Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
- Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.
/lib/ajax/ -> service.php (source)
Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 39 and 402] [Versions 400 and 402] [Versions 401 and 402] [Versions 402 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * This file is used to call any registered externallib function in Moodle. 19 * 20 * It will process more than one request and return more than one response if required. 21 * It is recommended to add webservice functions and re-use this script instead of 22 * writing any new custom ajax scripts. 23 * 24 * @since Moodle 2.9 25 * @package core 26 * @copyright 2015 Damyon Wiese 27 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 28 */ 29 30 use core_external\external_api; 31 use core_external\external_settings; 32 33 define('AJAX_SCRIPT', true); 34 // Services can declare 'readonlysession' in their config located in db/services.php, if not present will default to false. 35 define('READ_ONLY_SESSION', true); 36 37 if (!empty($_GET['nosessionupdate'])) { 38 define('NO_SESSION_UPDATE', true); 39 } 40 41 require_once(__DIR__ . '/../../config.php'); 42 43 define('PREFERRED_RENDERER_TARGET', RENDERER_TARGET_GENERAL); 44 45 $arguments = ''; 46 $cacherequest = false; 47 if (defined('ALLOW_GET_PARAMETERS')) { 48 $arguments = optional_param('args', '', PARAM_RAW); 49 $cachekey = optional_param('cachekey', '', PARAM_INT); 50 if ($cachekey && $cachekey > 0 && $cachekey <= time()) { 51 $cacherequest = true; 52 } 53 } 54 55 // Either we are not allowing GET parameters or we didn't use GET because 56 // we did not pass a cache key or the URL was too long. 57 if (empty($arguments)) { 58 $arguments = file_get_contents('php://input'); 59 } 60 61 $requests = json_decode($arguments, true); 62 63 if ($requests === null) { 64 $lasterror = json_last_error_msg(); 65 throw new coding_exception('Invalid json in request: ' . $lasterror); 66 } 67 $responses = array(); 68 69 // Defines the external settings required for Ajax processing. 70 $settings = external_settings::get_instance(); 71 $settings->set_file('pluginfile.php'); 72 $settings->set_fileurl(true); 73 $settings->set_filter(true); 74 $settings->set_raw(false); 75 76 $haserror = false; 77 foreach ($requests as $request) { 78 $response = array(); 79 $methodname = clean_param($request['methodname'], PARAM_ALPHANUMEXT); 80 $index = clean_param($request['index'], PARAM_INT); 81 $args = $request['args']; 82 83 $response = external_api::call_external_function($methodname, $args, true); 84 $responses[$index] = $response; 85 86 if ($response['error']) { 87 $haserror = true; 88 if (!NO_MOODLE_COOKIES) { 89 // If there was an error, and this HTTP request includes a Moodle cookie (and therefore a login), reject all 90 // subsequent changes. 91 // 92 // The reason for this is that an earlier step may be performing a dependant action. Consider the following: 93 // 1) Backup a thing 94 // 2) Reset the thing to its initial state 95 // 3) Restore the thing from the backup made in step 1. 96 // 97 // In the above example you do not want steps 2 and 3 to happen if step 1 fails. 98 // Do not process the remaining requests. 99 100 // If the request came through service-nologin.php which does not allow any kind of login, 101 // then it is not possible to make changes to the DB, session, site, etc. 102 // For all other cases, we *MUST* stop processing subsequent requests. 103 break; 104 } 105 } 106 } 107 108 if ($cacherequest && !$haserror) { 109 // 90 days only - based on Moodle point release cadence being every 3 months. 110 $lifetime = 60 * 60 * 24 * 90; 111 112 header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT'); 113 header('Pragma: '); 114 header('Cache-Control: public, max-age=' . $lifetime . ', immutable'); 115 header('Accept-Ranges: none'); 116 } 117 118 echo json_encode($responses);
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
