Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /*
  18   * Handling all ajax request for comments API
  19   *
  20   * @package   core
  21   * @copyright 2010 Dongsheng Cai {@link http://dongsheng.org}
  22   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  define('AJAX_SCRIPT', true);
  25  define('NO_DEBUG_DISPLAY', true);
  26  
  27  require_once('../config.php');
  28  require_once($CFG->dirroot . '/comment/lib.php');
  29  
  30  $contextid = optional_param('contextid', SYSCONTEXTID, PARAM_INT);
  31  $action    = optional_param('action', '', PARAM_ALPHA);
  32  
  33  if (empty($CFG->usecomments)) {
  34      throw new comment_exception('commentsnotenabled', 'moodle');
  35  }
  36  
  37  list($context, $course, $cm) = get_context_info_array($contextid);
  38  
  39  if ( $contextid == SYSCONTEXTID ) {
  40      $course = $SITE;
  41  }
  42  
  43  $PAGE->set_url('/comment/comment_ajax.php');
  44  
  45  // Allow anonymous user to view comments providing forcelogin now enabled
  46  require_course_login($course, true, $cm);
  47  $PAGE->set_context($context);
  48  if (!empty($cm)) {
  49      $PAGE->set_cm($cm, $course);
  50  } else if (!empty($course)) {
  51      $PAGE->set_course($course);
  52  }
  53  
  54  if (!confirm_sesskey()) {
  55      $error = array('error'=>get_string('invalidsesskey', 'error'));
  56      die(json_encode($error));
  57  }
  58  
  59  $client_id = required_param('client_id', PARAM_ALPHANUM);
  60  $area      = optional_param('area',      '', PARAM_AREA);
  61  $commentid = optional_param('commentid', -1, PARAM_INT);
  62  $content   = optional_param('content',   '', PARAM_RAW);
  63  $itemid    = optional_param('itemid',    '', PARAM_INT);
  64  $page      = optional_param('page',      0,  PARAM_INT);
  65  $component = optional_param('component', '',  PARAM_COMPONENT);
  66  
  67  // initilising comment object
  68  $args = new stdClass;
  69  $args->context   = $context;
  70  $args->course    = $course;
  71  $args->cm        = $cm;
  72  $args->area      = $area;
  73  $args->itemid    = $itemid;
  74  $args->client_id = $client_id;
  75  $args->component = $component;
  76  $manager = new comment($args);
  77  
  78  echo $OUTPUT->header(); // send headers
  79  
  80  // process ajax request
  81  switch ($action) {
  82      case 'add':
  83          if ($manager->can_post()) {
  84              $result = $manager->add($content);
  85              if (!empty($result) && is_object($result)) {
  86                  $result->count = $manager->count();
  87                  $result->client_id = $client_id;
  88                  echo json_encode($result);
  89                  die();
  90              }
  91          }
  92          break;
  93      case 'delete':
  94          $comment = $DB->get_record('comments', ['id' => $commentid]);
  95          if ($manager->can_delete($comment)) {
  96              if ($manager->delete($commentid)) {
  97                  $result = array(
  98                      'client_id' => $client_id,
  99                      'commentid' => $commentid
 100                  );
 101                  echo json_encode($result);
 102                  die();
 103              }
 104          }
 105          break;
 106      case 'get':
 107      default:
 108          if ($manager->can_view()) {
 109              $comments = $manager->get_comments($page);
 110              $result = array(
 111                  'list'       => $comments,
 112                  'count'      => $manager->count(),
 113                  'pagination' => $manager->get_pagination($page),
 114                  'client_id'  => $client_id
 115              );
 116              echo json_encode($result);
 117              die();
 118          }
 119          break;
 120  }
 121  
 122  if (!isloggedin()) {
 123      // tell user to log in to view comments
 124      echo json_encode(array('error'=>'require_login'));
 125  }
 126  // ignore request
 127  die;