Compare commits

...

21 Commits

Author SHA1 Message Date
Eloy Lafuente (stronk7) 572729aaa5 on-demand release 1.9.19+ 2013-05-13 12:30:23 +02:00
Dan Poltawski bfae08a46d Merge branch 'mdl19_MDL-35958' of git://github.com/danmarsden/moodle into MOODLE_19_STABLE 2013-05-06 11:01:20 +01:00
Adrian Greeve 3d1141b0ee MDL-38225 - data: Database entries are now linked correctly.
This was a regression that was fixed in the 2.x versions but not 1.9
2013-02-27 08:45:53 +08:00
Dan Poltawski 0e2be52d69 weekly release 1.9.19+ 2013-01-25 15:59:35 +08:00
Eloy Lafuente (stronk7) 237f06b3d0 weekly release 1.9.19+ 2013-01-11 22:16:54 +01:00
Eloy Lafuente (stronk7) 4493e62d1d weekly release 1.9.19+ 2013-01-11 12:27:34 +01:00
Eloy Lafuente (stronk7) cb8004dabd weekly release 1.9.19+ 2012-12-20 21:08:53 +01:00
Paul Nicholls a292ea9761 MDL-27619: Prevent teachers from turning course Outcomes into site-wide ones
Similar to the issue which allowed teachers to create site-wide scales by editing a course-specific scale (MDL-24682), teachers could also promote a course-specific scale to a site-wide (standard) by editing it.  As with MDL-24682, removing the course ID check (leaving just the capability check) prevents this unauthorised creation of site-wide (standard) outcomes.
2012-11-27 10:41:14 +13:00
Eloy Lafuente (stronk7) 1033e1e2f2 weekly release 1.9.19+ 2012-11-09 19:31:54 +01:00
Dan Poltawski b52204405e weekly release 1.9.19+ 2012-11-09 18:01:40 +08:00
Dan Poltawski 342d7cf4bf Merge branch 'MDL-36346_19' of git://github.com/pauln/moodle into MOODLE_19_STABLE 2012-11-06 16:37:01 +08:00
Paul Nicholls 72225da176 MDL-36346 - YUI2 SWF vulnerability 2012-11-06 14:09:01 +13:00
Dan Marsden 9b4660e0ba MDL-35958 mod_data: backport of MDL-34448 members of seperate groups can see database entries for other groups. 2012-10-15 11:31:52 +13:00
Petr Škoda 6ab3a85252 MDL-35469 fix Gecko based browser checks
The problem is that latest firefox versions stopped using dates because they lost the meaning over the time.
2012-10-09 15:59:03 +02:00
Eloy Lafuente (stronk7) 1c2857e2e4 weekly release 1.9.19+ 2012-08-31 11:32:51 +02:00
Eloy Lafuente (stronk7) 224a8644b0 weekly release 1.9.19+ 2012-08-23 19:23:19 +02:00
Eloy Lafuente (stronk7) 41246701c2 weekly release 1.9.19+ 2012-08-16 17:23:39 +02:00
Eloy Lafuente (stronk7) 15d529c1c3 weekly release 1.9.19+ 2012-08-09 20:49:25 +02:00
Aparup Banerjee 905ff1fc36 weekly release 1.9.19+ 2012-07-26 14:42:17 +08:00
Dan Poltawski af72d273df weekly release 1.9.19+ 2012-07-19 13:49:10 +08:00
Dan Poltawski 8907e85ab5 weekly release 1.9.19+ 2012-07-12 16:09:38 +08:00
7 changed files with 81 additions and 32 deletions
+1 -1
View File
@@ -115,7 +115,7 @@ class edit_outcome_form extends moodleform {
if (empty($courseid)) {
$mform->hardFreeze('standard');
} else if (empty($outcome->courseid) and !has_capability('moodle/grade:manage', get_context_instance(CONTEXT_SYSTEM))) {
} else if (!has_capability('moodle/grade:manage', get_context_instance(CONTEXT_SYSTEM))) {
$mform->hardFreeze('standard');
} else if ($coursecount and empty($outcome->courseid)) {
+44 -13
View File
@@ -6381,9 +6381,14 @@ function check_php_version($version='4.1.0') {
case 'Firefox': /// Mozilla Firefox browsers
if (preg_match("/Firefox\/([0-9\.]+)/i", $agent, $match)) {
if (version_compare($match[1], $version) >= 0) {
if (strpos($agent, 'Iceweasel') === false and strpos($agent, 'Firefox') === false) {
return false;
}
if (empty($version)) {
return true; // no version specified
}
if (preg_match("/(Iceweasel|Firefox)\/([0-9\.]+)/i", $agent, $match)) {
if (version_compare($match[2], $version) >= 0) {
return true;
}
}
@@ -6391,19 +6396,45 @@ function check_php_version($version='4.1.0') {
case 'Gecko': /// Gecko based browsers
if (substr_count($agent, 'Camino')) {
// MacOS X Camino support
$version = 20041110;
// Do not look for dates any more, we expect real Firefox version here.
if (empty($version)) {
$version = 1;
} else if ($version > 20000000) {
// This is just a guess, it is not supposed to be 100% accurate!
if (preg_match('/^201/', $version)) {
$version = 3.6;
} else if (preg_match('/^200[7-9]/', $version)) {
$version = 3;
} else if (preg_match('/^2006/', $version)) {
$version = 2;
} else {
$version = 1.5;
}
}
// the proper string - Gecko/CCYYMMDD Vendor/Version
// Faster version and work-a-round No IDN problem.
if (preg_match("/Gecko\/([0-9]+)/i", $agent, $match)) {
if ($match[1] > $version) {
return true;
if (preg_match("/(Iceweasel|Firefox)\/([0-9\.]+)/i", $agent, $match)) {
// Use real Firefox version if specified in user agent string.
if (version_compare($match[2], $version) >= 0) {
return true;
}
} else if (preg_match("/Gecko\/([0-9\.]+)/i", $agent, $match)) {
// Gecko might contain date or Firefox revision, let's just guess the Firefox version from the date.
$browserver = $match[1];
if ($browserver > 20000000) {
// This is just a guess, it is not supposed to be 100% accurate!
if (preg_match('/^201/', $browserver)) {
$browserver = 3.6;
} else if (preg_match('/^200[7-9]/', $browserver)) {
$browserver = 3;
} else if (preg_match('/^2006/', $version)) {
$browserver = 2;
} else {
$browserver = 1.5;
}
}
if (version_compare($browserver, $version) >= 0) {
return true;
}
}
break;
Binary file not shown.
Binary file not shown.
+11 -9
View File
@@ -2158,18 +2158,20 @@ function data_get_extra_capabilities() {
* @param int $dataid The dataid of the database module.
* @return array $idarray An array of record ids
*/
function data_get_all_recordids($dataid) {
function data_get_all_recordids($dataid, $selectdata = '') {
global $CFG;
$initsql = "SELECT c.recordid
FROM {$CFG->prefix}data_fields f,
{$CFG->prefix}data_content c
WHERE f.dataid = {$dataid}
AND f.id = c.fieldid
GROUP BY c.recordid";
$initsql = "SELECT r.id
FROM {$CFG->prefix}data_records r
WHERE r.dataid = {$dataid}";
if ($selectdata != '') {
$initsql .= $selectdata;
}
$initsql .= ' GROUP BY r.id';
$initrecord = get_recordset_sql($initsql);
$idarray = array();
foreach ($initrecord as $data) {
$idarray[] = $data['recordid'];
$idarray[] = $data['id'];
}
$initrecord->close();
return $idarray;
@@ -2313,7 +2315,7 @@ function data_get_advanced_search_sql($sort, $data, $recordids, $selectdata, $so
} else {
$insql = " = -1";
}
$nestfromsql .= ' AND c.recordid ' . $insql . $groupsql;
$nestfromsql .= ' AND c.recordid ' . $insql . $selectdata . $groupsql;
$nestfromsql = "$nestfromsql $selectdata";
return "$nestselectsql $nestfromsql $sortorder";
}
+23 -7
View File
@@ -300,6 +300,14 @@
groups_print_activity_menu($cm, $returnurl);
$currentgroup = groups_get_activity_group($cm);
$groupmode = groups_get_activity_groupmode($cm);
// If a student is not part of a group and seperate groups is enabled, we don't
// want them seeing all records.
if ($currentgroup == 0 && $groupmode == 1 && !has_capability('mod/data:manageentries', $context)) {
$canviewallrecords = false;
} else {
$canviewallrecords = true;
}
// deletect entries not approved yet and show hint instead of not found error
if ($record and $data->approval and !$record->approved and $record->userid != $USER->id and !has_capability('mod/data:manageentries', $context)) {
@@ -439,7 +447,13 @@
if ($currentgroup) {
$groupselect = " AND (r.groupid = '$currentgroup' OR r.groupid = 0)";
} else {
$groupselect = ' ';
if ($canviewallrecords) {
$groupselect = ' ';
} else {
// If separate groups are enabled and the user isn't in a group or
// a teacher, manager, admin etc, then just show them entries for 'All participants'.
$groupselect = " AND r.groupid = 0";
}
}
$ilike = sql_ilike(); //Be case-insensitive
@@ -546,11 +560,12 @@
$sqlmax = "SELECT $count FROM $tables $where $groupselect $approveselect"; // number of all recoirds user may see
/// Work out the paging numbers and counts
$selectdata = $groupselect . $approveselect;
$recordids = data_get_all_recordids($data->id, $selectdata);
$recordids = data_get_all_recordids($data->id);
$newrecordids = data_get_advance_search_ids($recordids, $search_array, $data->id);
$totalcount = count($newrecordids);
$selectdata = $groupselect . $approveselect;
if (!empty($advanced)) {
$sqlselect = data_get_advanced_search_sql($sort, $data, $newrecordids, $selectdata, $sortorder);
} else {
@@ -566,10 +581,11 @@
if ($record) { // We need to just show one, so where is it in context?
$nowperpage = 1;
$mode = 'single';
$page = (int)array_search($record->id, $recordids);
unset($recordids);
$page = 0;
if ($allrecordids = get_fieldset_sql($sqlselect)) {
$page = (int)array_search($record->id, $allrecordids);
unset($allrecordids);
}
} else if ($mode == 'single') { // We rely on ambient $page settings
$nowperpage = 1;
+2 -2
View File
@@ -6,10 +6,10 @@
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
$version = 2007101592.00; // YYYYMMDD = date of the 1.9 branch (don't change)
$version = 2007101592.05; // YYYYMMDD = date of the 1.9 branch (don't change)
// X = release number 1.9.[0,1,2,3,4,5...]
// Y.YY = micro-increments between releases
$release = '1.9.19 (Build: 20120706)'; // Human-friendly version name
$release = '1.9.19+ (Build: 20130513)'; // Human-friendly version name
?>