ILIAS  release_4-4 Revision
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilWebAccessChecker.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 // Prevent a general redirect to the login screen for anonymous users.
5 // The checker will show an error page with login link instead
6 // (see ilInitialisation::InitILIAS() for details)
7 $_GET["baseClass"] = "ilStartUpGUI";
8 
9 // Define a pseudo module to get a correct ILIAS_HTTP_PATH
10 // (needed for links on the error page).
11 // "data" is assumed to be the ILIAS_WEB_DIR
12 // (see ilInitialisation::buildHTTPPath() for details)
13 define("ILIAS_MODULE", substr($_SERVER['PHP_SELF'],
14  strpos($_SERVER['PHP_SELF'], "/data/") + 6));
15 
16 // Define the cookie path to prevent a different session created for web access
17 // (see ilInitialisation::setCookieParams() for details)
18 $GLOBALS['COOKIE_PATH'] = substr($_SERVER['PHP_SELF'], 0,
19  strpos($_SERVER['PHP_SELF'], "/data/"));
20 
21 // Determine the ILIAS client from the web path
22 // This is needed because a session cookie may not yet exist
23 // (see ilINITIALISATION::determineClient() for details)
24 $client_start = strpos($_SERVER['PHP_SELF'], "/data/") + 6;
25 $client_end = strpos($_SERVER['PHP_SELF'], "/", $client_start);
26 $_GET['client_id'] = substr($_SERVER['PHP_SELF'], $client_start, $client_end - $client_start);
27 
28 // Remember if the initial session was empty
29 // Then a new session record should not be written
30 // (see ilSession::_writeData for details)
31 $GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] = (session_id() == "");
32 
33 include_once "Services/Context/classes/class.ilContext.php";
34 ilContext::init(ilContext::CONTEXT_WEB_ACCESS_CHECK);
35 
36 // Now the ILIAS header can be included
37 require_once "./include/inc.header.php";
38 require_once "./Services/Utilities/classes/class.ilUtil.php";
39 require_once "./Services/Object/classes/class.ilObject.php";
40 require_once "./Services/MediaObjects/classes/class.ilObjMediaObject.php";
41 
42 
56 class ilWebAccessChecker
57 {
58  var $lng;
59  var $ilAccess;
60 
66  var $subpath;
67 
73  var $file;
74 
80  var $params;
81 
82 
88  var $disposition = "inline";
89 
95  var $check_ip = false;
96 
97 
105  var $check_users = array();
106 
112  var $send_mimetype = true;
113 
114 
121  var $mimetype = null;
122 
123 
129  var $errorcode;
130 
131 
137  var $errortext;
138 
139 
144  function ilWebAccessChecker()
145  {
146  global $ilUser, $ilAccess, $lng, $ilLog;
147 
148  $this->lng =& $lng;
149  $this->ilAccess =& $ilAccess;
150  $this->params = array();
151 
152  // get the requested file and its type
153  $uri = parse_url($_SERVER["REQUEST_URI"]);
154  parse_str($uri["query"], $this->params);
155 
156  $pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
157  $this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
158  $this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
159 
160  // build url path for virtual function
161  $this->virtual_path = str_replace($pattern, "virtual-" . $pattern, $uri["path"]);
162 
163 
164  // set the parameters provided with the checker call
165  if (isset($_GET['disposition']))
166  {
167  $this->setDisposition($_GET['disposition']);
168  }
169  if (isset($_GET['check_ip']))
170  {
171  $this->setCheckIp($_GET['check_ip']);
172  }
173  if (isset($_GET['send_mimetype']))
174  {
175  $this->setSendMimetype($_GET['send_mimetype']);
176  }
177 
178  // debugging
179  /*echo "<pre>";
180  echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
181  echo "Parsed URI: ". $uri["path"]. "\n";
182  echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
183  echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
184  echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
185  echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
186  echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
187  echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
188  echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
189  echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
190  echo "CLIENT_ID: ". CLIENT_ID. "\n";
191  echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
192  echo "subpath: ". $this->subpath. "\n";
193  echo "file: ". $this->file. "\n";
194  echo "disposition: ". $this->disposition. "\n";
195  echo "ckeck_ip: ". $this->check_ip. "\n";
196  echo "send_mimetype: ". $this->send_mimetype. "\n";
197  echo "</pre>";
198  echo phpinfo();
199  exit;*/
200 
201 
202  if (!file_exists($this->file))
203  {
204  $this->errorcode = 404;
205  $this->errortext = $this->lng->txt("url_not_found");
206  return false;
207  }
208  }
209 
213  public function determineUser()
214  {
215  global $ilUser;
216 
217  // a valid user session is found
218  if ($_SESSION["AccountId"])
219  {
220  $this->check_users = array($_SESSION["AccountId"]);
221  return;
222  }
223 
224  // no session cookie was delivered
225  // user identification by ip address is allowed
226  elseif ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] and $this->getCheckIp())
227  {
228  $this->check_users = ilSession::_getUsersWithIp($_SERVER['REMOTE_ADDR']);
229 
230  if (count($this->check_users) == 0)
231  {
232  // no user was found for the ip address
233  $this->check_users = array(ANONYMOUS_USER_ID);
234 
235  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
236  $ilUser->setId(ANONYMOUS_USER_ID);
237  $ilUser->read();
238  }
239  elseif (count($this->check_users) == 1)
240  {
241  // exactly one user is found with an active session
242  $_SESSION["AccountId"] = current($this->check_users);
243  $ilUser->setId(current($this->check_users));
244  $ilUser->read();
245  }
246  else
247  {
248  // more than one user found for the ip address
249  // take the anonymous user for the session
250  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
251  $ilUser->setId(ANONYMOUS_USER_ID);
252  $ilUser->read();
253  }
254  return;
255  }
256 
257  // take the anonymous user as fallback
258  else
259  {
260  $this->check_users = array(ANONYMOUS_USER_ID);
261 
262  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
263  $ilUser->setId(ANONYMOUS_USER_ID);
264  $ilUser->read();
265 
266  return;
267  }
268  }
269 
274  public function checkAccess()
275  {
276  global $ilLog, $ilUser, $ilObjDataCache;
277 
278  // an error already occurred at class initialisation
279  if ($this->errorcode)
280  {
281  return false;
282  }
283 
284  // do this here because ip based checking may be set after construction
285  $this->determineUser();
286 
287  // check for type by subdirectory
288  $pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
289  $pos2 = strpos($this->subpath, "mobs/mm_") + 8;
290  $pos3 = strpos($this->subpath, "usr_images/") + 11;
291 
292  $obj_id = 0;
293  $type = 'none';
294  // trying to access data within a learning module folder
295  if ($pos1 > 11)
296  {
297  $type = 'lm';
298  $seperator = strpos($this->subpath, '/', $pos1);
299  $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
300  }
301  //trying to access media data
302  else if ($pos2 > 8)
303  {
304  $type = 'mob';
305  $seperator = strpos($this->subpath, '/', $pos2);
306  $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
307  }
308  // trying to access a user image
309  elseif ($pos3 > 11)
310  {
311  $type = 'user_image';
312  // user images may be:
313  // upload_123pic, upload_123
314  // usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
315  $seperator = strpos($this->subpath, '_', $pos3);
316  $obj_id = (int) substr($this->subpath, $seperator + 1);
317  }
318 
319  if (!$obj_id || $type == 'none')
320  {
321  $this->errorcode = 404;
322  $this->errortext = $this->lng->txt("obj_not_found");
323  return false;
324  }
325 
326  switch($type)
327  {
328  // SCORM or HTML learning module
329  case 'lm':
330  if ($this->checkAccessObject($obj_id))
331  {
332  return true;
333  }
334  break;
335 
336  // media object
337  case 'mob':
338  if ($this->checkAccessMob($obj_id))
339  {
340  return true;
341  }
342  break;
343 
344  // image in user profile
345  case 'user_image':
346  if ($this->checkAccessUserImage($obj_id))
347  {
348  return true;
349  }
350  break;
351  }
352 
353  // none of the checks above gives access
354  $this->errorcode = 403;
355  $this->errortext = $this->lng->txt('msg_no_perm_read');
356  return false;
357  }
358 
365  function checkAccessMob($obj_id)
366  {
367  $usages = ilObjMediaObject::lookupUsages($obj_id);
368 
369  foreach($usages as $usage)
370  {
371  $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
372 
373  // for content snippets we must get their usages and check them
374  if ($usage["type"] == "mep:pg")
375  {
376  include_once("./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
377  $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
378  foreach($usages2 as $usage2)
379  {
380  $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
381  if ($this->checkAccessMobUsage($usage2, $oid2))
382  {
383  return true;
384  }
385  }
386  }
387  else // none content snippets just go the usual way
388  {
389  if ($this->checkAccessMobUsage($usage, $oid))
390  {
391  return true;
392  }
393  }
394  }
395 
396  return false;
397  }
398 
405  function checkAccessMobUsage($usage, $oid)
406  {
410  global $ilObjDataCache;
411 
412  switch($usage['type'])
413  {
414  case 'lm:pg':
415  if ($this->checkAccessObject($oid, 'lm'))
416  {
417  return true;
418  }
419  /* as $usage['id'] (== page) is not processed anymore, we can use standard
420  if ($oid > 0)
421  {
422  if ($this->checkAccessLM($oid, 'lm', $usage['id']))
423  {
424  return true;
425  }
426  }
427  */
428  break;
429 
430  case 'news':
431  // media objects in news (media casts)
432  include_once("./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
433  include_once("./Services/News/classes/class.ilNewsItem.php");
434 
435  if ($this->checkAccessObject($oid, 'mcst'))
436  {
437  return true;
438  }
439  elseif (ilObjMediaCastAccess::_lookupPublicFiles($oid) && ilNewsItem::_lookupVisibility($usage["id"]) == NEWS_PUBLIC)
440  {
441  return true;
442  }
443  break;
444 
445  /* see default
446  case 'dcl:html':
447  include_once("./Modules/DataCollection/classes/class.ilObjDataCollectionAccess.php");
448  include_once("./Services/Object/classes/class.ilObject2.php");
449  $ref_ids = ilObject2::_getAllReferences($oid);
450  foreach($ref_ids as $ref_id)
451  if(ilObjDataCollectionAccess::_checkAccess("view", "read", $ref_id, $oid))
452  return true;
453  break;
454  */
455 
456  case 'frm~:html':
457  case 'exca~:html':
458  // $oid = userid
459  foreach ($this->check_users as $user_id)
460  {
461  if ($ilObjDataCache->lookupType($oid) == 'usr' && $oid == $user_id)
462  {
463  return true;
464  }
465  }
466  break;
467 
468  case 'qpl:pg':
469  case 'qpl:html':
470  // test questions
471  if ($this->checkAccessTestQuestion($oid, $usage['id']))
472  {
473  return true;
474  }
475  break;
476 
477  case 'gdf:pg':
478  // special check for glossary terms
479  if ($this->checkAccessGlossaryTerm($oid, $usage['id']))
480  {
481  return true;
482  }
483  break;
484 
485  case 'sahs:pg':
486  // check for scorm pages
487  if ($this->checkAccessObject($oid, 'sahs'))
488  {
489  return true;
490  }
491  break;
492 
493  case 'prtf:pg':
494  // special check for portfolio pages
495  if ($this->checkAccessPortfolioPage($oid, $usage['id']))
496  {
497  return true;
498  }
499  break;
500 
501  case 'blp:pg':
502  // special check for blog pages
503  if ($this->checkAccessBlogPage($oid, $usage['id']))
504  {
505  return true;
506  }
507  break;
508 
509  case 'impr:pg':
510  // #13237
511  include_once 'Services/Imprint/classes/class.ilImprint.php';
512  return (ilImprint::isActive() || $this->checkAccessObject(SYSTEM_FOLDER_ID, 'adm'));
513 
514  default:
515  // standard object check
516  if ($this->checkAccessObject($oid))
517  {
518  return true;
519  }
520  break;
521  }
522 
523  return false;
524  }
525 
526 
535  private function checkAccessLM($obj_id, $obj_type, $page = 0)
536  {
537  global $lng;
538 
539  // OBSOLETE (see above)
540 
541  //if (!$page)
542  //{
543  $ref_ids = ilObject::_getAllReferences($obj_id);
544  foreach($ref_ids as $ref_id)
545  {
546  foreach ($this->check_users as $user_id)
547  {
548  if ($this->ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
549  {
550  return true;
551  }
552  }
553  }
554  return false;
555  //}
556  //else
557  //{
558  // $ref_ids = ilObject::_getAllReferences($obj_id);
559  // foreach($ref_ids as $ref_id)
560  // {
561  // if ($this->ilAccess->checkAccess("read", "", $ref_id))
562  // {
563  // require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
564  // $lm = new ilObjLearningModule($obj_id,false);
565  // if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
566  // return true;
567  // }
568  // }
569  // return false;
570  //}
571  }
572 
579  private function checkAccessObject($obj_id, $obj_type = '')
580  {
581  global $ilAccess;
582 
583  if (!$obj_type)
584  {
585  $obj_type = ilObject::_lookupType($obj_id);
586  }
587  $ref_ids = ilObject::_getAllReferences($obj_id);
588 
589  foreach($ref_ids as $ref_id)
590  {
591  foreach ($this->check_users as $user_id)
592  {
593  if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
594  {
595  return true;
596  }
597  }
598  }
599  return false;
600  }
601 
602 
611  private function checkAccessTestQuestion($obj_id, $usage_id = 0)
612  {
613  global $ilAccess;
614 
615  // give access if direct usage is readable
616  if ($this->checkAccessObject($obj_id))
617  {
618  return true;
619  }
620 
621  $obj_type = ilObject::_lookupType($obj_id);
622  if ($obj_type == 'qpl')
623  {
624  // give access if question pool is used by readable test
625  // for random selection of questions
626  include_once('./Modules/Test/classes/class.ilObjTestAccess.php');
627  $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
628  foreach ($tests as $test_id)
629  {
630  if ($this->checkAccessObject($test_id, 'tst'))
631  {
632  return true;
633  }
634  }
635  }
636  return false;
637  }
638 
639 
648  private function checkAccessGlossaryTerm($obj_id, $page_id)
649  {
650  // give access if glossary is readable
651  if ($this->checkAccessObject($obj_id))
652  {
653  return true;
654  }
655 
656  include_once("./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
657  include_once("./Modules/Glossary/classes/class.ilGlossaryTerm.php");
658  $term_id = ilGlossaryDefinition::_lookupTermId($page_id);
659 
660  include_once('./Services/COPage/classes/class.ilInternalLink.php');
661  $sources = ilInternalLink::_getSourcesOfTarget('git',$term_id, 0);
662 
663  if ($sources)
664  {
665  foreach ($sources as $src)
666  {
667  switch ($src['type'])
668  {
669  // Give access if term is linked by a learning module with read access.
670  // The term including media is shown by the learning module presentation!
671  case 'lm:pg':
672  include_once("./Modules/LearningModule/classes/class.ilLMObject.php");
673  $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
674  if ($this->checkAccessObject($src_obj_id, 'lm'))
675  {
676  return true;
677  }
678  break;
679 
680  // Don't yet give access if the term is linked by another glossary
681  // The link will lead to the origin glossary which is already checked
682  /*
683  case 'gdf:pg':
684  $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
685  $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
686  if ($this->checkAccessObject($src_obj_id, 'glo'))
687  {
688  return true;
689  }
690  break;
691  */
692  }
693  }
694  }
695  }
696 
704  private function checkAccessPortfolioPage($obj_id, $page_id)
705  {
706  include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
707  $access_handler = new ilPortfolioAccessHandler();
708  foreach ($this->check_users as $user_id)
709  {
710  if ($access_handler->checkAccessOfUser($user_id, "read", "view", $obj_id, "prtf"))
711  {
712  return true;
713  }
714  }
715  return false;
716  }
717 
725  private function checkAccessBlogPage($obj_id, $page_id)
726  {
727  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
728  $tree = new ilWorkspaceTree(0);
729  $node_id = $tree->lookupNodeId($obj_id);
730 
731  // repository
732  if(!$node_id)
733  {
734  return $this->checkAccessObject($obj_id);
735  }
736  // workspace
737  else
738  {
739  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";
740  foreach ($this->check_users as $user_id)
741  {
742  $access_handler = new ilWorkspaceAccessHandler($tree);
743  if ($access_handler->checkAccessOfUser($tree, $user_id, "read", "view", $node_id, "blog"))
744  {
745  return true;
746  }
747  }
748  }
749  return false;
750  }
751 
761  private function checkAccessUserImage($usr_id)
762  {
763  global $ilUser, $ilSetting;
764 
765  // check if own image is viewed
766  if ($usr_id == $ilUser->getId())
767  {
768  return true;
769  }
770 
771  // check if image is in the public profile
772  $public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
773  if ($public_upload != 'y')
774  {
775  return false;
776  }
777 
778  // check the publication status of the profile
779  $public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
780 
781  if ($public_profile == 'g'
782  and $ilSetting->get('enable_global_profiles')
783  and $ilSetting->get('pub_section'))
784  {
785  // globally public
786  return true;
787  }
788  elseif (($public_profile == 'y' or $public_profile == 'g')
789  and $ilUser->getId() != ANONYMOUS_USER_ID)
790  {
791  // public for logged in users
792  return true;
793  }
794  else
795  {
796  // not public
797  return false;
798  }
799  }
800 
801 
807  public function setDisposition($a_disposition)
808  {
809  if (in_array(strtolower($a_disposition), array('inline','attachment','virtual')))
810  {
811  $this->disposition = strtolower($a_disposition);
812  }
813  else
814  {
815  $this->disposition = 'inline';
816  }
817  }
818 
824  public function getDisposition()
825  {
826  return $this->disposition;
827  }
828 
834  public function setSendMimetype($a_send_mimetype)
835  {
836  if (in_array(strtolower($a_send_mimetype), array('','0','off','false')))
837  {
838  $this->mimetype = null;
839  $this->send_mimetype = false;
840  }
841  elseif (in_array(strtolower($a_send_mimetype), array('1','on','true')))
842  {
843  $this->mimetype = null;
844  $this->send_mimetype = true;
845  }
846  else
847  {
848  $this->mimetype = $a_send_mimetype;
849  $this->send_mimetype = true;
850  }
851  }
852 
857  public function getSendMimetype()
858  {
859  return $this->send_mimetype;
860  }
861 
862 
868  public function setCheckIp($a_check_ip)
869  {
870  if (in_array(strtolower($a_check_ip), array('','0','off','false')))
871  {
872  $this->check_ip = false;
873  }
874  elseif (in_array(strtolower($a_check_ip), array('1','on','true')))
875  {
876  $this->check_ip = true;
877  }
878  }
879 
884  public function getCheckIp()
885  {
886  return $this->check_ip;
887  }
888 
889 
894  public function sendFile()
895  {
896  //$system_use_xsendfile = true;
897  //$xsendfile_available = (boolean) $_GET["xsendfile"];
898  $xsendfile_available = false;
899  //if (function_exists('apache_get_modules'))
900  //{
901  // $modules = apache_get_modules();
902  // $xsendfile_available = in_array('mod_xsendfile', $modules);
903  //}
904 
905  //$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
906 
907  // delivery via apache virtual function
908  if ($this->getDisposition() == "virtual")
909  {
910  $this->sendFileVirtual();
911  exit;
912  }
913  // delivery for download dialogue
914  elseif ($this->getDisposition() == "attachment")
915  {
916  if ($xsendfile_available)
917  {
918  header('x-sendfile: ' . $this->file);
919  header("Content-Type: application/octet-stream");
920  }
921  else
922  ilUtil::deliverFile($this->file, basename($this->file));
923  exit;
924  }
925  // inline delivery
926  else
927  {
928  if (!isset($_SERVER["HTTPS"]))
929  {
930  header("Cache-Control: no-cache, must-revalidate");
931  header("Pragma: no-cache");
932  }
933 
934  if ($this->getSendMimetype())
935  {
936  header("Content-Type: " . $this->getMimeType());
937  }
938 
939  // see bug 12622 and 12124
940  if (isset($_SERVER['HTTP_RANGE'])) { // do it for any device that supports byte-ranges not only iPhone
941  ilUtil::rangeDownload($this->file);
942  exit;
943  }
944 
945  header("Content-Length: ".(string)(filesize($this->file)));
946 
947  if (isset($_SERVER["HTTPS"]))
948  {
949  header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
950  header('Pragma: public');
951  }
952 
953  header("Connection: close");
954 
955  if ($xsendfile_available)
956  {
957  header('x-sendfile: ' . $this->file);
958  if ($this->getSendMimetype())
959  {
960  header("Content-Type: " . $this->getMimeType());
961  }
962  }
963  else
964  {
965  ilUtil::readFile( $this->file);
966  }
967 
968  exit;
969  }
970  }
971 
981  public function sendFileVirtual()
982  {
986  global $ilLog;
987 
988  header('Last-Modified: '. date ("D, j M Y H:i:s", filemtime($this->file)). " GMT");
989  header('ETag: "'. md5(filemtime($this->file).filesize($this->file)).'"');
990  header('Accept-Ranges: bytes');
991  header("Content-Length: ".(string)(filesize($this->file)));
992  if ($this->getSendMimetype())
993  {
994  header("Content-Type: " . $this->getMimeType());
995  }
996  if(!apache_setenv('ILIAS_CHECKED','1'))
997  {
998  $ilLog->write(__METHOD__.' '.__LINE__.': Could not set the environment variable ILIAS_CHECKED.');
999  }
1000 
1001  if(!virtual($this->virtual_path))
1002  {
1003  $ilLog->write(__METHOD__.' '.__LINE__.': Could not perform the required sub-request to deliver the file: '.$this->virtual_path);
1004  }
1005 
1006  exit;
1007  }
1008 
1009 
1014  public function sendError()
1015  {
1016  global $ilSetting, $ilUser, $tpl, $lng, $tree;
1017 
1018  switch ($this->errorcode)
1019  {
1020  case 404:
1021  header("HTTP/1.0 404 Not Found");
1022  break;
1023  case 403:
1024  default:
1025  header("HTTP/1.0 403 Forbidden");
1026  break;
1027  }
1028 
1029  // set the page base to the ILIAS directory
1030  // to get correct references for images and css files
1031  $tpl->setCurrentBlock("HeadBaseTag");
1032  $tpl->setVariable('BASE', ILIAS_HTTP_PATH . '/error.php');
1033  $tpl->parseCurrentBlock();
1034  $tpl->addBlockFile("CONTENT", "content", "tpl.error.html");
1035 
1036  // Check if user is logged in
1037  $anonymous = ($ilUser->getId() == ANONYMOUS_USER_ID);
1038 
1039  if ($anonymous)
1040  {
1041  // Provide a link to the login screen for anonymous users
1042 
1043  $tpl->SetCurrentBlock("ErrorLink");
1044  $tpl->SetVariable("TXT_LINK", $lng->txt('login_to_ilias'));
1045  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/login.php?cmd=force_login&client_id='.CLIENT_ID);
1046  $tpl->ParseCurrentBlock();
1047  }
1048  else
1049  {
1050  // Provide a link to the repository for authentified users
1051 
1052  $nd = $tree->getNodeData(ROOT_FOLDER_ID);
1053  $txt = $nd['title'] == 'ILIAS' ? $lng->txt('repository') : $nd['title'];
1054 
1055  $tpl->SetCurrentBlock("ErrorLink");
1056  $tpl->SetVariable("TXT_LINK", $txt);
1057  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/ilias.php?baseClass=ilRepositoryGUI&amp;client_id='.CLIENT_ID);
1058  $tpl->ParseCurrentBlock();
1059  }
1060 
1061  $tpl->setCurrentBlock("content");
1062  $tpl->setVariable("ERROR_MESSAGE",($this->errortext));
1063  $tpl->setVariable("SRC_IMAGE", ilUtil::getImagePath("mess_failure.png"));
1064  $tpl->parseCurrentBlock();
1065 
1066  $tpl->show();
1067  exit;
1068  }
1069 
1076  public function getMimeType($default = 'application/octet-stream')
1077  {
1078  // take a previously set mimetype
1079  if (isset($this->mimetype))
1080  {
1081  return $this->mimetype;
1082  }
1083 
1084  $mime = '';
1085  // alex: changed due to bug http://www.ilias.de/mantis/view.php?id=9332
1086 /* if (extension_loaded('Fileinfo'))
1087  {
1088  $finfo = finfo_open(FILEINFO_MIME);
1089  $mime = finfo_file($finfo, $this->file);
1090  finfo_close($finfo);
1091  if ($pos = strpos($mime, ' '))
1092  {
1093  $mime = substr($mime, 0, $pos);
1094  }
1095  }
1096  else
1097  {*/
1098  include_once("./Services/Utilities/classes/class.ilMimeTypeUtil.php");
1099  $mime = ilMimeTypeUtil::getMimeType($this->file);
1100  //$mime = ilObjMediaObject::getMimeType($this->file);
1101 // }
1102 
1103  // set and return the mime type
1104  $this->mimetype = $mime ? $mime : $default;
1105  return $this->mimetype;
1106  }
1107 }
1108 ?>
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192
ilWebAccessChecker\setDisposition
setDisposition($a_disposition)
Set the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:807
exit
exit
Definition: login.php:54
ilMediaPoolPage\lookupUsages
lookupUsages($a_id, $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:180
ilWebAccessChecker\determineUser
determineUser()
Determine the current user(s)
Definition: class.ilWebAccessChecker.php:213
ilWebAccessChecker\checkAccessBlogPage
checkAccessBlogPage($obj_id, $page_id)
Check access rights for blog pages.
Definition: class.ilWebAccessChecker.php:725
ilWebAccessChecker\getCheckIp
getCheckIp()
Set the checking of the IP address of no valid session is found.
Definition: class.ilWebAccessChecker.php:884
ilWorkspaceAccessHandler
Access handler for personal workspace.
Definition: class.ilWorkspaceAccessHandler.php:17
ilObjMediaObject\lookupUsages
lookupUsages($a_id, $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:1100
ilNewsItem\_lookupVisibility
static _lookupVisibility($a_news_id)
Lookup News Visibility.
Definition: class.ilNewsItem.php:1148
ilWebAccessChecker\getSendMimetype
getSendMimetype()
Get if mimetype should be sent for a virtual delivery.
Definition: class.ilWebAccessChecker.php:857
ilObjUser\_lookupPref
_lookupPref($a_usr_id, $a_keyword)
Definition: class.ilObjUser.php:1262
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
ilWorkspaceTree
Tree handler for personal workspace.
Definition: class.ilWorkspaceTree.php:13
NEWS_PUBLIC
const NEWS_PUBLIC
Definition: class.ilNewsItemGen.php:28
ilWebAccessChecker\checkAccess
checkAccess()
Check access rights of the requested file public.
Definition: class.ilWebAccessChecker.php:274
ILIAS_WEB_DIR
const ILIAS_WEB_DIR
Definition: updateADLTree.php:59
ilObjMediaObject\getParentObjectIdForUsage
getParentObjectIdForUsage($a_usage, $a_include_all_access_obj_ids=false)
Get&#39;s the repository object ID of a parent object, if possible.
Definition: class.ilObjMediaObject.php:1198
ilWebAccessChecker\setSendMimetype
setSendMimetype($a_send_mimetype)
Set the sending of the mime type.
Definition: class.ilWebAccessChecker.php:834
ilWebAccessChecker\checkAccessGlossaryTerm
checkAccessGlossaryTerm($obj_id, $page_id)
Check access rights for glossary terms This checks also learning modules linking the term...
Definition: class.ilWebAccessChecker.php:648
ilMimeTypeUtil\getMimeType
static getMimeType($a_file="", $a_filename="", $a_mime="")
Get Mime type.
Definition: class.ilMimeTypeUtil.php:22
ilContext\CONTEXT_WEB_ACCESS_CHECK
const CONTEXT_WEB_ACCESS_CHECK
Definition: class.ilContext.php:25
ilWebAccessChecker\checkAccessLM
checkAccessLM($obj_id, $obj_type, $page=0)
check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!) ...
Definition: class.ilWebAccessChecker.php:535
ILIAS_ABSOLUTE_PATH
const ILIAS_ABSOLUTE_PATH
Definition: updateADLTree.php:60
ilWebAccessChecker\checkAccessTestQuestion
checkAccessTestQuestion($obj_id, $usage_id=0)
Check access rights for a test question This checks also tests with random selection of questions...
Definition: class.ilWebAccessChecker.php:611
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
ilWebAccessChecker
Class ilWebAccessChecker.
Definition: class.ilWebAccessChecker.php:56
ilWebAccessChecker\ilWebAccessChecker
ilWebAccessChecker()
Constructor public.
Definition: class.ilWebAccessChecker.php:144
ilWebAccessChecker\sendError
sendError()
Send an error response for the requested file public.
Definition: class.ilWebAccessChecker.php:1014
ilWebAccessChecker\setCheckIp
setCheckIp($a_check_ip)
Set the checking of the IP address if no valid session is found.
Definition: class.ilWebAccessChecker.php:868
ilWebAccessChecker\getDisposition
getDisposition()
Get the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:824
ilLMObject\_lookupContObjID
_lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:737
$tpl
if(isset($_FILES['img_file']['size']) && $_FILES['img_file']['size'] > 0) $tpl
Definition: imagemanager.php:90
$GLOBALS
$GLOBALS['COOKIE_PATH']
Definition: class.ilWebAccessChecker.php:18
ilWebAccessChecker\checkAccessPortfolioPage
checkAccessPortfolioPage($obj_id, $page_id)
Check access rights for portfolio pages.
Definition: class.ilWebAccessChecker.php:704
ilWebAccessChecker\getMimeType
getMimeType($default='application/octet-stream')
Get the mime type of the requested file.
Definition: class.ilWebAccessChecker.php:1076
ilUtil\deliverFile
static deliverFile($a_file, $a_filename, $a_mime='', $isInline=false, $removeAfterDelivery=false, $a_exit_after=true)
deliver file for download via browser.
Definition: class.ilUtil.php:2229
ilObjTestAccess\_getRandomTestsForQuestionPool
_getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:498
$ilLog
$ilLog
Definition: inc.setup_header.php:126
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
ilUtil\rangeDownload
rangeDownload($file)
Send a file via range request, see http://mobiforge.com/design-development/content-delivery-mobile-de...
Definition: class.ilUtil.php:5193
ilContext\init
static init($a_type)
Init context by type.
Definition: class.ilContext.php:38
ilWebAccessChecker\sendFile
sendFile()
Send the requested file as if directly delivered from the web server public.
Definition: class.ilWebAccessChecker.php:894
$ilUser
global $ilUser
Definition: imgupload.php:15
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:579
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilSetting
global $ilSetting
Definition: privfeed.php:40
ilPortfolioAccessHandler
Access handler for portfolio.
Definition: class.ilPortfolioAccessHandler.php:18
ilWebAccessChecker\checkAccessUserImage
checkAccessUserImage($usr_id)
Check access rights for user images.
Definition: class.ilWebAccessChecker.php:761
$_GET
$_GET["baseClass"]
Definition: class.ilWebAccessChecker.php:7
ilWebAccessChecker\checkAccessMob
checkAccessMob($obj_id)
Check access to media object.
Definition: class.ilWebAccessChecker.php:365
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:343
ilGlossaryDefinition\_lookupTermId
_lookupTermId($a_def_id)
Looks up term id for a definition id.
Definition: class.ilGlossaryDefinition.php:642
ilObjMediaCastAccess\_lookupPublicFiles
_lookupPublicFiles($a_id)
Check wether files should be public.
Definition: class.ilObjMediaCastAccess.php:148
ilImprint\isActive
static isActive()
Definition: class.ilImprint.php:25
ilUtil\readFile
static readFile($a_file)
there are some known problems with the original readfile method, which sometimes truncates delivered ...
Definition: class.ilUtil.php:2309