ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilWebAccessChecker.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 // Prevent a general redirect to the login screen for anonymous users.
5 // The checker will show an error page with login link instead
6 // (see ilInitialisation::InitILIAS() for details)
7 $_GET["baseClass"] = "ilStartUpGUI";
8 
9 // Define a pseudo module to get a correct ILIAS_HTTP_PATH
10 // (needed for links on the error page).
11 // "data" is assumed to be the ILIAS_WEB_DIR
12 // (see ilInitialisation::buildHTTPPath() for details)
13 define("ILIAS_MODULE", substr($_SERVER['PHP_SELF'],
14  strpos($_SERVER['PHP_SELF'], "/data/") + 6));
15 
16 // Define the cookie path to prevent a different session created for web access
17 // (see ilInitialisation::setCookieParams() for details)
18 $GLOBALS['COOKIE_PATH'] = substr($_SERVER['PHP_SELF'], 0,
19  strpos($_SERVER['PHP_SELF'], "/data/"));
20 
21 // Determine the ILIAS client from the web path
22 // This is needed because a session cookie may not yet exist
23 // (see ilINITIALISATION::determineClient() for details)
24 $client_start = strpos($_SERVER['PHP_SELF'], "/data/") + 6;
25 $client_end = strpos($_SERVER['PHP_SELF'], "/", $client_start);
26 $_GET['client_id'] = substr($_SERVER['PHP_SELF'], $client_start, $client_end - $client_start);
27 
28 // Remember if the initial session was empty
29 // Then a new session record should not be written
30 // (see ilSession::_writeData for details)
31 $GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] = (session_id() == "");
32 
33 include_once "Services/Context/classes/class.ilContext.php";
34 ilContext::init(ilContext::CONTEXT_WEB_ACCESS_CHECK);
35 
36 // Now the ILIAS header can be included
37 require_once "./include/inc.header.php";
38 require_once "./Services/Utilities/classes/class.ilUtil.php";
39 require_once "./Services/Object/classes/class.ilObject.php";
40 require_once "./Services/MediaObjects/classes/class.ilObjMediaObject.php";
41 
42 
56 class ilWebAccessChecker
57 {
58  var $lng;
59  var $ilAccess;
60 
66  var $subpath;
67 
73  var $file;
74 
80  var $params;
81 
82 
88  var $disposition = "inline";
89 
95  var $check_ip = false;
96 
97 
105  var $check_users = array();
106 
112  var $send_mimetype = true;
113 
114 
121  var $mimetype = null;
122 
123 
129  var $errorcode;
130 
131 
137  var $errortext;
138 
139 
144  function ilWebAccessChecker()
145  {
146  global $ilUser, $ilAccess, $lng, $ilLog;
147 
148  $this->lng =& $lng;
149  $this->ilAccess =& $ilAccess;
150  $this->params = array();
151 
152  // get the requested file and its type
153  $uri = parse_url($_SERVER["REQUEST_URI"]);
154  parse_str($uri["query"], $this->params);
155 
156  $pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
157  $this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
158  $this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
159 
160  // build url path for virtual function
161  $this->virtual_path = str_replace($pattern, "virtual-" . $pattern, $uri["path"]);
162 
163 
164  // set the parameters provided with the checker call
165  if (isset($_GET['disposition']))
166  {
167  $this->setDisposition($_GET['disposition']);
168  }
169  if (isset($_GET['check_ip']))
170  {
171  $this->setCheckIp($_GET['check_ip']);
172  }
173  if (isset($_GET['send_mimetype']))
174  {
175  $this->setSendMimetype($_GET['send_mimetype']);
176  }
177 
178  // debugging
179  /*echo "<pre>";
180  echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
181  echo "Parsed URI: ". $uri["path"]. "\n";
182  echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
183  echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
184  echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
185  echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
186  echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
187  echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
188  echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
189  echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
190  echo "CLIENT_ID: ". CLIENT_ID. "\n";
191  echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
192  echo "subpath: ". $this->subpath. "\n";
193  echo "file: ". $this->file. "\n";
194  echo "disposition: ". $this->disposition. "\n";
195  echo "ckeck_ip: ". $this->check_ip. "\n";
196  echo "send_mimetype: ". $this->send_mimetype. "\n";
197  echo "</pre>";
198  echo phpinfo();
199  exit;*/
200 
201 
202  if (!file_exists($this->file))
203  {
204  $this->errorcode = 404;
205  $this->errortext = $this->lng->txt("url_not_found");
206  return false;
207  }
208  }
209 
213  public function determineUser()
214  {
215  global $ilUser;
216 
217  // a valid user session is found
218  if ($_SESSION["AccountId"])
219  {
220  $this->check_users = array($_SESSION["AccountId"]);
221  return;
222  }
223 
224  // no session cookie was delivered
225  // user identification by ip address is allowed
226  elseif ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] and $this->getCheckIp())
227  {
228  $this->check_users = ilSession::_getUsersWithIp($_SERVER['REMOTE_ADDR']);
229 
230  if (count($this->check_users) == 0)
231  {
232  // no user was found for the ip address
233  $this->check_users = array(ANONYMOUS_USER_ID);
234 
235  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
236  $ilUser->setId(ANONYMOUS_USER_ID);
237  $ilUser->read();
238  }
239  elseif (count($this->check_users) == 1)
240  {
241  // exactly one user is found with an active session
242  $_SESSION["AccountId"] = current($this->check_users);
243  $ilUser->setId(current($this->check_users));
244  $ilUser->read();
245  }
246  else
247  {
248  // more than one user found for the ip address
249  // take the anonymous user for the session
250  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
251  $ilUser->setId(ANONYMOUS_USER_ID);
252  $ilUser->read();
253  }
254  return;
255  }
256 
257  // take the anonymous user as fallback
258  else
259  {
260  $this->check_users = array(ANONYMOUS_USER_ID);
261 
262  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
263  $ilUser->setId(ANONYMOUS_USER_ID);
264  $ilUser->read();
265 
266  return;
267  }
268  }
269 
274  public function checkAccess()
275  {
276  global $ilLog, $ilUser, $ilObjDataCache, $objDefinition;
277 
278  // an error already occurred at class initialisation
279  if ($this->errorcode)
280  {
281  return false;
282  }
283 
284  // check for type by subdirectory
285  $pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
286  $pos2 = strpos($this->subpath, "mobs/mm_") + 8;
287  $pos3 = strpos($this->subpath, "usr_images/") + 11;
288  $pos4 = strpos($this->subpath, "sec") + 3;
289 
290  $obj_id = 0;
291  $type = 'none';
292  // trying to access data within a learning module folder
293  if ($pos1 > 11)
294  {
295  $type = 'lm';
296  $seperator = strpos($this->subpath, '/', $pos1);
297  $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
298  }
299  //trying to access media data
300  else if ($pos2 > 8)
301  {
302  $type = 'mob';
303  $seperator = strpos($this->subpath, '/', $pos2);
304  $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
305  }
306  // trying to access a user image
307  elseif ($pos3 > 11)
308  {
309  $type = 'user_image';
310  // user images may be:
311  // upload_123pic, upload_123
312  // usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
313  $seperator = strpos($this->subpath, '_', $pos3);
314  $obj_id = (int) substr($this->subpath, $seperator + 1);
315  }
316  // component name (generic)
317  elseif ($pos4 > 3)
318  {
319  $plugin = false;
320  $seperator = strpos($this->subpath, '/', $pos4);
321  $path = explode("/", substr($this->subpath, $seperator +1));
322  $component = array_shift($path);
323  if(substr($component, 0, 2) == "il")
324  {
325  $component = substr($component, 2);
326  $comp_dir = null;
327  if(ilComponent::lookupId(IL_COMP_MODULE, $component))
328  {
329  $comp_dir = "Modules";
330  }
331  else if(ilComponent::lookupId(IL_COMP_SERVICE, $component))
332  {
333  $comp_dir = "Services";
334  }
335  else if($objDefinition->isPlugin($pl_id = strtolower($component)))
336  {
337  $comp_class = $objDefinition->getClassName($pl_id);
338  $comp_dir = $objDefinition->getLocation($pl_id);
339  $plugin = true;
340  }
341 
342  if($comp_dir)
343  {
344  if($plugin)
345  {
346  $comp_class = "il".$comp_class."WebAccessChecker";
347  $comp_include = $comp_dir."/class.".$comp_class.".php";
348  }
349  else
350  {
351  $comp_class = "il".$component."WebAccessChecker";
352  $comp_include = $comp_dir."/".$component."/classes/class.".$comp_class.".php";
353  }
354  if(file_exists($comp_include))
355  {
356  include_once $comp_include;
357  if(class_exists($comp_class))
358  {
359  $comp_inst = new $comp_class();
360  if($comp_inst instanceof ilComponentWebAccessChecker)
361  {
362  if($comp_inst->isValidPath($path))
363  {
364  $type = "sec";
365  }
366  }
367  }
368  }
369  }
370  }
371  }
372 
373  if ((!$obj_id && $type != "sec") || $type == 'none')
374  {
375  $this->errorcode = 404;
376  $this->errortext = $this->lng->txt("obj_not_found");
377  return false;
378  }
379 
380 
381  // #13237 - if imporint is display on login page we have user id 0
382  if($type == "mob")
383  {
384  $usages = ilObjMediaObject::lookupUsages($obj_id);
385  foreach($usages as $usage)
386  {
387  if($usage['type'] == 'impr:pg')
388  {
389  return $this->checkAccessMobUsage($usage, 1);
390  }
391  }
392  }
393 
394  // get proper user id (could be anonymous)
395  ilInitialisation::authenticate();
396 
397 
398  // do this here because ip based checking may be set after construction
399  $this->determineUser();
400 
401 
402  switch($type)
403  {
404  // SCORM or HTML learning module
405  case 'lm':
406  if ($this->checkAccessObject($obj_id))
407  {
408  return true;
409  }
410  break;
411 
412  // media object
413  case 'mob':
414  if ($this->checkAccessMob($obj_id))
415  {
416  return true;
417  }
418  break;
419 
420  // image in user profile
421  case 'user_image':
422  if ($this->checkAccessUserImage($obj_id))
423  {
424  return true;
425  }
426  break;
427 
428  case 'sec':
429  if($obj_id = $comp_inst->getRepositoryObjectId())
430  {
431  return $this->checkAccessObject($obj_id);
432  }
433  else
434  {
435  return $comp_inst->checkAccess($this->check_users);
436  }
437  break;
438  }
439 
440  // none of the checks above gives access
441  $this->errorcode = 403;
442  $this->errortext = $this->lng->txt('msg_no_perm_read');
443  return false;
444  }
445 
452  function checkAccessMob($obj_id)
453  {
454  $usages = ilObjMediaObject::lookupUsages($obj_id);
455 
456  foreach($usages as $usage)
457  {
458  $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
459 
460  // for content snippets we must get their usages and check them
461  if ($usage["type"] == "mep:pg")
462  {
463  include_once("./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
464  $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
465  foreach($usages2 as $usage2)
466  {
467  $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
468  if ($this->checkAccessMobUsage($usage2, $oid2))
469  {
470  return true;
471  }
472  }
473  }
474  else // none content snippets just go the usual way
475  {
476  if ($this->checkAccessMobUsage($usage, $oid))
477  {
478  return true;
479  }
480  }
481  }
482 
483  return false;
484  }
485 
492  function checkAccessMobUsage($usage, $oid)
493  {
497  global $ilObjDataCache;
498 
499  switch($usage['type'])
500  {
501  case 'lm:pg':
502  if ($this->checkAccessObject($oid, 'lm'))
503  {
504  return true;
505  }
506  /* as $usage['id'] (== page) is not processed anymore, we can use standard
507  if ($oid > 0)
508  {
509  if ($this->checkAccessLM($oid, 'lm', $usage['id']))
510  {
511  return true;
512  }
513  }
514  */
515  break;
516 
517  case 'news':
518  // media objects in news (media casts)
519  include_once("./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
520  include_once("./Services/News/classes/class.ilNewsItem.php");
521 
522  if ($this->checkAccessObject($oid, 'mcst'))
523  {
524  return true;
525  }
526  elseif (ilObjMediaCastAccess::_lookupPublicFiles($oid) && ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC)
527  {
528  return true;
529  }
530  break;
531 
532  /* see default
533  case 'dcl:html':
534  include_once("./Modules/DataCollection/classes/class.ilObjDataCollectionAccess.php");
535  include_once("./Services/Object/classes/class.ilObject2.php");
536  $ref_ids = ilObject2::_getAllReferences($oid);
537  foreach($ref_ids as $ref_id)
538  if(ilObjDataCollectionAccess::_checkAccess("view", "read", $ref_id, $oid))
539  return true;
540  break;
541  */
542 
543  case 'frm~:html':
544  case 'exca~:html':
545  // $oid = userid
546  foreach ($this->check_users as $user_id)
547  {
548  if ($ilObjDataCache->lookupType($oid) == 'usr' && $oid == $user_id)
549  {
550  return true;
551  }
552  }
553  break;
554 
555  case 'qpl:pg':
556  case 'qpl:html':
557  // test questions
558  if ($this->checkAccessTestQuestion($oid, $usage['id']))
559  {
560  return true;
561  }
562  break;
563 
564  case 'gdf:pg':
565  // special check for glossary terms
566  if ($this->checkAccessGlossaryTerm($oid, $usage['id']))
567  {
568  return true;
569  }
570  break;
571 
572  case 'sahs:pg':
573  // check for scorm pages
574  if ($this->checkAccessObject($oid, 'sahs'))
575  {
576  return true;
577  }
578  break;
579 
580  case 'prtf:pg':
581  // special check for portfolio pages
582  if ($this->checkAccessPortfolioPage($oid, $usage['id']))
583  {
584  return true;
585  }
586  break;
587 
588  case 'blp:pg':
589  // special check for blog pages
590  if ($this->checkAccessBlogPage($oid, $usage['id']))
591  {
592  return true;
593  }
594  break;
595 
596  case 'lobj:pg':
597  // special check for learning objective pages
598  if ($this->checkAccessLearningObjectivePage($oid, $usage['id']))
599  {
600  return true;
601  }
602  break;
603 
604  case 'impr:pg':
605  include_once 'Services/Imprint/classes/class.ilImprint.php';
606  return (ilImprint::isActive() || $this->checkAccessObject(SYSTEM_FOLDER_ID, 'adm'));
607 
608  case 'cstr:pg':
609  default:
610  // standard object check
611  if ($this->checkAccessObject($oid))
612  {
613  return true;
614  }
615  break;
616  }
617 
618  return false;
619  }
620 
621 
630  private function checkAccessLM($obj_id, $obj_type, $page = 0)
631  {
632  global $lng;
633 
634  // OBSOLETE (see above)
635 
636  //if (!$page)
637  //{
638  $ref_ids = ilObject::_getAllReferences($obj_id);
639  foreach($ref_ids as $ref_id)
640  {
641  foreach ($this->check_users as $user_id)
642  {
643  if ($this->ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
644  {
645  return true;
646  }
647  }
648  }
649  return false;
650  //}
651  //else
652  //{
653  // $ref_ids = ilObject::_getAllReferences($obj_id);
654  // foreach($ref_ids as $ref_id)
655  // {
656  // if ($this->ilAccess->checkAccess("read", "", $ref_id))
657  // {
658  // require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
659  // $lm = new ilObjLearningModule($obj_id,false);
660  // if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
661  // return true;
662  // }
663  // }
664  // return false;
665  //}
666  }
667 
674  private function checkAccessObject($obj_id, $obj_type = '')
675  {
676  global $ilAccess;
677 
678  if (!$obj_type)
679  {
680  $obj_type = ilObject::_lookupType($obj_id);
681  }
682  $ref_ids = ilObject::_getAllReferences($obj_id);
683 
684  foreach($ref_ids as $ref_id)
685  {
686  foreach ($this->check_users as $user_id)
687  {
688  if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
689  {
690  return true;
691  }
692  }
693  }
694  return false;
695  }
696 
697 
706  private function checkAccessTestQuestion($obj_id, $usage_id = 0)
707  {
708  global $ilAccess;
709 
710  // give access if direct usage is readable
711  if ($this->checkAccessObject($obj_id))
712  {
713  return true;
714  }
715 
716  $obj_type = ilObject::_lookupType($obj_id);
717  if ($obj_type == 'qpl')
718  {
719  // give access if question pool is used by readable test
720  // for random selection of questions
721  include_once('./Modules/Test/classes/class.ilObjTestAccess.php');
722  $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
723  foreach ($tests as $test_id)
724  {
725  if ($this->checkAccessObject($test_id, 'tst'))
726  {
727  return true;
728  }
729  }
730  }
731  return false;
732  }
733 
734 
743  private function checkAccessGlossaryTerm($obj_id, $page_id)
744  {
745  // give access if glossary is readable
746  if ($this->checkAccessObject($obj_id))
747  {
748  return true;
749  }
750 
751  include_once("./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
752  include_once("./Modules/Glossary/classes/class.ilGlossaryTerm.php");
753  $term_id = ilGlossaryDefinition::_lookupTermId($page_id);
754 
755  include_once('./Services/Link/classes/class.ilInternalLink.php');
756  $sources = ilInternalLink::_getSourcesOfTarget('git',$term_id, 0);
757 
758  if ($sources)
759  {
760  foreach ($sources as $src)
761  {
762  switch ($src['type'])
763  {
764  // Give access if term is linked by a learning module with read access.
765  // The term including media is shown by the learning module presentation!
766  case 'lm:pg':
767  include_once("./Modules/LearningModule/classes/class.ilLMObject.php");
768  $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
769  if ($this->checkAccessObject($src_obj_id, 'lm'))
770  {
771  return true;
772  }
773  break;
774 
775  // Don't yet give access if the term is linked by another glossary
776  // The link will lead to the origin glossary which is already checked
777  /*
778  case 'gdf:pg':
779  $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
780  $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
781  if ($this->checkAccessObject($src_obj_id, 'glo'))
782  {
783  return true;
784  }
785  break;
786  */
787  }
788  }
789  }
790  }
791 
799  private function checkAccessPortfolioPage($obj_id, $page_id)
800  {
801  include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
802  $access_handler = new ilPortfolioAccessHandler();
803  foreach ($this->check_users as $user_id)
804  {
805  if ($access_handler->checkAccessOfUser($user_id, "read", "view", $obj_id, "prtf"))
806  {
807  return true;
808  }
809  }
810  return false;
811  }
812 
820  private function checkAccessBlogPage($obj_id, $page_id)
821  {
822  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
823  $tree = new ilWorkspaceTree(0);
824  $node_id = $tree->lookupNodeId($obj_id);
825 
826  // repository
827  if(!$node_id)
828  {
829  return $this->checkAccessObject($obj_id);
830  }
831  // workspace
832  else
833  {
834  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";
835  foreach ($this->check_users as $user_id)
836  {
837  $access_handler = new ilWorkspaceAccessHandler($tree);
838  if ($access_handler->checkAccessOfUser($tree, $user_id, "read", "view", $node_id, "blog"))
839  {
840  return true;
841  }
842  }
843  }
844  return false;
845  }
846 
847  private function checkAccessLearningObjectivePage($obj_id, $page_id)
848  {
849  include_once "Modules/Course/classes/class.ilCourseObjective.php";
850  $crs_obj_id = ilCourseObjective::_lookupContainerIdByObjectiveId($page_id);
851 
852  return $this->checkAccessObject($crs_obj_id, 'crs');
853  }
854 
864  private function checkAccessUserImage($usr_id)
865  {
866  global $ilUser, $ilSetting;
867 
868  // check if own image is viewed
869  if ($usr_id == $ilUser->getId())
870  {
871  return true;
872  }
873 
874  // check if image is in the public profile
875  $public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
876  if ($public_upload != 'y')
877  {
878  return false;
879  }
880 
881  // check the publication status of the profile
882  $public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
883 
884  if ($public_profile == 'g'
885  and $ilSetting->get('enable_global_profiles')
886  and $ilSetting->get('pub_section'))
887  {
888  // globally public
889  return true;
890  }
891  elseif (($public_profile == 'y' or $public_profile == 'g')
892  and $ilUser->getId() != ANONYMOUS_USER_ID)
893  {
894  // public for logged in users
895  return true;
896  }
897  else
898  {
899  // not public
900  return false;
901  }
902  }
903 
904 
910  public function setDisposition($a_disposition)
911  {
912  if (in_array(strtolower($a_disposition), array('inline','attachment','virtual')))
913  {
914  $this->disposition = strtolower($a_disposition);
915  }
916  else
917  {
918  $this->disposition = 'inline';
919  }
920  }
921 
927  public function getDisposition()
928  {
929  return $this->disposition;
930  }
931 
937  public function setSendMimetype($a_send_mimetype)
938  {
939  if (in_array(strtolower($a_send_mimetype), array('','0','off','false')))
940  {
941  $this->mimetype = null;
942  $this->send_mimetype = false;
943  }
944  elseif (in_array(strtolower($a_send_mimetype), array('1','on','true')))
945  {
946  $this->mimetype = null;
947  $this->send_mimetype = true;
948  }
949  else
950  {
951  $this->mimetype = $a_send_mimetype;
952  $this->send_mimetype = true;
953  }
954  }
955 
960  public function getSendMimetype()
961  {
962  return $this->send_mimetype;
963  }
964 
965 
971  public function setCheckIp($a_check_ip)
972  {
973  if (in_array(strtolower($a_check_ip), array('','0','off','false')))
974  {
975  $this->check_ip = false;
976  }
977  elseif (in_array(strtolower($a_check_ip), array('1','on','true')))
978  {
979  $this->check_ip = true;
980  }
981  }
982 
987  public function getCheckIp()
988  {
989  return $this->check_ip;
990  }
991 
992 
997  public function sendFile()
998  {
999  //$system_use_xsendfile = true;
1000  //$xsendfile_available = (boolean) $_GET["xsendfile"];
1001  $xsendfile_available = false;
1002  //if (function_exists('apache_get_modules'))
1003  //{
1004  // $modules = apache_get_modules();
1005  // $xsendfile_available = in_array('mod_xsendfile', $modules);
1006  //}
1007 
1008  //$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
1009 
1010  // delivery via apache virtual function
1011  if ($this->getDisposition() == "virtual")
1012  {
1013  $this->sendFileVirtual();
1014  exit;
1015  }
1016  // delivery for download dialogue
1017  elseif ($this->getDisposition() == "attachment")
1018  {
1019  if ($xsendfile_available)
1020  {
1021  header('x-sendfile: ' . $this->file);
1022  header("Content-Type: application/octet-stream");
1023  }
1024  else
1025  ilUtil::deliverFile($this->file, basename($this->file));
1026  exit;
1027  }
1028  // inline delivery
1029  else
1030  {
1031  if (!isset($_SERVER["HTTPS"]))
1032  {
1033  header("Cache-Control: no-cache, must-revalidate");
1034  header("Pragma: no-cache");
1035  }
1036 
1037  if ($this->getSendMimetype())
1038  {
1039  header("Content-Type: " . $this->getMimeType());
1040  }
1041 
1042  // see bug 12622 and 12124
1043  if (isset($_SERVER['HTTP_RANGE'])) { // do it for any device that supports byte-ranges not only iPhone
1044  ilUtil::rangeDownload($this->file);
1045  exit;
1046  }
1047 
1048  header("Content-Length: ".(string)(filesize($this->file)));
1049 
1050  if (isset($_SERVER["HTTPS"]))
1051  {
1052  header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
1053  header('Pragma: public');
1054  }
1055 
1056  header("Connection: close");
1057 
1058  if ($xsendfile_available)
1059  {
1060  header('x-sendfile: ' . $this->file);
1061  if ($this->getSendMimetype())
1062  {
1063  header("Content-Type: " . $this->getMimeType());
1064  }
1065  }
1066  else
1067  {
1068  ilUtil::readFile( $this->file);
1069  }
1070 
1071  exit;
1072  }
1073  }
1074 
1084  public function sendFileVirtual()
1085  {
1089  global $ilLog;
1090 
1091  header('Last-Modified: '. date ("D, j M Y H:i:s", filemtime($this->file)). " GMT");
1092  header('ETag: "'. md5(filemtime($this->file).filesize($this->file)).'"');
1093  header('Accept-Ranges: bytes');
1094  header("Content-Length: ".(string)(filesize($this->file)));
1095  if ($this->getSendMimetype())
1096  {
1097  header("Content-Type: " . $this->getMimeType());
1098  }
1099  if(!apache_setenv('ILIAS_CHECKED','1'))
1100  {
1101  $ilLog->write(__METHOD__.' '.__LINE__.': Could not set the environment variable ILIAS_CHECKED.');
1102  }
1103 
1104  if(!virtual($this->virtual_path))
1105  {
1106  $ilLog->write(__METHOD__.' '.__LINE__.': Could not perform the required sub-request to deliver the file: '.$this->virtual_path);
1107  }
1108 
1109  exit;
1110  }
1111 
1112 
1117  public function sendError()
1118  {
1119  global $ilSetting, $ilUser, $tpl, $lng, $tree;
1120 
1121  switch ($this->errorcode)
1122  {
1123  case 404:
1124  header("HTTP/1.0 404 Not Found");
1125  break;
1126  case 403:
1127  default:
1128  header("HTTP/1.0 403 Forbidden");
1129  break;
1130  }
1131 
1132  // set the page base to the ILIAS directory
1133  // to get correct references for images and css files
1134  $tpl->setCurrentBlock("HeadBaseTag");
1135  $tpl->setVariable('BASE', ILIAS_HTTP_PATH . '/error.php');
1136  $tpl->parseCurrentBlock();
1137  $tpl->addBlockFile("CONTENT", "content", "tpl.error.html");
1138 
1139  $lng->loadLanguageModule("error");
1140 
1141  // Check if user is logged in
1142  $anonymous = ($ilUser->getId() == ANONYMOUS_USER_ID);
1143 
1144  if ($anonymous)
1145  {
1146  // Provide a link to the login screen for anonymous users
1147 
1148  $tpl->SetCurrentBlock("ErrorLink");
1149  $tpl->SetVariable("TXT_LINK", $lng->txt('login_to_ilias'));
1150  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/login.php?cmd=force_login&client_id='.CLIENT_ID);
1151  $tpl->ParseCurrentBlock();
1152  }
1153  else
1154  {
1155  // Provide a link to the repository for authentified users
1156 
1157  $nd = $tree->getNodeData(ROOT_FOLDER_ID);
1158  $txt = $lng->txt('error_back_to_repository');
1159 
1160  $tpl->SetCurrentBlock("ErrorLink");
1161  $tpl->SetVariable("TXT_LINK", $txt);
1162  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/ilias.php?baseClass=ilRepositoryGUI&amp;client_id='.CLIENT_ID);
1163  $tpl->ParseCurrentBlock();
1164  }
1165 
1166  $tpl->setCurrentBlock("content");
1167  $tpl->setVariable("ERROR_MESSAGE",($this->errortext));
1168  $tpl->setVariable("MESSAGE_HEADING", $lng->txt('error_sry_error'));
1169  //$tpl->parseCurrentBlock();
1170 
1171  $tpl->show();
1172  exit;
1173  }
1174 
1181  public function getMimeType($default = 'application/octet-stream')
1182  {
1183  // take a previously set mimetype
1184  if (isset($this->mimetype))
1185  {
1186  return $this->mimetype;
1187  }
1188 
1189  $mime = '';
1190  // alex: changed due to bug http://www.ilias.de/mantis/view.php?id=9332
1191 /* if (extension_loaded('Fileinfo'))
1192  {
1193  $finfo = finfo_open(FILEINFO_MIME);
1194  $mime = finfo_file($finfo, $this->file);
1195  finfo_close($finfo);
1196  if ($pos = strpos($mime, ' '))
1197  {
1198  $mime = substr($mime, 0, $pos);
1199  }
1200  }
1201  else
1202  {*/
1203  include_once("./Services/Utilities/classes/class.ilMimeTypeUtil.php");
1204  $mime = ilMimeTypeUtil::getMimeType($this->file);
1205  //$mime = ilObjMediaObject::getMimeType($this->file);
1206 // }
1207 
1208  // set and return the mime type
1209  $this->mimetype = $mime ? $mime : $default;
1210  return $this->mimetype;
1211  }
1212 }
1213 ?>