7$_GET[
"baseClass"] = 
"ilStartUpGUI";
 
   13define(
"ILIAS_MODULE", substr($_SERVER[
'PHP_SELF'],
 
   14                                           strpos($_SERVER[
'PHP_SELF'], 
"/data/") + 6));
 
   18$GLOBALS[
'COOKIE_PATH'] = substr($_SERVER[
'PHP_SELF'], 0,
 
   19                                                  strpos($_SERVER[
'PHP_SELF'], 
"/data/"));
 
   31$GLOBALS[
'WEB_ACCESS_WITHOUT_SESSION'] = (session_id() == 
"");
 
   33include_once 
"Services/Context/classes/class.ilContext.php";
 
   37require_once 
"./include/inc.header.php";
 
   38require_once 
"./Services/Utilities/classes/class.ilUtil.php";
 
   39require_once 
"./Services/Object/classes/class.ilObject.php";
 
   40require_once 
"./Services/MediaObjects/classes/class.ilObjMediaObject.php";
 
  150                $this->params = array();
 
  153                $uri = parse_url($_SERVER[
"REQUEST_URI"]);
 
  154                parse_str($uri[
"query"], $this->params);
 
  157                $this->subpath = urldecode(substr($uri[
"path"], strpos($uri[
"path"], $pattern)));
 
  161                $this->virtual_path = str_replace($pattern, 
"virtual-" . $pattern, $uri[
"path"]);
 
  165                if (isset(
$_GET[
'disposition']))
 
  169                if (isset(
$_GET[
'check_ip']))
 
  173                if (isset(
$_GET[
'send_mimetype']))
 
  202                if (!file_exists($this->file))
 
  204                        $this->errorcode = 404;
 
  205                        $this->errortext = $this->lng->txt(
"url_not_found");
 
  220                $this->check_users = array(
$_SESSION[
"AccountId"]);     
 
  230                if (count($this->check_users) == 0)
 
  233                        $this->check_users = array(ANONYMOUS_USER_ID);
 
  235                        $_SESSION[
"AccountId"] = ANONYMOUS_USER_ID;
 
  236                                $ilUser->setId(ANONYMOUS_USER_ID);
 
  239                elseif (count($this->check_users) == 1)
 
  242                        $_SESSION[
"AccountId"] = current($this->check_users);
 
  243                                $ilUser->setId(current($this->check_users));
 
  250                        $_SESSION[
"AccountId"] = ANONYMOUS_USER_ID;
 
  251                                $ilUser->setId(ANONYMOUS_USER_ID);
 
  260                $this->check_users = array(ANONYMOUS_USER_ID);
 
  262                $_SESSION[
"AccountId"] = ANONYMOUS_USER_ID;
 
  263                        $ilUser->setId(ANONYMOUS_USER_ID);
 
  279                if ($this->errorcode)
 
  285                $pos1 = strpos($this->subpath, 
"lm_data/lm_") + 11;
 
  286                $pos2 = strpos($this->subpath, 
"mobs/mm_") + 8;
 
  287                $pos3 = strpos($this->subpath, 
"usr_images/") + 11;
 
  288                $pos4 = strpos($this->subpath, 
"sec") + 3;
 
  296                        $seperator = strpos($this->subpath, 
'/', $pos1);
 
  297                        $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
 
  303                        $seperator = strpos($this->subpath, 
'/', $pos2);
 
  304                        $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
 
  309                        $type = 
'user_image';
 
  313                        $seperator = strpos($this->subpath, 
'_', $pos3);
 
  314                        $obj_id = (int) substr($this->subpath, $seperator + 1);
 
  320                        $seperator = strpos($this->subpath, 
'/', $pos4);
 
  321                        $path = explode(
"/", substr($this->subpath, $seperator +1));
 
  322                        $component = array_shift(
$path);
 
  323                        if(substr($component, 0, 2) == 
"il")
 
  325                                $component = substr($component, 2);
 
  329                                        $comp_dir = 
"Modules";
 
  333                                        $comp_dir = 
"Services";
 
  335                                else if($objDefinition->isPlugin($pl_id = strtolower($component)))
 
  337                                        $comp_class = $objDefinition->getClassName($pl_id);
 
  338                                        $comp_dir = $objDefinition->getLocation($pl_id);
 
  346                                                $comp_class = 
"il".$comp_class.
"WebAccessChecker";
 
  347                                                $comp_include = $comp_dir.
"/class.".$comp_class.
".php";
 
  351                                                $comp_class = 
"il".$component.
"WebAccessChecker";
 
  352                                                $comp_include = $comp_dir.
"/".$component.
"/classes/class.".$comp_class.
".php";
 
  354                                        if(file_exists($comp_include))
 
  356                                                include_once $comp_include;                                     
 
  357                                                if(class_exists($comp_class))
 
  359                                                        $comp_inst = 
new $comp_class();
 
  362                                                                if($comp_inst->isValidPath(
$path))
 
  373                if ((!$obj_id && $type != 
"sec") || $type == 
'none')
 
  375                        $this->errorcode = 404;
 
  376                        $this->errortext = $this->lng->txt(
"obj_not_found");
 
  385                        foreach($usages as $usage)
 
  387                                if($usage[
'type'] == 
'impr:pg')
 
  389                                        return $this->checkAccessMobUsage($usage, 1);
 
  429                                if($obj_id = $comp_inst->getRepositoryObjectId())
 
  435                                        return $comp_inst->checkAccess($this->check_users);                                     
 
  441                $this->errorcode = 403;
 
  442                $this->errortext = $this->lng->txt(
'msg_no_perm_read');
 
  456                foreach($usages as $usage)
 
  461                        if ($usage[
"type"] == 
"mep:pg")
 
  463                                include_once(
"./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
 
  465                                foreach($usages2 as $usage2)
 
  468                                        if ($this->checkAccessMobUsage($usage2, $oid2))
 
  476                                if ($this->checkAccessMobUsage($usage, $oid))
 
  492        function checkAccessMobUsage($usage, $oid)
 
  497                global $ilObjDataCache;
 
  499                switch($usage[
'type'])
 
  519                                include_once(
"./Modules/MediaCast/classes/class.ilObjMediaCastAccess.php");
 
  520                                include_once(
"./Services/News/classes/class.ilNewsItem.php");
 
  546                                foreach ($this->check_users as $user_id)
 
  548                                        if ($ilObjDataCache->lookupType($oid) == 
'usr' && $oid == $user_id)
 
  605                                include_once 
'Services/Imprint/classes/class.ilImprint.php';
 
  641                                foreach ($this->check_users as $user_id)
 
  643                                        if ($this->ilAccess->checkAccessOfUser($user_id, 
"read", 
"view", 
$ref_id, $obj_type, $obj_id))
 
  686                        foreach ($this->check_users as $user_id)
 
  688                                if (
$ilAccess->checkAccessOfUser($user_id, 
"read", 
"view", 
$ref_id, $obj_type, $obj_id))
 
  717                if ($obj_type == 
'qpl')
 
  721                        include_once(
'./Modules/Test/classes/class.ilObjTestAccess.php');
 
  723                        foreach (
$tests as $test_id)
 
  751                include_once(
"./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
 
  752                include_once(
"./Modules/Glossary/classes/class.ilGlossaryTerm.php");
 
  755                include_once(
'./Services/Link/classes/class.ilInternalLink.php');
 
  760                        foreach ($sources as $src)
 
  762                                switch ($src[
'type'])
 
  767                                                include_once(
"./Modules/LearningModule/classes/class.ilLMObject.php");
 
  801                include_once 
"Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
 
  803                foreach ($this->check_users as $user_id)
 
  805                        if ($access_handler->checkAccessOfUser($user_id, 
"read", 
"view", $obj_id, 
"prtf"))
 
  822                include_once 
"Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
 
  824                $node_id = $tree->lookupNodeId($obj_id);
 
  834                        include_once 
"Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";                                           
 
  835                        foreach ($this->check_users as $user_id)
 
  838                                if ($access_handler->checkAccessOfUser($tree, $user_id, 
"read", 
"view", $node_id, 
"blog"))
 
  849                include_once 
"Modules/Course/classes/class.ilCourseObjective.php";
 
  869                if ($usr_id == 
$ilUser->getId())
 
  876                if ($public_upload != 
'y')
 
  884                if ($public_profile == 
'g'  
  891                elseif (($public_profile == 
'y' or $public_profile == 
'g')
 
  892                        and 
$ilUser->getId() != ANONYMOUS_USER_ID)
 
  912                if (in_array(strtolower($a_disposition), array(
'inline',
'attachment',
'virtual')))
 
  914                        $this->disposition = strtolower($a_disposition);
 
  918                        $this->disposition = 
'inline';
 
  939                if (in_array(strtolower($a_send_mimetype), array(
'',
'0',
'off',
'false')))
 
  941                        $this->mimetype = 
null;
 
  942                        $this->send_mimetype = 
false;
 
  944                elseif (in_array(strtolower($a_send_mimetype), array(
'1',
'on',
'true')))
 
  946                        $this->mimetype = 
null;
 
  947                        $this->send_mimetype = 
true;
 
  951                        $this->mimetype = $a_send_mimetype;
 
  952                        $this->send_mimetype = 
true;
 
  973                if (in_array(strtolower($a_check_ip), array(
'',
'0',
'off',
'false')))
 
  975                        $this->check_ip = 
false;
 
  977                elseif (in_array(strtolower($a_check_ip), array(
'1',
'on',
'true')))
 
  979                        $this->check_ip = 
true;
 
 1001                $xsendfile_available = 
false;
 
 1013                        $this->sendFileVirtual();
 
 1019                        if ($xsendfile_available)
 
 1021                                header(
'x-sendfile: ' . $this->file);
 
 1022                                header(
"Content-Type: application/octet-stream");
 
 1031                        if (!isset($_SERVER[
"HTTPS"]))
 
 1033                                header(
"Cache-Control: no-cache, must-revalidate");
 
 1034                                header(
"Pragma: no-cache");
 
 1043                        if (isset($_SERVER[
'HTTP_RANGE']))  { 
 
 1048                        header(
"Content-Length: ".(
string)(filesize($this->file)));
 
 1050                        if (isset($_SERVER[
"HTTPS"]))
 
 1052                                header(
'Cache-Control: must-revalidate, post-check=0, pre-check=0');
 
 1053                                header(
'Pragma: public');
 
 1056                        header(
"Connection: close");
 
 1058                        if ($xsendfile_available)
 
 1060                                header(
'x-sendfile: ' . $this->file);
 
 1084        public function sendFileVirtual()
 
 1091                header(
'Last-Modified: '. date (
"D, j M Y H:i:s", filemtime($this->file)). 
" GMT");
 
 1092                header(
'ETag: "'. md5(filemtime($this->file).filesize($this->file)).
'"');
 
 1093                header(
'Accept-Ranges: bytes');
 
 1094                header(
"Content-Length: ".(
string)(filesize($this->file)));
 
 1099                if(!apache_setenv(
'ILIAS_CHECKED',
'1'))
 
 1101                        $ilLog->write(__METHOD__.
' '.__LINE__.
': Could not set the environment variable ILIAS_CHECKED.');
 
 1104                if(!
virtual($this->virtual_path))
 
 1106                        $ilLog->write(__METHOD__.
' '.__LINE__.
': Could not perform the required sub-request to deliver the file: '.$this->virtual_path);
 
 1121                switch ($this->errorcode)
 
 1124                                header(
"HTTP/1.0 404 Not Found");
 
 1128                                header(
"HTTP/1.0 403 Forbidden");
 
 1134                $tpl->setCurrentBlock(
"HeadBaseTag");
 
 1135                $tpl->setVariable(
'BASE', ILIAS_HTTP_PATH . 
'/error.php');
 
 1136                $tpl->parseCurrentBlock();
 
 1137        $tpl->addBlockFile(
"CONTENT", 
"content", 
"tpl.error.html");
 
 1139                $lng->loadLanguageModule(
"error");
 
 1142                $anonymous = (
$ilUser->getId() == ANONYMOUS_USER_ID);
 
 1148                        $tpl->SetCurrentBlock(
"ErrorLink");
 
 1149                        $tpl->SetVariable(
"TXT_LINK", 
$lng->txt(
'login_to_ilias'));
 
 1150                        $tpl->SetVariable(
"LINK", ILIAS_HTTP_PATH. 
'/login.php?cmd=force_login&client_id='.CLIENT_ID);
 
 1151                        $tpl->ParseCurrentBlock();
 
 1157                        $nd = $tree->getNodeData(ROOT_FOLDER_ID);
 
 1158                        $txt = 
$lng->txt(
'error_back_to_repository');
 
 1160                        $tpl->SetCurrentBlock(
"ErrorLink");
 
 1161                        $tpl->SetVariable(
"TXT_LINK", 
$txt);
 
 1162                        $tpl->SetVariable(
"LINK", ILIAS_HTTP_PATH. 
'/ilias.php?baseClass=ilRepositoryGUI&client_id='.CLIENT_ID);
 
 1163                        $tpl->ParseCurrentBlock();
 
 1166                $tpl->setCurrentBlock(
"content");
 
 1167                $tpl->setVariable(
"ERROR_MESSAGE",($this->errortext));
 
 1168                $tpl->setVariable(
"MESSAGE_HEADING", 
$lng->txt(
'error_sry_error'));
 
 1184                if (isset($this->mimetype))
 
 1203                include_once(
"./Services/Utilities/classes/class.ilMimeTypeUtil.php");
 
 1209                $this->mimetype = $mime ? $mime : $default;
 
static lookupId($a_type, $a_name)
Lookup ID of a component.
static init($a_type)
Init context by type.
const CONTEXT_WEB_ACCESS_CHECK
static _lookupContainerIdByObjectiveId($a_objective_id)
Get container of object.
_lookupTermId($a_def_id)
Looks up term id for a definition id.
static authenticate()
Try authentication.
_getSourcesOfTarget($a_target_type, $a_target_id, $a_target_inst)
get all sources of a link target
_lookupContObjID($a_id)
get learning module / digibook id for lm object
lookupUsages($a_id, $a_incl_hist=true)
Lookup usages of media object.
static getMimeType($a_file="", $a_filename="", $a_mime="")
Get Mime type.
static _lookupVisibility($a_news_id)
Lookup News Visibility.
_getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
_lookupPref($a_usr_id, $a_keyword)
static _getAllReferences($a_id)
get all reference ids of object
static _lookupType($a_id, $a_reference=false)
lookup object type
Access handler for portfolio.
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
static readFile($a_file)
there are some known problems with the original readfile method, which sometimes truncates delivered ...
rangeDownload($file)
Send a file via range request, see http://mobiforge.com/design-development/content-delivery-mobile-de...
static deliverFile($a_file, $a_filename, $a_mime='', $isInline=false, $removeAfterDelivery=false, $a_exit_after=true)
deliver file for download via browser.
Class ilWebAccessChecker.
ilWebAccessChecker()
Constructor @access public.
getDisposition()
Get the delivery mode for the file.
setDisposition($a_disposition)
Set the delivery mode for the file.
checkAccessLM($obj_id, $obj_type, $page=0)
check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!...
sendFile()
Send the requested file as if directly delivered from the web server @access public.
getSendMimetype()
Get if mimetype should be sent for a virtual delivery.
checkAccessLearningObjectivePage($obj_id, $page_id)
getCheckIp()
Set the checking of the IP address of no valid session is found.
checkAccessMob($obj_id)
Check access to media object.
checkAccessTestQuestion($obj_id, $usage_id=0)
Check access rights for a test question This checks also tests with random selection of questions.
checkAccessGlossaryTerm($obj_id, $page_id)
Check access rights for glossary terms This checks also learning modules linking the term.
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
checkAccessUserImage($usr_id)
Check access rights for user images.
determineUser()
Determine the current user(s)
setCheckIp($a_check_ip)
Set the checking of the IP address if no valid session is found.
getMimeType($default='application/octet-stream')
Get the mime type of the requested file.
checkAccessBlogPage($obj_id, $page_id)
Check access rights for blog pages.
checkAccess()
Check access rights of the requested file @access public.
checkAccessPortfolioPage($obj_id, $page_id)
Check access rights for portfolio pages.
sendError()
Send an error response for the requested file @access public.
setSendMimetype($a_send_mimetype)
Set the sending of the mime type.
Access handler for personal workspace.
Tree handler for personal workspace.
interface for modular web access checker
const ILIAS_ABSOLUTE_PATH