Moodle 4.2 XRef and Diffs

Search moodle.org's
Developer Documentation
Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.
Moodle 4.2 Database Schema (by Marcus Green)
/admin/tool/mobile/ -> launch.php (source)
Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 39 and 402] [Versions 400 and 402] [Versions 401 and 402]
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Launch page, launch the app using custom URL schemes.
  19   *
  20   * If the user is not logged when visiting this page, he will be redirected to the login page.
  21   * Once he is logged, he will be redirected again to this page and the app launched via custom URL schemes.
  22   *
  23   * @package    tool_mobile
  24   * @copyright  2016 Juan Leyva
  25   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  26   */
  27  
  28  require_once(__DIR__ . '/../../../config.php');
  29  
  30  $serviceshortname  = required_param('service',  PARAM_ALPHANUMEXT);
  31  $passport          = required_param('passport',  PARAM_RAW);    // Passport send from the app to validate the response URL.
  32  $urlscheme         = optional_param('urlscheme', 'moodlemobile', PARAM_NOTAGS); // The URL scheme the app supports.
  33  $confirmed         = optional_param('confirmed', false, PARAM_BOOL);  // If we are being redirected after user confirmation.
  34  $oauthsso          = optional_param('oauthsso', 0, PARAM_INT); // Id of the OpenID issuer (for OAuth direct SSO).
  35  
  36  // Validate that the urlscheme is valid.
  37  if (!preg_match('/^[a-zA-Z][a-zA-Z0-9-\+\.]*$/', $urlscheme)) {
  38      throw new moodle_exception('Invalid parameter: the value of urlscheme isn\'t valid. ' .
  39              'It should start with a letter and can only contain letters, numbers and the characters "." "+" "-".');
  40  }
  41  
  42  // Check web services enabled.
  43  if (!$CFG->enablewebservices) {
  44      throw new moodle_exception('enablewsdescription', 'webservice');
  45  }
  46  
  47  // We have been requested to start a SSO process via OpenID.
  48  if (!empty($oauthsso) && is_enabled_auth('oauth2')) {
  49      $wantsurl = new moodle_url('/admin/tool/mobile/launch.php',
  50          array('service' => $serviceshortname, 'passport' => $passport, 'urlscheme' => $urlscheme, 'confirmed' => $confirmed));
  51      $oauthurl = new moodle_url('/auth/oauth2/login.php',
  52          array('id' => $oauthsso, 'sesskey' => sesskey(), 'wantsurl' => $wantsurl));
  53      header('Location: ' . $oauthurl->out(false));
  54      die;
  55  }
  56  
  57  // Check if the plugin is properly configured.
  58  $typeoflogin = get_config('tool_mobile', 'typeoflogin');
  59  if (empty($SESSION->justloggedin) and
  60          $typeoflogin != tool_mobile\api::LOGIN_VIA_BROWSER and
  61          $typeoflogin != tool_mobile\api::LOGIN_VIA_EMBEDDED_BROWSER) {
  62      throw new moodle_exception('pluginnotenabledorconfigured', 'tool_mobile');
  63  }
  64  
  65  // Check if the service exists and is enabled.
  66  $service = $DB->get_record('external_services', array('shortname' => $serviceshortname, 'enabled' => 1));
  67  if (empty($service)) {
  68      throw new moodle_exception('servicenotavailable', 'webservice');
  69  }
  70  
  71  require_login(0, false);
  72  
  73  // Require an active user: not guest, not suspended.
  74  core_user::require_active_user($USER);
  75  
  76  // Get an existing token or create a new one.
  77  $timenow = time();
  78  $token = \core_external\util::generate_token_for_current_user($service);
  79  $privatetoken = $token->privatetoken;
  80  \core_external\util::log_token_request($token);
  81  
  82  // Don't return the private token if the user didn't just log in and a new token wasn't created.
  83  if (empty($SESSION->justloggedin) and $token->timecreated < $timenow) {
  84      $privatetoken = null;
  85  }
  86  
  87  $siteadmin = has_capability('moodle/site:config', context_system::instance(), $USER->id);
  88  
  89  // Passport is generated in the mobile app, so the app opening can be validated using that variable.
  90  // Passports are valid only one time, it's deleted in the app once used.
  91  $siteid = md5($CFG->wwwroot . $passport);
  92  $apptoken = $siteid . ':::' . $token->token;
  93  if ($privatetoken and is_https() and !$siteadmin) {
  94      $apptoken .= ':::' . $privatetoken;
  95  }
  96  
  97  $apptoken = base64_encode($apptoken);
  98  
  99  // Redirect using the custom URL scheme checking first if a URL scheme is forced in the site settings.
 100  $forcedurlscheme = get_config('tool_mobile', 'forcedurlscheme');
 101  if (!empty($forcedurlscheme)) {
 102      $urlscheme = $forcedurlscheme;
 103  }
 104  
 105  $location = "$urlscheme://token=$apptoken";
 106  
 107  // For iOS 10 onwards, we have to simulate a user click.
 108  // If we come from the confirmation page, we should display a nicer page.
 109  $isios = core_useragent::is_ios();
 110  if ($confirmed or $isios) {
 111      $PAGE->set_context(context_system::instance());
 112      $PAGE->set_heading($COURSE->fullname);
 113      $params = array('service' => $serviceshortname, 'passport' => $passport, 'urlscheme' => $urlscheme, 'confirmed' => $confirmed);
 114      $PAGE->set_url("/$CFG->admin/tool/mobile/launch.php", $params);
 115  
 116      echo $OUTPUT->header();
 117      if ($confirmed) {
 118          $confirmedstr = get_string('confirmed');
 119          $PAGE->navbar->add($confirmedstr);
 120          $PAGE->set_title($confirmedstr);
 121          echo $OUTPUT->notification($confirmedstr, \core\output\notification::NOTIFY_SUCCESS);
 122          echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
 123          echo $OUTPUT->single_button(new moodle_url('/course/'), get_string('courses'));
 124          echo $OUTPUT->box_end();
 125      }
 126  
 127      $notice = get_string('clickheretolaunchtheapp', 'tool_mobile');
 128      echo html_writer::link($location, $notice, array('id' => 'launchapp'));
 129      echo html_writer::script(
 130          "window.onload = function() {
 131              document.getElementById('launchapp').click();
 132          };"
 133      );
 134      echo $OUTPUT->footer();
 135  } else {
 136      // For Android a http redirect will do fine.
 137      header('Location: ' . $location);
 138      die;
 139  }