chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Removing custom autoload code see #5523

Browse Source
skala
Julio Montoya 12 years ago
parent 70b08bf6af
commit c4eb71fb2a
8 changed files with 73 additions and 91 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 81
      main/auth/key/key_auth.class.php
  2. 2
      main/course_notice/index.php
  3. 35
      main/document/file.php
  4. 11
      main/inc/autoload.inc.php
  5. 3
      main/inc/global.inc.php
  6. 0
      main/inc/lib/autoload.class.php
  7. 31
      main/work/file.php
  8. 1
      tests/phpunit/phpunit.xml

81
main/auth/key/key_auth.class.php
Unescape View File

@ -5,35 +5,34 @@ use \ChamiloSession as Session;
/**
* Used to authenticate user with an access token. By default this method is disabled.
* Method used primarily to make API calls: Rss, file upload.
*
* Access is granted only for the services that are enabled.
*
* To be secured this method must
*
*
* Access is granted only for the services that are enabled.
*
* To be secured this method must
*
* 1) be called through httpS to avoid sniffing (note that this is the case anyway with other methods such as cookies)
* 2) the url/access token must be secured
*
* This authentication method is session less. This is to ensure that the navigator
*
* This authentication method is session less. This is to ensure that the navigator
* do not receive an access cookie that will grant it access to other parts of the
* application.
*
*
*
*
* Usage:
*
* Enable KeyAuth for a specific service. Add the following lines so that
* the key authentication method is enabled for a specific service before
*
* Enable KeyAuth for a specific service. Add the following lines so that
* the key authentication method is enabled for a specific service before
* calling global.inc.php.
*
* include_once '.../main/inc/autoload.inc.php';
* KeyAuth::enable_services('my_service');
* include_once '.../main/inc/global.inc.php';
*
*
*
*
* Enable url access for a short period of time:
*
*
* token = KeyAuth::create_temp_token();
* url = '...?access_token=' . $token ;
*
*
* @see AccessToken
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
@ -52,7 +51,7 @@ class KeyAuth
/**
* Returns enabled services
*
*
* @return array
*/
public static function get_services()
@ -61,9 +60,9 @@ class KeyAuth
}
/**
* Name of the service for which we are goint to check the API Key.
* Name of the service for which we are goint to check the API Key.
* If empty it disables authentication.
*
*
* !! 10 chars max !!
*/
public static function enable_services($_)
@ -109,7 +108,7 @@ class KeyAuth
}
/**
* Enable key authentication for the default service - i.e. chamilo
* Enable key authentication for the default service - i.e. chamilo
*/
public static function enable()
{
@ -124,7 +123,7 @@ class KeyAuth
/**
* Returns true if the key authentication method is enabled. False otherwise.
* Default to false.
*
*
* @return bool
*/
public static function is_enabled()
@ -133,7 +132,7 @@ class KeyAuth
}
/**
* @return KeyAuth
* @return KeyAuth
*/
public static function instance()
{
@ -146,18 +145,18 @@ class KeyAuth
protected function __construct()
{
}
/**
* Returns true if authentication accepts to run otherwise returns false.
*
* @return boolean
*
* @return boolean
*/
public function accept()
{
/**
* Authentication method must be enabled
* Authentication method must be enabled
*/
if (!self::is_enabled()) {
return false;
@ -174,7 +173,7 @@ class KeyAuth
}
/**
* The service corresponding to the key must be enabled.
* The service corresponding to the key must be enabled.
*/
$service = $key['api_service'];
if (!self::is_service_enabled($service)) {
@ -182,7 +181,7 @@ class KeyAuth
}
/**
* User associated with the key must be active
* User associated with the key must be active
*/
$user = UserManager::get_user_info_by_id($token->get_user_id());
if (empty($user)) {
@ -193,16 +192,16 @@ class KeyAuth
}
/**
* Token must be valid.
* Token must be valid.
*/
return $token->is_valid();
}
/**
* If accepted tear down session, log in user and returns true.
* If accepted tear down session, log in user and returns true.
* If not accepted do nothing and returns false.
*
* @return boolean
*
* @return boolean
*/
public function login()
{
@ -210,22 +209,22 @@ class KeyAuth
return false;
}
/**
* ! important this is to ensure we don't grant access for other parts
* ! important this is to ensure we don't grant access for other parts
*/
Session::destroy();
/**
* We don't allow redirection since access is granted only for this call
* We don't allow redirection since access is granted only for this call
*/
global $no_redirection, $noredirection;
$no_redirection = true;
$noredirection = true;
Session::write('noredirection', $noredirection);
$user_id = $this->get_user_id();
$course_code = $this->get_course_code();
$group_id = $this->get_group_id();
Login::init_user($user_id, true);
Login::init_course($course_code, true);
Login::init_group($group_id, true);
@ -235,7 +234,7 @@ class KeyAuth
/**
* Returns the request access token
*
*
* @return AccessToken
*/
public function get_access_token()
@ -243,17 +242,17 @@ class KeyAuth
$string = Request::get(self::PARAM_ACCESS_TOKEN);
return AccessToken::parse($string);
}
public function get_user_id()
{
return $this->get_access_token()->get_user_id();
}
public function get_course_code()
{
return Request::get('cidReq', 0);
}
public function get_group_id()
{
return Request::get('gidReq', 0);

2
main/course_notice/index.php
Unescape View File

@ -6,7 +6,7 @@
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
require_once dirname(__FILE__) . '/../inc/autoload.inc.php';
//require_once dirname(__FILE__) . '/../inc/autoload.inc.php';
$controller = CourseNoticeController::instance();
KeyAuth::enable_services($controller);

35
main/document/file.php
Unescape View File

@ -4,25 +4,24 @@ Use Model\Document;
Use Model\Course;
/**
* Return either
*
* Return either
*
* - one document
* - several documents (file and/or folders) zipped together
*
*
* Used to transfer files to another application through http.
*
*
* Script parameters:
*
* - id id(s) of the document id=1 or id=1,2,4
*
* - id id(s) of the document id=1 or id=1,2,4
* - cidReq course code
*
*
* Note this script enables key authentication so access with a key token is possible.
*
*
* @package chamilo.document
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
require_once __DIR__ . '/../inc/autoload.inc.php';
KeyAuth::enable();
require_once __DIR__ . '/../inc/global.inc.php';
@ -41,14 +40,14 @@ $course = Course::current();
/**
* No files requested. We make sure we return 404 error to tell the client
* that the call failed.
* that the call failed.
*/
if (count($ids) == 0 || empty($course)) {
Response::not_found();
}
/**
* One file requested. In this case we return the file itself.
* One file requested. In this case we return the file itself.
*/
if (count($ids) == 1) {
$id = reset($ids);
@ -70,7 +69,7 @@ if (count($ids) == 1) {
}
/**
* Several files requested. In this case we zip them together.
* Several files requested. In this case we zip them together.
*/
$files = array();
$folders = array();
@ -90,9 +89,9 @@ foreach ($ids as $id) {
$requested_folders = $folders;
/**
* Note that if a parent folder is hidden children should not be accesible
* even if they are visible. It is therefore not sufficient to check document
* visibility.
* Note that if a parent folder is hidden children should not be accesible
* even if they are visible. It is therefore not sufficient to check document
* visibility.
*/
while ($folders) {
$items = $folders;
@ -116,7 +115,7 @@ while ($folders) {
$folders = $requested_folders;
/**
* Requested files may not be accessible.
* Requested files may not be accessible.
*/
if (count($files) == 0) {
Response::not_found();
@ -135,7 +134,7 @@ foreach ($items as $item) {
}
/**
* Zip files together.
* Zip files together.
*/
$temp_zip_path = Chamilo::temp_file('zip');
$zip_folder = new PclZip($temp_zip_path);
@ -148,7 +147,7 @@ foreach ($files as $file) {
}
/**
* Send file for download
* Send file for download
*/
event_download(Uri::here());
DocumentManager::file_send_for_download($temp_zip_path, false, get_lang('Documents') . '.zip');

11
main/inc/autoload.inc.php
Unescape View File

@ -1,11 +0,0 @@
<?php
/**
* Set up the Chamilo autoload stack. Can be called several time if needed also
* better to avoid it.
*/
/*
require_once dirname(__FILE__) . '/lib/autoload.class.php';
Autoload::register();
*
*/

3
main/inc/global.inc.php
Unescape View File

@ -102,9 +102,6 @@ ini_set('include_path', api_create_include_path_setting());
// This is for compatibility with MAC computers.
ini_set('auto_detect_line_endings', '1');
//Include the libraries that are necessary everywhere
//require_once dirname(__FILE__).'/autoload.inc.php';
//Fixes Htmlpurifier autoloader issue with composer
define('HTMLPURIFIER_PREFIX', $lib_path.'htmlpurifier/library');

0
main/inc/lib/autoload.class.php
Unescape View File

31
main/work/file.php
Unescape View File

@ -4,25 +4,24 @@ Use Model\StudentPublication;
Use Model\Course;
/**
* Return either
*
* Return either
*
* - one work item (file)
* - several work items (files) zipped together
*
*
* Used to transfer files to another application through http.
*
*
* Script parameters:
*
* - id id(s) of the work item id=1 or id=1,2,4
*
* - id id(s) of the work item id=1 or id=1,2,4
* - cidReq course code
*
*
* Note this script enables key authentication so access with a key token is possible.
*
*
* @package chamilo.document
* @license see /license.txt
* @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Geneva
*/
require_once __DIR__ . '/../inc/autoload.inc.php';
KeyAuth::enable();
require_once __DIR__ . '/../inc/global.inc.php';
@ -41,7 +40,7 @@ $course = Course::current();
/**
* No files requested. We make sure we return 404 error to tell the client
* that the call failed.
* that the call failed.
*/
if (count($ids) == 0 || empty($course)) {
Response::not_found();
@ -69,7 +68,7 @@ if (count($ids) == 1) {
}
/**
* one folder requested
* one folder requested
*/
$items = array();
$children = $pub->get_children();
@ -93,7 +92,7 @@ if (count($ids) == 1) {
}
/**
* Several files requested. In this case we zip them together.
* Several files requested. In this case we zip them together.
*/
$items = array();
foreach ($ids as $id) {
@ -105,19 +104,19 @@ foreach ($ids as $id) {
$items[] = $pub;
}
/**
* We ignore folders
* We ignore folders
*/
}
/**
* Requested files may not be accessible.
* Requested files may not be accessible.
*/
if (count($items) == 0) {
Response::not_found();
}
/**
* Zip files together.
* Zip files together.
*/
$zip = Chamilo::temp_zip();
foreach ($items as $item) {
@ -127,7 +126,7 @@ foreach ($items as $item) {
}
/**
* Send file for download
* Send file for download
*/
event_download(Uri::here());
DocumentManager::file_send_for_download($zip->get_path(), false, get_lang('StudentPublications') . '.zip');

1
tests/phpunit/phpunit.xml
Unescape View File

@ -27,7 +27,6 @@
<whitelist addUncoveredFilesFromWhitelist="true">
<directory suffix=".php">../../main/inc</directory>
<exclude>
<!--file>autoload.inc.php</file-->
<!--file>global.inc.php</file-->
</exclude>
</whitelist>

Write Preview
Loading…
Cancel
Save