moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 17:06:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-22991, validate data that was encoded in base64

Browse source
This commit is contained in:
Dongsheng Cai 2010-07-06 05:33:43 +00:00
parent 203bbcbe79
commit 955b6e09b8
3 changed files with 104 additions and 160 deletions
Download patch file Download diff file Expand all files Collapse all files

30
repository/recent/lib.php
View file

@ -21,8 +21,7 @@
* @since 2.0
* @package moodlecore
* @subpackage repository
* @copyright 2010 Dongsheng Cai
* @author Dongsheng Cai <dongsheng@moodle.com>
* @copyright 2010 Dongsheng Cai <dongsheng@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
@ -54,15 +53,6 @@ class repository_recent extends repository {
return $this->get_listing();
}
/**
* Not supported by File API yet
* @param string $search_text
* @return mixed
*/
public function search($search_text) {
return array();
}
private function get_recent_files($limitfrom = 0, $limit = DEFAULT_RECENT_FILES_NUM) {
global $USER, $DB;
// TODO: should exclude user_draft area files?
@ -167,19 +157,20 @@ class repository_recent extends repository {
* @param string $new_filepath the new path in draft area
* @return array The information of file
*/
public function copy_to_area($encoded, $new_filearea='user_draft', $new_itemid = '', $new_filepath = '/', $new_filename = '') {
public function copy_to_area($encoded, $new_filearea='draft', $new_itemid = '', $new_filepath = '/', $new_filename = '') {
global $USER, $DB;
$info = array();
$user_context = get_context_instance(CONTEXT_USER, $USER->id);
$fs = get_file_storage();
$params = unserialize(base64_decode($encoded));
$user_context = get_context_instance(CONTEXT_USER, $USER->id);
$contextid = $params['contextid'];
$filearea = $params['filearea'];
$filepath = $params['filepath'];
$filename = $params['filename'];
$fileitemid = $params['itemid'];
$contextid = clean_param($params['contextid'], PARAM_INT);
$fileitemid = clean_param($params['itemid'], PARAM_INT);
$filename = clean_param($params['filename'], PARAM_FILE);
$filepath = clean_param($params['filepath'], PARAM_PATH);;
$filearea = clean_param($params['filearea'], PARAM_ALPHAEXT);
// XXX:
// When user try to pick a file from other filearea, normally file api will use file browse to
@ -197,6 +188,7 @@ class repository_recent extends repository {
$fs->create_file_from_storedfile($file_record, $stored_file);
}
$info = array();
$info['title'] = $new_filename;
$info['itemid'] = $new_itemid;
$info['filesize'] = $stored_file->get_filesize();