 1758 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1759 */ 1760 function make_temp_directory($directory, $exceptiononerror = true) { 1761 global $CFG; 1762 if ($CFG->tempdir !== "$CFG->dataroot/temp") { 1763 check_dir_exists($CFG->tempdir, true, true); 1764 protect_directory($CFG->tempdir); 1765 } else { 1766 protect_directory($CFG->dataroot); 1767 } 1768 return make_writable_directory("$CFG->tempdir/$directory", $exceptiononerror); 1769 } 1770 1771 /** 1772 * Create a directory under cachedir and make sure it is writable. 1773 * 1774 * Note: this cache directory is shared by all cluster nodes. 1775 * 1776 * @param string $directory the full path of the directory to be created under $CFG->cachedir 1777 * @param bool $exceptiononerror throw exception if error encountered 1778 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1779 */ 1780 function make_cache_directory($directory, $exceptiononerror = true) { 1781 global $CFG; 1782 if ($CFG->cachedir !== "$CFG->dataroot/cache") { 1783 check_dir_exists($CFG->cachedir, true, true); 1784 protect_directory($CFG->cachedir); 1785 } else { 1786 protect_directory($CFG->dataroot); 1787 } 1788 return make_writable_directory("$CFG->cachedir/$directory", $exceptiononerror); 1789 } 1790 1791 /** 1792 * Create a directory under localcachedir and make sure it is writable. 1793 * The files in this directory MUST NOT change, use revisions or content hashes to 1794 * work around this limitation - this means you can only add new files here. 1795 * 1796 * The content of this directory gets purged automatically on all cluster nodes 1797 * after calling purge_all_caches() before new data is written to this directory. 1798 * 1799 * Note: this local cache directory does not need to be shared by cluster nodes. 1800 * 1801 * @param string $directory the relative path of the directory to be created under $CFG->localcachedir 1802 * @param bool $exceptiononerror throw exception if error encountered 1803 * @return string|false Returns full path to directory if successful, false if not; may throw exception 1804 */ 1805 function make_localcache_directory($directory, $exceptiononerror = true) { 1806 global $CFG; 1807 1808 make_writable_directory($CFG->localcachedir, $exceptiononerror); 1809 1810 if ($CFG->localcachedir !== "$CFG->dataroot/localcache") { 1811 protect_directory($CFG->localcachedir); 1812 } else { 1813 protect_directory($CFG->dataroot); 1814 } 1815 1816 if (!isset($CFG->localcachedirpurged)) { 1817 $CFG->localcachedirpurged = 0; 1818 } 1819 $timestampfile = "$CFG->localcachedir/.lastpurged"; 1820 1821 if (!file_exists($timestampfile)) { 1822 touch($timestampfile); 1823 @chmod($timestampfile, $CFG->filepermissions); 1824 1825 } else if (filemtime($timestampfile) < $CFG->localcachedirpurged) { 1826 // This means our local cached dir was not purged yet. 1827 remove_dir($CFG->localcachedir, true); 1828 if ($CFG->localcachedir !== "$CFG->dataroot/localcache") { 1829 protect_directory($CFG->localcachedir); 1830 } 1831 touch($timestampfile); 1832 @chmod($timestampfile, $CFG->filepermissions); 1833 clearstatcache(); 1834 } 1835 1836 if ($directory === '') { 1837 return $CFG->localcachedir; 1838 } 1839 1840 return make_writable_directory("$CFG->localcachedir/$directory", $exceptiononerror); 1841 } 1842 1843 /** 1844 * Webserver access user logging 1845 */ 1846 function set_access_log_user() { 1847 global $USER, $CFG; 1848 if ($USER && isset($USER->username)) { 1849 $logmethod = ''; 1850 $logvalue = 0; 1851 if (!empty($CFG->apacheloguser) && function_exists('apache_note')) { 1852 $logmethod = 'apache'; 1853 $logvalue = $CFG->apacheloguser; 1854 } 1855 if (!empty($CFG->headerloguser)) { 1856 $logmethod = 'header'; 1857 $logvalue = $CFG->headerloguser; 1858 } 1859 if (!empty($logmethod)) { 1860 $loguserid = $USER->id; 1861 $logusername = clean_filename($USER->username); 1862 $logname = ''; 1863 if (isset($USER->firstname)) { 1864 // We can assume both will be set 1865 // - even if to empty. 1866 $logname = clean_filename($USER->firstname . " " . $USER->lastname); 1867 } 1868 if (\core\session\manager::is_loggedinas()) { 1869 $realuser = \core\session\manager::get_realuser(); 1870 $logusername = clean_filename($realuser->username." as ".$logusername); 1871 $logname = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$logname); 1872 $loguserid = clean_filename($realuser->id." as ".$loguserid); 1873 } 1874 switch ($logvalue) { 1875 case 3: 1876 $logname = $logusername; 1877 break; 1878 case 2: 1879 $logname = $logname; 1880 break; 1881 case 1: 1882 default: 1883 $logname = $loguserid; 1884 break; 1885 } 1886 if ($logmethod == 'apache') { 1887 apache_note('MOODLEUSER', $logname); 1888 } 1889 1890 if ($logmethod == 'header' && !headers_sent()) { 1891 header("X-MOODLEUSER: $logname"); 1892 } 1893 } 1894 } 1895 } 1896 1897 /** 1898 * This class solves the problem of how to initialise $OUTPUT. 1899 * 1900 * The problem is caused be two factors 1901 * <ol> 1902 * <li>On the one hand, we cannot be sure when output will start. In particular, 1903 * an error, which needs to be displayed, could be thrown at any time.</li> 1904 * <li>On the other hand, we cannot be sure when we will have all the information 1905 * necessary to correctly initialise $OUTPUT. $OUTPUT depends on the theme, which 1906 * (potentially) depends on the current course, course categories, and logged in user. 1907 * It also depends on whether the current page requires HTTPS.</li> 1908 * </ol> 1909 * 1910 * So, it is hard to find a single natural place during Moodle script execution, 1911 * which we can guarantee is the right time to initialise $OUTPUT. Instead we 1912 * adopt the following strategy 1913 * <ol> 1914 * <li>We will initialise $OUTPUT the first time it is used.</li> 1915 * <li>If, after $OUTPUT has been initialised, the script tries to change something 1916 * that $OUTPUT depends on, we throw an exception making it clear that the script 1917 * did something wrong. 1918 * </ol> 1919 * 1920 * The only problem with that is, how do we initialise $OUTPUT on first use if, 1921 * it is going to be used like $OUTPUT->somthing(...)? Well that is where this 1922 * class comes in. Initially, we set up $OUTPUT = new bootstrap_renderer(). Then, 1923 * when any method is called on that object, we initialise $OUTPUT, and pass the call on. 1924 * 1925 * Note that this class is used before lib/outputlib.php has been loaded, so we 1926 * must be careful referring to classes/functions from there, they may not be 1927 * defined yet, and we must avoid fatal errors. 1928 * 1929 * @copyright 2009 Tim Hunt 1930 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 1931 * @since Moodle 2.0 1932 */ 1933 class bootstrap_renderer { 1934 /** 1935 * Handles re-entrancy. Without this, errors or debugging output that occur 1936 * during the initialisation of $OUTPUT, cause infinite recursion. 1937 * @var boolean 1938 */ 1939 protected $initialising = false; 1940 1941 /** 1942 * Have we started output yet? 1943 * @return boolean true if the header has been printed. 1944 */ 1945 public function has_started() { 1946 return false; 1947 } 1948 1949 /** 1950 * Constructor - to be used by core code only. 1951 * @param string $method The method to call 1952 * @param array $arguments Arguments to pass to the method being called 1953 * @return string 1954 */ 1955 public function __call($method, $arguments) { 1956 global $OUTPUT, $PAGE; 1957 1958 $recursing = false; 1959 if ($method == 'notification') { 1960 // Catch infinite recursion caused by debugging output during print_header. 1961 $backtrace = debug_backtrace(); 1962 array_shift($backtrace); 1963 array_shift($backtrace); 1964 $recursing = is_early_init($backtrace); 1965 } 1966 1967 $earlymethods = array( 1968 'fatal_error' => 'early_error', 1969 'notification' => 'early_notification', 1970 ); 1971 1972 // If lib/outputlib.php has been loaded, call it. 1973 if (!empty($PAGE) && !$recursing) { 1974 if (array_key_exists($method, $earlymethods)) { 1975 //prevent PAGE->context warnings - exceptions might appear before we set any context 1976 $PAGE->set_context(null); 1977 } 1978 $PAGE->initialise_theme_and_output(); 1979 return call_user_func_array(array($OUTPUT, $method), $arguments); 1980 } 1981 1982 $this->initialising = true; 1983 1984 // Too soon to initialise $OUTPUT, provide a couple of key methods. 1985 if (array_key_exists($method, $earlymethods)) { 1986 return call_user_func_array(array('bootstrap_renderer', $earlymethods[$method]), $arguments); 1987 } 1988 1989 throw new coding_exception('Attempt to start output before enough information is known to initialise the theme.'); 1990 } 1991 1992 /** 1993 * Returns nicely formatted error message in a div box. 1994 * @static 1995 * @param string $message error message 1996 * @param string $moreinfourl (ignored in early errors) 1997 * @param string $link (ignored in early errors) 1998 * @param array $backtrace 1999 * @param string $debuginfo 2000 * @return string 2001 */ 2002 public static function early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo = null) { 2003 global $CFG; 2004 2005 $content = "<div class='alert-danger'>$message</div>"; 2006 // Check whether debug is set. 2007 $debug = (!empty($CFG->debug) && $CFG->debug >= DEBUG_DEVELOPER); 2008 // Also check we have it set in the config file. This occurs if the method to read the config table from the 2009 // database fails, reading from the config table is the first database interaction we have. 2010 $debug = $debug || (!empty($CFG->config_php_settings['debug']) && $CFG->config_php_settings['debug'] >= DEBUG_DEVELOPER ); 2011 if ($debug) { 2012 if (!empty($debuginfo)) { 2013 // Remove all nasty JS. 2014 if (function_exists('s')) { // Function may be not available for some early errors. 2015 $debuginfo = s($debuginfo); 2016 } else { 2017 // Because weblib is not available for these early errors, we 2018 // just duplicate s() code here to be safe. 2019 $debuginfo = preg_replace('/&#(\d+|x[0-9a-f]+);/i', '&#$1;', 2020 htmlspecialchars($debuginfo, ENT_QUOTES | ENT_HTML401 | ENT_SUBSTITUTE)); 2021 } 2022 $debuginfo = str_replace("\n", '<br />', $debuginfo); // keep newlines 2023 $content .= '<div class="notifytiny">Debug info: ' . $debuginfo . '</div>'; 2024 } 2025 if (!empty($backtrace)) { 2026 $content .= '<div class="notifytiny">Stack trace: ' . format_backtrace($backtrace, false) . '</div>'; 2027 } 2028 } 2029 2030 return $content; 2031 } 2032 2033 /** 2034 * This function should only be called by this class, or from exception handlers 2035 * @static 2036 * @param string $message error message 2037 * @param string $moreinfourl (ignored in early errors) 2038 * @param string $link (ignored in early errors) 2039 * @param array $backtrace 2040 * @param string $debuginfo extra information for developers 2041 * @return string 2042 */ 2043 public static function early_error($message, $moreinfourl, $link, $backtrace, $debuginfo = null, $errorcode = null) { 2044 global $CFG; 2045 2046 if (CLI_SCRIPT) { 2047 echo "!!! $message !!!\n"; 2048 if (!empty($CFG->debug) and $CFG->debug >= DEBUG_DEVELOPER) { 2049 if (!empty($debuginfo)) { 2050 echo "\nDebug info: $debuginfo"; 2051 } 2052 if (!empty($backtrace)) { 2053 echo "\nStack trace: " . format_backtrace($backtrace, true); 2054 } 2055 } 2056 return; 2057 2058 } else if (AJAX_SCRIPT) { 2059 $e = new stdClass(); 2060 $e->error = $message; 2061 $e->stacktrace = NULL; 2062 $e->debuginfo = NULL; 2063 if (!empty($CFG->debug) and $CFG->debug >= DEBUG_DEVELOPER) { 2064 if (!empty($debuginfo)) { 2065 $e->debuginfo = $debuginfo; 2066 } 2067 if (!empty($backtrace)) { 2068 $e->stacktrace = format_backtrace($backtrace, true); 2069 } 2070 } 2071 $e->errorcode = $errorcode; 2072 @header('Content-Type: application/json; charset=utf-8'); 2073 echo json_encode($e); 2074 return; 2075 } 2076 2077 // In the name of protocol correctness, monitoring and performance 2078 // profiling, set the appropriate error headers for machine consumption. 2079 $protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0'); 2080 @header($protocol . ' 500 Internal Server Error'); 2081 2082 // better disable any caching 2083 @header('Content-Type: text/html; charset=utf-8'); 2084 @header('X-UA-Compatible: IE=edge'); 2085 @header('Cache-Control: no-store, no-cache, must-revalidate'); 2086 @header('Cache-Control: post-check=0, pre-check=0', false); 2087 @header('Pragma: no-cache'); 2088 @header('Expires: Mon, 20 Aug 1969 09:23:00 GMT'); 2089 @header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); 2090 2091 if (function_exists('get_string')) { 2092 $strerror = get_string('error'); 2093 } else { 2094 $strerror = 'Error'; 2095 } 2096 2097 $content = self::early_error_content($message, $moreinfourl, $link, $backtrace, $debuginfo); 2098 2099 return self::plain_page($strerror, $content); 2100 } 2101 2102 /** 2103 * Early notification message 2104 * @static 2105 * @param string $message 2106 * @param string $classes usually notifyproblem or notifysuccess 2107 * @return string 2108 */ 2109 public static function early_notification($message, $classes = 'notifyproblem') { 2110 return '<div class="' . $classes . '">' . $message . '</div>'; 2111 } 2112 2113 /** 2114 * Page should redirect message. 2115 * @static 2116 * @param string $encodedurl redirect url 2117 * @return string 2118 */ 2119 public static function plain_redirect_message($encodedurl) { 2120 $message = '<div style="margin-top: 3em; margin-left:auto; margin-right:auto; text-align:center;">' . get_string('pageshouldredirect') . '<br /><a href="'. 2121 $encodedurl .'">'. get_string('continue') .'</a></div>'; 2122 return self::plain_page(get_string('redirect'), $message); 2123 } 2124 2125 /** 2126 * Early redirection page, used before full init of $PAGE global 2127 * @static 2128 * @param string $encodedurl redirect url 2129 * @param string $message redirect message 2130 * @param int $delay time in seconds 2131 * @return string redirect page 2132 */ 2133 public static function early_redirect_message($encodedurl, $message, $delay) { 2134 $meta = '<meta http-equiv="refresh" content="'. $delay .'; url='. $encodedurl .'" />'; 2135 $content = self::early_error_content($message, null, null, null); 2136 $content .= self::plain_redirect_message($encodedurl); 2137 2138 return self::plain_page(get_string('redirect'), $content, $meta); 2139 } 2140 2141 /** 2142 * Output basic html page. 2143 * @static 2144 * @param string $title page title 2145 * @param string $content page content 2146 * @param string $meta meta tag 2147 * @return string html page 2148 */ 2149 public static function plain_page($title, $content, $meta = '') { 2150 global $CFG; 2151 2152 if (function_exists('get_string') && function_exists('get_html_lang')) { 2153 $htmllang = get_html_lang(); 2154 } else { 2155 $htmllang = ''; 2156 } 2157 2158 $footer = ''; 2159 if (function_exists('get_performance_info')) { // Function may be not available for some early errors. 2160 if (MDL_PERF_TEST) { 2161 $perfinfo = get_performance_info(); 2162 $footer = '<footer>' . $perfinfo['html'] . '</footer>'; 2163 } 2164 } 2165 2166 ob_start(); 2167 include($CFG->dirroot . '/error/plainpage.php'); 2168 $html = ob_get_contents(); 2169 ob_end_clean(); 2170 2171 return $html; 2172 } 2173 } 2174 2175 /** 2176 * Add http stream instrumentation 2177 * 2178 * This detects which any reads or writes to a php stream which uses 2179 * the 'http' handler. Ideally 100% of traffic uses the Moodle curl 2180 * libraries which do not use php streams. 2181 * 2182 * @param array $code stream callback code 2183 */ 2184 function proxy_log_callback($code) { 2185 if ($code == STREAM_NOTIFY_CONNECT) { 2186 $trace = debug_backtrace(); 2187 $function = $trace[count($trace) - 1]; 2188 $error = "Unsafe internet IO detected: {$function['function']} with arguments " . join(', ', $function['args']) . "\n"; 2189 error_log($error . format_backtrace($trace, true)); // phpcs:ignore 2190 } 2191 } 2192 2193 /** 2194 * A helper function for deprecated files to use to ensure that, when they are included for unit tests, 2195 * they are run in an isolated process. 2196 * 2197 * @throws \coding_exception The exception thrown when the process is not isolated. 2198 */ 2199 function require_phpunit_isolation(): void { 2200 if (!defined('PHPUNIT_TEST') || !PHPUNIT_TEST) { 2201 // Not a test. 2202 return; 2203 } 2204 2205 if (defined('PHPUNIT_ISOLATED_TEST') && PHPUNIT_ISOLATED_TEST) { 2206 // Already isolated. 2207 return; 2208 } 2209 2210 throw new \coding_exception( 2211 'When including this file for a unit test, the test must be run in an isolated process. ' . 2212 'See the PHPUnit @runInSeparateProcess and @runTestsInSeparateProcesses annotations.' 2213 ); 2214 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body