Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/h5p/ -> ajax.php (source)

Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 400 and 401]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Responsible for handling AJAX requests related to H5P.
  19   *
  20   * @package    core_h5p
  21   * @copyright  2020 Victor Deniz <victor@moodle.com>, based on code by Joubel AS
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  use core_h5p\factory;
  26  use core_h5p\framework;
  27  use core_h5p\local\library\autoloader;
  28  use Moodle\H5PCore;
  29  use Moodle\H5PEditorEndpoints;
  30  
  31  define('AJAX_SCRIPT', true);
  32  
  33  require(__DIR__ . '/../config.php');
  34  require_once($CFG->libdir . '/filelib.php');
  35  
  36  if (!confirm_sesskey()) {
  37      autoloader::register();
  38      H5PCore::ajaxError(get_string('invalidsesskey', 'error'));
  39      header('HTTP/1.1 403 Forbidden');
  40      return;
  41  }
  42  require_login();
  43  
  44  $action = required_param('action', PARAM_ALPHA);
  45  
  46  $factory = new factory();
  47  $editor = $factory->get_editor();
  48  
  49  // Set context to default system context.
  50  $PAGE->set_context(null);
  51  
  52  switch ($action) {
  53      // Load list of libraries or details for library.
  54      case 'libraries':
  55          // Get parameters.
  56          $name = optional_param('machineName', '', PARAM_TEXT);
  57          $major = optional_param('majorVersion', 0, PARAM_INT);
  58          $minor = optional_param('minorVersion', 0, PARAM_INT);
  59  
  60          // Normalise Moodle language using underscore, as opposed to H5P which uses dash.
  61          $language = optional_param('default-language', '', PARAM_RAW);
  62          $language = clean_param(str_replace('-', '_', $language), PARAM_LANG);
  63  
  64          if (!empty($name)) {
  65              $editor->ajax->action(H5PEditorEndpoints::SINGLE_LIBRARY, $name,
  66                  $major, $minor, framework::get_language(), '', '', $language);
  67          } else {
  68              $editor->ajax->action(H5PEditorEndpoints::LIBRARIES);
  69          }
  70  
  71          break;
  72  
  73      // Load content type cache list to display available libraries in hub.
  74      case 'contenttypecache':
  75          $editor->ajax->action(H5PEditorEndpoints::CONTENT_TYPE_CACHE);
  76          break;
  77  
  78      // Handle file upload through the editor.
  79      // This endpoint needs a token that only users with H5P editor access could get.
  80      // TODO: MDL-68907 to check capabilities.
  81      case 'files':
  82          $token = required_param('token', PARAM_RAW);
  83          $contentid = required_param('contentId', PARAM_INT);
  84  
  85          $maxsize = get_max_upload_file_size($CFG->maxbytes);
  86          // Check size of each uploaded file and scan for viruses.
  87          foreach ($_FILES as $uploadedfile) {
  88              $filename = clean_param($uploadedfile['name'], PARAM_FILE);
  89              if ($uploadedfile['size'] > $maxsize) {
  90                  H5PCore::ajaxError(get_string('maxbytesfile', 'error', ['file' => $filename, 'size' => display_size($maxsize, 0)]));
  91                  return;
  92              }
  93              \core\antivirus\manager::scan_file($uploadedfile['tmp_name'], $filename, true);
  94          }
  95  
  96          $editor->ajax->action(H5PEditorEndpoints::FILES, $token, $contentid);
  97          break;
  98  
  99      // Get the $language libraries translations.
 100      case 'translations':
 101          $language = required_param('language', PARAM_RAW);
 102          $editor->ajax->action(H5PEditorEndpoints::TRANSLATIONS, $language);
 103          break;
 104  
 105      // Handle filtering of parameters through AJAX.
 106      case 'filter':
 107          $token = required_param('token', PARAM_RAW);
 108          $libraryparameters = required_param('libraryParameters', PARAM_RAW);
 109  
 110          $editor->ajax->action(H5PEditorEndpoints::FILTER, $token, $libraryparameters);
 111          break;
 112  
 113      // Throw error if AJAX action is not handled.
 114      default:
 115          throw new coding_exception('Unhandled AJAX');
 116          break;
 117  }