1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * This file is used to call any registered externallib function in Moodle.
19 *
20 * It will process more than one request and return more than one response if required.
21 * It is recommended to add webservice functions and re-use this script instead of
22 * writing any new custom ajax scripts.
23 *
24 * @since Moodle 2.9
25 * @package core
26 * @copyright 2015 Damyon Wiese
27 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
28 */
29
30define('AJAX_SCRIPT', true);
31// Services can declare 'readonlysession' in their config located in db/services.php, if not present will default to false.
32define('READ_ONLY_SESSION', true);
33
34if (!empty($_GET['nosessionupdate'])) {
35    define('NO_SESSION_UPDATE', true);
36}
37
38require_once(__DIR__ . '/../../config.php');
39require_once($CFG->libdir . '/externallib.php');
40
41define('PREFERRED_RENDERER_TARGET', RENDERER_TARGET_GENERAL);
42
43$arguments = '';
44$cacherequest = false;
45if (defined('ALLOW_GET_PARAMETERS')) {
46    $arguments = optional_param('args', '', PARAM_RAW);
47    $cachekey = optional_param('cachekey', '', PARAM_INT);
48    if ($cachekey && $cachekey > 0 && $cachekey <= time()) {
49        $cacherequest = true;
50    }
51}
52
53// Either we are not allowing GET parameters or we didn't use GET because
54// we did not pass a cache key or the URL was too long.
55if (empty($arguments)) {
56    $arguments = file_get_contents('php://input');
57}
58
59$requests = json_decode($arguments, true);
60
61if ($requests === null) {
62    $lasterror = json_last_error_msg();
63    throw new coding_exception('Invalid json in request: ' . $lasterror);
64}
65$responses = array();
66
67// Defines the external settings required for Ajax processing.
68$settings = external_settings::get_instance();
69$settings->set_file('pluginfile.php');
70$settings->set_fileurl(true);
71$settings->set_filter(true);
72$settings->set_raw(false);
73
74$haserror = false;
75foreach ($requests as $request) {
76    $response = array();
77    $methodname = clean_param($request['methodname'], PARAM_ALPHANUMEXT);
78    $index = clean_param($request['index'], PARAM_INT);
79    $args = $request['args'];
80
81    $response = external_api::call_external_function($methodname, $args, true);
82    $responses[$index] = $response;
83    if ($response['error']) {
84        // Do not process the remaining requests.
85        $haserror = true;
86        break;
87    }
88}
89
90if ($cacherequest && !$haserror) {
91    // 90 days only - based on Moodle point release cadence being every 3 months.
92    $lifetime = 60 * 60 * 24 * 90;
93
94    header('Expires: '. gmdate('D, d M Y H:i:s', time() + $lifetime) .' GMT');
95    header('Pragma: ');
96    header('Cache-Control: public, max-age=' . $lifetime . ', immutable');
97    header('Accept-Ranges: none');
98}
99
100echo json_encode($responses);
101