moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

sanitize submitted numerical values; merged from MOODLE_16_STABLE

Browse source
This commit is contained in:
skodak 2006-05-26 11:47:22 +00:00
parent 24c1be8880
commit 2042e021be
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
mod/lesson/lib.php
View file

@ -43,12 +43,20 @@ function lesson_add_instance($lesson) {
$conditions = new stdClass; $conditions = new stdClass;
$conditions->timespent = $lesson->timespent; $conditions->timespent = $lesson->timespent;
$conditions->completed = $lesson->completed; $conditions->completed = $lesson->completed;
$conditions->gradebetterthan = $lesson->gradebetterthan; $conditions->gradebetterthan = clean_param($lesson->gradebetterthan, PARAM_INT);
$lesson->conditions = addslashes(serialize($conditions)); $lesson->conditions = addslashes(serialize($conditions));
unset($lesson->timespent); unset($lesson->timespent);
unset($lesson->completed); unset($lesson->completed);
unset($lesson->gradebetterthan); unset($lesson->gradebetterthan);
// sanitize given values a bit
$lesson->maxtime = clean_param($lesson->maxtime, PARAM_INT);
$lesson->width = clean_param($lesson->width, PARAM_INT);
$lesson->height = clean_param($lesson->height, PARAM_INT);
$lesson->mediawidth = clean_param($lesson->mediawidth, PARAM_INT);
$lesson->mediaheight = clean_param($lesson->mediaheight, PARAM_INT);
$lesson->maxhighscores = clean_param($lesson->maxhighscores, PARAM_INT);
if (!empty($lesson->password)) { if (!empty($lesson->password)) {
$lesson->password = md5($lesson->password); $lesson->password = md5($lesson->password);
} else { } else {