+++ /dev/null
-<?PHP // $Id$
- // This function fetches files from the data directory
- // Syntax: quizfile.php/quiz id/question id/dir/.../dir/filename.ext
- // It is supposed to be used by the quiz module only
- // I believe this is obsolete, everything should be using moodle/file.php GWD
-
- require_once('../../config.php');
- require_once($CFG->libdir.'/filelib.php');
- require_once('locallib.php');
-
- if (empty($CFG->filelifetime)) {
- $lifetime = 86400; // Seconds for files to remain in caches
- } else {
- $lifetime = $CFG->filelifetime;
- }
-
- // disable moodle specific debug messages
- disable_debugging();
-
- $relativepath = get_file_argument('quizfile.php');
-
- if (!$relativepath) {
- print_error('invalidargorconf');
- }
-
- // extract relative path components
- $args = explode('/', trim($relativepath, '/'));
- if (count($args) < 3) { // always at least category, question and path
- print_error('invalidarguments');
- }
-
- $quizid = (int)array_shift($args);
- $questionid = (int)array_shift($args);
- $relativepath = implode ('/', $args);
-
- if (!($question = $DB->get_record('question', array('id' => $questionid)))) {
- print_error('invalidarguments');
- }
-
- if (!($questioncategory = $DB->get_record('question_categories', array('id' => $question->category)))) {
- print_error('invalidarguments');
- }
-
- /////////////////////////////////////
- // Check access
- /////////////////////////////////////
- if ($quizid == 0) { // teacher doing preview during quiz creation
- if ($questioncategory->publish) {
- require_login();
- if (!isteacherinanycourse()) {
- print_error('invalidarguments');
- }
- } else {
- require_login($questioncategory->course);
- $cm = get_coursemodule_from_instance('quiz', $quizid);
- require_capability('mod/quiz:preview', get_context_instance(CONTEXT_MODULE, $cm->id));
- }
- } else {
- if (!($quiz = $DB->get_record('quiz', array('id' => $quizid)))) {
- print_error('invalidarguments');
- }
- if (!($course = $DB->get_record('course', array('id' => $quiz->course)))) {
- print_error('invalidarguments');
- }
- require_login($course->id);
-
- // For now, let's not worry about this. The following check causes
- // problems sometimes when reviewing a quiz
- //if (!isteacher($course->id)
- // and !quiz_get_user_attempt_unfinished($quiz->id, $USER->id)
- // and ! ($quiz->review && time() > $quiz->timeclose)
- // || !quiz_get_user_attempts($quiz->id, $USER->id) )
- //{
- // print_error('noview', 'quiz');
- //}
-
- ///////////////////////////////////////////////////
- // The logged-in user has the right to view material on this quiz!
- // Now verify the consistency between $quiz, $question, its category and $relativepathname
- ///////////////////////////////////////////////////
-
- // For now, let's not worry about this. The following check doesn't
- // work for randomly selected questions and it gets complicated
- //if (!in_array($question->id, explode(',', $quiz->questions), FALSE)) {
- // print_error('specificquestionnotonquiz', 'quiz');
- //}
- }
-
- // Have the question check whether it uses this file or not
- if (!$QTYPES[$question->qtype]->uses_quizfile($question,
- $relativepath)) {
- print_error('specificapathnotonquestion', 'quiz');
- }
-
-
- ///////////////////////////////////////////
- // All security stuff is now taken care of.
- // Specified file can now be returned...
- //////////////////////////////////////////
-
- $pathname = "$CFG->dataroot/$questioncategory->course/$relativepath";
- $filename = $args[count($args)-1];
-
-
- if (file_exists($pathname)) {
- send_file($pathname, $filename, $lifetime);
- } else {
- header('HTTP/1.0 404 not found');
- print_error('filenotfound', 'error'); //this is not displayed on IIS??
- }
-?>
projects / moodle.git / commitdiff