moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-08 02:16:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-45048 repository_wikimedia: Abusing usage of optional_param

Browse source 
The optional_param call was moved outside of the constructor
because it was called every time the repository would be initialised.
That was leading to problems when the parameter was defined from
another form and not complying with its expected type.
This commit is contained in:
Frederic Massart 2014-04-11 15:16:31 +08:00
parent 52194ac12d
commit 3acaa40e0d
1 changed files with 15 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

33
repository/wikimedia/lib.php
View file

@ -37,24 +37,6 @@ require_once(dirname(__FILE__) . '/wikimedia.php');
*/
class repository_wikimedia extends repository {
public function __construct($repositoryid, $context = SYSCONTEXTID, $options = array()) {
global $SESSION;
parent::__construct($repositoryid, $context, $options);
$this->keyword = optional_param('wikimedia_keyword', '', PARAM_RAW);
if (empty($this->keyword)) {
$this->keyword = optional_param('s', '', PARAM_RAW);
}
$sess_keyword = 'wikimedia_'.$this->id.'_keyword';
if (empty($this->keyword) && optional_param('page', '', PARAM_RAW)) {
// This is the request of another page for the last search, retrieve the cached keyword
if (isset($SESSION->{$sess_keyword})) {
$this->keyword = $SESSION->{$sess_keyword};
}
} else if (!empty($this->keyword)) {
// save the search keyword in the session so we can retrieve it later
$SESSION->{$sess_keyword} = $this->keyword;
}
}
/**
* Returns maximum width for images
@ -116,6 +98,21 @@ class repository_wikimedia extends repository {
}
// login
public function check_login() {
global $SESSION;
$this->keyword = optional_param('wikimedia_keyword', '', PARAM_RAW);
if (empty($this->keyword)) {
$this->keyword = optional_param('s', '', PARAM_RAW);
}
$sess_keyword = 'wikimedia_'.$this->id.'_keyword';
if (empty($this->keyword) && optional_param('page', '', PARAM_RAW)) {
// This is the request of another page for the last search, retrieve the cached keyword.
if (isset($SESSION->{$sess_keyword})) {
$this->keyword = $SESSION->{$sess_keyword};
}
} else if (!empty($this->keyword)) {
// Save the search keyword in the session so we can retrieve it later.
$SESSION->{$sess_keyword} = $this->keyword;
}
return !empty($this->keyword);
}
// if check_login returns false,