public static function serveContent()
{
global $CFG, $CONTEXT, $PDOX;
// Sanity checks
$LAUNCH = LTIX::requireData(LTIX::CONTEXT);
$id = $_REQUEST['id'];
if (strlen($id) < 1) {
die("File not found");
}
$p = $CFG->dbprefix;
$stmt = $PDOX->prepare("SELECT contenttype, content, file_name FROM {$p}blob_file\n WHERE file_id = :ID AND context_id = :CID");
$stmt->execute(array(":ID" => $id, ":CID" => $CONTEXT->id));
$row = $stmt->fetch(\PDO::FETCH_ASSOC);
if ($row === false) {
error_log('File not loaded: ' . $id);
die("File not loaded");
}
if (!BlobUtil::safeFileSuffix($row['file_name'])) {
error_log('Unsafe file suffix: ' . $row['file_name']);
die('Unsafe file suffix');
}
$mimetype = $row['contenttype'];
// die($mimetype);
if (strlen($mimetype) > 0) {
header('Content-Type: ' . $mimetype);
}
// header('Content-Disposition: attachment; filename="'.$fn.'"');
// header('Content-Type: text/data');
echo $row['content'];
}
public static function gradeTable($GRADE_DETAIL_CLASS)
{
global $CFG, $OUTPUT, $USER, $LINK;
// Require CONTEXT, USER, and LINK
$LAUNCH = LTIX::requireData();
if (!$USER->instructor) {
die("Requires instructor role");
}
$p = $CFG->dbprefix;
// Get basic grade data
$query_parms = array(":LID" => $LINK->id);
$orderfields = array("R.updated_at", "displayname", "email", "grade");
$searchfields = $orderfields;
$sql = "SELECT R.user_id AS user_id, displayname, email,\n grade, note, R.updated_at AS updated_at\n FROM {$p}lti_result AS R\n JOIN {$p}lti_user AS U ON R.user_id = U.user_id\n WHERE R.link_id = :LID";
// View
$OUTPUT->header();
$OUTPUT->bodyStart();
$OUTPUT->flashMessages();
$OUTPUT->welcomeUserCourse();
if (isset($GRADE_DETAIL_CLASS) && is_object($GRADE_DETAIL_CLASS)) {
$detail = $GRADE_DETAIL_CLASS;
} else {
$detail = false;
}
Table::pagedAuto($sql, $query_parms, $searchfields, $orderfields, "grade-detail.php");
// Since this is in a popup, put out a done button
$OUTPUT->closeButton();
$OUTPUT->footer();
}
function gradeUpdateJson($newdata = false)
{
global $CFG, $PDOX, $LINK;
if ($newdata == false) {
return;
}
if (is_string($newdata)) {
$newdata = json_decode($newdata, true);
}
$LTI = LTIX::requireData(array(LTIX::LINK));
$row = gradeLoad();
$data = array();
if ($row !== false && isset($row['json'])) {
$data = json_decode($row['json'], true);
}
$changed = false;
foreach ($newdata as $k => $v) {
if (!isset($data[$k]) || $data[$k] != $v) {
$data[$k] = $v;
$changed = true;
}
}
if ($changed === false) {
return;
}
$jstr = json_encode($data);
$stmt = $PDOX->queryDie("UPDATE {$CFG->dbprefix}lti_result SET json = :json, updated_at = NOW()\n WHERE result_id = :RID", array(':json' => $jstr, ':RID' => $LINK->result_id));
}
<?php
require_once "../../config.php";
require_once $CFG->dirroot . "/pdo.php";
require_once $CFG->dirroot . "/lib/lms_lib.php";
require_once "peer_util.php";
use Tsugi\Core\LTIX;
// Sanity checks
$LTI = LTIX::requireData();
if (!$USER->instructor) {
die("Instructor only");
}
if (isset($_POST['doClear'])) {
session_unset();
die('session unset');
}
$OUTPUT->header();
$OUTPUT->bodyStart();
$OUTPUT->flashMessages();
$OUTPUT->welcomeUserCourse();
$OUTPUT->togglePre("Session data", safe_var_dump($_SESSION));
?>
<form method="post">
<input type="submit" name="doExit" onclick="location='<?php
echo addSession('index.php');
?>
'; return false;" value="Exit">
<input type="submit" name="doClear" value="Clear Session (will log out out)">
</form>
<?php
flush();
function loadLinkInfo($link_id)
{
global $CFG, $PDOX;
$LTI = LTIX::requireData(LTIX::CONTEXT);
$cacheloc = 'lti_link';
$row = Cache::check($cacheloc, $link_id);
if ($row != false) {
return $row;
}
$stmt = $PDOX->queryDie("SELECT title FROM {$CFG->dbprefix}lti_link\n WHERE link_id = :LID AND context_id = :CID", array(":LID" => $link_id, ":CID" => $LTI['context_id']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
Cache::set($cacheloc, $link_id, $row);
return $row;
}
headerJson();
// Nothing for us to do
if (!isset($_GET[session_name()])) {
echo json_encode(array("error" => "No session"));
return;
}
if (isset($_COOKIE[session_name()])) {
echo json_encode(array("status" => 'done'));
return;
}
if (!isset($_GET['top'])) {
echo json_encode(array("error" => "Need top= parameter"));
return;
}
// Grab the session
$LTI = LTIX::requireData(LTIX::USER);
// This has already been set by someone so nothing to do
if (isset($_COOKIE['TSUGI_TOP_SESSION'])) {
unset($_SESSION['TOP_CHECK']);
// No point in further checks
echo json_encode(array("top_session" => $_COOKIE['TSUGI_TOP_SESSION']));
return;
}
// We are not the top frame
if ($_GET['top'] != 'true') {
unset($_SESSION['TOP_CHECK']);
}
// No more checks are needed
if (!isset($_SESSION['TOP_CHECK']) || $_SESSION['TOP_CHECK'] < 1) {
echo json_encode(array("status" => 'done'));
return;
function mailDeleteSubmit($user_id, $assn_json, $note)
{
global $CFG, $PDOX;
if (!isset($CFG->maildomain) || $CFG->maildomain === false) {
return false;
}
$LTI = LTIX::requireData();
$user_row = loadUserInfoBypass($user_id);
if ($user_row === false) {
return false;
}
$to = $user_row['email'];
if (strlen($to) < 1 || strpos($to, '@') === false) {
return false;
}
$name = $user_row['displayname'];
$token = computeMailCheck($user_id);
$subject = 'From ' . $CFG->servicename . ', Your Peer Graded Entry Has Been Reset';
$E = "\n";
if (isset($CFG->maileol)) {
$E = $CFG->maileol;
}
$message = "This is an automated message. Your peer-graded entry has been reset.{$E}{$E}";
if (isset($LTI['context_title'])) {
$message .= 'Course Title: ' . $LTI['context_title'] . $E;
}
if (isset($LTI['link_title'])) {
$message .= 'Assignment: ' . $LTI['link_title'] . $E;
}
if (isset($LTI['user_displayname'])) {
$message .= 'Staff member doing reset: ' . $LTI['user_displayname'] . $E;
}
$fixnote = trim($note);
if (strlen($fixnote) > 0) {
if ($E != "\n") {
$fixnote = str_replace("\n", $E, $fixnote);
}
$message .= "Notes regarding this action:" . $E . $fixnote . $E;
}
$message .= "{$E}You may now re-submit your peer-graded assignment.{$E}";
$stmt = $PDOX->queryDie("INSERT INTO {$CFG->dbprefix}mail_sent\n (context_id, link_id, user_to, user_from, subject, body, created_at)\n VALUES ( :CID, :LID, :UTO, :UFR, :SUB, :BOD, NOW() )", array(":CID" => $LTI['context_id'], ":LID" => $LTI['link_id'], ":UTO" => $user_id, ":UFR" => $LTI['user_id'], ":SUB" => $subject, ":BOD" => $message));
// echo $to, $subject, $message, $user_id, $token;
$retval = mailSend($to, $subject, $message, $user_id, $token);
return $retval;
}
<?php
require_once "../../config.php";
require_once $CFG->dirroot . "/pdo.php";
require_once $CFG->dirroot . "/lib/lms_lib.php";
require_once "blob_util.php";
use Tsugi\Core\LTIX;
// Sanity checks
$LTI = LTIX::requireData(array(LTIX::CONTEXT, LTIX::LINK));
// Model
$p = $CFG->dbprefix;
if (isset($_FILES['uploaded_file']) && $_FILES['uploaded_file']['error'] == 1) {
$_SESSION['error'] = 'Error: Maximum size of ' . maxUpload() . 'MB exceeded.';
header('Location: ' . addSession('index.php'));
return;
}
if (isset($_FILES['uploaded_file']) && $_FILES['uploaded_file']['error'] == 0) {
$filename = basename($_FILES['uploaded_file']['name']);
if (strpos($filename, '.php') !== false) {
$_SESSION['error'] = 'Error: Wrong file type.';
header('Location: ' . addSession('index.php'));
return;
}
$fp = fopen($_FILES['uploaded_file']['tmp_name'], "rb");
$stmt = $PDOX->prepare("INSERT INTO {$p}sample_blob\n (context_id, file_name, contenttype, content, created_at)\n VALUES (?, ?, ?, ?, NOW())");
$stmt->bindParam(1, $CONTEXT->id);
$stmt->bindParam(2, $filename);
$stmt->bindParam(3, $_FILES['uploaded_file']['type']);
$stmt->bindParam(4, $fp, PDO::PARAM_LOB);
$PDOX->beginTransaction();
$stmt->execute();
Output::headerJson();
// Nothing for us to do
if (!isset($_GET[session_name()])) {
echo json_encode(array("error" => "No session"));
return;
}
if (isset($_COOKIE[session_name()])) {
echo json_encode(array("status" => 'done'));
return;
}
if (!isset($_GET['top'])) {
echo json_encode(array("error" => "Need top= parameter"));
return;
}
// Grab the session
$LAUNCH = LTIX::requireData(LTIX::USER);
// This has already been set by someone so nothing to do
if (isset($_COOKIE['TSUGI_TOP_SESSION'])) {
unset($_SESSION['TOP_CHECK']);
// No point in further checks
echo json_encode(array("top_session" => $_COOKIE['TSUGI_TOP_SESSION']));
return;
}
// We are not the top frame
if ($_GET['top'] != 'true') {
unset($_SESSION['TOP_CHECK']);
}
// No more checks are needed
if (!isset($_SESSION['TOP_CHECK']) || $_SESSION['TOP_CHECK'] < 1) {
echo json_encode(array("status" => 'done'));
return;
<?php
require_once "../../config.php";
require_once $CFG->dirroot . "/pdo.php";
require_once $CFG->dirroot . "/lib/lms_lib.php";
require_once "blob_util.php";
use Tsugi\Core\LTIX;
// Sanity checks
$LTI = LTIX::requireData(LTIX::CONTEXT);
$id = $_REQUEST['id'];
if (strlen($id) < 1) {
die("File not found");
}
$p = $CFG->dbprefix;
$stmt = $PDOX->prepare("SELECT contenttype, content, file_name FROM {$p}blob_file\n WHERE file_id = :ID AND context_id = :CID");
$stmt->execute(array(":ID" => $id, ":CID" => $CONTEXT->id));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row === false) {
error_log('File not loaded: ' . $id);
die("File not loaded");
}
if (!safeFileSuffix($row['file_name'])) {
error_log('Unsafe file suffix: ' . $row['file_name']);
die('Unsafe file suffix');
}
$mimetype = $row['contenttype'];
// die($mimetype);
if (strlen($mimetype) > 0) {
header('Content-Type: ' . $mimetype);
}
// header('Content-Disposition: attachment; filename="'.$fn.'"');
<?php
require_once "../../../../config.php";
require_once $CFG->vendorinclude . "/lms_lib.php";
use Tsugi\Core\LTIX;
if (isset($_GET['endpoint']) && isset($_GET['debug'])) {
// All good
} else {
die('endpoint and debug are required');
}
$endpoint = $_GET['endpoint'];
$debug = $_GET['debug'] == 0;
// Grab the session
$LAUNCH = LTIX::requireData();
$debug = true;
$content = LTIX::getLaunchContent($endpoint, $debug);
echo $content;
