ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
Public Member Functions | Data Fields | Private Member Functions
ilWebAccessChecker Class Reference

Class ilWebAccessChecker. More...

+ Collaboration diagram for ilWebAccessChecker:

Public Member Functions

 ilWebAccessChecker ()
 Constructor @access public. More...
 
 determineUser ()
 Determine the current user(s) More...
 
 checkAccess ()
 Check access rights of the requested file @access public. More...
 
 checkAccessMob ($obj_id)
 Check access to media object. More...
 
 setDisposition ($a_disposition)
 Set the delivery mode for the file. More...
 
 getDisposition ()
 Get the delivery mode for the file. More...
 
 setSendMimetype ($a_send_mimetype)
 Set the sending of the mime type. More...
 
 getSendMimetype ()
 Get if mimetype should be sent for a virtual delivery. More...
 
 setCheckIp ($a_check_ip)
 Set the checking of the IP address if no valid session is found. More...
 
 getCheckIp ()
 Set the checking of the IP address of no valid session is found. More...
 
 sendFile ()
 Send the requested file as if directly delivered from the web server @access public. More...
 
 sendError ()
 Send an error response for the requested file @access public. More...
 
 getMimeType ($default='application/octet-stream')
 Get the mime type of the requested file. More...
 

Data Fields

 $lng
 
 $ilAccess
 
 $subpath
 
 $file
 
 $params
 
 $disposition = "inline"
 
 $check_ip = false
 
 $check_users = array()
 
 $send_mimetype = true
 
 $mimetype = null
 
 $errorcode
 
 $errortext
 

Private Member Functions

 checkAccessLM ($obj_id, $obj_type, $page=0)
 check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!) More...
 
 checkAccessObject ($obj_id, $obj_type='')
 Check access rights for an object by its object id. More...
 
 checkAccessTestQuestion ($obj_id, $usage_id=0)
 Check access rights for a test question This checks also tests with random selection of questions. More...
 
 checkAccessGlossaryTerm ($obj_id, $page_id)
 Check access rights for glossary terms This checks also learning modules linking the term. More...
 
 checkAccessPortfolioPage ($obj_id, $page_id)
 Check access rights for portfolio pages. More...
 
 checkAccessBlogPage ($obj_id, $page_id)
 Check access rights for blog pages. More...
 
 checkAccessLearningObjectivePage ($obj_id, $page_id)
 
 checkAccessUserImage ($usr_id)
 Check access rights for user images. More...
 

Detailed Description

Class ilWebAccessChecker.

Checks the access rights of a directly requested content file. Called from an alias or rewrite rule

  • determines the related learning module and checks the permission
  • either delivers the accessed file (without redirect)
  • or shows an error screen (if too less rights)
Author
Fred Neumann fred..nosp@m.neum.nosp@m.ann@f.nosp@m.im.u.nosp@m.ni-er.nosp@m.lang.nosp@m.en.de
Version
$Id$

Definition at line 56 of file class.ilWebAccessChecker.php.

Member Function Documentation

◆ checkAccess()

ilWebAccessChecker::checkAccess ( )

Check access rights of the requested file @access public.

Definition at line 274 of file class.ilWebAccessChecker.php.

275 {
276 global $ilLog, $ilUser, $ilObjDataCache, $objDefinition;
277
278 // an error already occurred at class initialisation
279 if ($this->errorcode)
280 {
281 return false;
282 }
283
284 // check for type by subdirectory
285 $pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
286 $pos2 = strpos($this->subpath, "mobs/mm_") + 8;
287 $pos3 = strpos($this->subpath, "usr_images/") + 11;
288 $pos4 = strpos($this->subpath, "sec") + 3;
289
290 $obj_id = 0;
291 $type = 'none';
292 // trying to access data within a learning module folder
293 if ($pos1 > 11)
294 {
295 $type = 'lm';
296 $seperator = strpos($this->subpath, '/', $pos1);
297 $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
298 }
299 //trying to access media data
300 else if ($pos2 > 8)
301 {
302 $type = 'mob';
303 $seperator = strpos($this->subpath, '/', $pos2);
304 $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
305 }
306 // trying to access a user image
307 elseif ($pos3 > 11)
308 {
309 $type = 'user_image';
310 // user images may be:
311 // upload_123pic, upload_123
312 // usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
313 $seperator = strpos($this->subpath, '_', $pos3);
314 $obj_id = (int) substr($this->subpath, $seperator + 1);
315 }
316 // component name (generic)
317 elseif ($pos4 > 3)
318 {
319 $plugin = false;
320 $seperator = strpos($this->subpath, '/', $pos4);
321 $path = explode("/", substr($this->subpath, $seperator +1));
322 $component = array_shift($path);
323 if(substr($component, 0, 2) == "il")
324 {
325 $component = substr($component, 2);
326 $comp_dir = null;
327 if(ilComponent::lookupId(IL_COMP_MODULE, $component))
328 {
329 $comp_dir = "Modules";
330 }
331 else if(ilComponent::lookupId(IL_COMP_SERVICE, $component))
332 {
333 $comp_dir = "Services";
334 }
335 else if($objDefinition->isPlugin($pl_id = strtolower($component)))
336 {
337 $comp_class = $objDefinition->getClassName($pl_id);
338 $comp_dir = $objDefinition->getLocation($pl_id);
339 $plugin = true;
340 }
341
342 if($comp_dir)
343 {
344 if($plugin)
345 {
346 $comp_class = "il".$comp_class."WebAccessChecker";
347 $comp_include = $comp_dir."/class.".$comp_class.".php";
348 }
349 else
350 {
351 $comp_class = "il".$component."WebAccessChecker";
352 $comp_include = $comp_dir."/".$component."/classes/class.".$comp_class.".php";
353 }
354 if(file_exists($comp_include))
355 {
356 include_once $comp_include;
357 if(class_exists($comp_class))
358 {
359 $comp_inst = new $comp_class();
360 if($comp_inst instanceof ilComponentWebAccessChecker)
361 {
362 if($comp_inst->isValidPath($path))
363 {
364 $type = "sec";
365 }
366 }
367 }
368 }
369 }
370 }
371 }
372
373 if ((!$obj_id && $type != "sec") || $type == 'none')
374 {
375 $this->errorcode = 404;
376 $this->errortext = $this->lng->txt("obj_not_found");
377 return false;
378 }
379
380
381 // #13237 - if imporint is display on login page we have user id 0
382 if($type == "mob")
383 {
384 $usages = ilObjMediaObject::lookupUsages($obj_id);
385 foreach($usages as $usage)
386 {
387 if($usage['type'] == 'impr:pg')
388 {
389 return $this->checkAccessMobUsage($usage, 1);
390 }
391 }
392 }
393
394 // get proper user id (could be anonymous)
395 ilInitialisation::authenticate();
396
397
398 // do this here because ip based checking may be set after construction
399 $this->determineUser();
400
401
402 switch($type)
403 {
404 // SCORM or HTML learning module
405 case 'lm':
406 if ($this->checkAccessObject($obj_id))
407 {
408 return true;
409 }
410 break;
411
412 // media object
413 case 'mob':
414 if ($this->checkAccessMob($obj_id))
415 {
416 return true;
417 }
418 break;
419
420 // image in user profile
421 case 'user_image':
422 if ($this->checkAccessUserImage($obj_id))
423 {
424 return true;
425 }
426 break;
427
428 case 'sec':
429 if($obj_id = $comp_inst->getRepositoryObjectId())
430 {
431 return $this->checkAccessObject($obj_id);
432 }
433 else
434 {
435 return $comp_inst->checkAccess($this->check_users);
436 }
437 break;
438 }
439
440 // none of the checks above gives access
441 $this->errorcode = 403;
442 $this->errortext = $this->lng->txt('msg_no_perm_read');
443 return false;
444 }
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
IL_COMP_MODULE
const IL_COMP_MODULE
Definition: class.ilComponent.php:5
ilComponent\lookupId
static lookupId($a_type, $a_name)
Lookup ID of a component.
Definition: class.ilComponent.php:251
ilInitialisation\authenticate
static authenticate()
Try authentication.
Definition: class.ilInitialisation.php:1157
ilObjMediaObject\lookupUsages
lookupUsages($a_id, $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:1122
ilWebAccessChecker\checkAccessMob
checkAccessMob($obj_id)
Check access to media object.
Definition: class.ilWebAccessChecker.php:452
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
ilWebAccessChecker\checkAccessUserImage
checkAccessUserImage($usr_id)
Check access rights for user images.
Definition: class.ilWebAccessChecker.php:864
ilWebAccessChecker\determineUser
determineUser()
Determine the current user(s)
Definition: class.ilWebAccessChecker.php:213
$ilLog
$ilLog
Definition: inc.setup_header.php:132
ilComponentWebAccessChecker
interface for modular web access checker
Definition: interface.ilComponentWebAccessChecker.php:13
$path
$path
Definition: index.php:22
$ilUser
global $ilUser
Definition: imgupload.php:15

References $ilLog, $ilUser, $path, ilInitialisation\authenticate(), checkAccessMob(), checkAccessObject(), checkAccessUserImage(), determineUser(), IL_COMP_MODULE, IL_COMP_SERVICE, ilComponent\lookupId(), and ilObjMediaObject\lookupUsages().

+ Here is the call graph for this function:

◆ checkAccessBlogPage()

ilWebAccessChecker::checkAccessBlogPage (   $obj_id,
  $page_id 
)
private

Check access rights for blog pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 820 of file class.ilWebAccessChecker.php.

821 {
822 include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
823 $tree = new ilWorkspaceTree(0);
824 $node_id = $tree->lookupNodeId($obj_id);
825
826 // repository
827 if(!$node_id)
828 {
829 return $this->checkAccessObject($obj_id);
830 }
831 // workspace
832 else
833 {
834 include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";
835 foreach ($this->check_users as $user_id)
836 {
837 $access_handler = new ilWorkspaceAccessHandler($tree);
838 if ($access_handler->checkAccessOfUser($tree, $user_id, "read", "view", $node_id, "blog"))
839 {
840 return true;
841 }
842 }
843 }
844 return false;
845 }
ilWorkspaceAccessHandler
Access handler for personal workspace.
Definition: class.ilWorkspaceAccessHandler.php:18
ilWorkspaceTree
Tree handler for personal workspace.
Definition: class.ilWorkspaceTree.php:14

References checkAccessObject().

+ Here is the call graph for this function:

◆ checkAccessGlossaryTerm()

ilWebAccessChecker::checkAccessGlossaryTerm (   $obj_id,
  $page_id 
)
private

Check access rights for glossary terms This checks also learning modules linking the term.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 743 of file class.ilWebAccessChecker.php.

744 {
745 // give access if glossary is readable
746 if ($this->checkAccessObject($obj_id))
747 {
748 return true;
749 }
750
751 include_once("./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
752 include_once("./Modules/Glossary/classes/class.ilGlossaryTerm.php");
753 $term_id = ilGlossaryDefinition::_lookupTermId($page_id);
754
755 include_once('./Services/Link/classes/class.ilInternalLink.php');
756 $sources = ilInternalLink::_getSourcesOfTarget('git',$term_id, 0);
757
758 if ($sources)
759 {
760 foreach ($sources as $src)
761 {
762 switch ($src['type'])
763 {
764 // Give access if term is linked by a learning module with read access.
765 // The term including media is shown by the learning module presentation!
766 case 'lm:pg':
767 include_once("./Modules/LearningModule/classes/class.ilLMObject.php");
768 $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
769 if ($this->checkAccessObject($src_obj_id, 'lm'))
770 {
771 return true;
772 }
773 break;
774
775 // Don't yet give access if the term is linked by another glossary
776 // The link will lead to the origin glossary which is already checked
777 /*
778 case 'gdf:pg':
779 $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
780 $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
781 if ($this->checkAccessObject($src_obj_id, 'glo'))
782 {
783 return true;
784 }
785 break;
786 */
787 }
788 }
789 }
790 }
ilGlossaryDefinition\_lookupTermId
_lookupTermId($a_def_id)
Looks up term id for a definition id.
Definition: class.ilGlossaryDefinition.php:642
ilLMObject\_lookupContObjID
_lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:737

References ilInternalLink\_getSourcesOfTarget(), ilLMObject\_lookupContObjID(), ilGlossaryDefinition\_lookupTermId(), and checkAccessObject().

+ Here is the call graph for this function:

◆ checkAccessLearningObjectivePage()

ilWebAccessChecker::checkAccessLearningObjectivePage (   $obj_id,
  $page_id 
)
private

Definition at line 847 of file class.ilWebAccessChecker.php.

848 {
849 include_once "Modules/Course/classes/class.ilCourseObjective.php";
850 $crs_obj_id = ilCourseObjective::_lookupContainerIdByObjectiveId($page_id);
851
852 return $this->checkAccessObject($crs_obj_id, 'crs');
853 }
ilCourseObjective\_lookupContainerIdByObjectiveId
static _lookupContainerIdByObjectiveId($a_objective_id)
Get container of object.
Definition: class.ilCourseObjective.php:47

References ilCourseObjective\_lookupContainerIdByObjectiveId(), and checkAccessObject().

+ Here is the call graph for this function:

◆ checkAccessLM()

ilWebAccessChecker::checkAccessLM (   $obj_id,
  $obj_type,
  $page = 0 
)
private

check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!)

Parameters
intobject id
stringobject type
intpage id

Definition at line 630 of file class.ilWebAccessChecker.php.

631 {
632 global $lng;
633
634 // OBSOLETE (see above)
635
636 //if (!$page)
637 //{
638 $ref_ids = ilObject::_getAllReferences($obj_id);
639 foreach($ref_ids as $ref_id)
640 {
641 foreach ($this->check_users as $user_id)
642 {
643 if ($this->ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
644 {
645 return true;
646 }
647 }
648 }
649 return false;
650 //}
651 //else
652 //{
653 // $ref_ids = ilObject::_getAllReferences($obj_id);
654 // foreach($ref_ids as $ref_id)
655 // {
656 // if ($this->ilAccess->checkAccess("read", "", $ref_id))
657 // {
658 // require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
659 // $lm = new ilObjLearningModule($obj_id,false);
660 // if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
661 // return true;
662 // }
663 // }
664 // return false;
665 //}
666 }
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
$ref_id
$ref_id
Definition: sahs_server.php:39

References $lng, $ref_id, and ilObject\_getAllReferences().

+ Here is the call graph for this function:

◆ checkAccessMob()

ilWebAccessChecker::checkAccessMob (   $obj_id)

Check access to media object.

Parameters

return

Definition at line 452 of file class.ilWebAccessChecker.php.

453 {
454 $usages = ilObjMediaObject::lookupUsages($obj_id);
455
456 foreach($usages as $usage)
457 {
458 $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
459
460 // for content snippets we must get their usages and check them
461 if ($usage["type"] == "mep:pg")
462 {
463 include_once("./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
464 $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
465 foreach($usages2 as $usage2)
466 {
467 $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
468 if ($this->checkAccessMobUsage($usage2, $oid2))
469 {
470 return true;
471 }
472 }
473 }
474 else // none content snippets just go the usual way
475 {
476 if ($this->checkAccessMobUsage($usage, $oid))
477 {
478 return true;
479 }
480 }
481 }
482
483 return false;
484 }
ilMediaPoolPage\lookupUsages
lookupUsages($a_id, $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:180
ilObjMediaObject\getParentObjectIdForUsage
getParentObjectIdForUsage($a_usage, $a_include_all_access_obj_ids=false)
Get's the repository object ID of a parent object, if possible.
Definition: class.ilObjMediaObject.php:1220

References ilObjMediaObject\getParentObjectIdForUsage(), ilMediaPoolPage\lookupUsages(), and ilObjMediaObject\lookupUsages().

Referenced by checkAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessObject()

ilWebAccessChecker::checkAccessObject (   $obj_id,
  $obj_type = '' 
)
private

Check access rights for an object by its object id.

Parameters
intobject id
Returns
boolean access given (true/false)

Definition at line 674 of file class.ilWebAccessChecker.php.

675 {
676 global $ilAccess;
677
678 if (!$obj_type)
679 {
680 $obj_type = ilObject::_lookupType($obj_id);
681 }
682 $ref_ids = ilObject::_getAllReferences($obj_id);
683
684 foreach($ref_ids as $ref_id)
685 {
686 foreach ($this->check_users as $user_id)
687 {
688 if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
689 {
690 return true;
691 }
692 }
693 }
694 return false;
695 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183

References $ilAccess, $ref_id, ilObject\_getAllReferences(), and ilObject\_lookupType().

Referenced by checkAccess(), checkAccessBlogPage(), checkAccessGlossaryTerm(), checkAccessLearningObjectivePage(), and checkAccessTestQuestion().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessPortfolioPage()

ilWebAccessChecker::checkAccessPortfolioPage (   $obj_id,
  $page_id 
)
private

Check access rights for portfolio pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 799 of file class.ilWebAccessChecker.php.

800 {
801 include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
802 $access_handler = new ilPortfolioAccessHandler();
803 foreach ($this->check_users as $user_id)
804 {
805 if ($access_handler->checkAccessOfUser($user_id, "read", "view", $obj_id, "prtf"))
806 {
807 return true;
808 }
809 }
810 return false;
811 }
ilPortfolioAccessHandler
Access handler for portfolio.
Definition: class.ilPortfolioAccessHandler.php:19

◆ checkAccessTestQuestion()

ilWebAccessChecker::checkAccessTestQuestion (   $obj_id,
  $usage_id = 0 
)
private

Check access rights for a test question This checks also tests with random selection of questions.

Parameters
intobject id (question pool or test)
intusage id (not yet used)
Returns
boolean access given (true/false)

Definition at line 706 of file class.ilWebAccessChecker.php.

707 {
708 global $ilAccess;
709
710 // give access if direct usage is readable
711 if ($this->checkAccessObject($obj_id))
712 {
713 return true;
714 }
715
716 $obj_type = ilObject::_lookupType($obj_id);
717 if ($obj_type == 'qpl')
718 {
719 // give access if question pool is used by readable test
720 // for random selection of questions
721 include_once('./Modules/Test/classes/class.ilObjTestAccess.php');
722 $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
723 foreach ($tests as $test_id)
724 {
725 if ($this->checkAccessObject($test_id, 'tst'))
726 {
727 return true;
728 }
729 }
730 }
731 return false;
732 }
ilObjTestAccess\_getRandomTestsForQuestionPool
_getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:644

References $ilAccess, $tests, ilObjTestAccess\_getRandomTestsForQuestionPool(), ilObject\_lookupType(), and checkAccessObject().

+ Here is the call graph for this function:

◆ checkAccessUserImage()

ilWebAccessChecker::checkAccessUserImage (   $usr_id)
private

Check access rights for user images.

Due to privacy this will be checked for a truly identified user (IP based checking is not recommended user images)

Parameters
intusr_id
Returns
boolean access given (true/false)

Definition at line 864 of file class.ilWebAccessChecker.php.

865 {
866 global $ilUser, $ilSetting;
867
868 // check if own image is viewed
869 if ($usr_id == $ilUser->getId())
870 {
871 return true;
872 }
873
874 // check if image is in the public profile
875 $public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
876 if ($public_upload != 'y')
877 {
878 return false;
879 }
880
881 // check the publication status of the profile
882 $public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
883
884 if ($public_profile == 'g'
885 and $ilSetting->get('enable_global_profiles')
886 and $ilSetting->get('pub_section'))
887 {
888 // globally public
889 return true;
890 }
891 elseif (($public_profile == 'y' or $public_profile == 'g')
892 and $ilUser->getId() != ANONYMOUS_USER_ID)
893 {
894 // public for logged in users
895 return true;
896 }
897 else
898 {
899 // not public
900 return false;
901 }
902 }
ilObjUser\_lookupPref
_lookupPref($a_usr_id, $a_keyword)
Definition: class.ilObjUser.php:1253
$ilSetting
global $ilSetting
Definition: privfeed.php:40

References $ilSetting, $ilUser, and ilObjUser\_lookupPref().

Referenced by checkAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ determineUser()

ilWebAccessChecker::determineUser ( )

Determine the current user(s)

Definition at line 213 of file class.ilWebAccessChecker.php.

214 {
215 global $ilUser;
216
217 // a valid user session is found
218 if ($_SESSION["AccountId"])
219 {
220 $this->check_users = array($_SESSION["AccountId"]);
221 return;
222 }
223
224 // no session cookie was delivered
225 // user identification by ip address is allowed
226 elseif ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] and $this->getCheckIp())
227 {
228 $this->check_users = ilSession::_getUsersWithIp($_SERVER['REMOTE_ADDR']);
229
230 if (count($this->check_users) == 0)
231 {
232 // no user was found for the ip address
233 $this->check_users = array(ANONYMOUS_USER_ID);
234
235 $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
236 $ilUser->setId(ANONYMOUS_USER_ID);
237 $ilUser->read();
238 }
239 elseif (count($this->check_users) == 1)
240 {
241 // exactly one user is found with an active session
242 $_SESSION["AccountId"] = current($this->check_users);
243 $ilUser->setId(current($this->check_users));
244 $ilUser->read();
245 }
246 else
247 {
248 // more than one user found for the ip address
249 // take the anonymous user for the session
250 $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
251 $ilUser->setId(ANONYMOUS_USER_ID);
252 $ilUser->read();
253 }
254 return;
255 }
256
257 // take the anonymous user as fallback
258 else
259 {
260 $this->check_users = array(ANONYMOUS_USER_ID);
261
262 $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
263 $ilUser->setId(ANONYMOUS_USER_ID);
264 $ilUser->read();
265
266 return;
267 }
268 }
$GLOBALS
$GLOBALS['COOKIE_PATH']
Definition: class.ilWebAccessChecker.php:18
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:352
ilWebAccessChecker\getCheckIp
getCheckIp()
Set the checking of the IP address of no valid session is found.
Definition: class.ilWebAccessChecker.php:987
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192

References $_SESSION, $GLOBALS, $ilUser, ilSession\_getUsersWithIp(), and getCheckIp().

Referenced by checkAccess().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCheckIp()

ilWebAccessChecker::getCheckIp ( )

Set the checking of the IP address of no valid session is found.

Returns
boolean

Definition at line 987 of file class.ilWebAccessChecker.php.

988 {
989 return $this->check_ip;
990 }

References $check_ip.

Referenced by determineUser().

+ Here is the caller graph for this function:

◆ getDisposition()

ilWebAccessChecker::getDisposition ( )

Get the delivery mode for the file.

Returns
string "inline", "attachment" or "virtual" @access public

Definition at line 927 of file class.ilWebAccessChecker.php.

928 {
929 return $this->disposition;
930 }

References $disposition.

Referenced by sendFile().

+ Here is the caller graph for this function:

◆ getMimeType()

ilWebAccessChecker::getMimeType (   $default = 'application/octet-stream')

Get the mime type of the requested file.

Parameters
stringdefault type
Returns
string mime type @access public

Definition at line 1181 of file class.ilWebAccessChecker.php.

1182 {
1183 // take a previously set mimetype
1184 if (isset($this->mimetype))
1185 {
1186 return $this->mimetype;
1187 }
1188
1189 $mime = '';
1190 // alex: changed due to bug http://www.ilias.de/mantis/view.php?id=9332
1191/* if (extension_loaded('Fileinfo'))
1192 {
1193 $finfo = finfo_open(FILEINFO_MIME);
1194 $mime = finfo_file($finfo, $this->file);
1195 finfo_close($finfo);
1196 if ($pos = strpos($mime, ' '))
1197 {
1198 $mime = substr($mime, 0, $pos);
1199 }
1200 }
1201 else
1202 {*/
1203 include_once("./Services/Utilities/classes/class.ilMimeTypeUtil.php");
1204 $mime = ilMimeTypeUtil::getMimeType($this->file);
1205 //$mime = ilObjMediaObject::getMimeType($this->file);
1206// }
1207
1208 // set and return the mime type
1209 $this->mimetype = $mime ? $mime : $default;
1210 return $this->mimetype;
1211 }
ilMimeTypeUtil\getMimeType
static getMimeType($a_file="", $a_filename="", $a_mime="")
Get Mime type.
Definition: class.ilMimeTypeUtil.php:22

References $mimetype, and ilMimeTypeUtil\getMimeType().

Referenced by sendFile().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getSendMimetype()

ilWebAccessChecker::getSendMimetype ( )

Get if mimetype should be sent for a virtual delivery.

Returns
boolean

Definition at line 960 of file class.ilWebAccessChecker.php.

961 {
962 return $this->send_mimetype;
963 }

References $send_mimetype.

Referenced by sendFile().

+ Here is the caller graph for this function:

◆ ilWebAccessChecker()

ilWebAccessChecker::ilWebAccessChecker ( )

Constructor @access public.

Definition at line 144 of file class.ilWebAccessChecker.php.

145 {
146 global $ilUser, $ilAccess, $lng, $ilLog;
147
148 $this->lng =& $lng;
149 $this->ilAccess =& $ilAccess;
150 $this->params = array();
151
152 // get the requested file and its type
153 $uri = parse_url($_SERVER["REQUEST_URI"]);
154 parse_str($uri["query"], $this->params);
155
156 $pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
157 $this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
158 $this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
159
160 // build url path for virtual function
161 $this->virtual_path = str_replace($pattern, "virtual-" . $pattern, $uri["path"]);
162
163
164 // set the parameters provided with the checker call
165 if (isset($_GET['disposition']))
166 {
167 $this->setDisposition($_GET['disposition']);
168 }
169 if (isset($_GET['check_ip']))
170 {
171 $this->setCheckIp($_GET['check_ip']);
172 }
173 if (isset($_GET['send_mimetype']))
174 {
175 $this->setSendMimetype($_GET['send_mimetype']);
176 }
177
178 // debugging
179 /*echo "<pre>";
180 echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
181 echo "Parsed URI: ". $uri["path"]. "\n";
182 echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
183 echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
184 echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
185 echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
186 echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
187 echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
188 echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
189 echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
190 echo "CLIENT_ID: ". CLIENT_ID. "\n";
191 echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
192 echo "subpath: ". $this->subpath. "\n";
193 echo "file: ". $this->file. "\n";
194 echo "disposition: ". $this->disposition. "\n";
195 echo "ckeck_ip: ". $this->check_ip. "\n";
196 echo "send_mimetype: ". $this->send_mimetype. "\n";
197 echo "</pre>";
198 echo phpinfo();
199 exit;*/
200
201
202 if (!file_exists($this->file))
203 {
204 $this->errorcode = 404;
205 $this->errortext = $this->lng->txt("url_not_found");
206 return false;
207 }
208 }
$_GET
$_GET["baseClass"]
Definition: class.ilWebAccessChecker.php:7
ilWebAccessChecker\setDisposition
setDisposition($a_disposition)
Set the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:910
ilWebAccessChecker\setCheckIp
setCheckIp($a_check_ip)
Set the checking of the IP address if no valid session is found.
Definition: class.ilWebAccessChecker.php:971
ilWebAccessChecker\setSendMimetype
setSendMimetype($a_send_mimetype)
Set the sending of the mime type.
Definition: class.ilWebAccessChecker.php:937
ILIAS_WEB_DIR
const ILIAS_WEB_DIR
Definition: updateADLTree.php:59
ILIAS_ABSOLUTE_PATH
const ILIAS_ABSOLUTE_PATH
Definition: updateADLTree.php:60

References $_GET, $ilAccess, $ilLog, $ilUser, $lng, ILIAS_ABSOLUTE_PATH, ILIAS_WEB_DIR, setCheckIp(), setDisposition(), and setSendMimetype().

+ Here is the call graph for this function:

◆ sendError()

ilWebAccessChecker::sendError ( )

Send an error response for the requested file @access public.

Definition at line 1117 of file class.ilWebAccessChecker.php.

1118 {
1119 global $ilSetting, $ilUser, $tpl, $lng, $tree;
1120
1121 switch ($this->errorcode)
1122 {
1123 case 404:
1124 header("HTTP/1.0 404 Not Found");
1125 break;
1126 case 403:
1127 default:
1128 header("HTTP/1.0 403 Forbidden");
1129 break;
1130 }
1131
1132 // set the page base to the ILIAS directory
1133 // to get correct references for images and css files
1134 $tpl->setCurrentBlock("HeadBaseTag");
1135 $tpl->setVariable('BASE', ILIAS_HTTP_PATH . '/error.php');
1136 $tpl->parseCurrentBlock();
1137 $tpl->addBlockFile("CONTENT", "content", "tpl.error.html");
1138
1139 $lng->loadLanguageModule("error");
1140
1141 // Check if user is logged in
1142 $anonymous = ($ilUser->getId() == ANONYMOUS_USER_ID);
1143
1144 if ($anonymous)
1145 {
1146 // Provide a link to the login screen for anonymous users
1147
1148 $tpl->SetCurrentBlock("ErrorLink");
1149 $tpl->SetVariable("TXT_LINK", $lng->txt('login_to_ilias'));
1150 $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/login.php?cmd=force_login&client_id='.CLIENT_ID);
1151 $tpl->ParseCurrentBlock();
1152 }
1153 else
1154 {
1155 // Provide a link to the repository for authentified users
1156
1157 $nd = $tree->getNodeData(ROOT_FOLDER_ID);
1158 $txt = $lng->txt('error_back_to_repository');
1159
1160 $tpl->SetCurrentBlock("ErrorLink");
1161 $tpl->SetVariable("TXT_LINK", $txt);
1162 $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/ilias.php?baseClass=ilRepositoryGUI&amp;client_id='.CLIENT_ID);
1163 $tpl->ParseCurrentBlock();
1164 }
1165
1166 $tpl->setCurrentBlock("content");
1167 $tpl->setVariable("ERROR_MESSAGE",($this->errortext));
1168 $tpl->setVariable("MESSAGE_HEADING", $lng->txt('error_sry_error'));
1169 //$tpl->parseCurrentBlock();
1170
1171 $tpl->show();
1172 exit;
1173 }
$tpl
global $tpl
Definition: ilias.php:8
$nd
$nd
Definition: error.php:9
$txt
$txt
Definition: error.php:10
exit
exit
Definition: login.php:54

References $ilSetting, $ilUser, $lng, $nd, $tpl, $txt, and exit.

◆ sendFile()

ilWebAccessChecker::sendFile ( )

Send the requested file as if directly delivered from the web server @access public.

Definition at line 997 of file class.ilWebAccessChecker.php.

998 {
999 //$system_use_xsendfile = true;
1000 //$xsendfile_available = (boolean) $_GET["xsendfile"];
1001 $xsendfile_available = false;
1002 //if (function_exists('apache_get_modules'))
1003 //{
1004 // $modules = apache_get_modules();
1005 // $xsendfile_available = in_array('mod_xsendfile', $modules);
1006 //}
1007
1008 //$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
1009
1010 // delivery via apache virtual function
1011 if ($this->getDisposition() == "virtual")
1012 {
1013 $this->sendFileVirtual();
1014 exit;
1015 }
1016 // delivery for download dialogue
1017 elseif ($this->getDisposition() == "attachment")
1018 {
1019 if ($xsendfile_available)
1020 {
1021 header('x-sendfile: ' . $this->file);
1022 header("Content-Type: application/octet-stream");
1023 }
1024 else
1025 ilUtil::deliverFile($this->file, basename($this->file));
1026 exit;
1027 }
1028 // inline delivery
1029 else
1030 {
1031 if (!isset($_SERVER["HTTPS"]))
1032 {
1033 header("Cache-Control: no-cache, must-revalidate");
1034 header("Pragma: no-cache");
1035 }
1036
1037 if ($this->getSendMimetype())
1038 {
1039 header("Content-Type: " . $this->getMimeType());
1040 }
1041
1042 // see bug 12622 and 12124
1043 if (isset($_SERVER['HTTP_RANGE'])) { // do it for any device that supports byte-ranges not only iPhone
1044 ilUtil::rangeDownload($this->file);
1045 exit;
1046 }
1047
1048 header("Content-Length: ".(string)(filesize($this->file)));
1049
1050 if (isset($_SERVER["HTTPS"]))
1051 {
1052 header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
1053 header('Pragma: public');
1054 }
1055
1056 header("Connection: close");
1057
1058 if ($xsendfile_available)
1059 {
1060 header('x-sendfile: ' . $this->file);
1061 if ($this->getSendMimetype())
1062 {
1063 header("Content-Type: " . $this->getMimeType());
1064 }
1065 }
1066 else
1067 {
1068 ilUtil::readFile( $this->file);
1069 }
1070
1071 exit;
1072 }
1073 }
ilUtil\readFile
static readFile($a_file)
there are some known problems with the original readfile method, which sometimes truncates delivered ...
Definition: class.ilUtil.php:2300
ilUtil\rangeDownload
rangeDownload($file)
Send a file via range request, see http://mobiforge.com/design-development/content-delivery-mobile-de...
Definition: class.ilUtil.php:5162
ilUtil\deliverFile
static deliverFile($a_file, $a_filename, $a_mime='', $isInline=false, $removeAfterDelivery=false, $a_exit_after=true)
deliver file for download via browser.
Definition: class.ilUtil.php:2220
ilWebAccessChecker\getDisposition
getDisposition()
Get the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:927
ilWebAccessChecker\getSendMimetype
getSendMimetype()
Get if mimetype should be sent for a virtual delivery.
Definition: class.ilWebAccessChecker.php:960
ilWebAccessChecker\getMimeType
getMimeType($default='application/octet-stream')
Get the mime type of the requested file.
Definition: class.ilWebAccessChecker.php:1181

References ilUtil\deliverFile(), exit, getDisposition(), getMimeType(), getSendMimetype(), ilUtil\rangeDownload(), and ilUtil\readFile().

+ Here is the call graph for this function:

◆ setCheckIp()

ilWebAccessChecker::setCheckIp (   $a_check_ip)

Set the checking of the IP address if no valid session is found.

Parameters
boolean@access public

Definition at line 971 of file class.ilWebAccessChecker.php.

972 {
973 if (in_array(strtolower($a_check_ip), array('','0','off','false')))
974 {
975 $this->check_ip = false;
976 }
977 elseif (in_array(strtolower($a_check_ip), array('1','on','true')))
978 {
979 $this->check_ip = true;
980 }
981 }

Referenced by ilWebAccessChecker().

+ Here is the caller graph for this function:

◆ setDisposition()

ilWebAccessChecker::setDisposition (   $a_disposition)

Set the delivery mode for the file.

Parameters
string"inline", "attachment" or "virtual" @access public

Definition at line 910 of file class.ilWebAccessChecker.php.

911 {
912 if (in_array(strtolower($a_disposition), array('inline','attachment','virtual')))
913 {
914 $this->disposition = strtolower($a_disposition);
915 }
916 else
917 {
918 $this->disposition = 'inline';
919 }
920 }

Referenced by ilWebAccessChecker().

+ Here is the caller graph for this function:

◆ setSendMimetype()

ilWebAccessChecker::setSendMimetype (   $a_send_mimetype)

Set the sending of the mime type.

Parameters
string(boolean switch or mimetype)
@access public

Definition at line 937 of file class.ilWebAccessChecker.php.

938 {
939 if (in_array(strtolower($a_send_mimetype), array('','0','off','false')))
940 {
941 $this->mimetype = null;
942 $this->send_mimetype = false;
943 }
944 elseif (in_array(strtolower($a_send_mimetype), array('1','on','true')))
945 {
946 $this->mimetype = null;
947 $this->send_mimetype = true;
948 }
949 else
950 {
951 $this->mimetype = $a_send_mimetype;
952 $this->send_mimetype = true;
953 }
954 }

Referenced by ilWebAccessChecker().

+ Here is the caller graph for this function:

Field Documentation

◆ $check_ip

ilWebAccessChecker::$check_ip = false

Definition at line 95 of file class.ilWebAccessChecker.php.

Referenced by getCheckIp().

◆ $check_users

ilWebAccessChecker::$check_users = array()

Definition at line 105 of file class.ilWebAccessChecker.php.

◆ $disposition

ilWebAccessChecker::$disposition = "inline"

Definition at line 88 of file class.ilWebAccessChecker.php.

Referenced by getDisposition().

◆ $errorcode

ilWebAccessChecker::$errorcode

Definition at line 129 of file class.ilWebAccessChecker.php.

◆ $errortext

ilWebAccessChecker::$errortext

Definition at line 137 of file class.ilWebAccessChecker.php.

◆ $file

ilWebAccessChecker::$file

Definition at line 73 of file class.ilWebAccessChecker.php.

◆ $ilAccess

ilWebAccessChecker::$ilAccess

Definition at line 59 of file class.ilWebAccessChecker.php.

Referenced by checkAccessObject(), checkAccessTestQuestion(), and ilWebAccessChecker().

◆ $lng

ilWebAccessChecker::$lng

Definition at line 58 of file class.ilWebAccessChecker.php.

Referenced by checkAccessLM(), ilWebAccessChecker(), and sendError().

◆ $mimetype

ilWebAccessChecker::$mimetype = null

Definition at line 121 of file class.ilWebAccessChecker.php.

Referenced by getMimeType().

◆ $params

ilWebAccessChecker::$params

Definition at line 80 of file class.ilWebAccessChecker.php.

◆ $send_mimetype

ilWebAccessChecker::$send_mimetype = true

Definition at line 112 of file class.ilWebAccessChecker.php.

Referenced by getSendMimetype().

◆ $subpath

ilWebAccessChecker::$subpath

Definition at line 66 of file class.ilWebAccessChecker.php.

The documentation for this class was generated from the following file: