You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 lines
4.5 KiB
111 lines
4.5 KiB
<?php
|
|
// This file is part of Moodle - http://moodle.org/
|
|
//
|
|
// Moodle is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Moodle is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
/**
|
|
* Form for editing HTML block instances.
|
|
*
|
|
* @copyright 2010 Petr Skoda (http://skodak.org)
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
* @package block_html
|
|
* @category files
|
|
* @param stdClass $course course object
|
|
* @param stdClass $birecord_or_cm block instance record
|
|
* @param stdClass $context context object
|
|
* @param string $filearea file area
|
|
* @param array $args extra arguments
|
|
* @param bool $forcedownload whether or not force download
|
|
* @param array $options additional options affecting the file serving
|
|
* @return bool
|
|
* @todo MDL-36050 improve capability check on stick blocks, so we can check user capability before sending images.
|
|
*/
|
|
function block_html_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options=array()) {
|
|
global $DB, $CFG, $USER;
|
|
|
|
if ($context->contextlevel != CONTEXT_BLOCK) {
|
|
send_file_not_found();
|
|
}
|
|
|
|
// If block is in course context, then check if user has capability to access course.
|
|
if ($context->get_course_context(false)) {
|
|
require_course_login($course);
|
|
} else if ($CFG->forcelogin) {
|
|
require_login();
|
|
} else {
|
|
// Get parent context and see if user have proper permission.
|
|
$parentcontext = $context->get_parent_context();
|
|
if ($parentcontext->contextlevel === CONTEXT_COURSECAT) {
|
|
// Check if category is visible and user can view this category.
|
|
if (!core_course_category::get($parentcontext->instanceid, IGNORE_MISSING)) {
|
|
send_file_not_found();
|
|
}
|
|
} else if ($parentcontext->contextlevel === CONTEXT_USER && $parentcontext->instanceid != $USER->id) {
|
|
// The block is in the context of a user, it is only visible to the user who it belongs to.
|
|
send_file_not_found();
|
|
}
|
|
// At this point there is no way to check SYSTEM context, so ignoring it.
|
|
}
|
|
|
|
if ($filearea !== 'content') {
|
|
send_file_not_found();
|
|
}
|
|
|
|
$fs = get_file_storage();
|
|
|
|
$filename = array_pop($args);
|
|
$filepath = $args ? '/'.implode('/', $args).'/' : '/';
|
|
|
|
if (!$file = $fs->get_file($context->id, 'block_html', 'content', 0, $filepath, $filename) or $file->is_directory()) {
|
|
send_file_not_found();
|
|
}
|
|
|
|
if ($parentcontext = context::instance_by_id($birecord_or_cm->parentcontextid, IGNORE_MISSING)) {
|
|
if ($parentcontext->contextlevel == CONTEXT_USER) {
|
|
// force download on all personal pages including /my/
|
|
//because we do not have reliable way to find out from where this is used
|
|
$forcedownload = true;
|
|
}
|
|
} else {
|
|
// weird, there should be parent context, better force dowload then
|
|
$forcedownload = true;
|
|
}
|
|
|
|
// NOTE: it woudl be nice to have file revisions here, for now rely on standard file lifetime,
|
|
// do not lower it because the files are dispalyed very often.
|
|
\core\session\manager::write_close();
|
|
send_stored_file($file, null, 0, $forcedownload, $options);
|
|
}
|
|
|
|
/**
|
|
* Perform global search replace such as when migrating site to new URL.
|
|
* @param $search
|
|
* @param $replace
|
|
* @return void
|
|
*/
|
|
function block_html_global_db_replace($search, $replace) {
|
|
global $DB;
|
|
|
|
$instances = $DB->get_recordset('block_instances', array('blockname' => 'html'));
|
|
foreach ($instances as $instance) {
|
|
// TODO: intentionally hardcoded until MDL-26800 is fixed
|
|
$config = unserialize(base64_decode($instance->configdata));
|
|
if (isset($config->text) and is_string($config->text)) {
|
|
$config->text = str_replace($search, $replace, $config->text);
|
|
$DB->update_record('block_instances', ['id' => $instance->id,
|
|
'configdata' => base64_encode(serialize($config)), 'timemodified' => time()]);
|
|
}
|
|
}
|
|
$instances->close();
|
|
}
|
|
|