Skip to content
Browse files

Merge branch 's11_MDL-27497_upload_master' of github.com:dongsheng/mo…

…odle
  • Loading branch information...
2 parents d8f85b6 + 42b2809 commit 650142bb9b665d16252417ee3f1e3decdfebb9db Sam Hemelryk committed Jun 14, 2011
Showing with 118 additions and 0 deletions.
  1. +118 −0 webservice/upload.php
View
118 webservice/upload.php
@@ -0,0 +1,118 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Accpet uploading files by web service token
+ * @package moodlecore
+ * @subpackage files
+ * @copyright 2011 Dongsheng Cai <dongsheng@moodle.com>
+ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+define('AJAX_SCRIPT', true);
+define('NO_MOODLE_COOKIES', true);
+require_once(dirname(dirname(__FILE__)) . '/config.php');
+$token = required_param('token', PARAM_ALPHANUM);
+$filepath = optional_param('filepath', '/', PARAM_PATH);
+
+echo $OUTPUT->header();
+
+// web service must be enabled to use this script
+if (!$CFG->enablewebservices) {
+ throw new moodle_exception('enablewsdescription', 'webservice');
+}
+// Obtain token record
+if (!$token = $DB->get_record('external_tokens', array('token'=>$token))) {
+ throw new webservice_access_exception(get_string('invalidtoken', 'webservice'));
+}
+
+// Validate token date
+if ($token->validuntil and $token->validuntil < time()) {
+ add_to_log(SITEID, 'webservice', get_string('tokenauthlog', 'webservice'), '' , get_string('invalidtimedtoken', 'webservice'), 0);
+ $DB->delete_records('external_tokens', array('token'=>$token->token));
+ throw new webservice_access_exception(get_string('invalidtimedtoken', 'webservice'));
+}
+
+//assumes that if sid is set then there must be a valid associated session no matter the token type
+if ($token->sid) {
+ $session = session_get_instance();
+ if (!$session->session_exists($token->sid)) {
+ $DB->delete_records('external_tokens', array('sid'=>$token->sid));
+ throw new webservice_access_exception(get_string('invalidtokensession', 'webservice'));
+ }
+}
+
+// Check ip
+if ($token->iprestriction and !address_in_subnet(getremoteaddr(), $token->iprestriction)) {
+ add_to_log(SITEID, 'webservice', get_string('tokenauthlog', 'webservice'), '' , get_string('failedtolog', 'webservice').": ".getremoteaddr(), 0);
+ throw new webservice_access_exception(get_string('invalidiptoken', 'webservice'));
+}
+
+$user = $DB->get_record('user', array('id'=>$token->userid, 'deleted'=>0), '*', MUST_EXIST);
+
+// log token access
+$DB->set_field('external_tokens', 'lastaccess', time(), array('id'=>$token->id));
+
+session_set_user($user);
+$context = get_context_instance(CONTEXT_USER, $USER->id);
+require_capability('moodle/user:manageownfiles', $context);
+
+$fs = get_file_storage();
+
+foreach ($_FILES as $fieldname=>$file) {
+ // check upload errors
+ if (!empty($_FILES[$fieldname]['error'])) {
+ switch ($_FILES[$fieldname]['error']) {
+ case UPLOAD_ERR_INI_SIZE:
+ throw new moodle_exception('upload_error_ini_size', 'repository_upload');
+ break;
+ case UPLOAD_ERR_FORM_SIZE:
+ throw new moodle_exception('upload_error_form_size', 'repository_upload');
+ break;
+ case UPLOAD_ERR_PARTIAL:
+ throw new moodle_exception('upload_error_partial', 'repository_upload');
+ break;
+ case UPLOAD_ERR_NO_FILE:
+ throw new moodle_exception('upload_error_no_file', 'repository_upload');
+ break;
+ case UPLOAD_ERR_NO_TMP_DIR:
+ throw new moodle_exception('upload_error_no_tmp_dir', 'repository_upload');
+ break;
+ case UPLOAD_ERR_CANT_WRITE:
+ throw new moodle_exception('upload_error_cant_write', 'repository_upload');
+ break;
+ case UPLOAD_ERR_EXTENSION:
+ throw new moodle_exception('upload_error_extension', 'repository_upload');
+ break;
+ default:
+ throw new moodle_exception('nofile');
+ }
+ }
+ $file_record = new stdClass;
+ $file_record->component = 'user';
+ $file_record->contextid = $context->id;
+ $file_record->userid = $USER->id;
+ $file_record->filearea = 'private';
+ $file_record->filename = clean_param($_FILES[$fieldname]['name'], PARAM_FILE);
+ $file_record->filepath = $filepath;
+ $file_record->itemid = 0;
+ $file_record->license = $CFG->sitedefaultlicense;
+ $file_record->author = fullname($user);;
+ $file_record->source = '';
+ $stored_file = $fs->create_file_from_pathname($file_record, $_FILES[$fieldname]['tmp_name']);
+ $uploaded_files[] = $file_record;
+}
+echo json_encode($uploaded_files);

0 comments on commit 650142b

Please sign in to comment.
Something went wrong with that request. Please try again.