moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-21146 $CFG can not be used in low level file operations - please set the defaults elsewhere if really necessary; removing the extra cleaning + undefined notices - please make sure all palces that actually output the strings are processed properly, there is no way around this, cleaning must be always done before output, not just storage; using real nulls where we do not know the value

Browse source
This commit is contained in:
Petr Skoda 2010-04-06 18:34:38 +00:00
parent 4090dab428
commit 4fb2306ee4
1 changed files with 9 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

48
lib/file/file_storage.php
View file

@ -457,7 +457,7 @@ class file_storage {
* @return object stored_file instance of newly created file * @return object stored_file instance of newly created file
*/ */
public function create_file_from_storedfile($file_record, $fileorid) { public function create_file_from_storedfile($file_record, $fileorid) {
global $DB, $CFG; global $DB;
if ($fileorid instanceof stored_file) { if ($fileorid instanceof stored_file) {
$fid = $fileorid->get_id(); $fid = $fileorid->get_id();
@ -514,21 +514,6 @@ class file_storage {
} }
} }
if ($key == 'source') {
$value = clean_param($value, PARAM_URL);
}
if ($key == 'author') {
$value = clean_param($value, PARAM_TEXT);
}
if ($key == 'license') {
$value = clean_param($value, PARAM_TEXT);
if ($value === '') {
$value = $CFG->sitedefaultlicense;
}
}
$newrecord->$key = $value; $newrecord->$key = $value;
} }
@ -601,7 +586,7 @@ class file_storage {
* @return object stored_file instance * @return object stored_file instance
*/ */
public function create_file_from_pathname($file_record, $pathname) { public function create_file_from_pathname($file_record, $pathname) {
global $DB, $CFG; global $DB;
$file_record = (array)$file_record; //do not modify the submitted record, this cast unlinks objects $file_record = (array)$file_record; //do not modify the submitted record, this cast unlinks objects
$file_record = (object)$file_record; // we support arrays too $file_record = (object)$file_record; // we support arrays too
@ -632,13 +617,6 @@ class file_storage {
throw new file_exception('storedfileproblem', 'Invalid file name'); throw new file_exception('storedfileproblem', 'Invalid file name');
} }
$file_record->source = clean_param($file_record->source, PARAM_URL);
$file_record->author = clean_param($file_record->author, PARAM_TEXT);
$file_record->license = clean_param($file_record->license, PARAM_TEXT);
if ($file_record->license === '') {
$file_record->license = $CFG->sitedefaultlicense;
}
$now = time(); $now = time();
$newrecord = new object(); $newrecord = new object();
@ -653,9 +631,9 @@ class file_storage {
$newrecord->timemodified = empty($file_record->timemodified) ? $now : $file_record->timemodified; $newrecord->timemodified = empty($file_record->timemodified) ? $now : $file_record->timemodified;
$newrecord->mimetype = empty($file_record->mimetype) ? mimeinfo('type', $file_record->filename) : $file_record->mimetype; $newrecord->mimetype = empty($file_record->mimetype) ? mimeinfo('type', $file_record->filename) : $file_record->mimetype;
$newrecord->userid = empty($file_record->userid) ? null : $file_record->userid; $newrecord->userid = empty($file_record->userid) ? null : $file_record->userid;
$newrecord->source = $file_record->source; $newrecord->source = empty($file_record->source) ? null : $file_record->source;
$newrecord->author = $file_record->author; $newrecord->author = empty($file_record->author) ? null : $file_record->author;
$newrecord->license = $file_record->license; $newrecord->license = empty($file_record->license) ? null : $file_record->license;
list($newrecord->contenthash, $newrecord->filesize, $newfile) = $this->add_file_to_pool($pathname); list($newrecord->contenthash, $newrecord->filesize, $newfile) = $this->add_file_to_pool($pathname);
@ -687,7 +665,7 @@ class file_storage {
* @return object stored_file instance * @return object stored_file instance
*/ */
public function create_file_from_string($file_record, $content) { public function create_file_from_string($file_record, $content) {
global $DB, $CFG; global $DB;
$file_record = (array)$file_record; //do not modify the submitted record, this cast unlinks objects $file_record = (array)$file_record; //do not modify the submitted record, this cast unlinks objects
$file_record = (object)$file_record; // we support arrays too $file_record = (object)$file_record; // we support arrays too
@ -718,13 +696,6 @@ class file_storage {
throw new file_exception('storedfileproblem', 'Invalid file name'); throw new file_exception('storedfileproblem', 'Invalid file name');
} }
$file_record->source = clean_param($file_record->source, PARAM_URL);
$file_record->author = clean_param($file_record->author, PARAM_TEXT);
$file_record->license = clean_param($file_record->license, PARAM_TEXT);
if ($file_record->license === '') {
$file_record->license = $CFG->sitedefaultlicense;
}
$now = time(); $now = time();
$newrecord = new object(); $newrecord = new object();
@ -739,10 +710,9 @@ class file_storage {
$newrecord->timemodified = empty($file_record->timemodified) ? $now : $file_record->timemodified; $newrecord->timemodified = empty($file_record->timemodified) ? $now : $file_record->timemodified;
$newrecord->mimetype = empty($file_record->mimetype) ? mimeinfo('type', $file_record->filename) : $file_record->mimetype; $newrecord->mimetype = empty($file_record->mimetype) ? mimeinfo('type', $file_record->filename) : $file_record->mimetype;
$newrecord->userid = empty($file_record->userid) ? null : $file_record->userid; $newrecord->userid = empty($file_record->userid) ? null : $file_record->userid;
$newrecord->source = empty($file_record->source) ? null : $file_record->source;
$newrecord->license = empty($file_record->license) ? null : $CFG->sitedefaultlicense; $newrecord->author = empty($file_record->author) ? null : $file_record->author;
$newrecord->source = empty($file_record->source) ? null : ''; $newrecord->license = empty($file_record->license) ? null : $file_record->license;
$newrecord->author = empty($file_record->author) ? null : '';
list($newrecord->contenthash, $newrecord->filesize, $newfile) = $this->add_string_to_pool($content); list($newrecord->contenthash, $newrecord->filesize, $newfile) = $this->add_string_to_pool($content);