mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-16 14:02:32 +02:00
Code Issues Projects Releases Wiki Activity

quiz: MDL-19145 Safe Exam Browser integration.

Browse Source 
This is a better alternative to 'secure' mode.

It needs to be enabled by the administrator.
This commit is contained in:
tjhunt 2009-09-30 10:57:57 +00:00
parent cac0c3ef3d
commit 7d4dfc481e
10 changed files with 121 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/settings/development.php
View File

@ -14,6 +14,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
$item->set_updatedcallback('reset_text_filters_cache');
$temp->add($item);
$temp->add(new admin_setting_configcheckbox('experimentalsplitrestore', get_string('experimentalsplitrestore', 'admin'), get_string('configexperimentalsplitrestore', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('enablesafebrowserintegration', get_string('enablesafebrowserintegration', 'admin'), get_string('configenablesafebrowserintegration', 'admin'), 0));
$ADMIN->add('experimental', $temp);

2
lang/en_utf8/admin.php
View File

@ -145,6 +145,7 @@ $string['configenablehtmlpurifier'] = 'Use HTML Purifier instead of KSES for cle
$string['configenablerssfeeds'] = 'This switch will enable RSS feeds from across the site. To actually see any change you will need to enable RSS feeds in the individual modules too - go to the Modules settings under Admin Configuration.';
$string['configenablerssfeedsdisabled'] = 'It is not available because RSS feeds are disabled in all the Site. To enable them, go to the Variables settings under Admin Configuration.';
$string['configenablerssfeedsdisabled2'] = 'RSS feeds are disabled at the server level. You need to enable them first in Server/RSS.';
$string['configenablesafebrowserintegration'] = 'This adds the choice \'Require Safe Exam Browser\' to the \'Browser security\' field on the quiz settings form. See http://www.safeexambrowser.org/ for more information.';
$string['configenablestats'] = 'If you choose \'yes\' here, Moodle\'s cronjob will process the logs and gather some statistics. Depending on the amount of traffic on your site, this can take awhile. If you enable this, you will be able to see some interesting graphs and statistics about each of your courses, or on a sitewide basis.';
$string['configenabletrusttext'] = 'By default Moodle will always thoroughly clean text that comes from users to remove any possible bad scripts, media etc that could be a security risk. The Trusted Content system is a way of giving particular users that you trust the ability to include these advanced features in their content without interference. To enable this system, you need to first enable this setting, and then grant the Trusted Content permission to a specific Moodle role. Texts created or uploaded by such users will be marked as trusted and will not be cleaned before display.';
$string['configenablewebservices'] = 'Web services enable other systems to log in to this Moodle and perform operations. For extra security this feature should be disabled unless you are really using it.';
@ -406,6 +407,7 @@ $string['enablegroupings'] = 'Enable groupings';
$string['enablehtmlpurifier'] = 'Enable HTML Purifier';
$string['enablerecordcache'] = 'Enable Record Cache';
$string['enablerssfeeds'] = 'Enable RSS feeds';
$string['enablesafebrowserintegration'] = 'Enable Safe Exam Browser integration';
$string['enablestats'] = 'Enable statistics';
$string['enabletrusttext'] = 'Enable Trusted Content';
$string['enablewebservices'] = 'Enable web services';

56
lang/en_utf8/help/quiz/browsersecurity.html Normal file
View File

@ -0,0 +1,56 @@
<h1>Browser security</h1>
<p>This option offers various ways to try to restrict how students may try to 'cheat'
while attempting a quiz. However, this is not a simple issue, and what in one situation
is considered 'cheating' may, in another situation, just be effective use of information
technology. (For example, the ability to quickly find answers using a search engine.)</p>
<p>Note also that this is not just at problem of technology with a technical solution.
Cheating has been going on since long before computers, and while computers make certain
actions, like copy and paste, easier, they also make it easier for teachers to detect
cheating - for example using the quiz reports. The options provided here are not fool-proof,
and while they do make some forms of cheating harder for students, they also make it more
inconvenient for students to attempt the quizzes, and they are not fool-proof.</p>
<p>You should alos consider other ways to make it harder for students to cheat at your quiz:</p>
<ul>
<li>You can use a large question bank, which the quiz picking a selection of questions randomly,
so different students see different, but similar questions.</li>
<li>You can use the shuffle answers option, so that the right answer to question 1 is not always option A.</li>
<li>You can ask questions that required students to analyse the given information, rather than just recalling facts.</li>
</p>
<p>With the above warnings in mind, here is the description of the available options.</p>
<h3>None</h3>
<p>No impediments are put in the way of students attempting the quiz.</p>
<h3>Full screen pop-up with some JavaScript security</h3>
<p>There is a limit to what the quiz, with runs on a web server, can do to restrict
what the student sitting at their computer can do while attempting the quiz. However,
this option does what is possible:</p>
<ul>
<li>The quiz will only start if the student has a JavaScript-enabled web-browser.</li>
<li>The quiz appears in a fullscreen popup window that covers all the other windows and has no navigation controls.</li>
<li>The students are prevented, as far as is possible, from using facilities like copy and paste.</li>
</ul>
<h3>Require the use of Safe Exam Browser</h3>
<p>This option will only appear if your adminstrator has enabled it.</p>
<p><a href="http://www.safeexambrowser.org/">Safe Exam Browser</a> is a customised web browser that must be
downloaded an installed on the computer that the student uses to attempt the quiz. The restrictions placed on
students are similar to those in pop-up window case, but because Safe Exam Browser is software running
on the student's computer, it can do a much more effective job of restricting their actions. If you select this option:</p>
<ul>
<li>Students will only be able to attempt the quiz if they are using Safe Exam Browser.</li>
<li>The browser window will be fullscreen (without any navigation elements).</li>
<li>The window cannot be closed until the test is submitted.</li>
<li>Shortcuts keys such as Win, Ctrl+Alt+Del, Alt+F4, F1, Ctrl+P, Printscreen, are disabled.</li>
<li>Copy and paste, and the context menu, are disabled.</li>
<li>Switching to other applications is disabled.</li>
<li>Surfing to other web sites is prohibited.</li>
</ul>

5
lang/en_utf8/quiz.php
View File

@ -95,6 +95,7 @@ $string['blackboard'] = 'Blackboard';
$string['blackboard_six'] = 'Blackboard V6+';
$string['bothattempts'] = 'Show students with and without attempts';
$string['braceerror'] = 'Could not find {...} around answers';
$string['browsersecurity'] = 'Browser security';
$string['calculated'] = 'Calculated';
$string['calculatedquestion'] = 'Calculated Question not supported at line $a. The question will be ignored';
$string['cannotcreatepath'] = 'Path cannot be created ($a)';
@ -506,6 +507,7 @@ $string['pleaseclose'] = 'Your request has been processed. You can now close thi
$string['popup'] = 'Show quiz in a &quot;secure&quot; window';
$string['popupblockerwarning'] = 'This section of the test is in secure mode, this means that you need to take the quiz in a secure window. Please turn off your popup blocker. Thank you.';
$string['popupnotice'] = 'Students will see this quiz in a secure window';
$string['popupwithjavascriptsupport'] = 'Full screen pop-up with some JavaScript security';
$string['preprocesserror'] = 'Error occurred during pre-processing!';
$string['preview'] = 'Preview';
$string['previewquestion'] = 'Preview question';
@ -624,6 +626,7 @@ $string['reports'] = 'Reports';
$string['reportsimplestat'] = 'Simple statistics';
$string['requirepassword'] = 'Require password';
$string['requirepasswordmessage'] = 'To attempt this quiz you need to know the quiz password';
$string['requiresafeexambrowser'] = 'Require the use of Safe Exam Browser';
$string['requiresubnet'] = 'Require network address';
$string['response'] = 'Response';
$string['responses'] = 'Responses';
@ -646,6 +649,8 @@ $string['reviewresponsetoq'] = 'Review response (question $a)';
$string['reviewthisattempt'] = 'Review your responses to this attempt';
$string['rqp'] = 'Remote Question';
$string['rqps'] = 'Remote Questions';
$string['safebrowsererror']='This quiz has been set up so that it may only be attempted using the Safe Exam Browser. You cannot attempt it form this web browser.';
$string['safebrowsernotice']='This quiz has been configured so that students may only attempt it using the Safe Exam Browser.';
$string['sameasoverall'] = 'Same as for overall grades';
$string['save'] = 'Save';
$string['saveandedit'] = 'Save changes and edit questions';

34
mod/quiz/accessrules.php
View File

@ -8,6 +8,7 @@ class quiz_access_manager {
private $_timenow;
private $_passwordrule = null;
private $_securewindowrule = null;
private $_safebrowserrule = null;
private $_rules = array();
/**
@ -44,8 +45,13 @@ class quiz_access_manager {
$this->_rules[] = $this->_passwordrule;
}
if (!empty($quiz->popup)) {
$this->_securewindowrule = new securewindow_access_rule($this->_quizobj, $this->_timenow);
$this->_rules[] = $this->_securewindowrule;
if ($quiz->popup == 1) {
$this->_securewindowrule = new securewindow_access_rule($this->_quizobj, $this->_timenow);
$this->_rules[] = $this->_securewindowrule;
} elseif ($quiz->popup == 2) {
$this->_safebrowserrule = new safebrowser_access_rule($this->_quizobj, $this->_timenow);
$this->_rules[] = $this->_safebrowserrule;
}
}
}
@ -182,6 +188,13 @@ class quiz_access_manager {
return !$canpreview && !is_null($this->_securewindowrule);
}
/**
* @return bolean if this quiz should only be shown to students with safe browser.
*/
public function safebrowser_required($canpreview) {
return !$canpreview && !is_null($this->_safebrowserrule);
}
/**
* Print a button to start a quiz attempt, with an appropriate javascript warning,
* depending on the access restrictions. The link will pop up a 'secure' window, if
@ -763,4 +776,21 @@ class securewindow_access_rule extends quiz_access_rule_base {
echo "</script>\n";
}
}
/**
* A rule representing the safe browser check.
*/
class safebrowser_access_rule extends quiz_access_rule_base {
public function prevent_access() {
if (!$this->_quizobj->is_preview_user() && !quiz_check_safe_browser()) {
return get_string('safebrowsererror', 'quiz');
} else {
return false;
}
}
public function description() {
return get_string("safebrowsernotice", "quiz");
}
}
?>

3
mod/quiz/attempt.php
View File

@ -99,6 +99,9 @@
if ($accessmanager->securewindow_required($attemptobj->is_preview_user())) {
$accessmanager->setup_secure_page($attemptobj->get_course()->shortname . ': ' .
format_string($attemptobj->get_quiz_name()), $headtags);
} elseif ($accessmanager->safebrowser_required($attemptobj->is_preview_user())) {
print_header($attemptobj->get_course()->shortname . ': '.
format_string($attemptobj->get_quiz_name()), '', '', '', $headtags, false, '', '', false, '');
} else {
$PAGE->set_title(format_string($attemptobj->get_quiz_name()));
$PAGE->set_button($attemptobj->update_module_button());

9
mod/quiz/locallib.php
View File

@ -1243,3 +1243,12 @@ function quiz_error($quiz, $errorcode, $a = null) {
}
print_error($errorcode, 'quiz', $CFG->wwwroot . '/mod/quiz/view.php?q=' . $quiz, $a);
}
/**
* Checks if browser is safe browser
*
* @return true, if browser is safe browser else false
*/
function quiz_check_safe_browser() {
return strpos($_SERVER['HTTP_USER_AGENT'], "SEB") !== false;
}

10
mod/quiz/mod_form.php
View File

@ -261,8 +261,14 @@ class mod_quiz_mod_form extends moodleform_mod {
$mform->disabledIf('delay2', 'attempts', 'eq', 2);
/// 'Secure' window.
$mform->addElement('selectyesno', 'popup', get_string('showinsecurepopup', 'quiz'));
$mform->setHelpButton('popup', array('popup', get_string('showinsecurepopup', 'quiz'), 'quiz'));
$options = array(
0 => get_string('none', 'quiz'),
1 => get_string('popupwithjavascriptsupport', 'quiz'));
if ($CFG->enablesafebrowserintegration) {
$options[2] = get_string('requiresafeexambrowser', 'quiz');
}
$mform->addElement('select', 'popup', get_string('browsersecurity', 'quiz'), $options);
$mform->setHelpButton('popup', array('browsersecurity', get_string('browsersecurity', 'quiz'), 'quiz'));
$mform->setAdvanced('popup', $quizconfig->popup_adv);
$mform->setDefault('popup', $quizconfig->popup);

2
mod/quiz/review.php
View File

@ -92,6 +92,8 @@
$headtags = $attemptobj->get_html_head_contributions($page);
if ($accessmanager->securewindow_required($attemptobj->is_preview_user())) {
$accessmanager->setup_secure_page($attemptobj->get_course()->shortname.': '.format_string($attemptobj->get_quiz_name()), $headtags);
} elseif ($accessmanager->safebrowser_required($attemptobj->is_preview_user())) {
print_header($attemptobj->get_course()->shortname . ': '.format_string($attemptobj->get_quiz_name()), '', '', '', $headtags, false, '', '', false, '');
} else {
$attemptobj->navigation($strreviewtitle);
$PAGE->set_title(format_string($attemptobj->get_quiz_name()));

3
mod/quiz/summary.php
View File

@ -49,6 +49,9 @@ $title = get_string('summaryofattempt', 'quiz');
if ($accessmanager->securewindow_required($attemptobj->is_preview_user())) {
$accessmanager->setup_secure_page($attemptobj->get_course()->shortname . ': ' .
format_string($attemptobj->get_quiz_name()), '');
} elseif ($accessmanager->safebrowser_required($attemptobj->is_preview_user())) {
print_header($attemptobj->get_course()->shortname . ': '.
format_string($attemptobj->get_quiz_name()), '', '', '', '', false, '', '', false, '');
} else {
$attemptobj->navigation($title);
$PAGE->set_title(format_string($attemptobj->get_quiz_name()));