| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Summary view] [Print] [Text view]
1 <?PHP //$Id: file.php,v 1.20 2006/11/01 21:03:09 skodak Exp $ 2 //This file returns the required rss feeds 3 //The URL format MUST include: 4 // course: the course id 5 // user: the user id 6 // name: the name of the module (forum...) 7 // id: the id (instance) of the module (forumid...) 8 //If the course has a password or it doesn't 9 //allow guest access then the user field is 10 //required to see that the user is enrolled 11 //in the course, else no check is performed. 12 //This allows to limit a bit the rss access 13 //to correct users. It isn't unbreakable, 14 //obviously, but its the best I've thought!! 15 16 $nomoodlecookie = true; // Because it interferes with caching 17 18 require_once ('../config.php'); 19 require_once($CFG->libdir.'/filelib.php'); 20 require_once($CFG->libdir.'/rsslib.php'); 21 22 $lifetime = 3600; // Seconds for files to remain in caches - 1 hour 23 24 // hack for problems with concurrent use of $nomoodlecookie and capabilities MDL-7243 25 // it should be replaced once we get to codes in urls 26 $USER = new object(); 27 $USER->id = 0; 28 29 // disable moodle specific debug messages 30 disable_debugging(); 31 32 $relativepath = get_file_argument('file.php'); 33 34 35 if (!$relativepath) { 36 rss_not_found(); 37 } 38 39 // extract relative path components 40 $args = explode('/', trim($relativepath, '/')); 41 42 if (count($args) < 5) { 43 rss_not_found(); 44 } 45 46 $courseid = (int)$args[0]; 47 $userid = (int)$args[1]; 48 $modulename = clean_param($args[2], PARAM_FILE); 49 $instance = $args[3]; 50 $filename = 'rss.xml'; 51 52 if ($isblog = $modulename == 'blog') { 53 $blogid = (int)$args[4]; // could be groupid / courseid / userid depending on $instance 54 if ($args[5] != 'rss.xml') { 55 $tagid = (int)$args[5]; 56 } else { 57 $tagid = 0; 58 } 59 } else { 60 $instance = (int)$instance; // we know it's an id number 61 } 62 63 64 if (!$course = get_record('course', 'id', $courseid)) { 65 rss_not_found(); 66 } 67 68 //Check name of module 69 if (!$isblog) { 70 $mods = get_list_of_plugins('mod'); 71 if (!in_array(strtolower($modulename), $mods)) { 72 rss_not_found(); 73 } 74 //Get course_module to check it's visible 75 if (!$cm = get_coursemodule_from_instance($modulename,$instance,$courseid)) { 76 rss_not_found(); 77 } 78 $context = get_context_instance(CONTEXT_MODULE, $cm->id); 79 $isuser = has_capability('moodle/course:view', $context, $userid); // Not ideal, this should be module-specific, but deferring until RSS gets a revamp with codes in the URLs 80 } else { 81 $context = get_context_instance(CONTEXT_COURSE, $course->id); 82 $isuser = has_capability('moodle/course:view', $context, $userid); 83 } 84 85 //Check for "security" if !course->guest or course->password 86 if ($course->id != SITEID) { 87 if ((!$course->guest || $course->password) && (!$isuser)) { 88 rss_not_found(); 89 } 90 } 91 92 //Check for "security" if the course is hidden or the activity is hidden 93 if (!$isblog and (!$course->visible || !$cm->visible) && (!has_capability('moodle/course:viewhiddenactivities', $context))) { 94 rss_not_found(); 95 } 96 97 //Work out the filename of the RSS file 98 if ($isblog) { 99 require_once($CFG->dirroot.'/blog/rsslib.php'); 100 $pathname = blog_generate_rss_feed($instance, $blogid, $tagid); 101 } else { 102 $pathname = $CFG->dataroot.'/rss/'.$modulename.'/'.$instance.'.xml'; 103 } 104 105 //Check that file exists 106 if (!file_exists($pathname)) { 107 rss_not_found(); 108 } 109 110 //Send it to user! 111 send_file($pathname, $filename, $lifetime); 112 113 function rss_not_found() { 114 /// error, send some XML with error message 115 global $lifetime, $filename; 116 send_file(rss_geterrorxmlfile(), $filename, $lifetime, false, true); 117 } 118 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |