dataroot.'/questionattempt'.$relativepath; // extract relative path components $args = explode('/', trim($relativepath, '/')); // check for the right number of directories in the path if (count($args) != 3) { error('Invalid arguments supplied'); } // security: require login require_login(); // security: do not return directory node! if (is_dir($pathname)) { question_attempt_not_found(); } $lifetime = 0; // do not cache because students may reupload files // security: check that the user has permission to access this file $haspermission = false; if ($attempt = get_record("question_attempts", "id", $args[0])) { $modfile = $CFG->dirroot .'/mod/'. $attempt->modulename .'/lib.php'; $modcheckfileaccess = $attempt->modulename .'_check_file_access'; if (file_exists($modfile)) { @require_once($modfile); if (function_exists($modcheckfileaccess)) { $haspermission = $modcheckfileaccess($args[0], $args[1]); } } } else if ($args[0][0] == 0) { global $USER; $list = explode('_', $args[0]); if ($list[1] == $USER->id) { $haspermission = true; } } if ($haspermission) { // check that file exists if (!file_exists($pathname)) { question_attempt_not_found(); } // send the file session_write_close(); // unlock session during fileserving $filename = $args[count($args)-1]; send_file($pathname, $filename, $lifetime, $CFG->filteruploadedfiles, false, $forcedownload); } else { question_attempt_not_found(); } function question_attempt_not_found() { global $CFG; header('HTTP/1.0 404 not found'); print_error('filenotfound', 'error', $CFG->wwwroot); //this is not displayed on IIS?? } ?>