mahara.php 20.3 KB
Newer Older
1
2
<?php
/**
Nigel McNie's avatar
Nigel McNie committed
3
 * This program is part of Mahara
4
 *
5
6
7
8
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
9
 *
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 *
 * @package    mahara
 * @subpackage core
 * @author     Penny Leach <penny@catalyst.net.nz>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @copyright  (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
 * @copyright  (C) portions from Moodle, (C) Martin Dougiamas http://dougiamas.com
25
26
 */

27
defined('INTERNAL') || die();
28

29
30
31
32
33
34
35
36
37
/** 
 * work around silly php settings
 * and broken setup stuff about the install
 * and raise a warning/fail depending on severity
 */
function ensure_sanity() {

    // register globals workaround
    if (ini_get_bool('register_globals')) {
38
        log_environ(get_string('registerglobals', 'error'));
39
40
41
42
43
44
45
46
        $massivearray = array_keys(array_merge($_POST,$_GET,$_COOKIE,$_SERVER,$_REQUEST,$_FILES));
        foreach ($massivearray as $tounset) {
            unset($GLOBALS[$tounset]);
        }
    }

    // magic_quotes_gpc workaround
    if (ini_get_bool('magic_quotes_gpc')) {
47
        log_environ(get_string('magicquotesgpc', 'error'));
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
        function stripslashes_deep($value) {
            $value = is_array($value) ?
                array_map('stripslashes_deep', $value) :
                stripslashes($value);
            return $value;
        }
        $_POST = array_map('stripslashes_deep', $_POST);
        $_GET = array_map('stripslashes_deep', $_GET);
        $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
        $_REQUEST = array_map('stripslashes_deep', $_REQUEST);

        $servervars = array('REQUEST_URI','QUERY_STRING','HTTP_REFERER','PATH_INFO','PHP_SELF','PATH_TRANSLATED');
        foreach ($servervars as $tocheck) {
            if (array_key_exists($tocheck,$_SERVER) && !empty($_SERVER[$tocheck])) {
                $_SERVER[$tocheck] = stripslashes($_SERVER[$tocheck]);
            }
        }
    }

67
    if (ini_get_bool('magic_quotes_runtime')) {
68
69
70
71
72
73
74
75
76
        // Turn of magic_quotes_runtime. Anyone with this on deserves a slap in the face
        set_magic_quotes_runtime(0);
        log_environ(get_string('magicquotesruntime', 'error'));
    }

    if (ini_get_bool('magic_quotes_sybase')) {
        // See above comment re. magic_quotes_runtime
        @ini_set('magic_quotes_sybase', 0);
        log_environ(get_string('magicquotessybase', 'error'));
77
78
    }

79
80
81
    if (ini_get_bool('safe_mode')) {
        // We don't run with safe mode
        throw new ConfigSanityException(get_string('safemodeon', 'error'));
82
83
    }

84
85
86
87
88
89
90
    // Other things that might be worth checking:
    //    memory limit
    //    file_uploads (off|on)
    //    upload_max_filesize
    //    allow_url_fopen (only if we use this)
    //

91
92
    // dataroot inside document root.
    if (strpos(get_config('dataroot'),get_config('docroot')) !== false) {
93
        throw new ConfigSanityException(get_string('datarootinsidedocroot','error'));
94
95
    }

96
97
    // dataroot not writable..
    if (!check_dir_exists(get_config('dataroot')) || !is_writable(get_config('dataroot'))) {
98
        throw new ConfigSanityException(get_string('datarootnotwritable', 'error', get_config('dataroot')));
99
    }
100
101
102
103
104

    // Json functions not available
    if (!function_exists('json_encode') || !function_exists('json_decode')) {
        throw new ConfigSanityException(get_string('jsonextensionnotloaded', 'error'));
    }
105
106
107
108
    
    check_dir_exists(get_config('dataroot').'smarty/compile');
    check_dir_exists(get_config('dataroot').'smarty/cache');

109
110
}

111
function get_string($identifier, $section='mahara') {
112
113
114
115
116
117
118
119
120
121
122
123
124
125

    $langconfigstrs = array('parentlanguage', 'strftimedate', 'strftimedateshort', 'strftimedatetime',
                            'strftimedaydate', 'strftimedaydatetime', 'strftimedayshort', 'strftimedaytime',
                            'strftimemonthyear', 'strftimerecent', 'strftimerecentfull', 'strftimetime',
                            'thislanguage');

    if (in_array($identifier, $langconfigstrs)) {
        $section = 'langconfig';  
    }

    $variables = func_get_args();
    if (count($variables) > 2) { // we have some stuff we need to sprintf
        array_shift($variables);
        array_shift($variables); //shift off the first two.
126
127
    }
    else {
128
129
130
131
132
133
134
135
136
        $variables = array();
    }
    
    $lang = current_language();

    // Define the locations of language strings for this section
    $docroot = get_config('docroot');
    $locations = array();
    
137
    if (false === strpos($section, '.')) {
138
139
140
141
        $locations[] = $docroot . 'lang/';
    }
    else {
        $extras = plugin_types(); // more later..
142
        foreach ($extras as $tocheck) {
143
144
145
            if (strpos($section,$tocheck . '.') === 0) {
                $pluginname = substr($section,strlen($tocheck) + 1);
                $locations[] = $docroot . $tocheck . '/' . $pluginname . '/lang/';
146
147
148
            }
        }
    }
149

150
151
152
    // First check all the normal locations for the string in the current language
    foreach ($locations as $location) {
        //if local directory not found, or particular string does not exist in local direcotry
153
        $langfile = $location . $lang . '/' . $section . '.php';
Penny Leach's avatar
Penny Leach committed
154
        if (is_readable($langfile)) {
155
            if ($result = get_string_from_file($identifier, $langfile)) {
156
                return format_langstring($result, $variables);
157
158
159
160
161
162
163
            }
        }
    }

    // If the preferred language was English (utf8) we can abort now
    // saving some checks beacuse it's the only "root" lang
    if ($lang == 'en.utf8') {
164
        return '[[' . $identifier . ']]';
165
166
167
168
169
    }

    // Is a parent language defined?  If so, try to find this string in a parent language file

    foreach ($locations as $location) {
170
        $langfile = $location . $lang . '/langconfig.php';
Penny Leach's avatar
Penny Leach committed
171
        if (is_readable($langfile)) {
172
            if ($parentlang = get_string_from_file('parentlanguage', $langfile)) {
173
                $langfile = $location . $parentlang . '/' . $section . '.php';
Penny Leach's avatar
Penny Leach committed
174
                if (is_readable($langfile)) {
175
                    if ($result = get_string_from_file($identifier, $langfile)) {
176
                        return format_langstring($result, $variables);
177
178
179
180
181
182
183
184
185
                    }
                }
            }
        }
    }

    /// Our only remaining option is to try English
    foreach ($locations as $location) {
        //if local_en not found, or string not found in local_en
186
        $langfile = $location . 'en.utf8/' . $section . '.php';
Penny Leach's avatar
Penny Leach committed
187
        if (is_readable($langfile)) {
188
            if ($result = get_string_from_file($identifier, $langfile)) {
189
                return format_langstring($result, $variables);
190
191
192
193
            }
        }
    }

194
    return '[[' . $identifier . ']]';  // Last resort
195
}
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236



/**
 * This function is only used from {@link get_string()}.
 *
 * @internal Only used from get_string, not meant to be public API
 * @param string $identifier ?
 * @param string $langfile ?
 * @param string $destination ?
 * @return string|false ?
 * @staticvar array $strings Localized strings
 * @access private
 * @todo Finish documenting this function.
 */
function get_string_from_file($identifier, $langfile) {

    static $strings;    // Keep the strings cached in memory.

    if (empty($strings[$langfile])) {
        $string = array();
        include ($langfile);
        $strings[$langfile] = $string;
    } else {
        $string = &$strings[$langfile];
    }

    if (!isset ($string[$identifier])) {
        return false;
    }

    return $string[$identifier];
}

/**
 * This function makes the return value of ini_get consistent if you are
 * setting server directives through the .htaccess file in apache.
 * Current behavior for value set from php.ini On = 1, Off = [blank]
 * Current behavior for value set from .htaccess On = On, Off = Off
 * Contributed by jdell @ unr.edu
 *
237
 * @param string $ini_get_arg setting to look for
238
239
240
241
242
243
244
245
246
247
248
 * @return bool
 */
function ini_get_bool($ini_get_arg) {
    $temp = ini_get($ini_get_arg);

    if ($temp == '1' or strtolower($temp) == 'on') {
        return true;
    }
    return false;
}

249
250
251
252
253
254
255
256
257
258
259
260
261
/**
 * This function loads up the basic $CFG
 * from the database table
 * note that it doesn't load plugin config
 * as not every page needs them
 * @return boolean false if the assignment fails (generally if the databse is not installed)
 */
function load_config() {
    global $CFG;
    
    try {
        $dbconfig = get_records('config');
    } 
262
    catch (SQLException $e) {
263
264
265
266
        return false;
    }
    
    foreach ($dbconfig as $cfg) {
267
        if (isset($CFG->{$cfg->field}) && $CFG->{$cfg->field} != $cfg->value) {
Penny Leach's avatar
Penny Leach committed
268
            // @todo warn that we're overriding db config with $CFG
269
270
271
272
273
274
275
276
277
            continue;
        }
        $CFG->{$cfg->field} = $cfg->value;
    }

    return true;
}

/**
278
279
280
281
282
283
 * This function returns a value from $CFG
 * or null if it is not found
 * 
 * @param string $key config setting to look for 
 * @return mixed
 */
284
285
286
287
288
289
290
291
function get_config($key) {
    global $CFG;
    if (array_key_exists($key,$CFG)) {
        return $CFG->$key;
    }
    return null;
}

292
293
294
295
296
297
298
299
300

/**
 * This function sets a config variable
 * both in $CFG and in the database
 *
 * @param string $key config field to set
 * @param string $value config value
 */
function set_config($key, $value) {
301
302
303
304
    global $CFG;

    if (get_record('config', 'field', $key)) {
        if (set_field('config', 'value', $value, 'field', $key)) {
Penny Leach's avatar
Penny Leach committed
305
306
307
308
309
310
311
            $status = true;
        }
    } 
    else {
        $config = new StdClass;
        $config->field = $key;
        $config->value = $value;
312
        $status = insert_record('config', $config);
Penny Leach's avatar
Penny Leach committed
313
314
315
    }

    if (!empty($status)) {
316
317
318
        $CFG->{$key} = $value;
        return true;
    }
Penny Leach's avatar
Penny Leach committed
319

320
321
322
323
324
325
326
327
328
329
330
331
332
333
    return false;
}

/**
 * This function returns a value for $CFG for a plugin
 * or null if it is not found
 * note that it may go and look in the database
 *
 * @param string $plugintype eg artefact
 * @param string $pluginname eg blog
 * @param string $key the config setting to look for
 */
function get_config_plugin($plugintype, $pluginname, $key) {
    global $CFG;
334

335
336
337
338
339
340
341
    if (array_key_exists('plugin',$CFG)
        && array_key_exists($plugintype,$CFG->plugin)
        && array_key_exists($pluginname,$CFG->plugin->{$plugintype})
        && array_key_exists($key,$CFG->plugin->{$plugintype}->{$pluginname})) {
        return  $CFG->plugin->{$plugintype}->{$pluginname}->{$key};
    }
    
342
343
344
    // @todo: an optimisation might be to get all fields related to the plugin instead, as
    // it may be quite likely that if one config item is requested for a plugin another
    // might be.
345
    if (!$value = get_field($plugintype . '_config', 'value', 'plugin', $pluginname, 'field', $key)) {
346
        $value = null;
347
348
    }

349
350
351
352
    $CFG->plugin->{$plugintype}->{$pluginname}->{$key} = $value;
    return $value;
}

Penny Leach's avatar
Penny Leach committed
353
function set_config_plugin($plugintype, $pluginname, $key, $value) {
354
    global $CFG;
355
    $table = $plugintype . '_config';
Penny Leach's avatar
Penny Leach committed
356

357
358
359
    if (false !== get_field($table, 'value', 'plugin', $pluginname, 'field', $key)) {
        //if (set_field($table, 'value', $key, 'plugin', $pluginname, 'field', $value)) {
        if (set_field($table, 'value', $value, 'plugin', $pluginname, 'field', $key)) {
Penny Leach's avatar
Penny Leach committed
360
361
362
363
364
365
366
367
            $status = true;
        }
    }
    else {
        $pconfig = new StdClass;
        $pconfig->plugin = $pluginname;
        $pconfig->field  = $key;
        $pconfig->value  = $value;
368
        $status = insert_record($table, $pconfig);
Penny Leach's avatar
Penny Leach committed
369
370
371
372
373
374
375
376
    }
    if ($status) {
        $CFG->plugin->{$plugintype}->{$pluginname}->{$key} = $value;
        return true;
    }
    return false;
}

377
/**
378
379
380
381
382
 * This function prints an array or object
 * wrapped inside <pre></pre>
 * 
 * @param $mixed value to print
 */
383
384
385
386
387
388
function print_object($mixed) {
    echo '<pre>';
    print_r($mixed);
    echo '</pre>';
}

389
/**
390
391
392
393
394
395
 * This function returns the current 
 * language to use, either for a given user
 * or sitewide, or the default
 * 
 * @return string
 */
396
397
398
399
400
401
402
403
404
405
406
function current_language() {
    global $USER, $CFG;
    if (!empty($USER->lang)) {
        return $USER->lang;
    }
    if (!empty($CFG->lang)) {
        return $CFG->lang;
    }
    return 'en.utf8';
}

407
/**
408
409
410
411
412
413
 * Helper function to sprintf language strings
 * with a variable number of arguments
 * 
 * @param string $string raw string to use
 * @param array $args arguments to sprintf
 */
414
415
416
417
function format_langstring($string,$args) {
    return call_user_func_array('sprintf',array_merge(array($string),$args));
}

418
419
420
421
422
423
424
425
426
427
428
429
430
/**
 * Helper function to figure out whether an array is an array or a hash
 * @param array $array array to check
 * @return bool true if the array is a hash
 */
function is_hash($array) {
    if (!is_array($array)) {
        return false;
    }
    $diff = array_diff_assoc($array,array_values($array));
    return !empty($diff);
}

431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450


/**
 * Function to check if a directory exists and optionally create it.
 *
 * @param string absolute directory path
 * @param boolean create directory if does not exist
 * @param boolean create directory recursively
 *
 * @return boolean true if directory exists or created
 */
function check_dir_exists($dir, $create=true, $recursive=true) {

    $status = true;

    if(!is_dir($dir)) {
        if (!$create) {
            $status = false;
        } else {
            umask(0000); 
451
            $status = @mkdir($dir, 0777, true);
Nigel McNie's avatar
Nigel McNie committed
452
            // @todo has the umask been clobbered at this point, and is this a bad thing?
453
454
455
456
457
        }
    }
    return $status;
}

458
459
460
461
462
463
464
465
466
/**
 * Checks that a username is in valid form
 *
 * @todo need such a function for password too.
 */
function validate_username($username) {
    return preg_match('/^[a-zA-Z0-9_\.@]+$/', $username);
}

Penny Leach's avatar
Penny Leach committed
467
468
469
470
471
472
473
474
475
476
477
/**
 * Function to require a plugin file. This is to avoid doing 
 * require and include directly with variables.
 * This function is the one safe point to require plugin files.
 * so USE it :)
 * @param string $plugintype the type of plugin (eg artefact)
 * @param string $pluginname the name of the plugin (eg blog)
 * @param string $filename the name of the file to include within the plugin structure
 * @param string $function (optional, defaults to require) the require/include function to use
 * @param string $nonfatal (optional, defaults to false) just returns false if the file doesn't exist
 */
478
function safe_require($plugintype, $pluginname, $filename='lib.php', $function='require', $nonfatal=false) {
Penny Leach's avatar
Penny Leach committed
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511

    $plugintype = clean_filename($plugintype);
    $pluginname = clean_filename($pluginname);

    if (!in_array($function,array('require','include','require_once','include_once'))) {
        if (!empty($nonfatal)) {
            return false;
        }
        throw new Exception ('invalid require type');
    }

    $fullpath = get_config('docroot') . $plugintype . '/' . $pluginname . '/' . $filename;
    if (!$realpath = realpath($fullpath)) {
        if (!empty($nonfatal)) {
            return false;
        }
        throw new Exception ("File $fullpath did not exist");
    }

    if (strpos($realpath, get_config('docroot') !== 0)) {
        if (!empty($nonfatal)) {
            return false;
        }
        throw new Exception ("File $fullpath was outside document root!");
    }

    if ($function == 'require') { return require($realpath); }
    if ($function == 'include') { return include($realpath); }
    if ($function == 'require_once') { return require_once($realpath); }
    if ($function == 'include_once') { return include_once($realpath); }
    
}

Martyn Smith's avatar
Martyn Smith committed
512

513
514
515
516
517
518
519
520
/**
 * Returns the list of site content pages
 * @return array of names
 */
function site_content_pages() {
    return array('about','home','loggedouthome','privacy','termsandconditions','uploadcopyright');
}

521
522
523
524
525
526
527
/**
 * This function returns the list of plugintypes we currently care about
 * @return array of names
 */
function plugin_types() {
    static $pluginstocheck;
    if (empty($pluginstocheck)) {
528
        $pluginstocheck = array('artefact', 'auth', 'notification');
529
530
531
532
    }
    return $pluginstocheck;
}

533
534
535
536
537
538
539
540
541
542
543
/**
 * Helper to call a static method when you do not know the name of the class
 * you want to call the method on. PHP5 does not support $class::method().
 */
function call_static_method($class, $method) {
    $args = func_get_args();
    array_shift($args);
    array_shift($args);
    return call_user_func_array(array($class, $method), $args);
}

544
545
546
547
548
function generate_class_name() {
    $args = func_get_args();
    return 'Plugin' . implode('', array_map('ucfirst', $args));
}

549
550
551
552
553
554
555
556
557
function redirect($location) {
    if (headers_sent()) {
        throw new Exception('Headers already sent when redirect() was called');
    }
    header('HTTP/1.1 303 See Other');
    header('Location:' . $location);
    exit;
}

Martyn Smith's avatar
Martyn Smith committed
558
function handle_event($event) {
Penny Leach's avatar
Penny Leach committed
559
    if (!$e = get_record('event_type','name',$event)) {
Martyn Smith's avatar
Martyn Smith committed
560
        throw new Exception("Invalid event");
Penny Leach's avatar
Penny Leach committed
561
562
563
564
565
566
567
    }
    $plugintypes = plugin_types();
    foreach ($plugintypes as $name) {
        if ($subs = get_records('event_subscription_' . $name, 'event', $event)) {
            foreach ($subs as $sub) {
                $classname = 'Plugin' . ucfirst($name) . ucfirst($sub->plugin);
                try {
Martyn Smith's avatar
Martyn Smith committed
568
                    call_static_method($classname, $sub->callfunction);
Penny Leach's avatar
Penny Leach committed
569
570
571
572
573
574
575
576
577
578
                }
                catch (Exception $e) {
                    log_warn("Event $event caused an exception from plugin $classname "
                             . "with function $sub->callfunction. Continuing with event handlers");
                }
            }
        }
    }
}

Nigel McNie's avatar
Nigel McNie committed
579
580
581
582
583
584
585
586
587
588
/**
 * Returns a string, HTML escaped
 *
 * @param string $text The text to escape
 * @return string      The text, HTML escaped
 */
function hsc ($text) {
    return htmlspecialchars($text, ENT_COMPAT, 'UTF-8');
}

589
590
591
592
593
594
595
596
597
598
599
600
601
602
/**
 * function to convert an array of objects to 
 * an array containing one field per place
 * 
 * @param array $array input array
 * @param mixed $field field to look for in each object
 */
function mixed_array_to_field_array($array, $field) {
    $repl_fun = create_function('$n, $field', '$n = (object)$n; return $n->{$field};');
    $fields = array_pad(array(), count($array), $field);
    return array_map($repl_fun, $array, $fields);
}


603
604
605
606
/**
 * Used by XMLDB
 */
function debugging ($message, $level) {
607
    log_debug($message);
608
609
610
611
612
613
}
function xmldb_dbg($message) {
    log_warn($message);
}
define('DEBUG_DEVELOPER', 'whocares');

614
615
616
/** 
 * Base class for all plugintypes.
 */
617
class Plugin {
618
619
620
621
622
623
624
625
626
627
628
629
630
631
    
    public static function get_cron() {
        return array();
    }

    public static function get_event_subscriptions() {
        return array();
    }

    public static function postinst() {
        return true;
    }
}

632
633
634
635
636
637
638
639
640
641
642
643
/**
 * Builds the main navigation menu and returns it as a data structure
 *
 * @return $mainnav a data structure containing the main navigation
 * @todo martyn this is probably quite expenvise, perhaps it needs teh caching
 */
function main_nav() {
    $wwwroot = get_config('wwwroot');

    $menu = array(
        array(
            'name'     => 'home',
Martyn Smith's avatar
Martyn Smith committed
644
            'section'  => 'mahara',
645
646
647
648
649
650
651
652
653
654
655
            'link'     => $wwwroot,
        ),
    );

    if ($plugins = get_rows('artefact_installed')) {
        foreach ($plugins as &$plugin) {
            safe_require('artefact', $plugin['name'], 'lib.php', 'require_once');
            $plugin_menu = call_static_method(generate_class_name('artefact',$plugin['name']), 'menu_items');

            foreach ($plugin_menu as &$menu_item) {
                $menu_item['link'] = $wwwroot . 'artefact/' . $plugin['name'] . '/' . $menu_item['link'];
Martyn Smith's avatar
Martyn Smith committed
656
                $menu_item['section'] = 'artefact.' . $plugin['name'];
657
658
659
660
661
662
663
            }

            $menu = array_merge($menu, $plugin_menu);
        }
    }

    $menu[] = array(
Martyn Smith's avatar
Martyn Smith committed
664
665
666
        'name'    => 'mycontacts',
        'link'    => $wwwroot . 'contacts/',
        'section' => 'mahara',
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
    );


    if (defined('MENUITEM')) {
        foreach ( $menu as &$item ) {
            if ($item['name'] == MENUITEM) {
                $item['selected'] = true;
            }
        }
    }
    else {
        $menu[0]['selected'] = true;
    }

    log_debug($menu);

    return $menu;
}

686
?>