Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
- Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/filter/displayh5p/ -> filter.php (source)
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Display H5P filter
*
* @package filter_displayh5p
* @copyright 2019 Victor Deniz <victor@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
use core_h5p\local\library\autoloader;
/**
* Display H5P filter
*
* This filter will replace any occurrence of H5P URLs with the corresponding H5P content embed code
*
* @package filter_displayh5p
* @copyright 2019 Victor Deniz <victor@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class filter_displayh5p extends moodle_text_filter {
/**
* @var boolean $loadresizerjs This is whether to request the resize.js script.
*/
private static $loadresizerjs = true;
/**
* Function filter replaces any h5p-sources.
*
* @param string $text HTML content to process
* @param array $options options passed to the filters
* @return string
*/
public function filter($text, array $options = array()) {
< global $CFG;
> global $CFG, $USER;
if (!is_string($text) or empty($text)) {
// Non string data can not be filtered anyway.
return $text;
}
// We are trying to minimize performance impact checking there's some H5P related URL.
$h5purl = '(http[^ &<]*h5p)';
if (!preg_match($h5purl, $text)) {
return $text;
}
$allowedsources = get_config('filter_displayh5p', 'allowedsources');
$allowedsources = array_filter(array_map('trim', explode("\n", $allowedsources)));
$localsource = '('.preg_quote($CFG->wwwroot, '~').'/[^ &\#"\'<]*\.h5p([?][^ "\'<]*)?[^ \#"\'<]*)';
$allowedsources[] = $localsource;
$params = array(
'tagbegin' => '<iframe src="',
'tagend' => '</iframe>'
);
$specialchars = ['?', '&'];
$escapedspecialchars = ['\?', '&'];
$h5pcontents = array();
$h5plinks = array();
// Check all allowed sources.
foreach ($allowedsources as $source) {
// It is needed to add "/embed" at the end of URLs like https:://*.h5p.com/content/12345 (H5P.com).
$params['urlmodifier'] = '';
< if (($source == $localsource)) {
> // Local files may display a button below the content to modify it when editing mode is on. This button will appear
> // only if the user has the proper capabilities.
> $params['canbeedited'] = (!empty($USER->editing)) && ($source == $localsource);
> if ($source == $localsource) {
$params['tagbegin'] = '<iframe src="'.$CFG->wwwroot.'/h5p/embed.php?url=';
$escapechars = $source;
$ultimatepattern = $source;
} else {
if (!stripos($source, 'embed')) {
$params['urlmodifier'] = '/embed';
}
// Convert special chars.
$sourceid = str_replace('[id]', '[0-9]+', $source);
$escapechars = str_replace($specialchars, $escapedspecialchars, $sourceid);
$ultimatepattern = '(' . $escapechars . ')';
}
// Improve performance creating filterobjects only when needed.
if (!preg_match($ultimatepattern, $text)) {
continue;
}
$h5pcontenturl = new filterobject($source, null, null, false,
< false, null, [$this, 'filterobject_prepare_replacement_callback'], $params);
> false, null, [$this, 'filterobject_prepare_replacement_callback'], $params + ['ish5plink' => false]);
$h5pcontenturl->workregexp = '#'.$ultimatepattern.'#';
$h5pcontents[] = $h5pcontenturl;
// Regex to find h5p extensions in an <a> tag.
$linkregexp = '~<a [^>]*href=["\']('.$escapechars.'[^"\']*)["\'][^>]*>([^<]*)</a>~is';
$h5plinkurl = new filterobject($linkregexp, null, null, false,
< false, null, [$this, 'filterobject_prepare_replacement_callback'], $params);
> false, null, [$this, 'filterobject_prepare_replacement_callback'], $params + ['ish5plink' => true]);
$h5plinkurl->workregexp = $linkregexp;
$h5plinks[] = $h5plinkurl;
}
if (empty($h5pcontents) && empty($h5links)) {
// No matches to deal with.
return $text;
}
// Apply filter inside <a> tag href attribute.
// We can not use filter_phrase function because it removes all tags and can not be applied in tag attributes.
foreach ($h5plinks as $h5plink) {
$text = preg_replace_callback($h5plink->workregexp,
function ($matches) use ($h5plink) {
if ($matches[1] == $matches[2]) {
filter_prepare_phrase_for_replacement($h5plink);
return str_replace('$1', $matches[1], $h5plink->workreplacementphrase);
} else {
return $matches[0];
}
}, $text);
> }
>
}
> // The "Edit" button below each H5P content will be displayed only for users with permissions to edit the content (to
> // avoid confusion). So the original H5P file behind this URL will be obtained and checked using the methods in the API.
$result = filter_phrases($text, $h5pcontents, null, null, false, true);
> // As the H5P URL is required in order to get this information, this action can be done only here(the
> // prepare_replacement_callback method has only the placeholders).
// Encoding H5P file URLs.
> foreach ($h5pcontents as $h5pcontent) {
// embed.php page is requesting a PARAM_LOCALURL url parameter, so for files/directories use non-alphanumeric
> $text = preg_replace_callback($h5pcontent->workregexp,
// characters, we need to encode the parameter. Fetch url parameter added to embed.php and encode the whole url.
> function ($matches) use ($h5pcontent) {
$localurl = '#\?url=([^" <]*[\/]+[^" <]*\.h5p)([?][^"]*)?#';
> global $USER, $CFG;
$result = preg_replace_callback($localurl,
>
function ($matches) {
> // The Edit button placeholder has been added only if the file can be edited.
$baseurl = rawurlencode($matches[1]);
> if ($h5pcontent->replacementcallbackdata['canbeedited']) {
// Deal with possible parameters in the url link.
> // If the content was originally a link, ignore it (it won't have the placeholder).
if (!empty($matches[2])) {
> $matchurl = new \moodle_url($matches[0]);
$match = explode('?', $matches[2]);
> if (strpos($matchurl->get_path(), 'h5p/embed.php') !== false) {
if (!empty($match[1])) {
> return $matches[0];
$baseurl = $baseurl."&".$match[1];
> }
}
>
}
> $contenturl = $matches[0];
return "?url=".$baseurl;
> list($file, $h5p) = \core_h5p\api::get_original_content_from_pluginfile_url($contenturl, true, true);
}, $result);
> if ($file) {
> filter_prepare_phrase_for_replacement($h5pcontent);
return $result;
>
}
> // Check if the user can edit this content.
> if (\core_h5p\api::can_edit_content($file)) {
/**
> // If the user can modify the content, replace the placeholder with a link to the editor.
* Callback used by filterobject / filter_phrases.
> $title = get_string('editcontent', 'core_h5p');
*
> $editorurl = $CFG->wwwroot . '/h5p/edit.php?url=' . $contenturl;
* @param string $tagbegin HTML to insert before any match
> $htmlcode = html_writer::start_tag(
* @param string $tagend HTML to insert after any match
> 'a',
* @param string $urlmodifier string to add to the match URL
> ['class' => 'autolink', 'title' => $title, 'href' => $editorurl]
* @return array [$hreftagbegin, $hreftagend, $replacementphrase] for filterobject.
> );
*/
> $htmlcode .= $title . html_writer::end_tag('a');
public function filterobject_prepare_replacement_callback($tagbegin, $tagend, $urlmodifier) {
> $content = str_replace('$2', $htmlcode, $h5pcontent->workreplacementphrase);
$sourceurl = "$1";
> } else {
if ($urlmodifier !== "") {
> // If the user can't edit the content, remove the placeholder.
$sourceurl .= $urlmodifier;
> $content = str_replace('$2', '', $h5pcontent->workreplacementphrase);
}
> }
> return str_replace('$1', $contenturl, $content);
$h5piframesrc = $sourceurl . '" class="h5p-iframe" name="h5pcontent"' .
> }
' style="height:230px; width: 100%; border: 0;" allowfullscreen="allowfullscreen">';
> }
>
// We want to request the resizing script only once.
> return $matches[0];
if (self::$loadresizerjs) {
> }, $text);
$resizerurl = autoloader::get_h5p_core_library_url('js/h5p-resizer.js');
> * @param bool $canbeedited Whether the content can be modified or not (to display a link to edit it or not).
$tagend .= '<script src="' . $resizerurl->out() . '"></script>';
> * @param bool $ish5plink Whether the original content comes from an H5P link or not.
< public function filterobject_prepare_replacement_callback($tagbegin, $tagend, $urlmodifier) {
> public function filterobject_prepare_replacement_callback($tagbegin, $tagend, $urlmodifier, $canbeedited, $ish5plink) {
>
}
> }
>
return [$tagbegin, $tagend, $h5piframesrc];
> if ($canbeedited && !$ish5plink) {
}
> // Placeholder to be replaced by the edit content button (depending on the user permissions).
}
> $tagend .= "$2";
