by Matteo Scaramuccia.
Hi Matt,
here is my quick peer review:
- Trivial, you coud use '../../config.php' instead of dirname() for performances reasons. If you like to use absolute paths, which is nice as well, you could simplify it with just dirname(__FILE__).'/../../'
- Trivial, do not use @subpackage but @package mod_swf
- Fix, instead of using isset(_GET($content), use required_param('content', PARAM_PATH): it will do what you've coded in just one single line. Now the path will be valid if it will start with '/' which is fine, just a bit of refactoring in your work to consider '/' the root of your subfolder when creating $swf_file
- Enh, MIME type extraction. Get benefits from the Moodle Files API: include (= require_once()) lib/filelib.php and use $swf_mime = mimeinfo('type', basename($swf_file)) then simplify the switch by including all the case now based on the MIME Type you're supporting, defining a new boolean variable like $found = true
- Change the conditional branch now based on $found, before being $swf_mime
- Fix, use lib/filelib.php::send_file() (read the PHPDoc for the parameters) to send the file to the browser and get advantages of Partial Responses (HTTP 206) too which are used - it depends on the client - to serve parts of the file to simulate streaming especially when playing with the slider of a media viewer. Besides you'll stick with the Moodle Files API providing files the same way as Moodle does with the objects under its control: you'll share the same bugs (rare, really stable) but also the benefits
- Enh, sending HTTP 404 could be implemented with lib/filelip.php::send_header_404()
- Trivial, be kind and send an HTTP 404 when someone is trying to hack your content parameter with absolute system paths or whatever you find to be a nonexistent file within $CFG->dataroot.$CFG->swf_content_dir
HTH,
Matteo