by Ron Meske.
Hello Yasser,
Did you find a way to integrate Moodle and your HRMIS?
Did you find a way to integrate Moodle and your HRMIS?
↧
Re: Integration with Oracle based HRMIS
↧
Security risk using token in url
by Dan Logan.
Thank you
Hi
I have created a webservice and I link it via zapier. My concern is the url in the post command sends the token in plain text in the url??
Isn't this a security issue??
Eg the url looks like below
Thank you
↧
↧
Re: Security risk using token in url
by Andreas Grabs.
Hi Dan,
i am not the security guy. But you shouldn't use "http" anymore. There is no reason for that.
If you allow this the login page is far more insecure than your Webservice.
If you use "https" with proper certificate validation your webservice url goes encrypted through the net.
best regards
Andreas
↧
Re: Security risk using token in url
by Dan Logan.
Hi Andreas
Thank you for explaining it to me in plain english! I was concerned that sending the key it could be read, but if encryted then that makes sense. On my production server it is https, so the example I gave was my test one that is http so all good!
Regards
Dan
↧
Re: Security risk using token in url
by Juan Leyva.
Hi,
could you change the way the request is done so instead passing the parameters as GET it uses POST? This will enforce security (apart from using https) so web servers (or analytics tools) does not log the access tokens.
could you change the way the request is done so instead passing the parameters as GET it uses POST? This will enforce security (apart from using https) so web servers (or analytics tools) does not log the access tokens.
↧
↧
check mail before core_user_create_users
by sterk jim.
Hi all,
I use core_user_create_users function to create a user, and it works perfectly,
but when email adresse exist, then i have got a message "incorrect parameter" and in debug : "this email exist"
So i want to check by webservice if a email existe and or something like : "getuseridbyemail function" that can return me an id of a specific email.
I don't want to check it directly by SQL,
Thanks for your help
↧
Event to update custom profile field
by Dan Logan.
Hi
Is anyone able to suggest how I create an event that would populate a user id field?
EG An event ON coursecompletion IF course ID=X or Y then update customfield checkbox to 1
I have no idea where to start,
Thank you kindly
Dan
↧
core_enrol_get_enrolled_users options and json
by Tim Titley.
Hi All,
I'm trying to retrieve a list of enrolled users for a particular course using python, but am having problems defining the options.
I can post the following:
{'courseid': 96, 'options': [{'name': 'userfields', 'value': 'role'}, {'name': 'userfields', 'value': 'username'}], 'wstoken': 'MY_TOKEN', 'wsfunction': 'core_enrol_get_enrolled_users', 'moodlewsrestformat': 'json'}
but get the response:
{'exception': 'invalid_parameter_exception', 'errorcode': 'invalidparameter', 'message': 'Invalid parameter value detected', 'debuginfo': "options => Invalid parameter value detected: Only arrays accepted. The bad value is: 'value'"}
I've tried a number of different ways of presenting the options, but from my understanding, the above *should* work.
On the other hand, this works as expected:
curl -X POST 'https://mymoodlesite/webservice/rest/server.php' -d 'courseid=207&options[0][name]=userfields&options[0][value]=username&options[1][name]=userfields&options[1][value]=roles&wstoken=MY_TOKEN&wsfunction=core_enrol_get_enrolled_users&moodlewsrestformat=json'
Am I missing something obvious?
↧
Get results by course
by Young Bo KIM.
Thanks for your time in advance.
I would like to use a function "core_grede_get_grades", however it DEPRECATED so I am testing all different external service functions.
At this point, I realize I have to make an external service to get data which I would like to have, because in users section, ID number is not the id number in system and it doesn't allow me to change.
My question is as shown below.( and sincerely apologise for laziness)
1. is there any way to change external services?
2. if yes, would you guys please tell me where all these libraries for grading?
3. if no, I would like to know where i can implement the external function. ( I have a variety of input values)
Thanks for your time to read this silly questions.
↧
↧
Re: core_enrol_get_enrolled_users options and json
by Young Bo KIM.
please don't use -X POST
try as shown below command.
curl -v -H "Content-Type: application/x-www-form-urlencoded Accept: application/json" -d "moodlewsrestformat=json&wstoken=xxxxxxxxxxxxxxxxxxxxx&wsfunction=xxxxxxxxxxxxxxx&'put options with &'""https://mymoodlesite/webservice/rest/server.php"
try as shown below command.
curl -v -H "Content-Type: application/x-www-form-urlencoded Accept: application/json" -d "moodlewsrestformat=json&wstoken=xxxxxxxxxxxxxxxxxxxxx&wsfunction=xxxxxxxxxxxxxxx&'put options with &'""https://mymoodlesite/webservice/rest/server.php"
↧
Re: core_enrol_get_enrolled_users options and json
by Tim Titley.
Thanks for your reply.
I don't have a problem with urlencoded query. I can get this working. The problem is with posting json to the service endpoint.
JSON seems to work fine if I use simple key/value pairs, but when I use nested lists/collections (or in this case, a collection within a list within a collection), it throws the error.
Do you think my understanding is correct, and is the the json is valid or do you think this might be a bug in the parameter checking code?
I'm happy to submit a bug report, but I just wanted a second opinion..
I don't have a problem with urlencoded query. I can get this working. The problem is with posting json to the service endpoint.
JSON seems to work fine if I use simple key/value pairs, but when I use nested lists/collections (or in this case, a collection within a list within a collection), it throws the error.
Do you think my understanding is correct, and is the the json is valid or do you think this might be a bug in the parameter checking code?
I'm happy to submit a bug report, but I just wanted a second opinion..
↧
Re: core_enrol_get_enrolled_users options and json
by Young Bo KIM.
in API Docs, it should be "option[0][optionname]: option", then "option[0][name]=name&optioin[0][groupid]=xxxx&so on.
so option[0] is fixed.
↧
LDAP
by Henrique Cavet.
Hello people. I have an urgent demand. In my business, intranet authentication is done through LDAP, and I need to do it on the Moodle platform as well. Only, I need to include in it the work schedule of the employee. Therefore, the employee will have to validate the access with registration / password and automatically, will be pulled his working hours and if, in compliance the employee can have access to the platform moodle, otherwise will have access blocked, because it is not on time. Work What I still can't understand is whether this modification is done in LDAP or MOODLE itself.↧
↧
Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Kelvin Ma.
Our moodle hangs and shows this error message
Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
What does it mean? How can we fix it and prevent it from occurring again?
↧
Re: Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Ken Task.
Is that an Apache error screen you see or a Moodle error screen? And is this a copy and paste error in reporting the error?
What does it mean?
Yep! It's true! Moodle is looking for 'Apache' ...
In 20+ years working with Apache on Linux (some Ubuntu, but mostly Fedora/RH Family/CentOS) I have never seen, if Apache server signature left on, a report of:
(Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16)
Note the bolded above. Now if Apache server signature left on (which should be off) and one forces a simple 404 error (not found), the server would show and should show if configured for ServerTokens set to OS:
(Apache/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16)
Note the missing 'h' in what you report from your server?
How can we fix it - possibly see below!
For for you in investigating config of your server:
ServerTokens
Configures the Server HTTP response header. Different ServerTokens directive options are following (add or modify httpd.conf file or apache.conf):
Prod or ProductOnly – Server sends (e.g.): Server: Apache
ServerTokens Prod
Major – Server sends (e.g.): Server: Apache/2
ServerTokens Major
Minor – Server sends (e.g.): Server: Apache/2.2
ServerTokens Minor
Min or Minimal – Server sends (e.g.): Server: Server: Apache/2.2.4
ServerTokens Min
OS – Server sends (e.g.): Server: Apache/2.2.4 (Ubuntu)
ServerTokens OS
Full or not specified – Server sends (e.g.): Server: Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6.4
ServerTokens Full
ServerTokens setting applies to the entire server, and cannot be enabled or disabled on a virtualhost-by-virtualhost basis.
For reference:
https://www.if-not-true-then-false.com/2009/howto-hide-and-modify-apache-server-information-serversignature-and-servertokens-and-hide-php-version-x-powered-by/
And lastly ... prevent it from occurring again?
Since things like that really don't happen all by themselves, suggest server admin needs to quit messin' with config!
Major piece of advice ... show as little as possible to those that would do harm to your server.
Now I could be all wrong. Been messin' with anything lately?
'SoS', Ken
↧
core_grades_update_grades syntax
by Dan Logan.
Hi
Is there any documentation or would anoyone be able to assist with syntax for webservices api for updating a students grades.
I'm trying to update a students quiz grade but don;t know some of the vairables...
Wht is "component" below referring to?
Activity ID?
&wsfunction=core_grades_update_grades&moodlewsrestformat=json&source=ap&courseid=252&component=mod_url&activityid=12637&itemnumber=0&itemdetails[itemname]=Activity&itemdetails[idnumber]=0&grades[0][studentid]=14289&grades[0][grade]=79
Thank you
Dan
↧
Re: Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Kelvin Ma.
cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
/usr/sbin/httpd -V
no such command
#yum repolist
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Loading mirror speeds from cached hostfile
* base: centos.01link.hk
* epel: nrt.edge.kernel.org
* extras: centos.01link.hk
* remi-php72: ftp.riken.jp
* remi-safe: ftp.riken.jp
* updates: centos.01link.hk
repo id repo name status
!base/7/x86_64 CentOS-7 - Base 10,019
*!epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,348
!extras/7/x86_64 CentOS-7 - Extras 435
!nodesource/x86_64 Node.js Packages for Enterprise Linux 7 - x86_64 113
!remi-php72 Remi's PHP 7.2 RPM repository for Enterprise Linux 7 - 379
!remi-safe Safe Remi's RPM repository for Enterprise Linux 7 - x8 3,553
!updates/7/x86_64 CentOS-7 - Updates 2,500
repolist: 30,347
# tail /var/log/yum.log
Apr 20 07:46:35 Installed: jemalloc-3.6.0-1.el7.x86_64
Apr 20 07:46:35 Installed: redis-3.2.12-2.el7.x86_64
Aug 20 11:30:29 Updated: libldb-1.3.4-1.el7.x86_64
Aug 20 11:30:29 Installed: samba-common-4.8.3-6.el7_6.noarch
Aug 20 11:30:29 Installed: libwbclient-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: samba-client-libs-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: samba-common-libs-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: cifs-utils-6.2-10.el7.x86_64
Aug 20 11:30:30 Updated: libldb-devel-1.3.4-1.el7.x86_64
Aug 20 11:30:30 Installed: cifs-utils-devel-6.2-10.el7.x86_64
CentOS Linux release 7.4.1708 (Core)
/usr/sbin/httpd -V
no such command
#yum repolist
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Loading mirror speeds from cached hostfile
* base: centos.01link.hk
* epel: nrt.edge.kernel.org
* extras: centos.01link.hk
* remi-php72: ftp.riken.jp
* remi-safe: ftp.riken.jp
* updates: centos.01link.hk
repo id repo name status
!base/7/x86_64 CentOS-7 - Base 10,019
*!epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,348
!extras/7/x86_64 CentOS-7 - Extras 435
!nodesource/x86_64 Node.js Packages for Enterprise Linux 7 - x86_64 113
!remi-php72 Remi's PHP 7.2 RPM repository for Enterprise Linux 7 - 379
!remi-safe Safe Remi's RPM repository for Enterprise Linux 7 - x8 3,553
!updates/7/x86_64 CentOS-7 - Updates 2,500
repolist: 30,347
# tail /var/log/yum.log
Apr 20 07:46:35 Installed: jemalloc-3.6.0-1.el7.x86_64
Apr 20 07:46:35 Installed: redis-3.2.12-2.el7.x86_64
Aug 20 11:30:29 Updated: libldb-1.3.4-1.el7.x86_64
Aug 20 11:30:29 Installed: samba-common-4.8.3-6.el7_6.noarch
Aug 20 11:30:29 Installed: libwbclient-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: samba-client-libs-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: samba-common-libs-4.8.3-6.el7_6.x86_64
Aug 20 11:30:30 Installed: cifs-utils-6.2-10.el7.x86_64
Aug 20 11:30:30 Updated: libldb-devel-1.3.4-1.el7.x86_64
Aug 20 11:30:30 Installed: cifs-utils-devel-6.2-10.el7.x86_64
↧
↧
Re: Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Ken Task.
Interesting ... typical CentOS 7 runs either httpd (apache) or nginx - but could run LIghtspeed other as well.
This
/usr/sbin/httpd -V
no such command
shows you are not running apache (httpd daemon)
netstat -tulpn | grep :80 (or :443)
whatis httpd
or whatis nginx
Are we trying to run a loadbalancer?
And this on a server where you had moodle running already?
Confused!
'SoS', Ken
↧
Re: Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Ken Task.
Also noticed the ! in front of repos.
Suggest refreshing the repos ... yum clean all
yum check-update
will rebuild repos.
'SoS', Ken
↧
Re: Error message "Web server software (Apace/2.4.29 (Unix) OpenSSL/1.0.2k-fips PHP/7.2.16) is not supported, sorry."
by Ken Task.
Oh, yeah! If ya had moodle running at one point in time under apache (httpd), did you make sure the httpd daemon is started on reboots?
When any operating system gets a kernel upgrade, normally, server needs to be rebooted. And if systemd doesn't know that the httpd (apache) daemon needs to start up after reboot ... no web server.
Very strange though ... the error screen you show is a Moodle error screen ... so something web server has to be running to see the error!!!
To be 100% honest, have never seen that in many/many/many years running Moodles or WP's or Joomla's or Drupal's or ... whatever. Very strange.
So guess I'll ask again ... and be truthful ... were you playing around with anything?
'SoS', Ken
↧