ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Data Fields | Private Member Functions
ilWebAccessChecker Class Reference

Class ilWebAccessChecker. More...

+ Collaboration diagram for ilWebAccessChecker:

Public Member Functions

 ilWebAccessChecker ()
 Constructor public. More...
 
 determineUser ()
 Determine the current user(s) More...
 
 checkAccess ()
 Check access rights of the requested file public. More...
 
 checkAccessMob ($obj_id)
 Check access to media object. More...
 
 setDisposition ($a_disposition)
 Set the delivery mode for the file. More...
 
 getDisposition ()
 Get the delivery mode for the file. More...
 
 setSendMimetype ($a_send_mimetype)
 Set the sending of the mime type. More...
 
 getSendMimetype ()
 Get if mimetype should be sent for a virtual delivery. More...
 
 setCheckIp ($a_check_ip)
 Set the checking of the IP address if no valid session is found. More...
 
 getCheckIp ()
 Set the checking of the IP address of no valid session is found. More...
 
 sendFile ()
 Send the requested file as if directly delivered from the web server public. More...
 
 sendError ()
 Send an error response for the requested file public. More...
 
 getMimeType ($default='application/octet-stream')
 Get the mime type of the requested file. More...
 

Data Fields

 $lng
 
 $ilAccess
 
 $subpath
 
 $file
 
 $params
 
 $disposition = "inline"
 
 $check_ip = false
 
 $check_users = array()
 
 $send_mimetype = true
 
 $mimetype = null
 
 $errorcode
 
 $errortext
 

Private Member Functions

 checkAccessLM ($obj_id, $obj_type, $page=0)
 check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!) More...
 
 checkAccessObject ($obj_id, $obj_type='')
 Check access rights for an object by its object id. More...
 
 checkAccessTestQuestion ($obj_id, $usage_id=0)
 Check access rights for a test question This checks also tests with random selection of questions. More...
 
 checkAccessGlossaryTerm ($obj_id, $page_id)
 Check access rights for glossary terms This checks also learning modules linking the term. More...
 
 checkAccessPortfolioPage ($obj_id, $page_id)
 Check access rights for portfolio pages. More...
 
 checkAccessBlogPage ($obj_id, $page_id)
 Check access rights for blog pages. More...
 
 checkAccessLearningObjectivePage ($obj_id, $page_id)
 
 checkAccessUserImage ($usr_id)
 Check access rights for user images. More...
 

Detailed Description

Class ilWebAccessChecker.

Checks the access rights of a directly requested content file. Called from an alias or rewrite rule

  • determines the related learning module and checks the permission
  • either delivers the accessed file (without redirect)
  • or shows an error screen (if too less rights)
Author
Fred Neumann fred..nosp@m.neum.nosp@m.ann@f.nosp@m.im.u.nosp@m.ni-er.nosp@m.lang.nosp@m.en.de
Version
$Id$

Definition at line 56 of file class.ilWebAccessChecker.php.

Member Function Documentation

◆ checkAccess()

ilWebAccessChecker::checkAccess ( )

Check access rights of the requested file public.

Definition at line 274 of file class.ilWebAccessChecker.php.

References $ilLog, $ilUser, $path, ilInitialisation\authenticate(), checkAccessMob(), checkAccessObject(), checkAccessUserImage(), determineUser(), IL_COMP_MODULE, IL_COMP_SERVICE, ilComponent\lookupId(), and ilObjMediaObject\lookupUsages().

275  {
276  global $ilLog, $ilUser, $ilObjDataCache, $objDefinition;
277 
278  // an error already occurred at class initialisation
279  if ($this->errorcode)
280  {
281  return false;
282  }
283 
284  // check for type by subdirectory
285  $pos1 = strpos($this->subpath, "lm_data/lm_") + 11;
286  $pos2 = strpos($this->subpath, "mobs/mm_") + 8;
287  $pos3 = strpos($this->subpath, "usr_images/") + 11;
288  $pos4 = strpos($this->subpath, "sec") + 3;
289 
290  $obj_id = 0;
291  $type = 'none';
292  // trying to access data within a learning module folder
293  if ($pos1 > 11)
294  {
295  $type = 'lm';
296  $seperator = strpos($this->subpath, '/', $pos1);
297  $obj_id = substr($this->subpath, $pos1, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos1);
298  }
299  //trying to access media data
300  else if ($pos2 > 8)
301  {
302  $type = 'mob';
303  $seperator = strpos($this->subpath, '/', $pos2);
304  $obj_id = substr($this->subpath, $pos2, ($seperator > 0 ? $seperator : strlen($this->subpath))-$pos2);
305  }
306  // trying to access a user image
307  elseif ($pos3 > 11)
308  {
309  $type = 'user_image';
310  // user images may be:
311  // upload_123pic, upload_123
312  // usr_123.jpg, usr_123_small.jpg, usr_123_xsmall.jpg, usr_123_xxsmall.jpg
313  $seperator = strpos($this->subpath, '_', $pos3);
314  $obj_id = (int) substr($this->subpath, $seperator + 1);
315  }
316  // component name (generic)
317  elseif ($pos4 > 3)
318  {
319  $plugin = false;
320  $seperator = strpos($this->subpath, '/', $pos4);
321  $path = explode("/", substr($this->subpath, $seperator +1));
322  $component = array_shift($path);
323  if(substr($component, 0, 2) == "il")
324  {
325  $component = substr($component, 2);
326  $comp_dir = null;
327  if(ilComponent::lookupId(IL_COMP_MODULE, $component))
328  {
329  $comp_dir = "Modules";
330  }
331  else if(ilComponent::lookupId(IL_COMP_SERVICE, $component))
332  {
333  $comp_dir = "Services";
334  }
335  else if($objDefinition->isPlugin($pl_id = strtolower($component)))
336  {
337  $comp_class = $objDefinition->getClassName($pl_id);
338  $comp_dir = $objDefinition->getLocation($pl_id);
339  $plugin = true;
340  }
341 
342  if($comp_dir)
343  {
344  if($plugin)
345  {
346  $comp_class = "il".$comp_class."WebAccessChecker";
347  $comp_include = $comp_dir."/class.".$comp_class.".php";
348  }
349  else
350  {
351  $comp_class = "il".$component."WebAccessChecker";
352  $comp_include = $comp_dir."/".$component."/classes/class.".$comp_class.".php";
353  }
354  if(file_exists($comp_include))
355  {
356  include_once $comp_include;
357  if(class_exists($comp_class))
358  {
359  $comp_inst = new $comp_class();
360  if($comp_inst instanceof ilComponentWebAccessChecker)
361  {
362  if($comp_inst->isValidPath($path))
363  {
364  $type = "sec";
365  }
366  }
367  }
368  }
369  }
370  }
371  }
372 
373  if ((!$obj_id && $type != "sec") || $type == 'none')
374  {
375  $this->errorcode = 404;
376  $this->errortext = $this->lng->txt("obj_not_found");
377  return false;
378  }
379 
380 
381  // #13237 - if imporint is display on login page we have user id 0
382  if($type == "mob")
383  {
384  $usages = ilObjMediaObject::lookupUsages($obj_id);
385  foreach($usages as $usage)
386  {
387  if($usage['type'] == 'impr:pg')
388  {
389  return $this->checkAccessMobUsage($usage, 1);
390  }
391  }
392  }
393 
394  // get proper user id (could be anonymous)
395  ilInitialisation::authenticate();
396 
397 
398  // do this here because ip based checking may be set after construction
399  $this->determineUser();
400 
401 
402  switch($type)
403  {
404  // SCORM or HTML learning module
405  case 'lm':
406  if ($this->checkAccessObject($obj_id))
407  {
408  return true;
409  }
410  break;
411 
412  // media object
413  case 'mob':
414  if ($this->checkAccessMob($obj_id))
415  {
416  return true;
417  }
418  break;
419 
420  // image in user profile
421  case 'user_image':
422  if ($this->checkAccessUserImage($obj_id))
423  {
424  return true;
425  }
426  break;
427 
428  case 'sec':
429  if($obj_id = $comp_inst->getRepositoryObjectId())
430  {
431  return $this->checkAccessObject($obj_id);
432  }
433  else
434  {
435  return $comp_inst->checkAccess($this->check_users);
436  }
437  break;
438  }
439 
440  // none of the checks above gives access
441  $this->errorcode = 403;
442  $this->errortext = $this->lng->txt('msg_no_perm_read');
443  return false;
444  }
ilWebAccessChecker\determineUser
determineUser()
Determine the current user(s)
Definition: class.ilWebAccessChecker.php:213
ilComponent\lookupId
static lookupId($a_type, $a_name)
Lookup ID of a component.
Definition: class.ilComponent.php:251
ilObjMediaObject\lookupUsages
lookupUsages($a_id, $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:1122
IL_COMP_MODULE
const IL_COMP_MODULE
Definition: class.ilComponent.php:5
$ilLog
$ilLog
Definition: inc.setup_header.php:132
ilComponentWebAccessChecker
interface for modular web access checker
Definition: interface.ilComponentWebAccessChecker.php:12
ilInitialisation\authenticate
static authenticate()
Try authentication.
Definition: class.ilInitialisation.php:1157
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
$ilUser
global $ilUser
Definition: imgupload.php:15
$path
$path
Definition: index.php:22
ilWebAccessChecker\checkAccessUserImage
checkAccessUserImage($usr_id)
Check access rights for user images.
Definition: class.ilWebAccessChecker.php:864
ilWebAccessChecker\checkAccessMob
checkAccessMob($obj_id)
Check access to media object.
Definition: class.ilWebAccessChecker.php:452
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
+ Here is the call graph for this function:

◆ checkAccessBlogPage()

ilWebAccessChecker::checkAccessBlogPage (   $obj_id,
  $page_id 
)
private

Check access rights for blog pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 820 of file class.ilWebAccessChecker.php.

References checkAccessObject().

Referenced by checkAccessMob().

821  {
822  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceTree.php";
823  $tree = new ilWorkspaceTree(0);
824  $node_id = $tree->lookupNodeId($obj_id);
825 
826  // repository
827  if(!$node_id)
828  {
829  return $this->checkAccessObject($obj_id);
830  }
831  // workspace
832  else
833  {
834  include_once "Services/PersonalWorkspace/classes/class.ilWorkspaceAccessHandler.php";
835  foreach ($this->check_users as $user_id)
836  {
837  $access_handler = new ilWorkspaceAccessHandler($tree);
838  if ($access_handler->checkAccessOfUser($tree, $user_id, "read", "view", $node_id, "blog"))
839  {
840  return true;
841  }
842  }
843  }
844  return false;
845  }
ilWorkspaceAccessHandler
Access handler for personal workspace.
Definition: class.ilWorkspaceAccessHandler.php:17
ilWorkspaceTree
Tree handler for personal workspace.
Definition: class.ilWorkspaceTree.php:13
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessGlossaryTerm()

ilWebAccessChecker::checkAccessGlossaryTerm (   $obj_id,
  $page_id 
)
private

Check access rights for glossary terms This checks also learning modules linking the term.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 743 of file class.ilWebAccessChecker.php.

References ilInternalLink\_getSourcesOfTarget(), ilLMObject\_lookupContObjID(), ilGlossaryDefinition\_lookupTermId(), and checkAccessObject().

Referenced by checkAccessMob().

744  {
745  // give access if glossary is readable
746  if ($this->checkAccessObject($obj_id))
747  {
748  return true;
749  }
750 
751  include_once("./Modules/Glossary/classes/class.ilGlossaryDefinition.php");
752  include_once("./Modules/Glossary/classes/class.ilGlossaryTerm.php");
753  $term_id = ilGlossaryDefinition::_lookupTermId($page_id);
754 
755  include_once('./Services/Link/classes/class.ilInternalLink.php');
756  $sources = ilInternalLink::_getSourcesOfTarget('git',$term_id, 0);
757 
758  if ($sources)
759  {
760  foreach ($sources as $src)
761  {
762  switch ($src['type'])
763  {
764  // Give access if term is linked by a learning module with read access.
765  // The term including media is shown by the learning module presentation!
766  case 'lm:pg':
767  include_once("./Modules/LearningModule/classes/class.ilLMObject.php");
768  $src_obj_id = ilLMObject::_lookupContObjID($src['id']);
769  if ($this->checkAccessObject($src_obj_id, 'lm'))
770  {
771  return true;
772  }
773  break;
774 
775  // Don't yet give access if the term is linked by another glossary
776  // The link will lead to the origin glossary which is already checked
777  /*
778  case 'gdf:pg':
779  $src_term_id = ilGlossaryDefinition::_lookupTermId($src['id']);
780  $src_obj_id = ilGlossaryTerm::_lookGlossaryID($src_term_id);
781  if ($this->checkAccessObject($src_obj_id, 'glo'))
782  {
783  return true;
784  }
785  break;
786  */
787  }
788  }
789  }
790  }
ilLMObject\_lookupContObjID
_lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:737
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
ilGlossaryDefinition\_lookupTermId
_lookupTermId($a_def_id)
Looks up term id for a definition id.
Definition: class.ilGlossaryDefinition.php:642
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessLearningObjectivePage()

ilWebAccessChecker::checkAccessLearningObjectivePage (   $obj_id,
  $page_id 
)
private

Definition at line 847 of file class.ilWebAccessChecker.php.

References ilCourseObjective\_lookupContainerIdByObjectiveId(), and checkAccessObject().

Referenced by checkAccessMob().

848  {
849  include_once "Modules/Course/classes/class.ilCourseObjective.php";
850  $crs_obj_id = ilCourseObjective::_lookupContainerIdByObjectiveId($page_id);
851 
852  return $this->checkAccessObject($crs_obj_id, 'crs');
853  }
ilCourseObjective\_lookupContainerIdByObjectiveId
static _lookupContainerIdByObjectiveId($a_objective_id)
Get container of object.
Definition: class.ilCourseObjective.php:47
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessLM()

ilWebAccessChecker::checkAccessLM (   $obj_id,
  $obj_type,
  $page = 0 
)
private

check access for ILIAS learning modules (obsolete, if checking of page conditions is not activated!)

Parameters
intobject id
stringobject type
intpage id

Definition at line 630 of file class.ilWebAccessChecker.php.

References $lng, $ref_id, and ilObject\_getAllReferences().

631  {
632  global $lng;
633 
634  // OBSOLETE (see above)
635 
636  //if (!$page)
637  //{
638  $ref_ids = ilObject::_getAllReferences($obj_id);
639  foreach($ref_ids as $ref_id)
640  {
641  foreach ($this->check_users as $user_id)
642  {
643  if ($this->ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
644  {
645  return true;
646  }
647  }
648  }
649  return false;
650  //}
651  //else
652  //{
653  // $ref_ids = ilObject::_getAllReferences($obj_id);
654  // foreach($ref_ids as $ref_id)
655  // {
656  // if ($this->ilAccess->checkAccess("read", "", $ref_id))
657  // {
658  // require_once 'Modules/LearningModule/classes/class.ilObjLearningModule.php';
659  // $lm = new ilObjLearningModule($obj_id,false);
660  // if ($lm->_checkPreconditionsOfPage($ref_id, $obj_id, $page))
661  // return true;
662  // }
663  // }
664  // return false;
665  //}
666  }
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ checkAccessMob()

ilWebAccessChecker::checkAccessMob (   $obj_id)

Check access to media object.

Parameters

Definition at line 452 of file class.ilWebAccessChecker.php.

References ilObjMediaCastAccess\_lookupPublicFiles(), ilNewsItem\_lookupVisibility(), checkAccessBlogPage(), checkAccessGlossaryTerm(), checkAccessLearningObjectivePage(), checkAccessObject(), checkAccessPortfolioPage(), checkAccessTestQuestion(), ilObjMediaObject\getParentObjectIdForUsage(), ilImprint\isActive(), ilMediaPoolPage\lookupUsages(), ilObjMediaObject\lookupUsages(), and NEWS_PUBLIC.

Referenced by checkAccess().

453  {
454  $usages = ilObjMediaObject::lookupUsages($obj_id);
455 
456  foreach($usages as $usage)
457  {
458  $oid = ilObjMediaObject::getParentObjectIdForUsage($usage, true);
459 
460  // for content snippets we must get their usages and check them
461  if ($usage["type"] == "mep:pg")
462  {
463  include_once("./Modules/MediaPool/classes/class.ilMediaPoolPage.php");
464  $usages2 = ilMediaPoolPage::lookupUsages($usage["id"]);
465  foreach($usages2 as $usage2)
466  {
467  $oid2 = ilObjMediaObject::getParentObjectIdForUsage($usage2, true);
468  if ($this->checkAccessMobUsage($usage2, $oid2))
469  {
470  return true;
471  }
472  }
473  }
474  else // none content snippets just go the usual way
475  {
476  if ($this->checkAccessMobUsage($usage, $oid))
477  {
478  return true;
479  }
480  }
481  }
482 
483  return false;
484  }
ilMediaPoolPage\lookupUsages
lookupUsages($a_id, $a_incl_hist=true)
Lookup usages of media object.
Definition: class.ilMediaPoolPage.php:180
ilObjMediaObject\lookupUsages
lookupUsages($a_id, $a_include_history=true)
Lookup usages of media object.
Definition: class.ilObjMediaObject.php:1122
ilObjMediaObject\getParentObjectIdForUsage
getParentObjectIdForUsage($a_usage, $a_include_all_access_obj_ids=false)
Get's the repository object ID of a parent object, if possible.
Definition: class.ilObjMediaObject.php:1220
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessObject()

ilWebAccessChecker::checkAccessObject (   $obj_id,
  $obj_type = '' 
)
private

Check access rights for an object by its object id.

Parameters
intobject id
Returns
boolean access given (true/false)

Definition at line 674 of file class.ilWebAccessChecker.php.

References $ilAccess, $ref_id, ilObject\_getAllReferences(), and ilObject\_lookupType().

Referenced by checkAccess(), checkAccessBlogPage(), checkAccessGlossaryTerm(), checkAccessLearningObjectivePage(), checkAccessMob(), and checkAccessTestQuestion().

675  {
676  global $ilAccess;
677 
678  if (!$obj_type)
679  {
680  $obj_type = ilObject::_lookupType($obj_id);
681  }
682  $ref_ids = ilObject::_getAllReferences($obj_id);
683 
684  foreach($ref_ids as $ref_id)
685  {
686  foreach ($this->check_users as $user_id)
687  {
688  if ($ilAccess->checkAccessOfUser($user_id, "read", "view", $ref_id, $obj_type, $obj_id))
689  {
690  return true;
691  }
692  }
693  }
694  return false;
695  }
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:909
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessPortfolioPage()

ilWebAccessChecker::checkAccessPortfolioPage (   $obj_id,
  $page_id 
)
private

Check access rights for portfolio pages.

Parameters
intobject id (glossary)
intpage id (definition)
Returns
boolean access given (true/false)

Definition at line 799 of file class.ilWebAccessChecker.php.

Referenced by checkAccessMob().

800  {
801  include_once "Modules/Portfolio/classes/class.ilPortfolioAccessHandler.php";
802  $access_handler = new ilPortfolioAccessHandler();
803  foreach ($this->check_users as $user_id)
804  {
805  if ($access_handler->checkAccessOfUser($user_id, "read", "view", $obj_id, "prtf"))
806  {
807  return true;
808  }
809  }
810  return false;
811  }
ilPortfolioAccessHandler
Access handler for portfolio.
Definition: class.ilPortfolioAccessHandler.php:18
+ Here is the caller graph for this function:

◆ checkAccessTestQuestion()

ilWebAccessChecker::checkAccessTestQuestion (   $obj_id,
  $usage_id = 0 
)
private

Check access rights for a test question This checks also tests with random selection of questions.

Parameters
intobject id (question pool or test)
intusage id (not yet used)
Returns
boolean access given (true/false)

Definition at line 706 of file class.ilWebAccessChecker.php.

References $ilAccess, $tests, ilObjTestAccess\_getRandomTestsForQuestionPool(), ilObject\_lookupType(), and checkAccessObject().

Referenced by checkAccessMob().

707  {
708  global $ilAccess;
709 
710  // give access if direct usage is readable
711  if ($this->checkAccessObject($obj_id))
712  {
713  return true;
714  }
715 
716  $obj_type = ilObject::_lookupType($obj_id);
717  if ($obj_type == 'qpl')
718  {
719  // give access if question pool is used by readable test
720  // for random selection of questions
721  include_once('./Modules/Test/classes/class.ilObjTestAccess.php');
722  $tests = ilObjTestAccess::_getRandomTestsForQuestionPool($obj_id);
723  foreach ($tests as $test_id)
724  {
725  if ($this->checkAccessObject($test_id, 'tst'))
726  {
727  return true;
728  }
729  }
730  }
731  return false;
732  }
ilObjTestAccess\_getRandomTestsForQuestionPool
_getRandomTestsForQuestionPool($qpl_id)
Get all tests using a question pool for random selection.
Definition: class.ilObjTestAccess.php:644
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
ilWebAccessChecker\checkAccessObject
checkAccessObject($obj_id, $obj_type='')
Check access rights for an object by its object id.
Definition: class.ilWebAccessChecker.php:674
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ checkAccessUserImage()

ilWebAccessChecker::checkAccessUserImage (   $usr_id)
private

Check access rights for user images.

Due to privacy this will be checked for a truly identified user (IP based checking is not recommended user images)

Parameters
intusr_id
Returns
boolean access given (true/false)

Definition at line 864 of file class.ilWebAccessChecker.php.

References $ilSetting, $ilUser, and ilObjUser\_lookupPref().

Referenced by checkAccess().

865  {
866  global $ilUser, $ilSetting;
867 
868  // check if own image is viewed
869  if ($usr_id == $ilUser->getId())
870  {
871  return true;
872  }
873 
874  // check if image is in the public profile
875  $public_upload = ilObjUser::_lookupPref($usr_id, 'public_upload');
876  if ($public_upload != 'y')
877  {
878  return false;
879  }
880 
881  // check the publication status of the profile
882  $public_profile = ilObjUser::_lookupPref($usr_id, 'public_profile');
883 
884  if ($public_profile == 'g'
885  and $ilSetting->get('enable_global_profiles')
886  and $ilSetting->get('pub_section'))
887  {
888  // globally public
889  return true;
890  }
891  elseif (($public_profile == 'y' or $public_profile == 'g')
892  and $ilUser->getId() != ANONYMOUS_USER_ID)
893  {
894  // public for logged in users
895  return true;
896  }
897  else
898  {
899  // not public
900  return false;
901  }
902  }
ilObjUser\_lookupPref
_lookupPref($a_usr_id, $a_keyword)
Definition: class.ilObjUser.php:1253
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilSetting
global $ilSetting
Definition: privfeed.php:40
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ determineUser()

ilWebAccessChecker::determineUser ( )

Determine the current user(s)

Definition at line 213 of file class.ilWebAccessChecker.php.

References $_SESSION, $GLOBALS, $ilUser, ilSession\_getUsersWithIp(), and getCheckIp().

Referenced by checkAccess().

214  {
215  global $ilUser;
216 
217  // a valid user session is found
218  if ($_SESSION["AccountId"])
219  {
220  $this->check_users = array($_SESSION["AccountId"]);
221  return;
222  }
223 
224  // no session cookie was delivered
225  // user identification by ip address is allowed
226  elseif ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'] and $this->getCheckIp())
227  {
228  $this->check_users = ilSession::_getUsersWithIp($_SERVER['REMOTE_ADDR']);
229 
230  if (count($this->check_users) == 0)
231  {
232  // no user was found for the ip address
233  $this->check_users = array(ANONYMOUS_USER_ID);
234 
235  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
236  $ilUser->setId(ANONYMOUS_USER_ID);
237  $ilUser->read();
238  }
239  elseif (count($this->check_users) == 1)
240  {
241  // exactly one user is found with an active session
242  $_SESSION["AccountId"] = current($this->check_users);
243  $ilUser->setId(current($this->check_users));
244  $ilUser->read();
245  }
246  else
247  {
248  // more than one user found for the ip address
249  // take the anonymous user for the session
250  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
251  $ilUser->setId(ANONYMOUS_USER_ID);
252  $ilUser->read();
253  }
254  return;
255  }
256 
257  // take the anonymous user as fallback
258  else
259  {
260  $this->check_users = array(ANONYMOUS_USER_ID);
261 
262  $_SESSION["AccountId"] = ANONYMOUS_USER_ID;
263  $ilUser->setId(ANONYMOUS_USER_ID);
264  $ilUser->read();
265 
266  return;
267  }
268  }
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192
ilWebAccessChecker\getCheckIp
getCheckIp()
Set the checking of the IP address of no valid session is found.
Definition: class.ilWebAccessChecker.php:987
$GLOBALS
$GLOBALS['COOKIE_PATH']
Definition: class.ilWebAccessChecker.php:18
$ilUser
global $ilUser
Definition: imgupload.php:15
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:352
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCheckIp()

ilWebAccessChecker::getCheckIp ( )

Set the checking of the IP address of no valid session is found.

Returns
boolean

Definition at line 987 of file class.ilWebAccessChecker.php.

References $check_ip.

Referenced by determineUser().

988  {
989  return $this->check_ip;
990  }
+ Here is the caller graph for this function:

◆ getDisposition()

ilWebAccessChecker::getDisposition ( )

Get the delivery mode for the file.

Returns
string "inline", "attachment" or "virtual" public

Definition at line 927 of file class.ilWebAccessChecker.php.

References $disposition.

Referenced by sendFile().

928  {
929  return $this->disposition;
930  }
+ Here is the caller graph for this function:

◆ getMimeType()

ilWebAccessChecker::getMimeType (   $default = 'application/octet-stream')

Get the mime type of the requested file.

Parameters
stringdefault type
Returns
string mime type public

Definition at line 1181 of file class.ilWebAccessChecker.php.

References $mimetype, and ilMimeTypeUtil\getMimeType().

Referenced by sendFile().

1182  {
1183  // take a previously set mimetype
1184  if (isset($this->mimetype))
1185  {
1186  return $this->mimetype;
1187  }
1188 
1189  $mime = '';
1190  // alex: changed due to bug http://www.ilias.de/mantis/view.php?id=9332
1191 /* if (extension_loaded('Fileinfo'))
1192  {
1193  $finfo = finfo_open(FILEINFO_MIME);
1194  $mime = finfo_file($finfo, $this->file);
1195  finfo_close($finfo);
1196  if ($pos = strpos($mime, ' '))
1197  {
1198  $mime = substr($mime, 0, $pos);
1199  }
1200  }
1201  else
1202  {*/
1203  include_once("./Services/Utilities/classes/class.ilMimeTypeUtil.php");
1204  $mime = ilMimeTypeUtil::getMimeType($this->file);
1205  //$mime = ilObjMediaObject::getMimeType($this->file);
1206 // }
1207 
1208  // set and return the mime type
1209  $this->mimetype = $mime ? $mime : $default;
1210  return $this->mimetype;
1211  }
ilMimeTypeUtil\getMimeType
static getMimeType($a_file="", $a_filename="", $a_mime="")
Get Mime type.
Definition: class.ilMimeTypeUtil.php:22
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getSendMimetype()

ilWebAccessChecker::getSendMimetype ( )

Get if mimetype should be sent for a virtual delivery.

Returns
boolean

Definition at line 960 of file class.ilWebAccessChecker.php.

References $send_mimetype.

Referenced by sendFile().

961  {
962  return $this->send_mimetype;
963  }
+ Here is the caller graph for this function:

◆ ilWebAccessChecker()

ilWebAccessChecker::ilWebAccessChecker ( )

Constructor public.

Definition at line 144 of file class.ilWebAccessChecker.php.

References $_GET, $ilAccess, $ilLog, $ilUser, $lng, ILIAS_ABSOLUTE_PATH, ILIAS_WEB_DIR, setCheckIp(), setDisposition(), and setSendMimetype().

145  {
146  global $ilUser, $ilAccess, $lng, $ilLog;
147 
148  $this->lng =& $lng;
149  $this->ilAccess =& $ilAccess;
150  $this->params = array();
151 
152  // get the requested file and its type
153  $uri = parse_url($_SERVER["REQUEST_URI"]);
154  parse_str($uri["query"], $this->params);
155 
156  $pattern = ILIAS_WEB_DIR . "/" . CLIENT_ID;
157  $this->subpath = urldecode(substr($uri["path"], strpos($uri["path"], $pattern)));
158  $this->file = realpath(ILIAS_ABSOLUTE_PATH . "/". $this->subpath);
159 
160  // build url path for virtual function
161  $this->virtual_path = str_replace($pattern, "virtual-" . $pattern, $uri["path"]);
162 
163 
164  // set the parameters provided with the checker call
165  if (isset($_GET['disposition']))
166  {
167  $this->setDisposition($_GET['disposition']);
168  }
169  if (isset($_GET['check_ip']))
170  {
171  $this->setCheckIp($_GET['check_ip']);
172  }
173  if (isset($_GET['send_mimetype']))
174  {
175  $this->setSendMimetype($_GET['send_mimetype']);
176  }
177 
178  // debugging
179  /*echo "<pre>";
180  echo "REQUEST_URI: ". $_SERVER["REQUEST_URI"]. "\n";
181  echo "Parsed URI: ". $uri["path"]. "\n";
182  echo "DOCUMENT_ROOT: ". $_SERVER["DOCUMENT_ROOT"]. "\n";
183  echo "PHP_SELF: ". $_SERVER["PHP_SELF"]. "\n";
184  echo "SCRIPT_NAME: ". $_SERVER["SCRIPT_NAME"]. "\n";
185  echo "SCRIPT_FILENAME: ". $_SERVER["SCRIPT_FILENAME"]. "\n";
186  echo "PATH_TRANSLATED: ". $_SERVER["PATH_TRANSLATED"]. "\n";
187  echo "ILIAS_WEB_DIR: ". ILIAS_WEB_DIR. "\n";
188  echo "ILIAS_HTTP_PATH: ". ILIAS_HTTP_PATH. "\n";
189  echo "ILIAS_ABSOLUTE_PATH: ". ILIAS_ABSOLUTE_PATH. "\n";
190  echo "CLIENT_ID: ". CLIENT_ID. "\n";
191  echo "CLIENT_WEB_DIR: ". CLIENT_WEB_DIR. "\n";
192  echo "subpath: ". $this->subpath. "\n";
193  echo "file: ". $this->file. "\n";
194  echo "disposition: ". $this->disposition. "\n";
195  echo "ckeck_ip: ". $this->check_ip. "\n";
196  echo "send_mimetype: ". $this->send_mimetype. "\n";
197  echo "</pre>";
198  echo phpinfo();
199  exit;*/
200 
201 
202  if (!file_exists($this->file))
203  {
204  $this->errorcode = 404;
205  $this->errortext = $this->lng->txt("url_not_found");
206  return false;
207  }
208  }
ilWebAccessChecker\setDisposition
setDisposition($a_disposition)
Set the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:910
ILIAS_WEB_DIR
const ILIAS_WEB_DIR
Definition: updateADLTree.php:59
ilWebAccessChecker\setSendMimetype
setSendMimetype($a_send_mimetype)
Set the sending of the mime type.
Definition: class.ilWebAccessChecker.php:937
ILIAS_ABSOLUTE_PATH
const ILIAS_ABSOLUTE_PATH
Definition: updateADLTree.php:60
ilWebAccessChecker\setCheckIp
setCheckIp($a_check_ip)
Set the checking of the IP address if no valid session is found.
Definition: class.ilWebAccessChecker.php:971
$ilLog
$ilLog
Definition: inc.setup_header.php:132
$ilUser
global $ilUser
Definition: imgupload.php:15
$_GET
$_GET["baseClass"]
Definition: class.ilWebAccessChecker.php:7
+ Here is the call graph for this function:

◆ sendError()

ilWebAccessChecker::sendError ( )

Send an error response for the requested file public.

Definition at line 1117 of file class.ilWebAccessChecker.php.

References $ilSetting, $ilUser, $lng, $nd, $tpl, $txt, and exit.

1118  {
1119  global $ilSetting, $ilUser, $tpl, $lng, $tree;
1120 
1121  switch ($this->errorcode)
1122  {
1123  case 404:
1124  header("HTTP/1.0 404 Not Found");
1125  break;
1126  case 403:
1127  default:
1128  header("HTTP/1.0 403 Forbidden");
1129  break;
1130  }
1131 
1132  // set the page base to the ILIAS directory
1133  // to get correct references for images and css files
1134  $tpl->setCurrentBlock("HeadBaseTag");
1135  $tpl->setVariable('BASE', ILIAS_HTTP_PATH . '/error.php');
1136  $tpl->parseCurrentBlock();
1137  $tpl->addBlockFile("CONTENT", "content", "tpl.error.html");
1138 
1139  $lng->loadLanguageModule("error");
1140 
1141  // Check if user is logged in
1142  $anonymous = ($ilUser->getId() == ANONYMOUS_USER_ID);
1143 
1144  if ($anonymous)
1145  {
1146  // Provide a link to the login screen for anonymous users
1147 
1148  $tpl->SetCurrentBlock("ErrorLink");
1149  $tpl->SetVariable("TXT_LINK", $lng->txt('login_to_ilias'));
1150  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/login.php?cmd=force_login&client_id='.CLIENT_ID);
1151  $tpl->ParseCurrentBlock();
1152  }
1153  else
1154  {
1155  // Provide a link to the repository for authentified users
1156 
1157  $nd = $tree->getNodeData(ROOT_FOLDER_ID);
1158  $txt = $lng->txt('error_back_to_repository');
1159 
1160  $tpl->SetCurrentBlock("ErrorLink");
1161  $tpl->SetVariable("TXT_LINK", $txt);
1162  $tpl->SetVariable("LINK", ILIAS_HTTP_PATH. '/ilias.php?baseClass=ilRepositoryGUI&amp;client_id='.CLIENT_ID);
1163  $tpl->ParseCurrentBlock();
1164  }
1165 
1166  $tpl->setCurrentBlock("content");
1167  $tpl->setVariable("ERROR_MESSAGE",($this->errortext));
1168  $tpl->setVariable("MESSAGE_HEADING", $lng->txt('error_sry_error'));
1169  //$tpl->parseCurrentBlock();
1170 
1171  $tpl->show();
1172  exit;
1173  }
exit
exit
Definition: login.php:54
$tpl
global $tpl
Definition: ilias.php:8
$nd
$nd
Definition: error.php:9
$txt
$txt
Definition: error.php:10
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilSetting
global $ilSetting
Definition: privfeed.php:40

◆ sendFile()

ilWebAccessChecker::sendFile ( )

Send the requested file as if directly delivered from the web server public.

Definition at line 997 of file class.ilWebAccessChecker.php.

References $ilLog, ilUtil\deliverFile(), exit, getDisposition(), getMimeType(), getSendMimetype(), ilUtil\rangeDownload(), and ilUtil\readFile().

998  {
999  //$system_use_xsendfile = true;
1000  //$xsendfile_available = (boolean) $_GET["xsendfile"];
1001  $xsendfile_available = false;
1002  //if (function_exists('apache_get_modules'))
1003  //{
1004  // $modules = apache_get_modules();
1005  // $xsendfile_available = in_array('mod_xsendfile', $modules);
1006  //}
1007 
1008  //$xsendfile_available = $system_use_xsendfile & $xsendfile_available;
1009 
1010  // delivery via apache virtual function
1011  if ($this->getDisposition() == "virtual")
1012  {
1013  $this->sendFileVirtual();
1014  exit;
1015  }
1016  // delivery for download dialogue
1017  elseif ($this->getDisposition() == "attachment")
1018  {
1019  if ($xsendfile_available)
1020  {
1021  header('x-sendfile: ' . $this->file);
1022  header("Content-Type: application/octet-stream");
1023  }
1024  else
1025  ilUtil::deliverFile($this->file, basename($this->file));
1026  exit;
1027  }
1028  // inline delivery
1029  else
1030  {
1031  if (!isset($_SERVER["HTTPS"]))
1032  {
1033  header("Cache-Control: no-cache, must-revalidate");
1034  header("Pragma: no-cache");
1035  }
1036 
1037  if ($this->getSendMimetype())
1038  {
1039  header("Content-Type: " . $this->getMimeType());
1040  }
1041 
1042  // see bug 12622 and 12124
1043  if (isset($_SERVER['HTTP_RANGE'])) { // do it for any device that supports byte-ranges not only iPhone
1044  ilUtil::rangeDownload($this->file);
1045  exit;
1046  }
1047 
1048  header("Content-Length: ".(string)(filesize($this->file)));
1049 
1050  if (isset($_SERVER["HTTPS"]))
1051  {
1052  header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
1053  header('Pragma: public');
1054  }
1055 
1056  header("Connection: close");
1057 
1058  if ($xsendfile_available)
1059  {
1060  header('x-sendfile: ' . $this->file);
1061  if ($this->getSendMimetype())
1062  {
1063  header("Content-Type: " . $this->getMimeType());
1064  }
1065  }
1066  else
1067  {
1068  ilUtil::readFile( $this->file);
1069  }
1070 
1071  exit;
1072  }
1073  }
exit
exit
Definition: login.php:54
ilWebAccessChecker\getSendMimetype
getSendMimetype()
Get if mimetype should be sent for a virtual delivery.
Definition: class.ilWebAccessChecker.php:960
ilWebAccessChecker\getDisposition
getDisposition()
Get the delivery mode for the file.
Definition: class.ilWebAccessChecker.php:927
ilWebAccessChecker\getMimeType
getMimeType($default='application/octet-stream')
Get the mime type of the requested file.
Definition: class.ilWebAccessChecker.php:1181
ilUtil\deliverFile
static deliverFile($a_file, $a_filename, $a_mime='', $isInline=false, $removeAfterDelivery=false, $a_exit_after=true)
deliver file for download via browser.
Definition: class.ilUtil.php:2220
ilUtil\rangeDownload
rangeDownload($file)
Send a file via range request, see http://mobiforge.com/design-development/content-delivery-mobile-de...
Definition: class.ilUtil.php:5162
ilUtil\readFile
static readFile($a_file)
there are some known problems with the original readfile method, which sometimes truncates delivered ...
Definition: class.ilUtil.php:2300
+ Here is the call graph for this function:

◆ setCheckIp()

ilWebAccessChecker::setCheckIp (   $a_check_ip)

Set the checking of the IP address if no valid session is found.

Parameters
booleanpublic

Definition at line 971 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

972  {
973  if (in_array(strtolower($a_check_ip), array('','0','off','false')))
974  {
975  $this->check_ip = false;
976  }
977  elseif (in_array(strtolower($a_check_ip), array('1','on','true')))
978  {
979  $this->check_ip = true;
980  }
981  }
+ Here is the caller graph for this function:

◆ setDisposition()

ilWebAccessChecker::setDisposition (   $a_disposition)

Set the delivery mode for the file.

Parameters
string"inline", "attachment" or "virtual" public

Definition at line 910 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

911  {
912  if (in_array(strtolower($a_disposition), array('inline','attachment','virtual')))
913  {
914  $this->disposition = strtolower($a_disposition);
915  }
916  else
917  {
918  $this->disposition = 'inline';
919  }
920  }
+ Here is the caller graph for this function:

◆ setSendMimetype()

ilWebAccessChecker::setSendMimetype (   $a_send_mimetype)

Set the sending of the mime type.

Parameters
string(boolean switch or mimetype) public

Definition at line 937 of file class.ilWebAccessChecker.php.

Referenced by ilWebAccessChecker().

938  {
939  if (in_array(strtolower($a_send_mimetype), array('','0','off','false')))
940  {
941  $this->mimetype = null;
942  $this->send_mimetype = false;
943  }
944  elseif (in_array(strtolower($a_send_mimetype), array('1','on','true')))
945  {
946  $this->mimetype = null;
947  $this->send_mimetype = true;
948  }
949  else
950  {
951  $this->mimetype = $a_send_mimetype;
952  $this->send_mimetype = true;
953  }
954  }
+ Here is the caller graph for this function:

Field Documentation

◆ $check_ip

ilWebAccessChecker::$check_ip = false

Definition at line 95 of file class.ilWebAccessChecker.php.

Referenced by getCheckIp().

◆ $check_users

ilWebAccessChecker::$check_users = array()

Definition at line 105 of file class.ilWebAccessChecker.php.

◆ $disposition

ilWebAccessChecker::$disposition = "inline"

Definition at line 88 of file class.ilWebAccessChecker.php.

Referenced by getDisposition().

◆ $errorcode

ilWebAccessChecker::$errorcode

Definition at line 129 of file class.ilWebAccessChecker.php.

◆ $errortext

ilWebAccessChecker::$errortext

Definition at line 137 of file class.ilWebAccessChecker.php.

◆ $file

ilWebAccessChecker::$file

Definition at line 73 of file class.ilWebAccessChecker.php.

◆ $ilAccess

ilWebAccessChecker::$ilAccess

Definition at line 59 of file class.ilWebAccessChecker.php.

Referenced by checkAccessObject(), checkAccessTestQuestion(), and ilWebAccessChecker().

◆ $lng

ilWebAccessChecker::$lng

Definition at line 58 of file class.ilWebAccessChecker.php.

Referenced by checkAccessLM(), ilWebAccessChecker(), and sendError().

◆ $mimetype

ilWebAccessChecker::$mimetype = null

Definition at line 121 of file class.ilWebAccessChecker.php.

Referenced by getMimeType().

◆ $params

ilWebAccessChecker::$params

Definition at line 80 of file class.ilWebAccessChecker.php.

◆ $send_mimetype

ilWebAccessChecker::$send_mimetype = true

Definition at line 112 of file class.ilWebAccessChecker.php.

Referenced by getSendMimetype().

◆ $subpath

ilWebAccessChecker::$subpath

Definition at line 66 of file class.ilWebAccessChecker.php.

The documentation for this class was generated from the following file: