ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Data Fields
ilWebAccessChecker Class Reference

Class ilWebAccessChecker. More...

+ Collaboration diagram for ilWebAccessChecker:

Public Member Functions

 ilWebAccessChecker ()
 Constructor public.
 checkAccess ()
 Check access rights of the requested file public.
 setDisposition ($a_disposition="inline")
 Set the delivery mode for the file.
 getDisposition ()
 Get the delivery mode for the file.
 sendFile ()
 Send the requested file as if directly delivered from the web server public.
 sendError ()
 Send an error response for the requested file public.

Data Fields

 $lng
 $ilAccess
 $checked_list
 $subpath
 $file
 $params
 $disposition = "inline"
 $mimetype
 $errorcode
 $errortext

Detailed Description

Class ilWebAccessChecker.

Checks the access rights of a directly requested content file. Called from a redirection script or from an include to a content page.

  • determines the related learning module and checks the permission
  • either delivers the accessed file (without redirect)
  • or redirects to the login screen (if not logged in)
  • or prints an error message (if too less rights)
Author
Fred Neumann fred..nosp@m.neum.nosp@m.ann@f.nosp@m.im.u.nosp@m.ni-er.nosp@m.lang.nosp@m.en.de
Version
Id:
class.ilWebAccessChecker.php 16446 2008-04-21 18:40:24Z akill

Definition at line 43 of file class.ilWebAccessChecker.php.

Member Function Documentation

ilWebAccessChecker::checkAccess ( )

Check access rights of the requested file public.

Definition at line 159 of file class.ilWebAccessChecker.php.

References $ilLog, $ref_id, ilObject\_getAllReferences(), ilObjMediaCastAccess\_lookupPublicFiles(), ilObject\_lookupType(), ilNewsItem\_lookupVisibility(), ilObjMediaObject\getParentObjectIdForUsage(), ilObjMediaObject\lookupUsages(), and NEWS_PUBLIC.

{
global $ilLog;
// extract the object id (html/scorm learning modules)
$pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
$pos2 = strpos($this->subpath, "/", $pos1);
if ($pos1 == 11 or $pos2 === false)
{
// media object
$pos1 = strpos($this->subpath, "mobs/mm_") + 8;
$pos2 = strpos($this->subpath, "/", $pos1);
if ($pos1 === false or $pos2 === false)
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("url_not_found");
return false;
}
else
{
$mob_id = substr($this->subpath, $pos1, $pos2-$pos1);
include_once("./Services/MediaObjects/classes/class.ilObjMediaObject.php");
$usages = ilObjMediaObject::lookupUsages($mob_id);
foreach($usages as $usage)
{
//var_dump($usage);
$oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
//var_dump($oid);
if ($oid > 0)
{
$obj_ids[] = $oid;
// media objects in news (media casts)
if ($usage["type"] == "news")
{
include_once("./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
include_once("./Services/News/classes/class.ilNewsItem.php");
if (ilObjMediaCastAccess::_lookupPublicFiles($oid) &&
ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC)
{
return true;
}
}
}
}
}
}
$obj_ids[] = substr($this->subpath, $pos1, $pos2-$pos1);
foreach($obj_ids as $obj_id)
{
if (!is_numeric($obj_id))
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("obj_not_found");
return false;
}
// look in cache, if already checked
if (is_array($this->checked_list))
{
if (in_array($obj_id, $this->checked_list))
{
// return true;
}
}
// find the object references
$obj_type = ilObject::_lookupType($obj_id);
$ref_ids = ilObject::_getAllReferences($obj_id);
if (!$ref_ids)
{
$this->errorcode = 403;
$this->errortext = $this->lng->txt("permission_denied");
return false;
}
// check, if one of the references is readable
$readable = false;
foreach($ref_ids as $ref_id)
{
if ($this->ilAccess->checkAccess("read", "view", $ref_id, $obj_type, $obj_id))
{
$readable = true;
break;
}
}
if ($readable)
{
//add object to cache
$this->checked_list[] = $obj_id;
return true;
}
}
$this->errorcode = 403;
$this->errortext = $this->lng->txt("permission_denied");
return false;
}

+ Here is the call graph for this function:

ilWebAccessChecker::getDisposition ( )

Get the delivery mode for the file.

Returns
string "inline" or "attachment" public

Definition at line 277 of file class.ilWebAccessChecker.php.

References $disposition.

Referenced by sendFile().

{
return $this->disposition;
}

+ Here is the caller graph for this function:

ilWebAccessChecker::ilWebAccessChecker ( )

Constructor public.

Definition at line 106 of file class.ilWebAccessChecker.php.

References $_SESSION, $ilAccess, $ilLog, $lng, ilObjMediaObject\getMimeType(), ILIAS_ABSOLUTE_PATH, and ILIAS_WEB_DIR.

{
global $ilAccess, $lng, $ilLog;
$this->lng =& $lng;
$this->ilAccess =& $ilAccess;
$this->checked_list = & $_SESSION["WebAccessChecked"];
$this->params = array();
// get the requested file and its type
$uri = parse_url($_SERVER["REQUEST_URI"]);
parse_str($uri["query"], $this->params);
$pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
$this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
$this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
/* debugging
echo "<pre>";
echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
echo "Parsed URI: ". $uri["path"]. "\n";
echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
echo "CLIENT_ID: ". CLIENT_ID. "\n";
echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
echo "subpath: ". $this->subpath. "\n";
echo "file: ". $this->file. "\n";
echo "</pre>";
exit;
*/
if (file_exists($this->file))
{
$this->mimetype = ilObjMediaObject::getMimeType($this->file);
}
else
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("url_not_found");
return false;
}
}

+ Here is the call graph for this function:

ilWebAccessChecker::sendError ( )

Send an error response for the requested file public.

Definition at line 322 of file class.ilWebAccessChecker.php.

References exit.

{
switch ($this->errorcode)
{
case 403:
header("HTTP/1.0: 403 Forbidden");
break;
case 404:
header("HTTP/1.0: 404 Not Found");
break;
}
exit($this->errortext);
}
ilWebAccessChecker::sendFile ( )

Send the requested file as if directly delivered from the web server public.

Definition at line 287 of file class.ilWebAccessChecker.php.

References ilUtil\deliverFile(), exit, getDisposition(), and ilUtil\readFile().

{
if ($this->getDisposition() == "attachment")
{
ilUtil::deliverFile($this->file, basename($this->file));
exit;
}
else
{
if (!isset($_SERVER["HTTPS"]))
{
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
}
header("Content-Type: " . $this->mimetype);
header("Content-Length: ".(string)(filesize($this->file)));
if (isset($_SERVER["HTTPS"]))
{
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
}
header("Connection: close");
ilUtil::readFile( $this->file);
exit;
}
}

+ Here is the call graph for this function:

ilWebAccessChecker::setDisposition (   $a_disposition = "inline")

Set the delivery mode for the file.

Parameters
string"inline" or "attachment" public

Definition at line 267 of file class.ilWebAccessChecker.php.

{
$this->disposition = $a_disposition;
}

Field Documentation

ilWebAccessChecker::$checked_list

Definition at line 47 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$disposition = "inline"

Definition at line 76 of file class.ilWebAccessChecker.php.

Referenced by getDisposition().

ilWebAccessChecker::$errorcode

Definition at line 91 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$errortext

Definition at line 99 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$file

Definition at line 61 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$ilAccess

Definition at line 46 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

ilWebAccessChecker::$lng

Definition at line 45 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

ilWebAccessChecker::$mimetype

Definition at line 84 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$params

Definition at line 68 of file class.ilWebAccessChecker.php.

ilWebAccessChecker::$subpath

Definition at line 54 of file class.ilWebAccessChecker.php.

The documentation for this class was generated from the following file: