ILIAS  release_4-4 Revision
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Data Fields | Private Member Functions
ilWebAccessChecker Class Reference

Class ilWebAccessChecker. More...

+ Collaboration diagram for ilWebAccessChecker:

Public Member Functions

 ilWebAccessChecker ()
 Constructor public. More...
 
 determineUser ()
 Determine the current user(s) More...
 
 checkAccess ()
 Check access rights of the requested file public. More...
 
 checkAccessMob ($obj_id)
 Check access to media object. More...
 
 setDisposition ($a_disposition)
 Set the delivery mode for the file. More...
 
 getDisposition ()
 Get the delivery mode for the file. More...
 
 setSendMimetype ($a_send_mimetype)
 Set the sending of the mime type. More...
 
 getSendMimetype ()
 Get if mimetype should be sent for a virtual delivery. More...
 
 setCheckIp ($a_check_ip)
 Set the checking of the IP address if no valid session is found. More...
 
 getCheckIp ()
 Set the checking of the IP address of no valid session is found. More...
 
 sendFile ()
 Send the requested file as if directly delivered from the web server public. More...
 
 sendError ()
 Send an error response for the requested file public. More...
 
 getMimeType ($default='application/octet-stream')
 Get the mime type of the requested file. More...
 

Data Fields

 $lng
 
 $ilAccess
 
 $subpath
 
 $file
 
 $params
 
 $disposition = "inline"
 
 $check_ip = false
 
 $check_users = array()
 
 $send_mimetype = true
 
 $mimetype = null
 
 $errorcode
 
 $errortext
 

Private Member Functions

 checkAccessLM ($obj_id, $obj_type, $page=0)
 check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!) More...
 
 checkAccessObject ($obj_id, $obj_type='')
 Check access rights for an object by its object id. More...
 
 checkAccessTestQuestion ($obj_id, $usage_id=0)
 Check access rights for a test question This checks also tests with random selection of questions. More...
 
 checkAccessGlossaryTerm ($obj_id, $page_id)
 Check access rights for glossary terms This checks also learning modules linking the term. More...
 
 checkAccessPortfolioPage ($obj_id, $page_id)
 Check access rights for portfolio pages. More...
 
 checkAccessBlogPage ($obj_id, $page_id)
 Check access rights for blog pages. More...
 
 checkAccessUserImage ($usr_id)
 Check access rights for user images. More...
 

Detailed Description

Class ilWebAccessChecker.

Checks the access rights of a directly requested content file. Called from an alias or rewrite rule

  • determines the related learning module and checks the permission
  • either delivers the accessed file (without redirect)
  • or shows an error screen (if too less rights)
Author
Fred Neumann fred..nosp@m.neum.nosp@m.ann@f.nosp@m.im.u.nosp@m.ni-er.nosp@m.lang.nosp@m.en.de
Version
$Id$

Definition at line 56 of file class.ilWebAccessChecker.php.

Member Function Documentation

◆ checkAccess()

ilWebAccessChecker::checkAccess ( )

Check access rights of the requested file public.

Definition at line 274 of file class.ilWebAccessChecker.php.

References $ilLog, $ilUser, checkAccessMob(), checkAccessObject(), checkAccessUserImage(), and determineUser().

275  {
276  global $ilLog, $ilUser, $ilObjDataCache;
277 
278  // an error already occurred at class initialisation
279  if ($this->errorcode)
280  {
281  return false;
282  }
283 
284  // do this here because ip based checking may be set after construction
285  $this->determineUser();
286 
287  // check for type by subdirectory
288  $pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
289  $pos2 = strpos($this->subpath, "mobs/mm_") + 8;
290  $pos3 = strpos($this->subpath, "usr_images/") + 11;
291 
292  $obj_id = 0;
293  $type = 'none';
294  // trying to access data within a learning module folder
295  if ($pos1 > 11)
296  {
297  $type = 'lm';
298  $seperator = strpos($this->subpath, '/', $pos1);
299  $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
300  }
301  //trying to access media data
302  else if ($pos2 > 8)
303  {
304  $type = 'mob';
305  $seperator = strpos($this->subpath, '/', $pos2);
306  $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
307  }
308  // trying to access a user image
309  elseif ($pos3 > 11)
310  {
311  $type = 'user_image';
312  // user images may be:
313  // upload_123pic, upload_123
314  // usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
315  $seperator = strpos($this->subpath, '_', $pos3);
316  $obj_id = (int) substr($this->subpath, $seperator + 1);
317  }
318 
319  if (!$obj_id || $type == 'none')
320  {
321  $this->errorcode = 404;
322  $this->errortext = $this->lng->txt("obj_not_found");
323  return false;
324  }
325 
326  switch($type)
327  {
328  // SCORM or HTML learning module
329  case 'lm':
330  if ($this->checkAccessObject($obj_id))
331  {
332  return true;
333  }
334  break;
335 
336  // media object
337  case 'mob':
338  if ($this->checkAccessMob($obj_id))
339  {
340  return true;
341  }
342  break;
343 
344  // image in user profile
345  case 'user_image':
346  if ($this->checkAccessUserImage($obj_id))
347  {
348  return true;
349  }
350  break;
351  }
352 
353  // none of the checks above gives access
354  $this->errorcode = 403;
355  $this->errortext = $this->lng->txt('msg_no_perm_read');
356  return false;
357  }
ilWebAccessChecker\determineUser
determineUser()
Determine the current user(s)
Definition: class.ilWebAccessChecker.php:213
$ilLog
$ilLog
Definition: inc.setup_header.php:126
$ilUser
global $ilUser
Definition: imgupload.php:15
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:579
ilWebAccessChecker\checkAccessUserImage
checkAccessUserImage($usr_id)
Check access rights for user images.
Definition: class.ilWebAccessChecker.php:761
ilWebAccessChecker\checkAccessMob
checkAccessMob($obj_id)
Check access to media object.
Definition: class.ilWebAccessChecker.php:365
+ Here is the call graph for this function:

◆ checkAccessBlogPage()

ilWebAccessChecker::checkAccessBlogPage (   $obj_id,
  $page_id 
)
private

Check access rights for blog pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 725 of file class.ilWebAccessChecker.php.

References checkAccessObject().

Referenced by checkAccessMob().

726  {
727  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
728  $tree = new ilWorkspaceTree(0);
729  $node_id = $tree->lookupNodeId($obj_id);
730 
731  // repository
732  if(!$node_id)
733  {
734  return $this->checkAccessObject($obj_id);
735  }
736  // workspace
737  else
738  {
739  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";
740  foreach ($this->check_users as $user_id)
741  {
742  $access_handler = new ilWorkspaceAccessHandler($tree);
743  if ($access_handler->checkAccessOfUser($tree, $user_id, "read", "view", $node_id, "blog"))
744  {
745  return true;
746  }
747  }
748  }
749  return false;
750  }
ilWorkspaceAccessHandler
Access handler for personal workspace.
Definition: class.ilWorkspaceAccessHandler.php:17
ilWorkspaceTree
Tree handler for personal workspace.
Definition: class.ilWorkspaceTree.php:13
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:579
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessGlossaryTerm()

ilWebAccessChecker::checkAccessGlossaryTerm (   $obj_id,
  $page_id 
)
private

Check access rights for glossary terms This checks also learning modules linking the term.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 648 of file class.ilWebAccessChecker.php.

References ilInternalLink\_getSourcesOfTarget(), ilLMObject\_lookupContObjID(), ilGlossaryDefinition\_lookupTermId(), and checkAccessObject().

Referenced by checkAccessMob().

649  {
650  // give access if glossary is readable
651  if ($this->checkAccessObject($obj_id))
652  {
653  return true;
654  }
655 
656  include_once("./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
657  include_once("./Modules/Glossary/classes/class.ilGlossaryTerm.php");
658  $term_id = ilGlossaryDefinition::_lookupTermId($page_id);
659 
660  include_once('./Services/COPage/classes/class.ilInternalLink.php');
661  $sources = ilInternalLink::_getSourcesOfTarget('git',$term_id, 0);
662 
663  if ($sources)
664  {
665  foreach ($sources as $src)
666  {
667  switch ($src['type'])
668  {
669  // Give access if term is linked by a learning module with read access.
670  // The term including media is shown by the learning module presentation!
671  case 'lm:pg':
672  include_once("./Modules/LearningModule/classes/class.ilLMObject.php");
673  $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
674  if ($this->checkAccessObject($src_obj_id, 'lm'))
675  {
676  return true;
677  }
678  break;
679 
680  // Don't yet give access if the term is linked by another glossary
681  // The link will lead to the origin glossary which is already checked
682  /*
683  case 'gdf:pg':
684  $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
685  $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
686  if ($this->checkAccessObject($src_obj_id, 'glo'))
687  {
688  return true;
689  }
690  break;
691  */
692  }
693  }
694  }
695  }
ilLMObject\_lookupContObjID
_lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:737
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:579
ilGlossaryDefinition\_lookupTermId
_lookupTermId($a_def_id)
Looks up term id for a definition id.
Definition: class.ilGlossaryDefinition.php:642
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessLM()

ilWebAccessChecker::checkAccessLM (   $obj_id,
  $obj_type,
  $page = 0 
)
private

check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!)

Parameters
intobject id
stringobject type
intpage id

Definition at line 535 of file class.ilWebAccessChecker.php.

References $lng, $ref_id, and ilObject\_getAllReferences().

536  {
537  global $lng;
538 
539  // OBSOLETE (see above)
540 
541  //if (!$page)
542  //{
543  $ref_ids = ilObject::_getAllReferences($obj_id);
544  foreach($ref_ids as $ref_id)
545  {
546  foreach ($this->check_users as $user_id)
547  {
548  if ($this->ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
549  {
550  return true;
551  }
552  }
553  }
554  return false;
555  //}
556  //else
557  //{
558  // $ref_ids = ilObject::_getAllReferences($obj_id);
559  // foreach($ref_ids as $ref_id)
560  // {
561  // if ($this->ilAccess->checkAccess("read", "", $ref_id))
562  // {
563  // require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
564  // $lm = new ilObjLearningModule($obj_id,false);
565  // if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
566  // return true;
567  // }
568  // }
569  // return false;
570  //}
571  }
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ checkAccessMob()

ilWebAccessChecker::checkAccessMob (   $obj_id)

Check access to media object.

Parameters

Definition at line 365 of file class.ilWebAccessChecker.php.

References ilObjMediaCastAccess\_lookupPublicFiles(), ilNewsItem\_lookupVisibility(), checkAccessBlogPage(), checkAccessGlossaryTerm(), checkAccessObject(), checkAccessPortfolioPage(), checkAccessTestQuestion(), ilObjMediaObject\getParentObjectIdForUsage(), ilImprint\isActive(), ilMediaPoolPage\lookupUsages(), ilObjMediaObject\lookupUsages(), and NEWS_PUBLIC.

Referenced by checkAccess().

366  {
367  $usages = ilObjMediaObject::lookupUsages($obj_id);
368 
369  foreach($usages as $usage)
370  {
371  $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
372 
373  // for content snippets we must get their usages and check them
374  if ($usage["type"] == "mep:pg")
375  {
376  include_once("./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
377  $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
378  foreach($usages2 as $usage2)
379  {
380  $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
381  if ($this->checkAccessMobUsage($usage2, $oid2))
382  {
383  return true;
384  }
385  }
386  }
387  else // none content snippets just go the usual way
388  {
389  if ($this->checkAccessMobUsage($usage, $oid))
390  {
391  return true;
392  }
393  }
394  }
395 
396  return false;
397  }
ilMediaPoolPage\lookupUsages
lookupUsages($a_id, $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:180
ilObjMediaObject\lookupUsages
lookupUsages($a_id, $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:1100
ilObjMediaObject\getParentObjectIdForUsage
getParentObjectIdForUsage($a_usage, $a_include_all_access_obj_ids=false)
Get's the repository object ID of a parent object, if possible.
Definition: class.ilObjMediaObject.php:1198
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessObject()

ilWebAccessChecker::checkAccessObject (   $obj_id,
  $obj_type = '' 
)
private

Check access rights for an object by its object id.

Parameters
intobject id
Returns
boolean access given (true/false)

Definition at line 579 of file class.ilWebAccessChecker.php.

References $ilAccess, $ref_id, ilObject\_getAllReferences(), and ilObject\_lookupType().

Referenced by checkAccess(), checkAccessBlogPage(), checkAccessGlossaryTerm(), checkAccessMob(), and checkAccessTestQuestion().

580  {
581  global $ilAccess;
582 
583  if (!$obj_type)
584  {
585  $obj_type = ilObject::_lookupType($obj_id);
586  }
587  $ref_ids = ilObject::_getAllReferences($obj_id);
588 
589  foreach($ref_ids as $ref_id)
590  {
591  foreach ($this->check_users as $user_id)
592  {
593  if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
594  {
595  return true;
596  }
597  }
598  }
599  return false;
600  }
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessPortfolioPage()

ilWebAccessChecker::checkAccessPortfolioPage (   $obj_id,
  $page_id 
)
private

Check access rights for portfolio pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 704 of file class.ilWebAccessChecker.php.

Referenced by checkAccessMob().

705  {
706  include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
707  $access_handler = new ilPortfolioAccessHandler();
708  foreach ($this->check_users as $user_id)
709  {
710  if ($access_handler->checkAccessOfUser($user_id, "read", "view", $obj_id, "prtf"))
711  {
712  return true;
713  }
714  }
715  return false;
716  }
ilPortfolioAccessHandler
Access handler for portfolio.
Definition: class.ilPortfolioAccessHandler.php:18
+ Here is the caller graph for this function:

◆ checkAccessTestQuestion()

ilWebAccessChecker::checkAccessTestQuestion (   $obj_id,
  $usage_id = 0 
)
private

Check access rights for a test question This checks also tests with random selection of questions.

Parameters
intobject id (question pool or test)
intusage id (not yet used)
Returns
boolean access given (true/false)

Definition at line 611 of file class.ilWebAccessChecker.php.

References $ilAccess, $tests, ilObjTestAccess\_getRandomTestsForQuestionPool(), ilObject\_lookupType(), and checkAccessObject().

Referenced by checkAccessMob().

612  {
613  global $ilAccess;
614 
615  // give access if direct usage is readable
616  if ($this->checkAccessObject($obj_id))
617  {
618  return true;
619  }
620 
621  $obj_type = ilObject::_lookupType($obj_id);
622  if ($obj_type == 'qpl')
623  {
624  // give access if question pool is used by readable test
625  // for random selection of questions
626  include_once('./Modules/Test/classes/class.ilObjTestAccess.php');
627  $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
628  foreach ($tests as $test_id)
629  {
630  if ($this->checkAccessObject($test_id, 'tst'))
631  {
632  return true;
633  }
634  }
635  }
636  return false;
637  }
ilObjTestAccess\_getRandomTestsForQuestionPool
_getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:498
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:579
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessUserImage()

ilWebAccessChecker::checkAccessUserImage (   $usr_id)
private

Check access rights for user images.

Due to privacy this will be checked for a truly identified user (IP based checking is not recommended user images)

Parameters
intusr_id
Returns
boolean access given (true/false)

Definition at line 761 of file class.ilWebAccessChecker.php.

References $ilSetting, $ilUser, $usr_id, and ilObjUser\_lookupPref().

Referenced by checkAccess().

762  {
763  global $ilUser, $ilSetting;
764 
765  // check if own image is viewed
766  if ($usr_id == $ilUser->getId())
767  {
768  return true;
769  }
770 
771  // check if image is in the public profile
772  $public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
773  if ($public_upload != 'y')
774  {
775  return false;
776  }
777 
778  // check the publication status of the profile
779  $public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
780 
781  if ($public_profile == 'g'
782  and $ilSetting->get('enable_global_profiles')
783  and $ilSetting->get('pub_section'))
784  {
785  // globally public
786  return true;
787  }
788  elseif (($public_profile == 'y' or $public_profile == 'g')
789  and $ilUser->getId() != ANONYMOUS_USER_ID)
790  {
791  // public for logged in users
792  return true;
793  }
794  else
795  {
796  // not public
797  return false;
798  }
799  }
ilObjUser\_lookupPref
_lookupPref($a_usr_id, $a_keyword)
Definition: class.ilObjUser.php:1262
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilSetting
global $ilSetting
Definition: privfeed.php:40
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ determineUser()

ilWebAccessChecker::determineUser ( )

Determine the current user(s)

Definition at line 213 of file class.ilWebAccessChecker.php.

References $_SESSION, $GLOBALS, $ilUser, ilSession\_getUsersWithIp(), and getCheckIp().

Referenced by checkAccess().

214  {
215  global $ilUser;
216 
217  // a valid user session is found
218  if ($_SESSION["AccountId"])
219  {
220  $this->check_users = array($_SESSION["AccountId"]);
221  return;
222  }
223 
224  // no session cookie was delivered
225  // user identification by ip address is allowed
226  elseif ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] and $this->getCheckIp())
227  {
228  $this->check_users = ilSession::_getUsersWithIp($_SERVER['REMOTE_ADDR']);
229 
230  if (count($this->check_users) == 0)
231  {
232  // no user was found for the ip address
233  $this->check_users = array(ANONYMOUS_USER_ID);
234 
235  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
236  $ilUser->setId(ANONYMOUS_USER_ID);
237  $ilUser->read();
238  }
239  elseif (count($this->check_users) == 1)
240  {
241  // exactly one user is found with an active session
242  $_SESSION["AccountId"] = current($this->check_users);
243  $ilUser->setId(current($this->check_users));
244  $ilUser->read();
245  }
246  else
247  {
248  // more than one user found for the ip address
249  // take the anonymous user for the session
250  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
251  $ilUser->setId(ANONYMOUS_USER_ID);
252  $ilUser->read();
253  }
254  return;
255  }
256 
257  // take the anonymous user as fallback
258  else
259  {
260  $this->check_users = array(ANONYMOUS_USER_ID);
261 
262  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
263  $ilUser->setId(ANONYMOUS_USER_ID);
264  $ilUser->read();
265 
266  return;
267  }
268  }
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192
ilWebAccessChecker\getCheckIp
getCheckIp()
Set the checking of the IP address of no valid session is found.
Definition: class.ilWebAccessChecker.php:884
$GLOBALS
$GLOBALS['COOKIE_PATH']
Definition: class.ilWebAccessChecker.php:18
$ilUser
global $ilUser
Definition: imgupload.php:15
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:343
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCheckIp()

ilWebAccessChecker::getCheckIp ( )

Set the checking of the IP address of no valid session is found.

Returns
boolean

Definition at line 884 of file class.ilWebAccessChecker.php.

References $check_ip.

Referenced by determineUser().

885  {
886  return $this->check_ip;
887  }
+ Here is the caller graph for this function:

◆ getDisposition()

ilWebAccessChecker::getDisposition ( )

Get the delivery mode for the file.

Returns
string "inline", "attachment" or "virtual" public

Definition at line 824 of file class.ilWebAccessChecker.php.

References $disposition.

Referenced by sendFile().

825  {
826  return $this->disposition;
827  }
+ Here is the caller graph for this function:

◆ getMimeType()

ilWebAccessChecker::getMimeType (   $default = 'application/octet-stream')

Get the mime type of the requested file.

Parameters
stringdefault type
Returns
string mime type public

Definition at line 1076 of file class.ilWebAccessChecker.php.

References $mimetype, and ilMimeTypeUtil\getMimeType().

Referenced by sendFile().

1077  {
1078  // take a previously set mimetype
1079  if (isset($this->mimetype))
1080  {
1081  return $this->mimetype;
1082  }
1083 
1084  $mime = '';
1085  // alex: changed due to bug http://www.ilias.de/mantis/view.php?id=9332
1086 /* if (extension_loaded('Fileinfo'))
1087  {
1088  $finfo = finfo_open(FILEINFO_MIME);
1089  $mime = finfo_file($finfo, $this->file);
1090  finfo_close($finfo);
1091  if ($pos = strpos($mime, ' '))
1092  {
1093  $mime = substr($mime, 0, $pos);
1094  }
1095  }
1096  else
1097  {*/
1098  include_once("./Services/Utilities/classes/class.ilMimeTypeUtil.php");
1099  $mime = ilMimeTypeUtil::getMimeType($this->file);
1100  //$mime = ilObjMediaObject::getMimeType($this->file);
1101 // }
1102 
1103  // set and return the mime type
1104  $this->mimetype = $mime ? $mime : $default;
1105  return $this->mimetype;
1106  }
ilMimeTypeUtil\getMimeType
static getMimeType($a_file="", $a_filename="", $a_mime="")
Get Mime type.
Definition: class.ilMimeTypeUtil.php:22
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getSendMimetype()

ilWebAccessChecker::getSendMimetype ( )

Get if mimetype should be sent for a virtual delivery.

Returns
boolean

Definition at line 857 of file class.ilWebAccessChecker.php.

References $send_mimetype.

Referenced by sendFile().

858  {
859  return $this->send_mimetype;
860  }
+ Here is the caller graph for this function:

◆ ilWebAccessChecker()

ilWebAccessChecker::ilWebAccessChecker ( )

Constructor public.

Definition at line 144 of file class.ilWebAccessChecker.php.

References $_GET, $ilAccess, $ilLog, $ilUser, $lng, ILIAS_ABSOLUTE_PATH, ILIAS_WEB_DIR, setCheckIp(), setDisposition(), and setSendMimetype().

145  {
146  global $ilUser, $ilAccess, $lng, $ilLog;
147 
148  $this->lng =& $lng;
149  $this->ilAccess =& $ilAccess;
150  $this->params = array();
151 
152  // get the requested file and its type
153  $uri = parse_url($_SERVER["REQUEST_URI"]);
154  parse_str($uri["query"], $this->params);
155 
156  $pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
157  $this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
158  $this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
159 
160  // build url path for virtual function
161  $this->virtual_path = str_replace($pattern, "virtual-" . $pattern, $uri["path"]);
162 
163 
164  // set the parameters provided with the checker call
165  if (isset($_GET['disposition']))
166  {
167  $this->setDisposition($_GET['disposition']);
168  }
169  if (isset($_GET['check_ip']))
170  {
171  $this->setCheckIp($_GET['check_ip']);
172  }
173  if (isset($_GET['send_mimetype']))
174  {
175  $this->setSendMimetype($_GET['send_mimetype']);
176  }
177 
178  // debugging
179  /*echo "<pre>";
180  echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
181  echo "Parsed URI: ". $uri["path"]. "\n";
182  echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
183  echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
184  echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
185  echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
186  echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
187  echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
188  echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
189  echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
190  echo "CLIENT_ID: ". CLIENT_ID. "\n";
191  echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
192  echo "subpath: ". $this->subpath. "\n";
193  echo "file: ". $this->file. "\n";
194  echo "disposition: ". $this->disposition. "\n";
195  echo "ckeck_ip: ". $this->check_ip. "\n";
196  echo "send_mimetype: ". $this->send_mimetype. "\n";
197  echo "</pre>";
198  echo phpinfo();
199  exit;*/
200 
201 
202  if (!file_exists($this->file))
203  {
204  $this->errorcode = 404;
205  $this->errortext = $this->lng->txt("url_not_found");
206  return false;
207  }
208  }
ilWebAccessChecker\setDisposition
setDisposition($a_disposition)
Set the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:807
ILIAS_WEB_DIR
const ILIAS_WEB_DIR
Definition: updateADLTree.php:59
ilWebAccessChecker\setSendMimetype
setSendMimetype($a_send_mimetype)
Set the sending of the mime type.
Definition: class.ilWebAccessChecker.php:834
ILIAS_ABSOLUTE_PATH
const ILIAS_ABSOLUTE_PATH
Definition: updateADLTree.php:60
ilWebAccessChecker\setCheckIp
setCheckIp($a_check_ip)
Set the checking of the IP address if no valid session is found.
Definition: class.ilWebAccessChecker.php:868
$ilLog
$ilLog
Definition: inc.setup_header.php:126
$ilUser
global $ilUser
Definition: imgupload.php:15
$_GET
$_GET["baseClass"]
Definition: class.ilWebAccessChecker.php:7
+ Here is the call graph for this function:

◆ sendError()

ilWebAccessChecker::sendError ( )

Send an error response for the requested file public.

Definition at line 1014 of file class.ilWebAccessChecker.php.

References $ilSetting, $ilUser, $lng, $tpl, exit, and ilUtil\getImagePath().

1015  {
1016  global $ilSetting, $ilUser, $tpl, $lng, $tree;
1017 
1018  switch ($this->errorcode)
1019  {
1020  case 404:
1021  header("HTTP/1.0 404 Not Found");
1022  break;
1023  case 403:
1024  default:
1025  header("HTTP/1.0 403 Forbidden");
1026  break;
1027  }
1028 
1029  // set the page base to the ILIAS directory
1030  // to get correct references for images and css files
1031  $tpl->setCurrentBlock("HeadBaseTag");
1032  $tpl->setVariable('BASE', ILIAS_HTTP_PATH . '/error.php');
1033  $tpl->parseCurrentBlock();
1034  $tpl->addBlockFile("CONTENT", "content", "tpl.error.html");
1035 
1036  // Check if user is logged in
1037  $anonymous = ($ilUser->getId() == ANONYMOUS_USER_ID);
1038 
1039  if ($anonymous)
1040  {
1041  // Provide a link to the login screen for anonymous users
1042 
1043  $tpl->SetCurrentBlock("ErrorLink");
1044  $tpl->SetVariable("TXT_LINK", $lng->txt('login_to_ilias'));
1045  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/login.php?cmd=force_login&client_id='.CLIENT_ID);
1046  $tpl->ParseCurrentBlock();
1047  }
1048  else
1049  {
1050  // Provide a link to the repository for authentified users
1051 
1052  $nd = $tree->getNodeData(ROOT_FOLDER_ID);
1053  $txt = $nd['title'] == 'ILIAS' ? $lng->txt('repository') : $nd['title'];
1054 
1055  $tpl->SetCurrentBlock("ErrorLink");
1056  $tpl->SetVariable("TXT_LINK", $txt);
1057  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/ilias.php?baseClass=ilRepositoryGUI&amp;client_id='.CLIENT_ID);
1058  $tpl->ParseCurrentBlock();
1059  }
1060 
1061  $tpl->setCurrentBlock("content");
1062  $tpl->setVariable("ERROR_MESSAGE",($this->errortext));
1063  $tpl->setVariable("SRC_IMAGE", ilUtil::getImagePath("mess_failure.png"));
1064  $tpl->parseCurrentBlock();
1065 
1066  $tpl->show();
1067  exit;
1068  }
exit
exit
Definition: login.php:54
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
$tpl
if(isset($_FILES['img_file']['size']) && $_FILES['img_file']['size'] > 0) $tpl
Definition: imagemanager.php:90
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilSetting
global $ilSetting
Definition: privfeed.php:40
+ Here is the call graph for this function:

◆ sendFile()

ilWebAccessChecker::sendFile ( )

Send the requested file as if directly delivered from the web server public.

Definition at line 894 of file class.ilWebAccessChecker.php.

References $ilLog, ilUtil\deliverFile(), exit, getDisposition(), getMimeType(), getSendMimetype(), ilUtil\rangeDownload(), and ilUtil\readFile().

895  {
896  //$system_use_xsendfile = true;
897  //$xsendfile_available = (boolean) $_GET["xsendfile"];
898  $xsendfile_available = false;
899  //if (function_exists('apache_get_modules'))
900  //{
901  // $modules = apache_get_modules();
902  // $xsendfile_available = in_array('mod_xsendfile', $modules);
903  //}
904 
905  //$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
906 
907  // delivery via apache virtual function
908  if ($this->getDisposition() == "virtual")
909  {
910  $this->sendFileVirtual();
911  exit;
912  }
913  // delivery for download dialogue
914  elseif ($this->getDisposition() == "attachment")
915  {
916  if ($xsendfile_available)
917  {
918  header('x-sendfile: ' . $this->file);
919  header("Content-Type: application/octet-stream");
920  }
921  else
922  ilUtil::deliverFile($this->file, basename($this->file));
923  exit;
924  }
925  // inline delivery
926  else
927  {
928  if (!isset($_SERVER["HTTPS"]))
929  {
930  header("Cache-Control: no-cache, must-revalidate");
931  header("Pragma: no-cache");
932  }
933 
934  if ($this->getSendMimetype())
935  {
936  header("Content-Type: " . $this->getMimeType());
937  }
938 
939  // see bug 12622 and 12124
940  if (isset($_SERVER['HTTP_RANGE'])) { // do it for any device that supports byte-ranges not only iPhone
941  ilUtil::rangeDownload($this->file);
942  exit;
943  }
944 
945  header("Content-Length: ".(string)(filesize($this->file)));
946 
947  if (isset($_SERVER["HTTPS"]))
948  {
949  header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
950  header('Pragma: public');
951  }
952 
953  header("Connection: close");
954 
955  if ($xsendfile_available)
956  {
957  header('x-sendfile: ' . $this->file);
958  if ($this->getSendMimetype())
959  {
960  header("Content-Type: " . $this->getMimeType());
961  }
962  }
963  else
964  {
965  ilUtil::readFile( $this->file);
966  }
967 
968  exit;
969  }
970  }
exit
exit
Definition: login.php:54
ilWebAccessChecker\getSendMimetype
getSendMimetype()
Get if mimetype should be sent for a virtual delivery.
Definition: class.ilWebAccessChecker.php:857
ilWebAccessChecker\getDisposition
getDisposition()
Get the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:824
ilWebAccessChecker\getMimeType
getMimeType($default='application/octet-stream')
Get the mime type of the requested file.
Definition: class.ilWebAccessChecker.php:1076
ilUtil\deliverFile
static deliverFile($a_file, $a_filename, $a_mime='', $isInline=false, $removeAfterDelivery=false, $a_exit_after=true)
deliver file for download via browser.
Definition: class.ilUtil.php:2229
ilUtil\rangeDownload
rangeDownload($file)
Send a file via range request, see http://mobiforge.com/design-development/content-delivery-mobile-de...
Definition: class.ilUtil.php:5193
ilUtil\readFile
static readFile($a_file)
there are some known problems with the original readfile method, which sometimes truncates delivered ...
Definition: class.ilUtil.php:2309
+ Here is the call graph for this function:

◆ setCheckIp()

ilWebAccessChecker::setCheckIp (   $a_check_ip)

Set the checking of the IP address if no valid session is found.

Parameters
booleanpublic

Definition at line 868 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

869  {
870  if (in_array(strtolower($a_check_ip), array('','0','off','false')))
871  {
872  $this->check_ip = false;
873  }
874  elseif (in_array(strtolower($a_check_ip), array('1','on','true')))
875  {
876  $this->check_ip = true;
877  }
878  }
+ Here is the caller graph for this function:

◆ setDisposition()

ilWebAccessChecker::setDisposition (   $a_disposition)

Set the delivery mode for the file.

Parameters
string"inline", "attachment" or "virtual" public

Definition at line 807 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

808  {
809  if (in_array(strtolower($a_disposition), array('inline','attachment','virtual')))
810  {
811  $this->disposition = strtolower($a_disposition);
812  }
813  else
814  {
815  $this->disposition = 'inline';
816  }
817  }
+ Here is the caller graph for this function:

◆ setSendMimetype()

ilWebAccessChecker::setSendMimetype (   $a_send_mimetype)

Set the sending of the mime type.

Parameters
string(boolean switch or mimetype) public

Definition at line 834 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

835  {
836  if (in_array(strtolower($a_send_mimetype), array('','0','off','false')))
837  {
838  $this->mimetype = null;
839  $this->send_mimetype = false;
840  }
841  elseif (in_array(strtolower($a_send_mimetype), array('1','on','true')))
842  {
843  $this->mimetype = null;
844  $this->send_mimetype = true;
845  }
846  else
847  {
848  $this->mimetype = $a_send_mimetype;
849  $this->send_mimetype = true;
850  }
851  }
+ Here is the caller graph for this function:

Field Documentation

◆ $check_ip

ilWebAccessChecker::$check_ip = false

Definition at line 95 of file class.ilWebAccessChecker.php.

Referenced by getCheckIp().

◆ $check_users

ilWebAccessChecker::$check_users = array()

Definition at line 105 of file class.ilWebAccessChecker.php.

◆ $disposition

ilWebAccessChecker::$disposition = "inline"

Definition at line 88 of file class.ilWebAccessChecker.php.

Referenced by getDisposition().

◆ $errorcode

ilWebAccessChecker::$errorcode

Definition at line 129 of file class.ilWebAccessChecker.php.

◆ $errortext

ilWebAccessChecker::$errortext

Definition at line 137 of file class.ilWebAccessChecker.php.

◆ $file

ilWebAccessChecker::$file

Definition at line 73 of file class.ilWebAccessChecker.php.

◆ $ilAccess

ilWebAccessChecker::$ilAccess

Definition at line 59 of file class.ilWebAccessChecker.php.

Referenced by checkAccessObject(), checkAccessTestQuestion(), and ilWebAccessChecker().

◆ $lng

ilWebAccessChecker::$lng

Definition at line 58 of file class.ilWebAccessChecker.php.

Referenced by checkAccessLM(), ilWebAccessChecker(), and sendError().

◆ $mimetype

ilWebAccessChecker::$mimetype = null

Definition at line 121 of file class.ilWebAccessChecker.php.

Referenced by getMimeType().

◆ $params

ilWebAccessChecker::$params

Definition at line 80 of file class.ilWebAccessChecker.php.

◆ $send_mimetype

ilWebAccessChecker::$send_mimetype = true

Definition at line 112 of file class.ilWebAccessChecker.php.

Referenced by getSendMimetype().

◆ $subpath

ilWebAccessChecker::$subpath

Definition at line 66 of file class.ilWebAccessChecker.php.

The documentation for this class was generated from the following file: