Search moodle.org's
Developer Documentation


/course/ -> rest.php (source)
   1  <?php
   2  
   3  // This file is part of Moodle - http://moodle.org/
   4  //
   5  // Moodle is free software: you can redistribute it and/or modify
   6  // it under the terms of the GNU General Public License as published by
   7  // the Free Software Foundation, either version 3 of the License, or
   8  // (at your option) any later version.
   9  //
  10  // Moodle is distributed in the hope that it will be useful,
  11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  // GNU General Public License for more details.
  14  //
  15  // You should have received a copy of the GNU General Public License
  16  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17  
  18  /**
  19   * Provide interface for topics AJAX course formats
  20   *
  21   * @copyright 1999 Martin Dougiamas  http://dougiamas.com
  22   * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   * @package course
  24   */
  25  
  26  if (!defined('AJAX_SCRIPT')) {
  27      define('AJAX_SCRIPT', true);
  28  }
  29  require_once(dirname(__FILE__) . '/../config.php');
  30  require_once($CFG->dirroot.'/course/lib.php');
  31  
  32  // Initialise ALL the incoming parameters here, up front.
  33  $courseid   = required_param('courseId', PARAM_INT);
  34  $class      = required_param('class', PARAM_ALPHA);
  35  $field      = optional_param('field', '', PARAM_ALPHA);
  36  $instanceid = optional_param('instanceId', 0, PARAM_INT);
  37  $sectionid  = optional_param('sectionId', 0, PARAM_INT);
  38  $beforeid   = optional_param('beforeId', 0, PARAM_INT);
  39  $value      = optional_param('value', 0, PARAM_INT);
  40  $column     = optional_param('column', 0, PARAM_ALPHA);
  41  $id         = optional_param('id', 0, PARAM_INT);
  42  $summary    = optional_param('summary', '', PARAM_RAW);
  43  $sequence   = optional_param('sequence', '', PARAM_SEQUENCE);
  44  $visible    = optional_param('visible', 0, PARAM_INT);
  45  $pageaction = optional_param('action', '', PARAM_ALPHA); // Used to simulate a DELETE command
  46  $title      = optional_param('title', '', PARAM_TEXT);
  47  
  48  $PAGE->set_url('/course/rest.php', array('courseId'=>$courseid,'class'=>$class));
  49  
  50  //NOTE: when making any changes here please make sure it is using the same access control as course/mod.php !!
  51  
  52  $course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
  53  // Check user is logged in and set contexts if we are dealing with resource
  54  if (in_array($class, array('resource'))) {
  55      $cm = get_coursemodule_from_id(null, $id, $course->id, false, MUST_EXIST);
  56      require_login($course, false, $cm);
  57      $modcontext = context_module::instance($cm->id);
  58  } else {
  59      require_login($course);
  60  }
  61  $coursecontext = context_course::instance($course->id);
  62  require_sesskey();
  63  
  64  echo $OUTPUT->header(); // send headers
  65  
  66  // OK, now let's process the parameters and do stuff
  67  // MDL-10221 the DELETE method is not allowed on some web servers, so we simulate it with the action URL param
  68  $requestmethod = $_SERVER['REQUEST_METHOD'];
  69  if ($pageaction == 'DELETE') {
  70      $requestmethod = 'DELETE';
  71  }
  72  
  73  switch($requestmethod) {
  74      case 'POST':
  75  
  76          switch ($class) {
  77              case 'section':
  78  
  79                  if (!$DB->record_exists('course_sections', array('course'=>$course->id, 'section'=>$id))) {
  80                      throw new moodle_exception('AJAX commands.php: Bad Section ID '.$id);
  81                  }
  82  
  83                  switch ($field) {
  84                      case 'visible':
  85                          require_capability('moodle/course:sectionvisibility', $coursecontext);
  86                          $resourcestotoggle = set_section_visible($course->id, $id, $value);
  87                          echo json_encode(array('resourcestotoggle' => $resourcestotoggle));
  88                          break;
  89  
  90                      case 'move':
  91                          require_capability('moodle/course:movesections', $coursecontext);
  92                          move_section_to($course, $id, $value);
  93                          // See if format wants to do something about it
  94                          $response = course_get_format($course)->ajax_section_move();
  95                          if ($response !== null) {
  96                              echo json_encode($response);
  97                          }
  98                          break;
  99                  }
 100                  break;
 101  
 102              case 'resource':
 103                  switch ($field) {
 104                      case 'visible':
 105                          require_capability('moodle/course:activityvisibility', $modcontext);
 106                          set_coursemodule_visible($cm->id, $value);
 107                          \core\event\course_module_updated::create_from_cm($cm, $modcontext)->trigger();
 108                          break;
 109  
 110                      case 'duplicate':
 111                          require_capability('moodle/course:manageactivities', $coursecontext);
 112                          require_capability('moodle/backup:backuptargetimport', $coursecontext);
 113                          require_capability('moodle/restore:restoretargetimport', $coursecontext);
 114                          if (!course_allowed_module($course, $cm->modname)) {
 115                              throw new moodle_exception('No permission to create that activity');
 116                          }
 117                          $sr = optional_param('sr', null, PARAM_INT);
 118                          $result = mod_duplicate_activity($course, $cm, $sr);
 119                          echo json_encode($result);
 120                          break;
 121  
 122                      case 'groupmode':
 123                          require_capability('moodle/course:manageactivities', $modcontext);
 124                          set_coursemodule_groupmode($cm->id, $value);
 125                          \core\event\course_module_updated::create_from_cm($cm, $modcontext)->trigger();
 126                          break;
 127  
 128                      case 'indent':
 129                          require_capability('moodle/course:manageactivities', $modcontext);
 130                          $cm->indent = $value;
 131                          if ($cm->indent >= 0) {
 132                              $DB->update_record('course_modules', $cm);
 133                              rebuild_course_cache($cm->course);
 134                          }
 135                          break;
 136  
 137                      case 'move':
 138                          require_capability('moodle/course:manageactivities', $modcontext);
 139                          if (!$section = $DB->get_record('course_sections', array('course'=>$course->id, 'section'=>$sectionid))) {
 140                              throw new moodle_exception('AJAX commands.php: Bad section ID '.$sectionid);
 141                          }
 142  
 143                          if ($beforeid > 0){
 144                              $beforemod = get_coursemodule_from_id('', $beforeid, $course->id);
 145                              $beforemod = $DB->get_record('course_modules', array('id'=>$beforeid));
 146                          } else {
 147                              $beforemod = NULL;
 148                          }
 149  
 150                          $isvisible = moveto_module($cm, $section, $beforemod);
 151                          echo json_encode(array('visible' => (bool) $isvisible));
 152                          break;
 153                      case 'gettitle':
 154                          require_capability('moodle/course:manageactivities', $modcontext);
 155                          $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
 156                          $module = new stdClass();
 157                          $module->id = $cm->instance;
 158  
 159                          // Don't pass edit strings through multilang filters - we need the entire string
 160                          echo json_encode(array('instancename' => $cm->name));
 161                          break;
 162                      case 'updatetitle':
 163                          require_capability('moodle/course:manageactivities', $modcontext);
 164                          require_once($CFG->libdir . '/gradelib.php');
 165                          $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
 166                          $module = new stdClass();
 167                          $module->id = $cm->instance;
 168  
 169                          // Escape strings as they would be by mform
 170                          if (!empty($CFG->formatstringstriptags)) {
 171                              $module->name = clean_param($title, PARAM_TEXT);
 172                          } else {
 173                              $module->name = clean_param($title, PARAM_CLEANHTML);
 174                          }
 175  
 176                          if (strval($module->name) !== '') {
 177                              $DB->update_record($cm->modname, $module);
 178                              $cm->name = $module->name;
 179                              \core\event\course_module_updated::create_from_cm($cm, $modcontext)->trigger();
 180                              rebuild_course_cache($cm->course);
 181                          } else {
 182                              $module->name = $cm->name;
 183                          }
 184  
 185                          // Attempt to update the grade item if relevant
 186                          $grademodule = $DB->get_record($cm->modname, array('id' => $cm->instance));
 187                          $grademodule->cmidnumber = $cm->idnumber;
 188                          $grademodule->modname = $cm->modname;
 189                          grade_update_mod_grades($grademodule);
 190  
 191                          // We need to return strings after they've been through filters for multilang
 192                          $stringoptions = new stdClass;
 193                          $stringoptions->context = $coursecontext;
 194                          echo json_encode(array('instancename' => html_entity_decode(format_string($module->name, true,  $stringoptions))));
 195                          break;
 196                  }
 197                  break;
 198  
 199              case 'course':
 200                  switch($field) {
 201                      case 'marker':
 202                          require_capability('moodle/course:setcurrentsection', $coursecontext);
 203                          course_set_marker($course->id, $value);
 204                          break;
 205                  }
 206                  break;
 207          }
 208          break;
 209  
 210      case 'DELETE':
 211          switch ($class) {
 212              case 'resource':
 213                  require_capability('moodle/course:manageactivities', $modcontext);
 214                  course_delete_module($cm->id);
 215                  break;
 216          }
 217          break;
 218  }

Search This Site: