Commit Graph

2301 Commits

Author SHA1 Message Date
Nicolas Roeser 3f40483351 MDL-64975 moodlelib: fix float formatting if decsep is ~ (tilde)
Commit 637da99edb has introduced changes
for removing trailing zeroes from the output of function format_float.
Due to a small omission, the function causes a PHP warning when the
string decsep is set to a tilde character ('~'). This is rarely the
case.

The bug lies in using PHP function preg_replace with a string that
contains external input (in this case, including decsep), but without
escaping it for PCRE processing.

This commit fixes the function to also support a tilde character in
string decsep. It also adds tests for having tilde as decimal separator.

Thanks-To:  Jake Dallimore <jake@moodle.com>
2019-06-14 13:03:07 +02:00
Andrew Nicols d941f7a2bd Merge branch 'MDL-64394-accesslog-MOODLE_36_STABLE' of https://github.com/brendanheywood/moodle into MOODLE_36_STABLE 2019-05-03 08:50:26 +08:00
Jake Dallimore f05770656d Merge branch 'MDL-64439-MOODLE_36_STABLE' of https://github.com/ilya-catalyst/moodle into MOODLE_36_STABLE 2019-05-02 14:52:39 +08:00
Adrian Greeve b0d6391ab7 Merge branch 'MDL-65149-36' of git://github.com/damyon/moodle into MOODLE_36_STABLE 2019-05-01 14:59:26 +08:00
Adrian Greeve 5c0c0f1ceb Merge branch 'MDL-29318-36' of git://github.com/junpataleta/moodle into MOODLE_36_STABLE 2019-04-18 13:49:52 +08:00
Brendan Heywood 4ad8be5c62 MDL-64394 core: Fixed bug when using access log with pre_loginpage_hook 2019-04-02 11:41:25 +11:00
Ilya Tregubov a6b98fe716 MDL-64439 auth: Refresh $cm in require_login after pre_loginpage_hook. 2019-04-02 10:23:40 +11:00
Jun Pataleta 8cb4579884 MDL-29318 core: Fixes for get_complete_user_data()
* Added email in the list of case-insensitive fields.
* New optional parameter $throwexception for \get_complete_user_data().
  If true, an exception will be thrown when there's no matching record
  found or when there are multiple records found for the given field
  value. If false, it will simply return false.
  Defaults to false when not set. This ensures that
  get_complete_user_data() fetches the correct user data.
2019-03-29 13:32:59 +08:00
Damyon Wiese 50a8ba5661 MDL-65149 emoticons: Do not show all emoticons
Allow some emoticons to still work, but not be selectable from the text editor plugins.
2019-03-22 10:06:39 +08:00
Julien Boulen f8c209cf25 MDL-46803 course: Prevent unenrol users with multiple roles during reset 2019-03-18 11:18:46 +01:00
Eloy Lafuente (stronk7) 9cc403d680 Merge branch 'MDL-65094-36' of git://github.com/rezaies/moodle into MOODLE_36_STABLE 2019-04-04 22:38:29 +02:00
Shamim Rezaie abe0e8fbad MDL-65094 registration: don't encourage registration if on localhost 2019-03-26 17:26:21 +11:00
Andrew Nicols 552877454c Merge branch 'MDL-64950-36-2' of git://github.com/junpataleta/moodle into MOODLE_36_STABLE 2019-03-06 13:47:54 +08:00
Jun Pataleta 732698302e MDL-64950 core: Handle username in a case-insensitive fashion 2019-03-06 12:46:01 +08:00
Ryan Wyllie a37e26d2ef MDL-63786 core: set $CFG->forceclean for logged in as sessions
Turn on the forceclean config setting when a user is logged in as a
different user. This is a precautionary measure, which forces all
user submitted content to be cleaned of JavaScript before rendering
it to the logged in as user.
2019-03-05 04:16:40 +01:00
Amaia Anabitarte 2fcf9253b7 MDL-64385 user: Case insensitive comparison for email domains 2019-01-18 10:05:56 +01:00
Damyon Wiese 1e96000bb3 MDL-64004 webservice: Do not update accesstime
Do not update the automatically update the course access time when a
course is accessed via a webservice or ajax.
2018-12-18 09:08:17 +08:00
Andrew Nicols 8cba8d1a58 MDL-64049 core: Cache prefs for current user
We were already caching these preferences when a user object is provided
to get_user_preferences, or when $USER is provided.

This changee swaps get_user_preferences to use the global USER object
when the USER->id matches the userid supplied to the function.
2018-11-19 11:23:59 +08:00
Damyon Wiese 160e77f9d0 MDL-63716 course: less user_accesstime_log() calls
We should only call this function when a user actually views a course. It is not called
automatically when a course context is validated from a webservice. It is called directly
from the core_course_view_course webservice.
2018-11-12 16:11:15 +08:00
Damyon Wiese 6dfe428363 MDL-63183 auth: Login protection
CSRF protection for the login form. The authenticate_user_login function was
extended to validate the token (in \core\session\manager) but by default it
does not perform the extra validation. Existing uses of this function from
auth plugins and features like "change password" will continue to work without
changes. New config value $CFG->disablelogintoken can bypass this check.
2018-11-07 00:14:48 +01:00
Amaia Anabitarte 5e4aaa886c MDL-62920 user: Uploading deleted user and adding to a cohort 2018-10-11 16:27:07 +02:00
Eloy Lafuente (stronk7) 19456c3956 Merge branch 'MDL-62891-master-callable_name' of git://github.com/mudrd8mz/moodle 2018-10-10 23:29:40 +02:00
Eloy Lafuente (stronk7) bf0072e6c3 Merge branch 'MDL-63401-master' of git://github.com/andrewnicols/moodle 2018-10-09 11:35:29 +02:00
Damyon Wiese 1bf3a76a59 MDL-61378 forum: Standardize HTML output for posts
Improve the format of the HTML representing a forum post.

1. Use <article> tag to mark it correctly.
2. Use <time> tag to include the real datetime information.
3. Use <address> tag to specify who and when the post came from.
4. Use heading level tags to mark the subject of each post.
5. Properly nest reply posts within their parent <article>
6. Use a header tab for each article to split the metadata from the content.
7. Use CSS to separate links, not text content.

Because posts are now nested properly, the heading for each one refers to it's own article
and we don't need to generate arbitrary heading level tags depending on how deep the post
is nested.
2018-10-09 09:34:57 +08:00
Andrew Nicols 204abd3c97 MDL-63401 core: Do not delete the user context
As long as we have a user record, we should not delete the context which
relates to it.
2018-10-08 20:49:17 +08:00
David Mudrák 905d02f458 MDL-62891 core: Introduce new get_callable_name() function 2018-10-05 09:10:16 +02:00
Jonathan Champ 34dd57053d MDL-54035 accesslib: only modify role_capabilities in accesslib
Whenever the role_capabilities table is changed, we need to remember
to clear the cache for the role(s) being modified. This is far simpler
when all of those changes happen in a single file, i.e. accesslib.php,
allowing other parts of the application to use the public functions
without requiring knowledge of the cache internals.
2018-09-21 09:17:43 -04:00
Jonathan Champ b2f349a433 MDL-54035 accesslib: separate role definition cache clear
Thanks to MDL-49398, we can separate the combined user session and role
definition cache clearing function into two separate functions. At the
same time, we want to identify and remove mark_dirty() calls that were
added for role definition changes but were incorrectly left behind.

Change highlights:
 - Remove unnecessary mark_dirty() calls performed after
   assign_capability(), unassign_capability(), delete_role(),
   deleted contexts, brand new contexts
 - Move role definition cache clear from the user-centric
   accesslib_clear_all_caches() to the newly created,
   role-dedicated accesslib_reset_role_cache()
2018-09-21 09:17:42 -04:00
Marina Glancy 442f12f81a MDL-62742 core: rename coursecat->core_course_category
Also rename course_in_list -> core_course_list_element
Deprecate class coursecat_sortable_records
2018-08-28 11:36:23 +02:00
Andrew Nicols 4a74ab0200 MDL-36754 core_files: Add a token version of pluginfile 2018-08-14 06:57:32 +08:00
Eloy Lafuente (stronk7) 54635fdee8 Merge branch 'MDL-62750_master' of https://github.com/aanabit/moodle 2018-08-07 17:10:14 +02:00
Eloy Lafuente (stronk7) c8bea6ae57 Merge branch 'MDL-53297-master' of git://github.com/cescobedo/moodle 2018-08-07 15:57:00 +02:00
Amaia Anabitarte 23c2316697 MDL-62750 lang: Trim langlist setting values 2018-08-06 09:38:14 +01:00
Andrew Nicols aa75f70280 Merge branch 'MDL-59847-master' of https://github.com/snake/moodle 2018-08-02 11:39:50 +08:00
David Mudrák 6808227b1f MDL-59847 core: Fix display of hidden identity fields in user lists
Places that display list of users (such as course participants page)
with additional identifier fields now respect the user's permission to
view other users' hidden profile fields.
2018-07-27 09:55:22 +02:00
Sara Arjona 0b979a6083 MDL-41847 core_user: Add lang to login URL email for new user accounts 2018-07-27 09:01:33 +02:00
cescobedo 605354de50 MDL-53297 core_course: Final deprecation of xxx_delete_course callback 2018-07-24 23:09:47 +02:00
Andrew Nicols affd85ce24 Merge branch 'MDL-53697-master' of git://github.com/abgreeve/moodle 2018-07-17 11:36:44 +08:00
Adrian Greeve 4bebed4011 MDL-53697 mod: Final deprecation of xxx_get_types(). 2018-07-12 10:19:09 +08:00
Eloy Lafuente (stronk7) aedd74c610 Merge branch 'MDL-61244_master' of https://gitlab.com/marxjohnson/moodle 2018-07-02 01:42:00 +02:00
Evan Giles 53007faad1 MDL-57404 admin_settings: Allow comments in ip block
This adds the ability to to add comments to ip lists in moodle.

Currently, the configiplist textentry box does not allow the user to annotate
the IP addresses defined.  For example, I'd like to be able to define:
 192.168.1.1     # London office
 10.1.1.1        # New york office
 118.209.246.240 # My home IP

This would allow me to revisit this list after a few months, and remove
IP addresses that are no longer required - without having to manually confirm
each IP address
2018-06-16 21:08:46 +10:00
Mark Johnson e3389c83b2 MDL-61244 caching: Allow granular purging of caches 2018-06-14 15:04:42 +01:00
David Monllao c051057058 Merge branch 'wip-MDL-61694_Check_Password_Callback' of https://github.com/Spudley/moodle 2018-06-06 11:16:06 +02:00
Eloy Lafuente (stronk7) 2ace1fb16b Merge branch 'fix/MDL-52666' of https://github.com/mikr0/moodle 2018-06-04 17:36:19 +02:00
Marina Glancy ce3f804683 MDL-61996 core: when loggedin always check user is complete 2018-05-09 02:55:55 +02:00
Sara Arjona 7a3707797d MDL-62240 privacy: Avoid error when path is higher than allowed
A new method shorten_filenames has been added to moodlelib.
2018-05-03 09:16:13 +02:00
Andrew Nicols 76cb5a56ea MDL-62240 file: Add includehash to shorten_filename + unit tests 2018-05-03 08:27:12 +02:00
Bas Brands 03b06309e2 MDL-62023 theme: Add bootstrap 4 classes to performance info cards 2018-04-23 11:17:33 +02:00
Simon Champion 99405aa7e2 MDL-61694 core: Add callback to allow additional password check.
The standard password validation does some basic strength checks, but
there are a number of other ways to validate a password, such as
checking that it doesn't contain common words. Adding a plugin hook
here allows us to keep up with changes in best practice in this area
as it evolves over time.
2018-04-16 13:40:54 +01:00
Charles YVANES a0db02bf7f MDL-52666 performance: added REQUEST_METHOD in performance_info 2018-04-13 10:25:48 +02:00