fix: guard TOC navigation against re-entry (#63)

[erseco]

Summary

Speculative fix for #63. Tagging this draft because I have not been able to reproduce the issue locally on Moodle 5.0, but the code path I'm patching is the only thing in module.js that matches every detail of the bug report.

Root-cause hypothesis

`exescorm_activate_item()` (the function that loads the SCO matching the clicked TOC entry) calls `exescorm_tree_node.closeAll()` and later `exescorm_tree_node.openAll()` to collapse and re-expand the whole YUI TreeView. Those calls mutate node selection state and YUI fires additional `select` events while the tree settles, which the `tree.after('select', ...)` handler then interprets as a fresh navigation request and calls `exescorm_activate_item()` again with a different node (typically a sibling).

That maps cleanly onto every detail Ignacio described:

• "in many cases you don't see the section you clicked on" → second `activate_item()` call replaces the iframe src.
• "the iframe content is loaded more than once: a page seems to load and then the content is refreshed" → exactly two iframe creations per click.
• "clicking 'a 2 1' loads 'a 2 2'" → next sibling is the most likely target of a spurious `select` after a closeAll/openAll on a parent.

It also explains why I can't reproduce on Moodle 5.0: YUI TreeView's exact event ordering changed between versions, and the spurious `select` may simply not fire on the build I tested.

Fix

Single-flag re-entry guard:

• `exescorm_navigating = true` set right before `closeAll()` (covers the `select()`/`closeAll()`/`openAll()` window).
• `tree.after('select', ...)` returns early when the flag is set, so only the genuine user click drives navigation.
• `exescorm_navigating = false` cleared right after `openAll()`.

17 added lines, no behavioural change for the non-buggy path.

Test plan

• Reproduce on Moodle 4.5 first: install the example SCORM ZIP, open it, click "a 2 1" and verify the iframe stops at `html/a-2-1.html` (no second load to `a-2-2.html`).
• Click each TOC entry once and verify the iframe loads exactly once per click (DevTools → Network).
• Click a parent that has children (e.g. "a 2"): the parent's content loads once and the tree stays expanded.
• Repeat the previous three checks on Moodle 5.0 to make sure the guard doesn't break the working flow.

Sibling repo

`mod_exeweb` doesn't share this code path (its viewer renders the package as a single iframe with no TOC), so no parallel PR is needed there. Per `AGENTS.md`'s twin-plugin checklist, audited `mod_exeweb/amd/src/editor_modal.js` and confirmed.

---

Moodle Playground Preview

The changes in this pull request can be previewed and tested using a Moodle Playground instance.

⚠️ The embedded eXeLearning editor is not included in this preview. You can install it from Modules > eXeLearning SCORM > Configure using the "Download & Install Editor" button. All other module features (ELPX upload, viewer, preview) work normally.

[ignaciogros]

The navigation menu works correctly, including keyboard support. Thank you!

But there are still some issues with the pagination buttons:

“Previous”, “Next”, and “Level up” work as expected, but “Previous within this level” and “Next within this level” do not.

Example:
Publish the sample SCORM and go to section “b”. The expected behavior when clicking “Next within this level” would be to navigate to section “c”, but this does not happen (in my tests, nothing happens). Additionally, when being on “b”, “Previous within this level” is disabled. This may be because index.html is not at the same level. In other cases, those buttons behave like “Previous” and “Next”, without respecting the hierarchical level.

If this becomes too problematic, I suggest temporarily hiding these buttons and releasing the next version with only “Previous” and “Next”.

There is also a JavaScript error when loading the page, but it does not appear to affect functionality:
[moodle-exe-bridge] Missing __MOODLE_EXE_CONFIG__