public static function serveContent() { global $CFG, $CONTEXT, $PDOX; // Sanity checks $LAUNCH = LTIX::requireData(LTIX::CONTEXT); $id = $_REQUEST['id']; if (strlen($id) < 1) { die("File not found"); } $p = $CFG->dbprefix; $stmt = $PDOX->prepare("SELECT contenttype, content, file_name FROM {$p}blob_file\n WHERE file_id = :ID AND context_id = :CID"); $stmt->execute(array(":ID" => $id, ":CID" => $CONTEXT->id)); $row = $stmt->fetch(\PDO::FETCH_ASSOC); if ($row === false) { error_log('File not loaded: ' . $id); die("File not loaded"); } if (!BlobUtil::safeFileSuffix($row['file_name'])) { error_log('Unsafe file suffix: ' . $row['file_name']); die('Unsafe file suffix'); } $mimetype = $row['contenttype']; // die($mimetype); if (strlen($mimetype) > 0) { header('Content-Type: ' . $mimetype); } // header('Content-Disposition: attachment; filename="'.$fn.'"'); // header('Content-Type: text/data'); echo $row['content']; }
public static function gradeTable($GRADE_DETAIL_CLASS) { global $CFG, $OUTPUT, $USER, $LINK; // Require CONTEXT, USER, and LINK $LAUNCH = LTIX::requireData(); if (!$USER->instructor) { die("Requires instructor role"); } $p = $CFG->dbprefix; // Get basic grade data $query_parms = array(":LID" => $LINK->id); $orderfields = array("R.updated_at", "displayname", "email", "grade"); $searchfields = $orderfields; $sql = "SELECT R.user_id AS user_id, displayname, email,\n grade, note, R.updated_at AS updated_at\n FROM {$p}lti_result AS R\n JOIN {$p}lti_user AS U ON R.user_id = U.user_id\n WHERE R.link_id = :LID"; // View $OUTPUT->header(); $OUTPUT->bodyStart(); $OUTPUT->flashMessages(); $OUTPUT->welcomeUserCourse(); if (isset($GRADE_DETAIL_CLASS) && is_object($GRADE_DETAIL_CLASS)) { $detail = $GRADE_DETAIL_CLASS; } else { $detail = false; } Table::pagedAuto($sql, $query_parms, $searchfields, $orderfields, "grade-detail.php"); // Since this is in a popup, put out a done button $OUTPUT->closeButton(); $OUTPUT->footer(); }
function gradeUpdateJson($newdata = false) { global $CFG, $PDOX, $LINK; if ($newdata == false) { return; } if (is_string($newdata)) { $newdata = json_decode($newdata, true); } $LTI = LTIX::requireData(array(LTIX::LINK)); $row = gradeLoad(); $data = array(); if ($row !== false && isset($row['json'])) { $data = json_decode($row['json'], true); } $changed = false; foreach ($newdata as $k => $v) { if (!isset($data[$k]) || $data[$k] != $v) { $data[$k] = $v; $changed = true; } } if ($changed === false) { return; } $jstr = json_encode($data); $stmt = $PDOX->queryDie("UPDATE {$CFG->dbprefix}lti_result SET json = :json, updated_at = NOW()\n WHERE result_id = :RID", array(':json' => $jstr, ':RID' => $LINK->result_id)); }
<?php require_once "../../config.php"; require_once $CFG->dirroot . "/pdo.php"; require_once $CFG->dirroot . "/lib/lms_lib.php"; require_once "peer_util.php"; use Tsugi\Core\LTIX; // Sanity checks $LTI = LTIX::requireData(); if (!$USER->instructor) { die("Instructor only"); } if (isset($_POST['doClear'])) { session_unset(); die('session unset'); } $OUTPUT->header(); $OUTPUT->bodyStart(); $OUTPUT->flashMessages(); $OUTPUT->welcomeUserCourse(); $OUTPUT->togglePre("Session data", safe_var_dump($_SESSION)); ?> <form method="post"> <input type="submit" name="doExit" onclick="location='<?php echo addSession('index.php'); ?> '; return false;" value="Exit"> <input type="submit" name="doClear" value="Clear Session (will log out out)"> </form> <?php flush();
function loadLinkInfo($link_id) { global $CFG, $PDOX; $LTI = LTIX::requireData(LTIX::CONTEXT); $cacheloc = 'lti_link'; $row = Cache::check($cacheloc, $link_id); if ($row != false) { return $row; } $stmt = $PDOX->queryDie("SELECT title FROM {$CFG->dbprefix}lti_link\n WHERE link_id = :LID AND context_id = :CID", array(":LID" => $link_id, ":CID" => $LTI['context_id'])); $row = $stmt->fetch(PDO::FETCH_ASSOC); Cache::set($cacheloc, $link_id, $row); return $row; }
headerJson(); // Nothing for us to do if (!isset($_GET[session_name()])) { echo json_encode(array("error" => "No session")); return; } if (isset($_COOKIE[session_name()])) { echo json_encode(array("status" => 'done')); return; } if (!isset($_GET['top'])) { echo json_encode(array("error" => "Need top= parameter")); return; } // Grab the session $LTI = LTIX::requireData(LTIX::USER); // This has already been set by someone so nothing to do if (isset($_COOKIE['TSUGI_TOP_SESSION'])) { unset($_SESSION['TOP_CHECK']); // No point in further checks echo json_encode(array("top_session" => $_COOKIE['TSUGI_TOP_SESSION'])); return; } // We are not the top frame if ($_GET['top'] != 'true') { unset($_SESSION['TOP_CHECK']); } // No more checks are needed if (!isset($_SESSION['TOP_CHECK']) || $_SESSION['TOP_CHECK'] < 1) { echo json_encode(array("status" => 'done')); return;
function mailDeleteSubmit($user_id, $assn_json, $note) { global $CFG, $PDOX; if (!isset($CFG->maildomain) || $CFG->maildomain === false) { return false; } $LTI = LTIX::requireData(); $user_row = loadUserInfoBypass($user_id); if ($user_row === false) { return false; } $to = $user_row['email']; if (strlen($to) < 1 || strpos($to, '@') === false) { return false; } $name = $user_row['displayname']; $token = computeMailCheck($user_id); $subject = 'From ' . $CFG->servicename . ', Your Peer Graded Entry Has Been Reset'; $E = "\n"; if (isset($CFG->maileol)) { $E = $CFG->maileol; } $message = "This is an automated message. Your peer-graded entry has been reset.{$E}{$E}"; if (isset($LTI['context_title'])) { $message .= 'Course Title: ' . $LTI['context_title'] . $E; } if (isset($LTI['link_title'])) { $message .= 'Assignment: ' . $LTI['link_title'] . $E; } if (isset($LTI['user_displayname'])) { $message .= 'Staff member doing reset: ' . $LTI['user_displayname'] . $E; } $fixnote = trim($note); if (strlen($fixnote) > 0) { if ($E != "\n") { $fixnote = str_replace("\n", $E, $fixnote); } $message .= "Notes regarding this action:" . $E . $fixnote . $E; } $message .= "{$E}You may now re-submit your peer-graded assignment.{$E}"; $stmt = $PDOX->queryDie("INSERT INTO {$CFG->dbprefix}mail_sent\n (context_id, link_id, user_to, user_from, subject, body, created_at)\n VALUES ( :CID, :LID, :UTO, :UFR, :SUB, :BOD, NOW() )", array(":CID" => $LTI['context_id'], ":LID" => $LTI['link_id'], ":UTO" => $user_id, ":UFR" => $LTI['user_id'], ":SUB" => $subject, ":BOD" => $message)); // echo $to, $subject, $message, $user_id, $token; $retval = mailSend($to, $subject, $message, $user_id, $token); return $retval; }
<?php require_once "../../config.php"; require_once $CFG->dirroot . "/pdo.php"; require_once $CFG->dirroot . "/lib/lms_lib.php"; require_once "blob_util.php"; use Tsugi\Core\LTIX; // Sanity checks $LTI = LTIX::requireData(array(LTIX::CONTEXT, LTIX::LINK)); // Model $p = $CFG->dbprefix; if (isset($_FILES['uploaded_file']) && $_FILES['uploaded_file']['error'] == 1) { $_SESSION['error'] = 'Error: Maximum size of ' . maxUpload() . 'MB exceeded.'; header('Location: ' . addSession('index.php')); return; } if (isset($_FILES['uploaded_file']) && $_FILES['uploaded_file']['error'] == 0) { $filename = basename($_FILES['uploaded_file']['name']); if (strpos($filename, '.php') !== false) { $_SESSION['error'] = 'Error: Wrong file type.'; header('Location: ' . addSession('index.php')); return; } $fp = fopen($_FILES['uploaded_file']['tmp_name'], "rb"); $stmt = $PDOX->prepare("INSERT INTO {$p}sample_blob\n (context_id, file_name, contenttype, content, created_at)\n VALUES (?, ?, ?, ?, NOW())"); $stmt->bindParam(1, $CONTEXT->id); $stmt->bindParam(2, $filename); $stmt->bindParam(3, $_FILES['uploaded_file']['type']); $stmt->bindParam(4, $fp, PDO::PARAM_LOB); $PDOX->beginTransaction(); $stmt->execute();
Output::headerJson(); // Nothing for us to do if (!isset($_GET[session_name()])) { echo json_encode(array("error" => "No session")); return; } if (isset($_COOKIE[session_name()])) { echo json_encode(array("status" => 'done')); return; } if (!isset($_GET['top'])) { echo json_encode(array("error" => "Need top= parameter")); return; } // Grab the session $LAUNCH = LTIX::requireData(LTIX::USER); // This has already been set by someone so nothing to do if (isset($_COOKIE['TSUGI_TOP_SESSION'])) { unset($_SESSION['TOP_CHECK']); // No point in further checks echo json_encode(array("top_session" => $_COOKIE['TSUGI_TOP_SESSION'])); return; } // We are not the top frame if ($_GET['top'] != 'true') { unset($_SESSION['TOP_CHECK']); } // No more checks are needed if (!isset($_SESSION['TOP_CHECK']) || $_SESSION['TOP_CHECK'] < 1) { echo json_encode(array("status" => 'done')); return;
<?php require_once "../../config.php"; require_once $CFG->dirroot . "/pdo.php"; require_once $CFG->dirroot . "/lib/lms_lib.php"; require_once "blob_util.php"; use Tsugi\Core\LTIX; // Sanity checks $LTI = LTIX::requireData(LTIX::CONTEXT); $id = $_REQUEST['id']; if (strlen($id) < 1) { die("File not found"); } $p = $CFG->dbprefix; $stmt = $PDOX->prepare("SELECT contenttype, content, file_name FROM {$p}blob_file\n WHERE file_id = :ID AND context_id = :CID"); $stmt->execute(array(":ID" => $id, ":CID" => $CONTEXT->id)); $row = $stmt->fetch(PDO::FETCH_ASSOC); if ($row === false) { error_log('File not loaded: ' . $id); die("File not loaded"); } if (!safeFileSuffix($row['file_name'])) { error_log('Unsafe file suffix: ' . $row['file_name']); die('Unsafe file suffix'); } $mimetype = $row['contenttype']; // die($mimetype); if (strlen($mimetype) > 0) { header('Content-Type: ' . $mimetype); } // header('Content-Disposition: attachment; filename="'.$fn.'"');
<?php require_once "../../../../config.php"; require_once $CFG->vendorinclude . "/lms_lib.php"; use Tsugi\Core\LTIX; if (isset($_GET['endpoint']) && isset($_GET['debug'])) { // All good } else { die('endpoint and debug are required'); } $endpoint = $_GET['endpoint']; $debug = $_GET['debug'] == 0; // Grab the session $LAUNCH = LTIX::requireData(); $debug = true; $content = LTIX::getLaunchContent($endpoint, $debug); echo $content;