function blocks_execute_url_action(&$PAGE, &$pageblocks, $pinned = false)
{
$blockaction = optional_param('blockaction', '', PARAM_ALPHA);
if (empty($blockaction) || !$PAGE->user_allowed_editing() || !confirm_sesskey()) {
return;
}
$instanceid = optional_param('instanceid', 0, PARAM_INT);
$blockid = optional_param('blockid', 0, PARAM_INT);
if (!empty($blockid)) {
blocks_execute_action($PAGE, $pageblocks, strtolower($blockaction), $blockid, $pinned);
} else {
if (!empty($instanceid)) {
$instance = blocks_find_instance($instanceid, $pageblocks);
blocks_execute_action($PAGE, $pageblocks, strtolower($blockaction), $instance, $pinned);
}
}
}
$beforeid = optional_param('beforeId', 0, PARAM_INT);
$value = optional_param('value', 0, PARAM_INT);
$column = optional_param('column', 0, PARAM_ALPHA);
$id = optional_param('id', 0, PARAM_INT);
$summary = optional_param('summary', '', PARAM_RAW);
$sequence = optional_param('sequence', '', PARAM_SEQUENCE);
$visible = optional_param('visible', 0, PARAM_INT);
// Authorise the user and verify some incoming data
if (!($course = get_record('course', 'id', $courseid))) {
error_log('AJAX commands.php: Course does not exist');
die;
}
$PAGE = page_create_object(PAGE_COURSE_VIEW, $course->id);
$pageblocks = blocks_setup($PAGE, BLOCKS_PINNED_BOTH);
if (!empty($instanceid)) {
$blockinstance = blocks_find_instance($instanceid, $pageblocks);
if (!$blockinstance || $blockinstance->pageid != $course->id || $blockinstance->pagetype != 'course-view') {
error_log('AJAX commands.php: Bad block ID ' . $instanceid);
die;
}
}
$context = get_context_instance(CONTEXT_COURSE, $course->id);
require_login($course->id);
require_capability('moodle/course:update', $context);
// OK, now let's process the parameters and do stuff
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
switch ($class) {
case 'block':
switch ($field) {
case 'visible':
