public static function handle_ajax()
{
global $DB, $USER;
if (!\H5PCore::validToken('result', required_param('token', PARAM_RAW))) {
\H5PCore::ajaxError(get_string('invalidtoken', 'hvp'));
exit;
}
// Content parameters
$content_id = required_param('contentId', PARAM_INT);
$score = required_param('score', PARAM_INT);
$max_score = required_param('maxScore', PARAM_INT);
// Time values not usable by gradebook
// $opened = required_param('opened', PARAM_INT);
// $finished = required_param('finished', PARAM_INT);
// Get hvp data from contentId
$hvp = $DB->get_record('hvp', array('id' => $content_id));
// Check permissions
$context = \context_course::instance($hvp->course);
if (!has_capability('mod/hvp:saveresults', $context)) {
\H5PCore::ajaxError(get_string('nopermissiontosaveresult', 'hvp'));
http_response_code(403);
exit;
}
// Create grade object and set grades
$grade = (object) array('userid' => $USER->id);
// Get course module id from db, required for grade item
$cm_id_sql = "SELECT cm.id, h.name\n FROM {course_modules} cm, {hvp} h, {modules} m\n WHERE cm.instance = h.id AND h.id = ? AND m.name = 'hvp' AND m.id = cm.module";
$result = $DB->get_record_sql($cm_id_sql, array($content_id));
// Set grade using Gradebook API
$hvp->cmidnumber = $result->id;
$hvp->name = $result->name;
$hvp->rawgrade = $score;
$hvp->rawgrademax = $max_score;
hvp_grade_item_update($hvp, $grade);
// Get content info for log
$content = $DB->get_record_sql("SELECT c.name AS title, l.machine_name AS name, l.major_version, l.minor_version\n FROM {hvp} c\n JOIN {hvp_libraries} l ON l.id = c.main_library_id\n WHERE c.id = ?", array($content_id));
// Log view
new \mod_hvp\event('results', 'set', $content_id, $content->title, $content->name, $content->major_version . '.' . $content->minor_version);
\H5PCore::ajaxSuccess();
exit;
}
/**
* Handle user results reported by the H5P content.
*
* @since 1.5.0
*/
public function ajax_contents_user_data()
{
global $wpdb;
$content_id = filter_input(INPUT_GET, 'content_id');
$data_id = filter_input(INPUT_GET, 'data_type');
$sub_content_id = filter_input(INPUT_GET, 'sub_content_id');
$current_user = wp_get_current_user();
if ($content_id === NULL || $data_id === NULL || $sub_content_id === NULL || !$current_user->ID) {
return;
// Missing parameters
}
$response = (object) array('success' => TRUE);
$data = filter_input(INPUT_POST, 'data');
$preload = filter_input(INPUT_POST, 'preload');
$invalidate = filter_input(INPUT_POST, 'invalidate');
if ($data !== NULL && $preload !== NULL && $invalidate !== NULL) {
if (!wp_verify_nonce(filter_input(INPUT_POST, 'token'), 'h5p_contentuserdata')) {
H5PCore::ajaxError(__('Invalid security token', $this->plugin_slug));
exit;
}
if ($data === '0') {
// Remove data
$wpdb->delete($wpdb->prefix . 'h5p_contents_user_data', array('content_id' => $content_id, 'data_id' => $data_id, 'user_id' => $current_user->ID, 'sub_content_id' => $sub_content_id), array('%d', '%s', '%d', '%d'));
} else {
// Wash values to ensure 0 or 1.
$preload = $preload === '0' ? 0 : 1;
$invalidate = $invalidate === '0' ? 0 : 1;
// Determine if we should update or insert
$update = $wpdb->get_var($wpdb->prepare("SELECT content_id\n FROM {$wpdb->prefix}h5p_contents_user_data\n WHERE content_id = %d\n AND user_id = %d\n AND data_id = %s\n AND sub_content_id = %d", $content_id, $current_user->ID, $data_id, $sub_content_id));
if ($update === NULL) {
// Insert new data
$wpdb->insert($wpdb->prefix . 'h5p_contents_user_data', array('user_id' => $current_user->ID, 'content_id' => $content_id, 'sub_content_id' => $sub_content_id, 'data_id' => $data_id, 'data' => $data, 'preload' => $preload, 'invalidate' => $invalidate, 'updated_at' => current_time('mysql', 1)), array('%d', '%d', '%d', '%s', '%s', '%d', '%d', '%s'));
} else {
// Update old data
$wpdb->update($wpdb->prefix . 'h5p_contents_user_data', array('data' => $data, 'preload' => $preload, 'invalidate' => $invalidate, 'updated_at' => current_time('mysql', 1)), array('user_id' => $current_user->ID, 'content_id' => $content_id, 'data_id' => $data_id, 'sub_content_id' => $sub_content_id), array('%s', '%d', '%d', '%s'), array('%d', '%d', '%s', '%d'));
}
}
// Inserted, updated or deleted
H5PCore::ajaxSuccess();
exit;
} else {
// Fetch data
$response->data = $wpdb->get_var($wpdb->prepare("SELECT hcud.data\n FROM {$wpdb->prefix}h5p_contents_user_data hcud\n WHERE user_id = %d\n AND content_id = %d\n AND data_id = %s\n AND sub_content_id = %d", $current_user->ID, $content_id, $data_id, $sub_content_id));
if ($response->data === NULL) {
unset($response->data);
}
}
header('Cache-Control: no-cache');
header('Content-type: application/json; charset=utf-8');
print json_encode($response);
exit;
}
global $CFG;
// Trigger a Moodle log event for each xAPI statement
// that is dispatched by the H5P (hvp) object.
if (!\H5PCore::validToken('logxapievent', required_param('token', PARAM_RAW))) {
\H5PCore::ajaxError(get_string('invalidtoken', 'hvp'));
exit;
}
$hvpid = optional_param('hvpid', null, PARAM_INT);
$courseid = optional_param('courseid', null, PARAM_INT);
$jsonxapistatement = optional_param('xapistatement', null, PARAM_RAW);
$xapistatement = json_decode($jsonxapistatement, true);
$context = \context_module::instance($hvpid);
$event = \mod_hvp\event\hvp_xapi::create(array('objectid' => $hvpid, 'context' => $context, 'other' => array('statement' => $xapistatement['data']['statement']), 'courseid' => $courseid));
$event->trigger();
// Debugging...
if (!empty($CFG->debug) and $CFG->debug >= DEBUG_DEVELOPER) {
$msg = "xAPI '" . $xapistatement['data']['statement']['verb']['display']['en-US'] . "' statement dispatched";
\H5PCore::ajaxSuccess($msg);
http_response_code(200);
}
break;
/*
* Throw error if AJAX isnt handeled
*/
/*
* Throw error if AJAX isnt handeled
*/
default:
throw new coding_exception('Unhandled AJAX');
break;
}
/**
* Retrieves ajax parameters for content and update or delete
* user data depending on params.
*
* @throws \coding_exception
*/
public static function handle_ajax()
{
global $DB;
// Query String Parameters.
$content_id = required_param('content_id', PARAM_INT);
$data_id = required_param('data_type', PARAM_RAW);
$sub_content_id = required_param('sub_content_id', PARAM_INT);
// Form Data.
$data = optional_param('data', null, PARAM_RAW);
$pre_load = optional_param('preload', null, PARAM_INT);
$invalidate = optional_param('invalidate', null, PARAM_INT);
if ($content_id === null || $data_id === null || $sub_content_id === null) {
\H5PCore::ajaxError(get_string('missingparameters', 'hvp'));
exit;
// Missing parameters.
}
// Saving data
if ($data !== NULL && $pre_load !== NULL && $invalidate !== NULL) {
// Validate token
if (!\H5PCore::validToken('contentuserdata', required_param('token', PARAM_RAW))) {
\H5PCore::ajaxError(get_string('invalidtoken', 'hvp'));
exit;
}
// Use context id if supplied
$context_id = optional_param('contextId', null, PARAM_INT);
if ($context_id) {
$context = \context::instance_by_id($context_id);
} else {
// Otherwise try to find it from content id
$context = \context_course::instance($DB->get_field('hvp', 'course', array('id' => $content_id)));
}
// Check permissions
if (!has_capability('mod/hvp:savecontentuserdata', $context)) {
\H5PCore::ajaxError(get_string('nopermissiontosavecontentuserdata', 'hvp'));
http_response_code(403);
exit;
}
if ($data === '0') {
// Delete user data.
self::delete_user_data($content_id, $sub_content_id, $data_id);
} else {
// Save user data.
self::save_user_data($content_id, $sub_content_id, $data_id, $pre_load, $invalidate, $data);
}
\H5PCore::ajaxSuccess();
} else {
// Fetch user data
$user_data = self::get_user_data($content_id, $sub_content_id, $data_id);
if ($user_data === false) {
// Did not find data, return nothing
\H5PCore::ajaxSuccess();
} else {
// Found data, return encoded data
\H5PCore::ajaxSuccess($user_data->data);
}
}
exit;
}