Moodle 4.1 XRef and Diffs

Search moodle.org's
Developer Documentation
See Release Notes
Long Term Support Release
Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
Moodle 4.1 Database Schema (by Marcus Green)
/admin/tool/mobile/ -> launch.php (source)
Differences Between: [Versions 401 and 402] [Versions 401 and 403]
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Launch page, launch the app using custom URL schemes.
  19   *
  20   * If the user is not logged when visiting this page, he will be redirected to the login page.
  21   * Once he is logged, he will be redirected again to this page and the app launched via custom URL schemes.
  22   *
  23   * @package    tool_mobile
  24   * @copyright  2016 Juan Leyva
  25   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  26   */
  27  
  28  require_once(__DIR__ . '/../../../config.php');
  29  require_once($CFG->libdir . '/externallib.php');
  30  
  31  $serviceshortname  = required_param('service',  PARAM_ALPHANUMEXT);
  32  $passport          = required_param('passport',  PARAM_RAW);    // Passport send from the app to validate the response URL.
  33  $urlscheme         = optional_param('urlscheme', 'moodlemobile', PARAM_NOTAGS); // The URL scheme the app supports.
  34  $confirmed         = optional_param('confirmed', false, PARAM_BOOL);  // If we are being redirected after user confirmation.
  35  $oauthsso          = optional_param('oauthsso', 0, PARAM_INT); // Id of the OpenID issuer (for OAuth direct SSO).
  36  
  37  // Validate that the urlscheme is valid.
  38  if (!preg_match('/^[a-zA-Z][a-zA-Z0-9-\+\.]*$/', $urlscheme)) {
  39      throw new moodle_exception('Invalid parameter: the value of urlscheme isn\'t valid. ' .
  40              'It should start with a letter and can only contain letters, numbers and the characters "." "+" "-".');
  41  }
  42  
  43  // Check web services enabled.
  44  if (!$CFG->enablewebservices) {
  45      throw new moodle_exception('enablewsdescription', 'webservice');
  46  }
  47  
  48  // We have been requested to start a SSO process via OpenID.
  49  if (!empty($oauthsso) && is_enabled_auth('oauth2')) {
  50      $wantsurl = new moodle_url('/admin/tool/mobile/launch.php',
  51          array('service' => $serviceshortname, 'passport' => $passport, 'urlscheme' => $urlscheme, 'confirmed' => $confirmed));
  52      $oauthurl = new moodle_url('/auth/oauth2/login.php',
  53          array('id' => $oauthsso, 'sesskey' => sesskey(), 'wantsurl' => $wantsurl));
  54      header('Location: ' . $oauthurl->out(false));
  55      die;
  56  }
  57  
  58  // Check if the plugin is properly configured.
  59  $typeoflogin = get_config('tool_mobile', 'typeoflogin');
  60  if (empty($SESSION->justloggedin) and
  61          $typeoflogin != tool_mobile\api::LOGIN_VIA_BROWSER and
  62          $typeoflogin != tool_mobile\api::LOGIN_VIA_EMBEDDED_BROWSER) {
  63      throw new moodle_exception('pluginnotenabledorconfigured', 'tool_mobile');
  64  }
  65  
  66  // Check if the service exists and is enabled.
  67  $service = $DB->get_record('external_services', array('shortname' => $serviceshortname, 'enabled' => 1));
  68  if (empty($service)) {
  69      throw new moodle_exception('servicenotavailable', 'webservice');
  70  }
  71  
  72  require_login(0, false);
  73  
  74  // Require an active user: not guest, not suspended.
  75  core_user::require_active_user($USER);
  76  
  77  // Get an existing token or create a new one.
  78  $timenow = time();
  79  $token = external_generate_token_for_current_user($service);
  80  $privatetoken = $token->privatetoken;
  81  external_log_token_request($token);
  82  
  83  // Don't return the private token if the user didn't just log in and a new token wasn't created.
  84  if (empty($SESSION->justloggedin) and $token->timecreated < $timenow) {
  85      $privatetoken = null;
  86  }
  87  
  88  $siteadmin = has_capability('moodle/site:config', context_system::instance(), $USER->id);
  89  
  90  // Passport is generated in the mobile app, so the app opening can be validated using that variable.
  91  // Passports are valid only one time, it's deleted in the app once used.
  92  $siteid = md5($CFG->wwwroot . $passport);
  93  $apptoken = $siteid . ':::' . $token->token;
  94  if ($privatetoken and is_https() and !$siteadmin) {
  95      $apptoken .= ':::' . $privatetoken;
  96  }
  97  
  98  $apptoken = base64_encode($apptoken);
  99  
 100  // Redirect using the custom URL scheme checking first if a URL scheme is forced in the site settings.
 101  $forcedurlscheme = get_config('tool_mobile', 'forcedurlscheme');
 102  if (!empty($forcedurlscheme)) {
 103      $urlscheme = $forcedurlscheme;
 104  }
 105  
 106  $location = "$urlscheme://token=$apptoken";
 107  
 108  // For iOS 10 onwards, we have to simulate a user click.
 109  // If we come from the confirmation page, we should display a nicer page.
 110  $isios = core_useragent::is_ios();
 111  if ($confirmed or $isios) {
 112      $PAGE->set_context(context_system::instance());
 113      $PAGE->set_heading($COURSE->fullname);
 114      $params = array('service' => $serviceshortname, 'passport' => $passport, 'urlscheme' => $urlscheme, 'confirmed' => $confirmed);
 115      $PAGE->set_url("/$CFG->admin/tool/mobile/launch.php", $params);
 116  
 117      echo $OUTPUT->header();
 118      if ($confirmed) {
 119          $confirmedstr = get_string('confirmed');
 120          $PAGE->navbar->add($confirmedstr);
 121          $PAGE->set_title($confirmedstr);
 122          echo $OUTPUT->notification($confirmedstr, \core\output\notification::NOTIFY_SUCCESS);
 123          echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
 124          echo $OUTPUT->single_button(new moodle_url('/course/'), get_string('courses'));
 125          echo $OUTPUT->box_end();
 126      }
 127  
 128      $notice = get_string('clickheretolaunchtheapp', 'tool_mobile');
 129      echo html_writer::link($location, $notice, array('id' => 'launchapp'));
 130      echo html_writer::script(
 131          "window.onload = function() {
 132              document.getElementById('launchapp').click();
 133          };"
 134      );
 135      echo $OUTPUT->footer();
 136  } else {
 137      // For Android a http redirect will do fine.
 138      header('Location: ' . $location);
 139      die;
 140  }