Class ilWebAccessChecker. More...
Public Member Functions | |
| ilWebAccessChecker () | |
| Constructor public. | |
| checkAccess () | |
| Check access rights of the requested file public. | |
| setDisposition ($a_disposition="inline") | |
| Set the delivery mode for the file. | |
| getDisposition () | |
| Get the delivery mode for the file. | |
| sendFile () | |
| Send the requested file as if directly delivered from the web server public. | |
| sendError () | |
| Send an error response for the requested file public. | |
Data Fields | |
| $lng | |
| $ilAccess | |
| $checked_list | |
| $subpath | |
| $file | |
| $params | |
| $disposition = "inline" | |
| $mimetype | |
| $errorcode | |
| $errortext | |
Detailed Description
Class ilWebAccessChecker.
Checks the access rights of a directly requested content file. Called from a redirection script or from an include to a content page.
- determines the related learning module and checks the permission
- either delivers the accessed file (without redirect)
- or redirects to the login screen (if not logged in)
- or prints an error message (if too less rights)
- Version:
- Id:
- class.ilWebAccessChecker.php 16445 2008-04-21 18:36:40Z akill
Definition at line 43 of file class.ilWebAccessChecker.php.
Member Function Documentation
| ilWebAccessChecker::checkAccess | ( | ) |
Check access rights of the requested file public.
Definition at line 159 of file class.ilWebAccessChecker.php.
References $ilLog, $ref_id, ilObject::_getAllReferences(), ilObjMediaCastAccess::_lookupPublicFiles(), ilObject::_lookupType(), ilNewsItem::_lookupVisibility(), ilObjMediaObject::getParentObjectIdForUsage(), and ilObjMediaObject::lookupUsages().
{
global $ilLog;
// extract the object id (html/scorm learning modules)
$pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
$pos2 = strpos($this->subpath, "/", $pos1);
if ($pos1 == 11 or $pos2 === false)
{
// media object
$pos1 = strpos($this->subpath, "mobs/mm_") + 8;
$pos2 = strpos($this->subpath, "/", $pos1);
if ($pos1 === false or $pos2 === false)
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("url_not_found");
return false;
}
else
{
$mob_id = substr($this->subpath, $pos1, $pos2-$pos1);
include_once("./Services/MediaObjects/classes/class.ilObjMediaObject.php");
$usages = ilObjMediaObject::lookupUsages($mob_id);
foreach($usages as $usage)
{
//var_dump($usage);
$oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
//var_dump($oid);
if ($oid > 0)
{
$obj_ids[] = $oid;
// media objects in news (media casts)
if ($usage["type"] == "news")
{
include_once("./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
include_once("./Services/News/classes/class.ilNewsItem.php");
if (ilObjMediaCastAccess::_lookupPublicFiles($oid) &&
ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC)
{
return true;
}
}
}
}
}
}
$obj_ids[] = substr($this->subpath, $pos1, $pos2-$pos1);
foreach($obj_ids as $obj_id)
{
if (!is_numeric($obj_id))
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("obj_not_found");
return false;
}
// look in cache, if already checked
if (is_array($this->checked_list))
{
if (in_array($obj_id, $this->checked_list))
{
// return true;
}
}
// find the object references
$obj_type = ilObject::_lookupType($obj_id);
$ref_ids = ilObject::_getAllReferences($obj_id);
if (!$ref_ids)
{
$this->errorcode = 403;
$this->errortext = $this->lng->txt("permission_denied");
return false;
}
// check, if one of the references is readable
$readable = false;
foreach($ref_ids as $ref_id)
{
if ($this->ilAccess->checkAccess("read", "view", $ref_id, $obj_type, $obj_id))
{
$readable = true;
break;
}
}
if ($readable)
{
//add object to cache
$this->checked_list[] = $obj_id;
return true;
}
}
$this->errorcode = 403;
$this->errortext = $this->lng->txt("permission_denied");
return false;
}
Here is the call graph for this function:
| ilWebAccessChecker::getDisposition | ( | ) |
Get the delivery mode for the file.
- Returns:
- string "inline" or "attachment" public
Definition at line 277 of file class.ilWebAccessChecker.php.
Referenced by sendFile().
{
return $this->disposition;
}
Here is the caller graph for this function:
| ilWebAccessChecker::ilWebAccessChecker | ( | ) |
Constructor public.
Definition at line 106 of file class.ilWebAccessChecker.php.
References $_SESSION, $ilAccess, $ilLog, $lng, and ilObjMediaObject::getMimeType().
{
global $ilAccess, $lng, $ilLog;
$this->lng =& $lng;
$this->ilAccess =& $ilAccess;
$this->checked_list = & $_SESSION["WebAccessChecked"];
$this->params = array();
// get the requested file and its type
$uri = parse_url($_SERVER["REQUEST_URI"]);
parse_str($uri["query"], $this->params);
$pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
$this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
$this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
/* debugging
echo "<pre>";
echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
echo "Parsed URI: ". $uri["path"]. "\n";
echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
echo "CLIENT_ID: ". CLIENT_ID. "\n";
echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
echo "subpath: ". $this->subpath. "\n";
echo "file: ". $this->file. "\n";
echo "</pre>";
exit;
*/
if (file_exists($this->file))
{
$this->mimetype = ilObjMediaObject::getMimeType($this->file);
}
else
{
$this->errorcode = 404;
$this->errortext = $this->lng->txt("url_not_found");
return false;
}
}
Here is the call graph for this function:
| ilWebAccessChecker::sendError | ( | ) |
Send an error response for the requested file public.
Definition at line 322 of file class.ilWebAccessChecker.php.
References exit.
{
switch ($this->errorcode)
{
case 403:
header("HTTP/1.0: 403 Forbidden");
break;
case 404:
header("HTTP/1.0: 404 Not Found");
break;
}
exit($this->errortext);
}
| ilWebAccessChecker::sendFile | ( | ) |
Send the requested file as if directly delivered from the web server public.
Definition at line 287 of file class.ilWebAccessChecker.php.
References ilUtil::deliverFile(), exit, getDisposition(), and ilUtil::readFile().
{
if ($this->getDisposition() == "attachment")
{
ilUtil::deliverFile($this->file, basename($this->file));
exit;
}
else
{
if (!isset($_SERVER["HTTPS"]))
{
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
}
header("Content-Type: " . $this->mimetype);
header("Content-Length: ".(string)(filesize($this->file)));
if (isset($_SERVER["HTTPS"]))
{
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
}
header("Connection: close");
ilUtil::readFile( $this->file);
exit;
}
}
Here is the call graph for this function:
| ilWebAccessChecker::setDisposition | ( | $ | a_disposition = "inline" |
) |
Set the delivery mode for the file.
- Parameters:
-
string "inline" or "attachment" public
Definition at line 267 of file class.ilWebAccessChecker.php.
{
$this->disposition = $a_disposition;
}
Field Documentation
| ilWebAccessChecker::$checked_list |
Definition at line 47 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$disposition = "inline" |
Definition at line 76 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$errorcode |
Definition at line 91 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$errortext |
Definition at line 99 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$file |
Definition at line 61 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$ilAccess |
Definition at line 46 of file class.ilWebAccessChecker.php.
Referenced by ilWebAccessChecker().
| ilWebAccessChecker::$lng |
Definition at line 45 of file class.ilWebAccessChecker.php.
Referenced by ilWebAccessChecker().
| ilWebAccessChecker::$mimetype |
Definition at line 84 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$params |
Definition at line 68 of file class.ilWebAccessChecker.php.
| ilWebAccessChecker::$subpath |
Definition at line 54 of file class.ilWebAccessChecker.php.
The documentation for this class was generated from the following file:
- Services/WebAccessChecker/classes/class.ilWebAccessChecker.php
