I've just started a new page in Moodle docs on using AMFPHP with Moodle. The page Development:AMFPHP was written some time ago for AMFPHP 1.4 and ActionScript 2.0. The new page AMF_Moodle is written for AMFPHP 1.9.beta and ActionScript 3.0 - That's for Flash CS3 and the Flex framework.
I'm watching the page so I'll get email notifications if you write anything on the discussions tab of the page. Any comments, questions, criticisms, observations, etc. are most welcome.
If you're familiar with Moodle's API it would be a great help to me if you could point me in the right direction with regards to creating a library of services in PHP that Flash can call via AMFPHP. I'm most interested in managing Moodle's gradebook for recording results from Flash e-learning interactions.
Even better, would be if anyone would like to contribute some services (i.e. PHP classes) that can call Moodle's API.
I'm looking forward to your replies.
All the best,
Matt Bury
It would really help me if you could point me in the right direction. I'd like to know about the Gradebook API, it's functions and how I can access the database. Is there any kind of documentation out there or do I have to just look at the code?
I have searched Moodle.org but couldn't find anything meaningful to me.
Looking forward to your replies.
Matt
I've neved used the gradebook api, but maybe this is what you where looking for (at least I hope so ): http://xref.moodle.org/lib/gradelib.php.html
Saludos. Iñaki.
You might get more response if you explained what AMF was, and why we might care. I have never heard of it before, and the first paragraph of your docs page did not leave me much wiser.
Thanks for the link.
There's a brief explanation of AMF Moodle here: http://docs.moodle.org/en/AMF_Moodle#What_is_AMF_Moodle.3F
If this isn't clear, it'd be a great help to me and the project if you could post a few questions about it so that I can include that information in the docs.
Thanks in advance,
Matt
SCORM - while a bit awkward at times - covers a lot of commonly wanted things in a _standard_ way, and is done in a way that does not expose us to XSS or CSRF attacks. (Security is a significant concern with Flash apps).
Using SCORM as your base would make things much easier - and portable - for content creators. Learn _one_ API that works across LMSs, make your content a lot more valuable/usable, and if you really need it, use the extra tricks that moodle offers.
(Extending APIs is not all roses, but it's way better than creating a new API for a well known problem!)
Thansk for the suggestion about using SCORM.
While there will be a certain degree of overlap between AMF Moodle and SCORM, I don't think they will be compatible to such an extent that it would allow extending the SCORM module. Perhaps they could share some DB tables, but essentially they'd be separate and distinct modules.
Security-wise, I have been informed that SCORM is less secure than AMFPHP, although I'm not a security expert so I wouldn't like to make any such claims on the matter.
Flash-security-wise, as Flash and Flex become used more and more for Internet applications (RIAs are predicted to take a large share of Internet content in the coming years - eBay have release an Adobe AIR desktop version of their website), Adobe are making the Flash Player Security Model tighter and tighter all the time.
Interesting idea about extending the SCORM module to allow this...will think on this some more and do some reading about what you are trying to achieve!
Dan
It seems messy to have both Flash call both a JS api and possibly an extended remoting api. Would it be an interesting idea possibly to have some code in Flash that does the job of either calling the js api or if it is detected that the lms supports remoting then to have Flash call a SCORM api plus extensions directly through remoting bypassing js??
"It seems messy to have both Flash call both a JS api and possibly an extended remoting api. Would it be an interesting idea possibly to have some code in Flash that does the job of either calling the js api or if it is detected that the lms supports remoting then to have Flash call a SCORM api plus extensions directly through remoting bypassing js??"
This sounds interesting and very worthy of discussing further.
Perhaps if you discussed in more detail, the kinds of things that you would envisage these client applications doing, what requirements they would have in terms of interaction with the server, and how you would package and distribute them in a Moodle context - might help with the understanding.
Cheers,
Piers Harding.
Yes, copying some aspects of the SCORM DB structure would be a good way to start. What we'll eventually end up with is a library of services that can call Moodle functions directly from Flash, so calling Moodle's SCORM API functions would in fact be easier than creating SCORM compliant packages!
I think I should clarify one thing though: the AMF Moodle module will make it possible to deploy any kind of Flash elearning interaction which complies (or doesn't) with whatever standards one wishes to adopt. Also, Flash remoting opens up new possibilites for two-way client-side and server-side communication.
One point under discussion is whether/how to include the facility to create new DB tables for particular Flash activities. As RIAs (rich Internet applications) get more and more sophisticated, I believe it is a good idea to allow for 'generic' DB tables that can accommodate them and allow for new standards to emerge.
so calling Moodle's SCORM API functions would in fact be easier than creating SCORM compliant packages!
No - it would be exactly the same, except that it's tied to moodle. And would be lacking many good things mod/scorm has (like a powerful debugger/logger).
As RIAs (rich Internet applications) get more and more sophisticated, I believe it is a good idea to allow for 'generic' DB tables that can accommodate them and allow for new standards to emerge.
SCORM already has that as unstructured data. OTOH, if you plan on giving RIAs direct access to moodle internals, that would be rather crazy
What you want to do is possible (I think we all agree with that). If SCORM did not exist, we'd all be trying to help you... but SCORM does exist, a ton of people use it already and is trivial to extend it a bit to do extra magic like flash remoting.
Do look in depth at SCORM... please?
Do read it. It's a huge job to implement it well...
Advantages and disadvantages of using SCORM API for activity modules involving Flash - comments please
Sure it is good to be able to make learning interactions more portable by making them conform to the SCORM standard but isn't there room for other methods of having Moodle communicate with Flash object.
Using SCORM seems to present several problems. Can I ask SCORM experts to comment on these issues. It would be interesting to me to have a discussion of the advantages and disadvantages of using SCORM from Flash.
Advantages of SCORM :
- portability
- defined API
- familiar to some developers
- package all necessary content in a known format easily uploadable and automatically included in course.
Disadvantage :
- from what I've heard there are some issues when trying to get SCORM working across platforms because of incorrect implementation of the standard in the ?packager?, ?in the lms? and/or in the SCORM content.
- API is very limited?
- API is javascript. Flash remoting such as AMF allows a robust way of communicating directly from Flash to the server.
- content must be packaged. Need an extra application to package the content.
- display options are limited?? Must use frames??
- is it possible to reuse one Flash object in several moodle activity modules? Flash objects might be quite large. It is great to be able to have one object which will be cached once by the users browser and then have it load data from the server eg. a list of words or whatever, configuration options to make effectively unique activity instances from one flash object.
- from what I've understood the SCORM API requires answers to questions and marking must be done on the client side and grades be sent to the LMS through the API. Isn't this a problem in some cases since a clever student might be able to spoof a grade being sent to the server and/or be able to inspect the data in the browser using commonly available tools and be able to see the answers to questions??
I think Flash is a great environment that can be exploited to provide very compelling and effective learning interactions. Viva Flash and Moodle. And by the way having an amfphp gateway included in Moodle would not only be useful for activity modules but would be great for other modules which could use Flash such as possibly course formats, block modules, quiz report plugins etc.
Storing a grade in the grade book will require that we know the course module id the movie is a part of. We must solve how to do this before we can write services that store stuff in the grade book. I discussed some ideas about how we might do this here. I guess for now you can hard code the course module id in the php service code.
Jamie
Yeah, I'm not really an "Internet security guy" but I've thought about that problem and I've had a couple of ideas:
* How about requiring the SWF elearning interaction to send the URL it's on to an AMFPHP service so that it can match and verify the correct URL, e.g. "http://MOODLEROOT/course/view.php?id=99"?. Of course, it's possible to download and decompile the SWF file and hack the code.
Is there a reasonably secure way of implementing this with AMFPHP?
* The SWF could also store a SharedObject, which is similar to a browser cookie, but can store any ActionScript datatype, including custom classes. It would also be possible to encrypt or at least obfuscate that data.
* A SharedObject could be saved to the browser cache by another SWF on the course page automatically, as soon as the page is loaded. You can specify the exact directory that the SharedObject is saved to in the browser cache and other SWFs can also communicate with it. It could then require that learning interaction SWFs communicate with it for authentication purposes.
Do you think it would be possible to use SharedObject for AMFPHP session keys?
Lee Brimelow has written an article in his blog about AMFPHP security. There's some interesting ideas there about using SSLs and running the beforeFilter: http://theflashblog.com/?p=419 There's quite a few open source socket server projects out there so adapting one for AMFPHP shouldn't be too difficult (If you're a wizzard with PHP!).
Let me know your thoughts on the matter.
All the best,
Matt
I outlined how to do it in the post linked to above :
"I discussed some ideas about how we might do this here."
You don't want to embed the cookie in the SWF - as it forces you modify the movie for every client. And you sure as hell don't want additional HTTP/AMFP transactions to "obtain" the cookie as that'd imply an awkward bridge of trust to cross.
The cookie technique I mention is very old and reliable. I first used in late '99 or 2000 Have a look at the old macromedia technotes on how to do it!
(I hate to mention this, but... at least _copy_ these basic strategies from the SCORM implementation -- and then build something new and exciting on top! -- but skip the "let's reinvent old wheels" part.)
I'm getting somewhere in the region of 1 email a week from admins, teachers and developers who are showing an interest in AMFPHP, Flash and Moodle. I think there's a lot of demand and that this'll be a popular module!
Great stuff, I have around 10 people now, mix of php, flex, as3 and moodlers
Drop me an email with parties details trying to organize some work flows, so we can encourage work on specific tasks/modules...
We are getting there, sadly slower than we like, but its good to see people are seeing and getting the potential of amf moodle or moodle AMF (i never could decide which way it should be) haha
Cheers
<M>
Since I don't know enough about Moodle's API and I'm not a PHP developer, I can only cover documentation on the ActionScript side of things. Once we've got some services to interact with, I can provide some code examples and source files to get developers started. There's not much else I can do until then.
Keep me posted!
Matt
I believe we need to move the new Moodle AMF page into the development namespace. So we need to delete the page you created and create a new copy of it called http://docs.moodle.org/en/Development:AMF_Moodle. We can redirect from the page at the address you created to the new one.
The Moodle wiki can be considered to be seperated into two sections. One section is for Moodle users and another for developers. If a normal user types a search term into the wiki search box then pages in the development name space won't come up you need to go to your user preferences and select for pages in the development namespace to be included in search results. Of course this will not affect searches in Google or other search engines. This is a convention that is adhered to by other developers.
Jamie
I for example switched from AMFPHP to Weborb because Weborb offers messaging.
An approach focusing on Moodle-AMF and being open for the technology (as Jamie already mentioned) to implement it depending on the project needs has more chances for success.
The amf Moodle module I plan to make will take care of a lot of stuff that people wanting to create activity modules using Weborb or Sabre would also have to deal with.
I will bear in mind that people might want to use other technologies to communicate with Moodle and will try to keep what might be common code separated so that someone with the appropriate skills can extend the module to use other technologies.
Jamie