Book Image

Moodle 1.9 Extension Development

Book Image

Moodle 1.9 Extension Development

Overview of this book

Moodle gives you the power to create and customize feature-rich plug-ins. If you can write Moodle plug-ins, you can make it do just about anything. From making the site easier to administer, to new features, to completely changing the way it looks; plug-ins are the method Moodle offers to customize and extend its functionality. This book will show you how to build all sorts of Moodle plug-ins: admin plug-ins, Blocks, Activities, Grading components, Reports, Fliters that change the way your site works and looks. You will develop standard Moodle plug-ins such as Activities, Filters, and Blocks by creating functioning code that you can execute in your own Moodle installation. Writing modular plug-ins for Moodle will be a large focus of this book.This book will take you inside Moodle and provide you with the ability to develop code the “Moodle way”.This book will expose you to all of the core code functions in Moodle, in a progressive, understandable way. You will learn what libraries are available, what the API calls are, how it is structured and how it can be expanded beyond the plug-in system.You will begin by getting an understanding of the basic architecture that Moodle uses to operate in. Next you will build your first plug-in; a block. You will carry on building other Moodle plug-ins, gaining knowledge of the “Moodle way” of coding, before plunging deeper into the API and inner libraries. Lastly, you will learn how to integrate Moodle with other systems using a variety of methods.When you have completed, you will have a solid understanding of Moodle programming and knowledge of how to extend its functionality in whatever way you want.

Related Content you might be interested in

Current Title:

Small book image
Moodle 1.9 Extension Development
Apr, 2010 | 320 pages
No titles found
Table of Contents (19 chapters)
Moodle 1.9 Extension Development
Moodle 1.9 Extension Development
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
Preface
Preface
Free Chapter
1
Moodle Architecture
Moodle Architecture
Understanding the stack
Directory and system structure
Installing Moodle
Moodle program execution
Configuring Moodle
Moodle's API
Other important libraries
Access control, logins, and roles
Summary
2
Creating and Modifying Blocks
Creating and Modifying Blocks
Creating a block from scratch
Adding a language file
Working with capabilities
Adding instance configuration
Adding scheduled actions to our block
Reviewing a real world block
Using a block as a code container
Summary
3
Creating and Modifying Filters
Creating and Modifying Filters
How a filter works
Building a filter
Summary
4
Creating and Modifying Activity Modules
Creating and Modifying Activity Modules
The scope of creating an activity module
Our module—activity Foo!
Getting started with the NEWMODULE template
Making version.php
Setting icon.gif
Generating install.xml
Creating access.php
Updating index.php
Finishing view.php
Coding lib.php
Upgrading our activity database
Creating backup and restore support
Summary
5
Customizing the Look and Feel
Customizing the Look and Feel
Themes
Course formats
Summary
6
Developer's Guide to the Database
Developer's Guide to the Database
The database structure
Maintaining Moodle tables
Using the Moodle database in your code
Common tables and relationships
Programming best practices
Summary
7
Developing Pluggable Core Modules
Developing Pluggable Core Modules
Assignment types
Resource types
Question types
Where to get more help
Summary
8
Creating Moodle Reports
Creating Moodle Reports
Creating course reports
Creating gradebook reports
Creating administrator reports
Other output formats
Summary
9
Integrating Moodle with Other Systems
Integrating Moodle with Other Systems
Built-in services and plugins
Creating user authentication plugins
Implementing Single Sign On
Creating user enrollment plugins
Grade or completion passing
Summary
10
Writing Secure Code
Writing Secure Code
User access issues
SQL issues
Form issues
File system issues
Screen output issues
Logging your actions
Summary
11
Sending Notifications to Users
Sending Notifications to Users
Requirements
Setup
Using e-mail
Using Moodle messaging
Using RSS feeds
Summary
12
Constructing and Displaying Pages by Using the pagelib Library
Constructing and Displaying Pages by Using the pagelib Library
Introduction to pagelib
Core modules that use pagelib
Using pagelib factory functions
page_base member functions
Meeting pagelib requirements
Converting activity Foo! to pagelib
Related libraries
Summary
13
Building Forms with formslib
Building Forms with formslib
Using formslib
Form definition and elements
Rules and validation
Summary
14
Development for the Adventuresome: Web Services
Development for the Adventuresome: Web Services
Using Remote-Learner Web Services
Using Moodle Networking
Summary

SQL issues

The biggest worry you have when dealing with SQL and your database queries is the risk of SQL injection.

SQL injection is an attack technique that tries to take advantage of an SQL query by inserting other unexpected queries into it. Typically, this is done by taking advantage of incorrectly-filtered string literals in a PHP, or other programming language, script.

Let's consider what this would mean if our code was insecure.

Taking a look at vulnerable code

Let's say we have a fictitious script that takes an integer value (representing a user ID value in a user data table) from a form or direct URL parameter, and uses it. For example: 

http://[oursite]/processuser.php?userid=4

Now, let's say our script looked similar to the following (remember this is fictional; don't really do this! This is a big security hole!):

<?php
require_once('config.php');
$username = $_GET['username'];
$sql = "SELECT * FROM {$CFG->prefix}user WHERE username = $username";
$user = get_record_sql($sql...
Previous Section
End of Section 3
Next Section