diff -Naur moodle1.9.4/admin/settings/misc.php moodle1.9.4_seb/admin/settings/misc.php --- moodle1.9.4/admin/settings/misc.php 2008-11-29 01:18:51.000000000 +0100 +++ moodle1.9.4_seb/admin/settings/misc.php 2009-04-22 11:37:48.000000000 +0200 @@ -15,7 +15,8 @@ $rqsetting = new admin_setting_configcheckbox('selectmanual', get_string('selectmanualquestions', 'qtype_random'), get_string('configselectmanualquestions', 'qtype_random'), 0); $rqsetting->plugin = 'qtype_random'; $temp->add($rqsetting); - + $temp->add(new admin_setting_configcheckbox('enablesafebrowserintegration', get_string('enablesafebrowserintegration', 'admin'), get_string('configenablesafebrowserintegration', 'admin'), 0)); + $ADMIN->add('misc', $temp); // XMLDB editor diff -Naur moodle1.9.4/lang/en_utf8/admin.php moodle1.9.4_seb/lang/en_utf8/admin.php --- moodle1.9.4/lang/en_utf8/admin.php 2009-01-15 00:06:52.000000000 +0100 +++ moodle1.9.4_seb/lang/en_utf8/admin.php 2009-04-22 11:38:44.000000000 +0200 @@ -115,6 +115,7 @@ $string['configenablerssfeeds'] = 'This switch will enable RSS feeds from across the site. To actually see any change you will need to enable RSS feeds in the individual modules too - go to the Modules settings under Admin Configuration.'; $string['configenablerssfeedsdisabled'] = 'It is not available because RSS feeds are disabled in all the Site. To enable them, go to the Variables settings under Admin Configuration.'; $string['configenablerssfeedsdisabled2'] = 'RSS feeds are disabled at the server level. You need to enable them first in Server/RSS.'; +$string['configenablesafebrowserintegration'] = 'This settings enables the integration of a Safe Browser for the quiz in Moodle.'; $string['configenablestats'] = 'If you choose \'yes\' here, Moodle\'s cronjob will process the logs and gather some statistics. Depending on the amount of traffic on your site, this can take awhile. If you enable this, you will be able to see some interesting graphs and statistics about each of your courses, or on a sitewide basis.'; $string['configenabletrusttext'] = 'By default Moodle will always thoroughly clean text that comes from users to remove any possible bad scripts, media etc that could be a security risk. The Trusted Content system is a way of giving particular users that you trust the ability to include these advanced features in their content without interference. To enable this system, you need to first enable this setting, and then grant the Trusted Content permission to a specific Moodle role. Texts created or uploaded by such users will be marked as trusted and will not be cleaned before display.'; $string['configenrolmentplugins'] = 'Please choose the enrolment plugins you wish to use. Don\'t forget to configure the settings properly.

You have to indicate which plugins are enabled, and one plugin can be set as the default plugin for interactive enrolment. To disable interactive enrolment, set \"enrollable\" to \"No\" in required courses.'; @@ -351,6 +352,7 @@ $string['enablehtmlpurifier'] = 'Enable HTML Purifier'; $string['enablerecordcache'] = 'Enable Record Cache'; $string['enablerssfeeds'] = 'Enable RSS feeds'; +$string['enablesafebrowserintegration'] = 'Enable Safe Browser'; $string['enablestats'] = 'Enable statistics'; $string['enabletrusttext'] = 'Enable Trusted Content'; $string['encoding'] = 'Encoding'; diff -Naur moodle1.9.4/lang/en_utf8/help/quiz/popup.html moodle1.9.4_seb/lang/en_utf8/help/quiz/popup.html --- moodle1.9.4/lang/en_utf8/help/quiz/popup.html 2007-04-21 04:02:01.000000000 +0200 +++ moodle1.9.4_seb/lang/en_utf8/help/quiz/popup.html 2009-04-22 11:53:27.000000000 +0200 @@ -1,8 +1,8 @@ -

Display in a "secure" window

+

Browser security

-

The "secure" window tries to provide a little more security for quizzes - (making copying and cheating more difficult) by restricting some of the things - that students can do with their browsers.

+

1.) Full screen pop-up with added javascript security: the "secure" window tries to + provide a little more security for quizzes (making copying and cheating more difficult) + by restricting some of the things that students can do with their browsers.

What happens is that:

+

2.) Require use of Safe Exam Browser (SEB): you can attend the quiz only with the + Safe Exam Browser. The navigation in the quiz is disabled for the students. This + option is savailable if the admin-setting "Enable Safe Browser" in + "Miscellaneous" -> "Experimental" is checked. The Safe Exam Browser is a + webbrowser-environment to carry out online-exams safely. The software changes any computer into a secure + workstation. It regulates the access to any utilities and prevents students from using unauthorised resources.

+ +

NOTE: This security is NOT watertight. Do NOT rely on these protections as your sole strategy. It is impossible to implement complete protection of quizzes in a web environment so please do not rely on this option if @@ -19,4 +34,4 @@ try are to create really large databases of questions from which you randomly choose questions, or even better, rethink your overall assessment to put more value on constructive forms of activity such as forum discussions, - glossary building, wiki writing, workshops, assignments etc.

+ glossary building, wiki writing, workshops, assignments etc.

\ No newline at end of file diff -Naur moodle1.9.4/lang/en_utf8/quiz.php moodle1.9.4_seb/lang/en_utf8/quiz.php --- moodle1.9.4/lang/en_utf8/quiz.php 2009-01-15 00:06:52.000000000 +0100 +++ moodle1.9.4_seb/lang/en_utf8/quiz.php 2009-04-22 11:38:55.000000000 +0200 @@ -395,9 +395,10 @@ $string['penaltyscheme'] = 'Apply penalties'; $string['percentcorrect'] = 'Percent Correct'; $string['pleaseclose'] = 'Your request has been processed. You can now close this window'; -$string['popup'] = 'Show quiz in a "secure" window'; +$string['popup'] = 'Browser security'; $string['popupblockerwarning'] = 'This section of the test is in secure mode, this means that you need to take the quiz in a secure window. Please turn off your popup blocker. Thank you.'; $string['popupnotice'] = 'Students will see this quiz in a secure window'; +$string['popupwithjavascriptsupport'] = 'Full screen pop-up with added javascript security'; $string['preview'] = 'Preview'; $string['previewquestion'] = 'Preview question'; $string['previewquiz'] = 'Preview $a'; @@ -483,6 +484,7 @@ $string['reportsimplestat'] = 'Simple statistics'; $string['requirepassword'] = 'Require password'; $string['requirepasswordmessage'] = 'To attempt this quiz you need to know the quiz password'; +$string['requiresafeexambrowser'] = 'Require use of Safe Exam Browser (SEB)'; $string['requiresubnet'] = 'Require network address'; $string['response'] = 'Response'; $string['responses'] = 'Responses'; @@ -503,6 +505,8 @@ $string['reviewresponse'] = 'Review response'; $string['rqp'] = 'Remote Question'; $string['rqps'] = 'Remote Questions'; +$string['safebrowseravailable']='Safe quiz: Only available with Safe Browser.'; +$string['safebrowsererror']='You are not allowed to attend to quiz.
You need a safe browser.'; $string['save'] = 'Save'; $string['saveandedit'] = 'Save changes and edit questions'; $string['savedfromdeletedcourse'] = 'Saved from deleted course \"$a\"'; diff -Naur moodle1.9.4/mod/quiz/attempt_close_js.php moodle1.9.4_seb/mod/quiz/attempt_close_js.php --- moodle1.9.4/mod/quiz/attempt_close_js.php 2007-07-07 04:08:42.000000000 +0200 +++ moodle1.9.4_seb/mod/quiz/attempt_close_js.php 2009-04-22 11:43:38.000000000 +0200 @@ -2,7 +2,7 @@
id, $message); + } } } @@ -123,12 +123,14 @@ /// Print the page header $pagequestions = explode(',', $pagelist); - $headtags = get_html_head_contributions($pagequestions, $questions, $states); - if (!empty($popup)) { + $headtags = get_html_head_contributions($pagequestions, $questions, $states); + if (!$isteacher && $quiz->popup == 1) { define('MESSAGE_WINDOW', true); // This prevents the message window coming up print_header($course->shortname.': '.format_string($quiz->name), '', '', '', $headtags, false, '', '', false, ''); /// Include Javascript protection for this page include('protect_js.php'); + } elseif (!$isteacher && $quiz->popup == 2) { + print_header($course->shortname.': '.format_string($quiz->name), '', '', '', $headtags, false, '', '', false, ''); } else { $strupdatemodule = has_capability('moodle/course:manageactivities', $coursecontext) ? update_module_button($cm->id, $course->id, get_string('modulename', 'quiz')) diff -Naur moodle1.9.4/mod/quiz/view.php moodle1.9.4_seb/mod/quiz/view.php --- moodle1.9.4/mod/quiz/view.php 2009-01-28 00:04:29.000000000 +0100 +++ moodle1.9.4_seb/mod/quiz/view.php 2009-04-22 11:40:21.000000000 +0200 @@ -57,7 +57,7 @@ //only check pop ups if the user is not a teacher, and popup is set - $bodytags = (has_capability('mod/quiz:attempt', $context) && $quiz->popup)?'onload="popupchecker(\'' . get_string('popupblockerwarning', 'quiz') . '\');"':''; + $bodytags = (has_capability('mod/quiz:attempt', $context) && $quiz->popup == 1)?'onload="popupchecker(\'' . get_string('popupblockerwarning', 'quiz') . '\');"':''; $PAGE->print_header($course->shortname.': %fullname%','',$bodytags); echo ''; @@ -344,6 +344,9 @@ } else if ($available && $moreattempts) { echo "
"; + if ($quiz->popup == 2) { + echo '

'.get_string("safebrowseravailable", "quiz").'

'; + } echo "
"; if ($unfinished) { @@ -405,7 +408,7 @@ $attempturl = "attempt.php?id=$cm->id"; // Prepare options depending on whether the quiz should be a popup. - if (!empty($quiz->popup)) { + if (!empty($quiz->popup) && $quiz->popup==1) { $window = 'quizpopup'; $windowoptions = "left=0, top=0, height='+window.screen.height+', " . "width='+window.screen.width+', channelmode=yes, fullscreen=yes, " . @@ -483,7 +486,7 @@ } $url = "review.php?q=$quiz->id&attempt=$attempt->id"; - if ($quiz->popup) { + if ($quiz->popup==1) { $windowoptions = "left=0, top=0, channelmode=yes, fullscreen=yes, scrollbars=yes, resizeable=no, directories=no, toolbar=no, titlebar=no, location=no, status=no, menubar=no"; return link_to_popup_window('/mod/quiz/' . $url, 'quizpopup', $linktext, '+window.screen.height+', '+window.screen.width+', '', $windowoptions, true); } else {