Compare commits

..

30 Commits

Author SHA1 Message Date
Eloy Lafuente (stronk7) e7acb5cfca Moodle release 2.7.13 2016-03-12 00:37:46 +01:00
Eloy Lafuente (stronk7) 89a50ced1f Merge branch 'install_27_STABLE' of https://git.in.moodle.com/amosbot/moodle-install into MOODLE_27_STABLE 2016-03-12 00:37:42 +01:00
Simey Lameze f4fcb1c4f7 MDL-50705 auth_db: apply standard cleaning to all fields
Also unit tests were added to cover the new clean_data() method.
2016-03-09 18:23:36 +01:00
Simey Lameze 3b214760fb MDL-50705 core_user: introduce new fill_properties_cache()
Also the get_property_definition() was created to get the property without retrieve the whole definition cache and
    unit tests were created to tests those new methods.
2016-03-09 18:23:31 +01:00
Simey Lameze 55ba3a26d2 MDL-53031 mod_assign: add session check on assignment plugins management 2016-03-08 19:55:02 +01:00
Jun Pataleta 089ab60017 MDL-52433 user: Remove unnecessary capability check 2016-03-08 12:25:05 +01:00
Cameron Ball 9f91c23536 MDL-52651 htmlpurifier: Append rel=noreferrer to links.
Thank you to Zachary Durber for originally working on this issue.
2016-03-08 02:09:13 +01:00
Krista Koivisto ea8987644f MDL-52774 ajax: Require authentication when getting nav branch
When getting the navigation branch data through AJAX, require
login if forcelogin is set.
2016-03-08 00:32:05 +01:00
Juan Leyva 11106f6cee MDL-52901 mod_assign: Check due dates in external save_submission 2016-03-08 00:14:49 +01:00
Juan Leyva c631b112d6 MDL-52808 calendar: Do not return events for hidden activities 2016-03-07 22:31:30 +01:00
David Mudrák 87e60e5299 MDL-52727 mod_data: Improve output of the form fields values
This issue mostly affects the search form fields. Submitted values for
these fields are typically obtained via optional_param() with
PARAM_NOTAGS specified as the parameter type - see parse_search_field()
methods. Such values themselves are not safe enough to be printed back
directly into the HTML as they might contain malicious code.

While working on the patch, some other places with weak protection were
detected and fixed.

In case of the itemid parameters, the s() seems to be unnecessary but it
was added anyway as an extra protection (just in case the code flow
changes or the parts of the code are re-used elsewhere).
2016-03-07 22:06:50 +01:00
AMOS bot 246a8720f4 Automatically generated installer lang files 2016-03-03 22:24:42 +08:00
AMOS bot 9d0328d512 Automatically generated installer lang files 2016-03-03 22:24:42 +08:00
AMOS bot 7816a936f4 Automatically generated installer lang files 2016-03-03 00:04:54 +08:00
AMOS bot 64c2c35e47 Automatically generated installer lang files 2016-02-28 00:04:47 +08:00
AMOS bot 77798e3ab5 Automatically generated installer lang files 2016-02-25 00:12:17 +08:00
AMOS bot c1b28f4c53 Automatically generated installer lang files 2016-02-24 00:05:05 +08:00
Dan Poltawski c8eb9ee629 weekly release 2.7.12+ 2016-02-22 09:11:08 +00:00
Dan Poltawski 958b261ba3 Merge branch 'install_27_STABLE' of https://git.in.moodle.com/amosbot/moodle-install into MOODLE_27_STABLE 2016-02-22 09:11:07 +00:00
AMOS bot a927e80033 Automatically generated installer lang files 2016-02-13 00:04:58 +08:00
Eloy Lafuente (stronk7) 8459a1e0c9 MDL-51580 environment: 3.1 requirements added
Only important change is that Moodle 2.7 installed is
required to be able to upgrade to 3.1. See the issue
for opinions, votes and agreed outcomes.
2016-02-10 18:29:07 +01:00
AMOS bot 9f7e43b966 Automatically generated installer lang files 2016-02-10 00:04:50 +08:00
AMOS bot 467f7d4663 Automatically generated installer lang files 2016-02-06 00:04:45 +08:00
AMOS bot 6b1b3d6970 Automatically generated installer lang files 2016-02-04 00:04:50 +08:00
AMOS bot 5243e075d2 Automatically generated installer lang files 2016-01-28 00:04:58 +08:00
AMOS bot 5c8c9eb2b1 Automatically generated installer lang files 2016-01-26 00:04:42 +08:00
AMOS bot 048c1dfd12 Automatically generated installer lang files 2016-01-25 00:04:44 +08:00
AMOS bot 0b1befe942 Automatically generated installer lang files 2016-01-23 00:04:56 +08:00
AMOS bot 691048cf99 Automatically generated installer lang files 2016-01-19 00:05:26 +08:00
AMOS bot 314f6cfe4c Automatically generated installer lang files 2016-01-13 00:04:35 +08:00
39 changed files with 623 additions and 47 deletions
+138
View File
@@ -1558,4 +1558,142 @@
</CUSTOM_CHECK>
</CUSTOM_CHECKS>
</MOODLE>
<MOODLE version="3.1" requires="2.7">
<UNICODE level="required">
<FEEDBACK>
<ON_ERROR message="unicoderequired" />
</FEEDBACK>
</UNICODE>
<DATABASE level="required">
<VENDOR name="mariadb" version="5.5.31" />
<VENDOR name="mysql" version="5.5.31" />
<VENDOR name="postgres" version="9.1" />
<VENDOR name="mssql" version="10.0" />
<VENDOR name="oracle" version="10.2" />
</DATABASE>
<PHP version="5.4.4" level="required">
</PHP>
<PCREUNICODE level="optional">
<FEEDBACK>
<ON_CHECK message="pcreunicodewarning" />
</FEEDBACK>
</PCREUNICODE>
<PHP_EXTENSIONS>
<PHP_EXTENSION name="iconv" level="required">
<FEEDBACK>
<ON_ERROR message="iconvrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="mbstring" level="optional">
<FEEDBACK>
<ON_CHECK message="mbstringrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="curl" level="required">
<FEEDBACK>
<ON_ERROR message="curlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="openssl" level="optional">
<FEEDBACK>
<ON_CHECK message="opensslrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="tokenizer" level="optional">
<FEEDBACK>
<ON_CHECK message="tokenizerrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="xmlrpc" level="optional">
<FEEDBACK>
<ON_CHECK message="xmlrpcrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="soap" level="optional">
<FEEDBACK>
<ON_CHECK message="soaprecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="ctype" level="required">
<FEEDBACK>
<ON_ERROR message="ctyperequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="zip" level="required">
<FEEDBACK>
<ON_ERROR message="ziprequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="zlib" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="gd" level="required">
<FEEDBACK>
<ON_ERROR message="gdrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="simplexml" level="required">
<FEEDBACK>
<ON_ERROR message="simplexmlrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="spl" level="required">
<FEEDBACK>
<ON_ERROR message="splrequired" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="pcre" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="dom" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="xml" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="intl" level="optional">
<FEEDBACK>
<ON_CHECK message="intlrecommended" />
</FEEDBACK>
</PHP_EXTENSION>
<PHP_EXTENSION name="json" level="required">
</PHP_EXTENSION>
<PHP_EXTENSION name="hash" level="required"/>
</PHP_EXTENSIONS>
<PHP_SETTINGS>
<PHP_SETTING name="memory_limit" value="96M" level="required">
<FEEDBACK>
<ON_ERROR message="settingmemorylimit" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="file_uploads" value="1" level="optional">
<FEEDBACK>
<ON_CHECK message="settingfileuploads" />
</FEEDBACK>
</PHP_SETTING>
<PHP_SETTING name="opcache.enable" value="1" level="optional">
<FEEDBACK>
<ON_CHECK message="opcacherecommended" />
</FEEDBACK>
</PHP_SETTING>
</PHP_SETTINGS>
<CUSTOM_CHECKS>
<CUSTOM_CHECK file="lib/upgradelib.php" function="check_database_storage_engine" level="required">
<FEEDBACK>
<ON_ERROR message="unsupporteddbstorageengine" />
</FEEDBACK>
</CUSTOM_CHECK>
<CUSTOM_CHECK file="question/engine/upgrade/upgradelib.php" function="quiz_attempts_upgraded" level="required">
<FEEDBACK>
<ON_ERROR message="quizattemptsupgradedmessage" />
</FEEDBACK>
</CUSTOM_CHECK>
<CUSTOM_CHECK file="lib/upgradelib.php" function="check_slasharguments" level="optional">
<FEEDBACK>
<ON_CHECK message="slashargumentswarning" />
</FEEDBACK>
</CUSTOM_CHECK>
<CUSTOM_CHECK file="lib/upgradelib.php" function="check_database_tables_row_format" level="optional">
<FEEDBACK>
<ON_CHECK message="unsupporteddbtablerowformat" />
</FEEDBACK>
</CUSTOM_CHECK>
</CUSTOM_CHECKS>
</MOODLE>
</COMPATIBILITY_MATRIX>
+28
View File
@@ -300,6 +300,7 @@ class auth_plugin_db extends auth_plugin_base {
$updateuser = new stdClass();
$updateuser->id = $user->id;
$updateuser->suspended = 1;
$updateuser = $this->clean_data($updateuser);
user_update_user($updateuser, false);
$trace->output(get_string('auth_dbsuspenduser', 'auth_db', array('name'=>$user->username, 'id'=>$user->id)), 1);
}
@@ -381,6 +382,7 @@ class auth_plugin_db extends auth_plugin_base {
foreach($add_users as $user) {
$username = $user;
if ($this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
if ($old_user = $DB->get_record('user', array('username'=>$username, 'deleted'=>0, 'suspended'=>1, 'mnethostid'=>$CFG->mnet_localhost_id, 'auth'=>$this->authtype))) {
$DB->set_field('user', 'suspended', 0, array('id'=>$old_user->id));
$trace->output(get_string('auth_dbreviveduser', 'auth_db', array('name'=>$username, 'id'=>$old_user->id)), 1);
@@ -412,6 +414,7 @@ class auth_plugin_db extends auth_plugin_base {
$trace->output(get_string('auth_dbinsertuserduplicate', 'auth_db', array('username'=>$user->username, 'auth'=>$collision->auth)), 1);
continue;
}
$user = $this->clean_data($user);
try {
$id = $DB->insert_record ('user', $user); // it is truly a new user
@@ -553,6 +556,7 @@ class auth_plugin_db extends auth_plugin_base {
}
}
}
if ($updated) {
$DB->set_field('user', 'timemodified', time(), array('id'=>$userid));
@@ -870,6 +874,30 @@ class auth_plugin_db extends auth_plugin_base {
error_reporting($CFG->debug);
ob_end_flush();
}
/**
* Clean the user data that comes from an external database.
*
* @param array $user the user data to be validated against properties definition.
* @return stdClass $user the cleaned user data.
*/
public function clean_data($user) {
if (empty($user)) {
return $user;
}
foreach ($user as $field => $value) {
// Get the property parameter type and do the cleaning.
try {
$property = core_user::get_property_definition($field);
$user->$field = clean_param($value, $property['type']);
} catch (coding_exception $e) {
debugging("The property '$field' could not be cleaned.", DEBUG_DEVELOPER);
}
}
return $user;
}
}
+73
View File
@@ -374,4 +374,77 @@ class auth_db_testcase extends advanced_testcase {
$this->cleanup_auth_database();
}
/**
* Testing the clean_data() method.
*/
public function test_clean_data() {
global $DB;
$this->resetAfterTest(false);
$this->preventResetByRollback();
$this->init_auth_database();
$auth = get_auth_plugin('db');
$auth->db_init();
// Create users on external table.
$extdbuser1 = (object)array('name'=>'u1', 'pass'=>'heslo', 'email'=>'u1@example.com');
$extdbuser1->id = $DB->insert_record('auth_db_users', $extdbuser1);
// User with malicious data on the name.
$extdbuser2 = (object)array('name'=>'user<script>alert(1);</script>xss', 'pass'=>'heslo', 'email'=>'xssuser@example.com');
$extdbuser2->id = $DB->insert_record('auth_db_users', $extdbuser2);
$trace = new null_progress_trace();
// Let's test user sync make sure still works as expected..
$auth->sync_users($trace, true);
// Get the user on moodle user table.
$user2 = $DB->get_record('user', array('email'=> $extdbuser2->email, 'auth'=>'db'));
// The malicious code should be sanitized.
$this->assertEquals($user2->username, 'userscriptalert1scriptxss');
$this->assertNotEquals($user2->username, $extdbuser2->name);
// User with correct data, should be equal to external db.
$user1 = $DB->get_record('user', array('email'=> $extdbuser1->email, 'auth'=>'db'));
$this->assertEquals($extdbuser1->name, $user1->username);
$this->assertEquals($extdbuser1->email, $user1->email);
// Now, let's update the name.
$extdbuser2->name = 'user no xss anymore';
$DB->update_record('auth_db_users', $extdbuser2);
// Run sync again to update the user data.
$auth->sync_users($trace, true);
// The user information should be updated.
$user2 = $DB->get_record('user', array('username' => 'usernoxssanymore', 'auth' => 'db'));
// The spaces should be removed, as it's the username.
$this->assertEquals($user2->username, 'usernoxssanymore');
// Now let's test just the clean_data() method isolated.
// Testing PARAM_USERNAME, PARAM_NOTAGS, PARAM_RAW_TRIMMED and others.
$user3 = new stdClass();
$user3->firstname = 'John <script>alert(1)</script> Doe';
$user3->username = 'john%#&~%*_doe';
$user3->email = ' john@testing.com ';
$user3->deleted = 'no';
$user3->description = '<b>A description <script>alert(123)</script>about myself.</b>';
$user3cleaned = $auth->clean_data($user3);
// Expected results.
$this->assertEquals($user3cleaned->firstname, 'John alert(1) Doe');
$this->assertEquals($user3cleaned->email, 'john@testing.com');
$this->assertEquals($user3cleaned->deleted, 0);
$this->assertEquals($user3->description, '<b>A description about myself.</b>');
$this->assertEquals($user3->username, 'john_doe');
// Try to clean an invalid property (fullname).
$user3->fullname = 'John Doe';
$auth->clean_data($user3);
$this->assertDebuggingCalled("The property 'fullname' could not be cleaned.");
$this->cleanup_auth_database();
}
}
+10 -8
View File
@@ -173,6 +173,8 @@ class core_calendar_external extends external_api {
// Let us findout courses that we can return events from.
if (!$hassystemcap) {
$courses = enrol_get_my_courses('id');
$courses = array_keys($courses);
foreach ($params['events']['courseids'] as $id) {
try {
$context = context_course::instance($id);
@@ -221,21 +223,21 @@ class core_calendar_external extends external_api {
$funcparam['courses'][] = $SITE->id;
}
// Event list does not check visibility and permissions, we'll check that later.
$eventlist = calendar_get_events($params['options']['timestart'], $params['options']['timeend'], $funcparam['users'], $funcparam['groups'],
$funcparam['courses'], true, $params['options']['ignorehidden']);
// WS expects arrays.
$events = array();
foreach ($eventlist as $id => $event) {
$events[$id] = (array) $event;
}
// We need to get events asked for eventids.
$eventsbyid = calendar_get_events_by_id($params['events']['eventids']);
foreach ($eventsbyid as $eventid => $eventobj) {
if ($eventsbyid = calendar_get_events_by_id($params['events']['eventids'])) {
$eventlist += $eventsbyid;
}
foreach ($eventlist as $eventid => $eventobj) {
$event = (array) $eventobj;
if (isset($events[$eventid])) {
continue;
}
if ($hassystemcap) {
// User can see everything, no further check is needed.
$events[$eventid] = $event;
+24
View File
@@ -363,6 +363,30 @@ class core_calendar_externallib_testcase extends externallib_advanced_testcase {
$events = external_api::clean_returnvalue(core_calendar_external::get_calendar_events_returns(), $events);
$this->assertEquals(1, count($events['events'])); // site.
$this->assertEquals(0, count($events['warnings']));
// Now, create an activity event.
$this->setAdminUser();
$nexttime = time() + DAYSECS;
$assign = $this->getDataGenerator()->create_module('assign', array('course' => $course->id, 'duedate' => $nexttime));
$this->setUser($user);
$paramevents = array ('courseids' => array($course->id));
$options = array ('siteevents' => true, 'userevents' => true, 'timeend' => time() + WEEKSECS);
$events = core_calendar_external::get_calendar_events($paramevents, $options);
$events = external_api::clean_returnvalue(core_calendar_external::get_calendar_events_returns(), $events);
$this->assertCount(5, $events['events']);
// Hide the assignment.
set_coursemodule_visible($assign->cmid, 0);
// Empty all the caches that may be affected by this change.
accesslib_clear_all_caches_for_unit_testing();
course_modinfo::clear_instance_cache();
$events = core_calendar_external::get_calendar_events($paramevents, $options);
$events = external_api::clean_returnvalue(core_calendar_external::get_calendar_events_returns(), $events);
// Expect one less.
$this->assertCount(4, $events['events']);
}
/**
+2 -2
View File
@@ -31,6 +31,6 @@
defined('MOODLE_INTERNAL') || die();
$string['language'] = 'Език';
$string['next'] = 'Следваща';
$string['previous'] = 'Предишна';
$string['next'] = 'Още';
$string['previous'] = 'Обратно';
$string['reload'] = 'Презареждане';
+1 -1
View File
@@ -35,7 +35,7 @@ $string['cliansweryes'] = 'Sí';
$string['cliincorrectvalueerror'] = 'Error, valor incorrecte "{$a->value}" per a "{$a->option}"';
$string['cliincorrectvalueretry'] = 'Valor incorrecte, si us plau, torneu-ho a provar.';
$string['clitypevalue'] = 'Valor de tipus';
$string['clitypevaluedefault'] = 'valor de tipus, premeu Intro per fer servir un valor per defecte ({$a})';
$string['clitypevaluedefault'] = 'valor de tipus, premeu la tecla de retorn (<em>Enter</em>) per fer servir un valor per defecte ({$a})';
$string['cliunknowoption'] = 'Opcions invàlides:
{$a}
L\'opció --help us orientarà.';
+4 -4
View File
@@ -49,19 +49,19 @@ $string['environmentsub2'] = 'Každé vydání Moodle vyžaduje určitou minimá
$string['errorsinenvironment'] = 'Kontrola serverového prostředí selhala!';
$string['installation'] = 'Instalace';
$string['langdownloaderror'] = 'Bohužel, jazyk "{$a}" se nepodařilo nainstalovat. Instalace bude pokračovat v angličtine.';
$string['memorylimithelp'] = '<p>Limit paměti pro PHP skripty je na vašem serveru momentálně nastaven na hodnotu {$a}.</p>
$string['memorylimithelp'] = '<p>Limit paměti pro PHP skripty je na vašem serveru momentálně nastaven na {$a}.</p>
<p>To může později způsobovat Moodlu problémy, zvláště při větším množství modulů a/nebo uživatelů.</p>
<p>Je-li to možné, doporučujeme vám nastavit v PHP vyšší limit, např. 40M. Můžete to provést několika způsoby:
<p>Je-li to možné, doporučujeme vám nastavit v PHP vyšší limit, např. 40M. Můžete to provést několika způsoby:</p>
<ol>
<li>Můžete-li, překompilujte PHP s volbou <i>--enable-memory-limit</i>.
Moodle si tak bude sám moci nastavit potřebný limit.</li>
<li>Máte-li přístup k souboru php.ini, změňte nastavení <b>memory_limit</b>
na hodnotu blízkou 40M. Nemáte-li taková práva, požádejte správce vašeho webového serveru, aby toto nastavení provedl on.</li>
<li>Na některých serverech můžete v kořenovém adresáři Moodlu vytvořit soubor .htaccess s následujícím řádkem:
<p><blockquote>php_value memory_limit 40M</blockquote></p>
<p>Bohužel, v některých případech tím vyřadíte z provozu <b>všechny</b> PHP stránky (při jejich prohlížení uvidíte chybová hlášení), takže budete muset soubor .htaccess zase odstranit.</li>
<blockquote><div>php_value memory_limit 40M</div></blockquote>
<p>Bohužel, v některých případech tím vyřadíte z provozu <b>všechny</b> PHP stránky (při jejich prohlížení uvidíte chybová hlášení), takže budete muset soubor .htaccess zase odstranit.</p></li>
</ol>';
$string['paths'] = 'Cesty';
$string['pathserrcreatedataroot'] = 'Datový adresář ({$a->dataroot}) nemůže být tímto průvodcem instalací vytvořen.';
+34
View File
@@ -0,0 +1,34 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Automatically generated strings for Moodle installer
*
* Do not edit this file manually! It contains just a subset of strings
* needed during the very first steps of installation. This file was
* generated automatically by export-installer.php (which is part of AMOS
* {@link http://docs.moodle.org/dev/Languages/AMOS}) using the
* list of strings defined in /install/stringnames.txt.
*
* @package installer
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$string['parentlanguage'] = 'da';
$string['thislanguage'] = 'Dansk (kursus)';
+1 -1
View File
@@ -31,5 +31,5 @@
defined('MOODLE_INTERNAL') || die();
$string['parentlanguage'] = '';
$string['thisdirection'] = 'izq-a-der';
$string['thisdirection'] = 'ltr';
$string['thislanguage'] = 'Español - México';
+2 -2
View File
@@ -35,8 +35,8 @@ $string['cannotcreatetempdir'] = 'לא ניתן ליצור סיפרייה זמנ
$string['cannotdownloadcomponents'] = 'לא ניתן להוריד רכיבים.';
$string['cannotdownloadzipfile'] = 'לא ניתן להוריד קובץ ZIP.';
$string['cannotfindcomponent'] = 'הרכיב לא נמצא.';
$string['cannotsavemd5file'] = 'לא ניתן לשמור קובץ md5.';
$string['cannotsavezipfile'] = 'לא ניתן לשמור קובץ ZIP.';
$string['cannotsavemd5file'] = 'לא ניתן לשמור קובץ md5';
$string['cannotsavezipfile'] = 'לא ניתן לשמור קובץ ZIP';
$string['cannotunzipfile'] = 'לא ניתן לפתוח את קובץ ה-ZIP.';
$string['componentisuptodate'] = 'הרכיב מעודכן.';
$string['downloadedfilecheckfailed'] = 'נכשלה בדיקת הקובץ המורד.';
+2 -2
View File
@@ -104,7 +104,7 @@ $string['welcomep50'] = 'השימוש בכל היישומים בחבילה זו
<a href="http://www.opensource.org/docs/definition_plain.html">קוד פתוח</a>
והיא מופצת תחת רשיון
<a href="http://www.gnu.org/copyleft/gpl.html">GPL</a>';
$string['welcomep60'] = 'העמודים הבאים יובילו אותך בצורה פשוטה דרך כמה צעדים לעיצוב הגדרות <strong>Moodle</strong> במחשבך.
תוכל לאשר את הגדרות ברירת המחדל או, באפשרותך, לשנותם לפי צרכיך.';
$string['welcomep60'] = 'העמודים הבאים יובילו אותך בצורה פשוטה דרך כמה צעדים לקביעת הגדרות <strong>Moodle</strong> בשרת.
ניתן לאשר הגדרות בררת־המחדל או לשנותם לפי צרכיך.';
$string['welcomep70'] = 'הקש על לחצן ה"המשך" למטה כדי להמשיך עם הגדרת ה-<strong>Moodle</strong>';
$string['wwwroot'] = 'כתובת האתר';
+1
View File
@@ -32,6 +32,7 @@ defined('MOODLE_INTERNAL') || die();
$string['clianswerno'] = 'एन';
$string['cliansweryes'] = 'वाई';
$string['cliincorrectvalueerror'] = 'त्रुटि, "{$a->option}" के लिए गलत मान जो की "{$a->value}" है';
$string['cliincorrectvalueretry'] = 'ग़लत मान, कृपया पुनः प्रयास करें';
$string['clitypevalue'] = 'टाइप मूल्य';
$string['cliyesnoprompt'] = 'टाइप Y (का मतलब है हाँ) या N (का मतलब है नहीं )';
+1 -1
View File
@@ -42,7 +42,7 @@ $string['cannotsavemd5file'] = 'Enregistrament del fichièr md5 impossible';
$string['cannotsavezipfile'] = 'Enregistrament del fichièr ZIP impossible';
$string['cannotunzipfile'] = 'Descompression del fichièr ZIP impossibla';
$string['componentisuptodate'] = 'Lo component es a jorn';
$string['dmlexceptiononinstall'] = '<p>Una error de banca de donadas s\'es produsida [{$a->errorcode}].<br />{$a->debuginfo}</p>';
$string['dmlexceptiononinstall'] = '<p>Una error de banca de donadas s\'es producha [{$a->errorcode}].<br />{$a->debuginfo}</p>';
$string['downloadedfilecheckfailed'] = 'La verificacion del fichièr telecargat a fracassat';
$string['invalidmd5'] = 'Lo còde de contraròtle md5 es pas valid';
$string['missingrequiredfield'] = 'Un camp obligatòri es pas completat';
+34
View File
@@ -0,0 +1,34 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Automatically generated strings for Moodle installer
*
* Do not edit this file manually! It contains just a subset of strings
* needed during the very first steps of installation. This file was
* generated automatically by export-installer.php (which is part of AMOS
* {@link http://docs.moodle.org/dev/Languages/AMOS}) using the
* list of strings defined in /install/stringnames.txt.
*
* @package installer
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$string['thisdirection'] = 'ltr';
$string['thislanguage'] = 'ଓଡ଼ିଆ';
+1 -1
View File
@@ -55,7 +55,7 @@ $string['pathserrcreatedataroot'] = 'O programa de instalação não conseguiu c
$string['pathshead'] = 'Confirmar caminhos';
$string['pathsrodataroot'] = 'A pasta de dados não tem permissões de escrita.';
$string['pathsroparentdataroot'] = 'A pasta pai <b>{$a->parent}</b> não tem permissões de escrita. O programa de instalação não conseguiu criar a pasta <b>{$a->dataroot}</b>.';
$string['pathssubadmindir'] = 'Alguns servidores Web utilizam a pasta <strong>admin</strong> em URLs especiais de acesso a funcionalidades especiais, como é o caso de painéis de controlo. Algumas situações podem criar conflitos com a localização normal das páginas de administração do Moodle. Estes problemas podem ser resolvidos renomeando a pasta <strong>admin</strong> na instalação do Moodle e indicando aqui o novo nome a utilizar. Por exemplo:<br /><br /><b>moodleadmin</b><br /><br />Esta ação resolverá os problemas de acesso dos links para as funcionalidades de administração do Moodle.';
$string['pathssubadmindir'] = 'Alguns servidores Web utilizam a pasta <strong>admin</strong> em URLs especiais de acesso a funcionalidades especiais, como é o caso de painéis de controlo. Algumas situações podem criar conflitos com a localização normal das páginas de administração do Moodle. Estes problemas podem ser resolvidos renomeando a pasta <strong>admin</strong> na instalação do Moodle e indicando aqui o novo nome a utilizar. Por exemplo:<br /><br /><b>moodleadmin</b><br /><br />Esta ação resolverá os problemas de acesso das hiperligações para as funcionalidades de administração do Moodle.';
$string['pathssubdataroot'] = '<p>Uma diretoria em que o Moodle irá armazenar todo o conteúdo de ficheiros enviados pelos utilizadores.</p>
<p>Esta diretoria deve ser legível e gravável pelo utilizador do servidor web (geralmente \'www-data\', \'nobody\', ou \'apache\').</p>
<p>Não deve ser diretamente acessível através da web.</p>
+7
View File
@@ -34,6 +34,8 @@ $string['admindirname'] = 'Director Admin';
$string['availablelangs'] = 'Pachete de limbă disponibile';
$string['chooselanguagehead'] = 'Selectare limbă';
$string['chooselanguagesub'] = 'Vă rugăm selectaţi limba pentru interfaţa de instalare, limba selectată va fi folosită EXCLUSIV în cadrul procedurii de instalare. Ulterior veţi putea selecta limba în care doriţi să fie afişată interfaţa.';
$string['clialreadyconfigured'] = 'Fișierul de configurare';
$string['clialreadyinstalled'] = 'Fișierul de configurare config.php există deja. Vă rugăm să folosiți dmin/cli/install_database.php to pentru a upgrada Moodle pentru acest site.';
$string['databasehost'] = 'Gazdă baza de date';
$string['databasename'] = 'Nume baza de date';
$string['databasetypehead'] = 'Alegere driver baza de date';
@@ -43,8 +45,13 @@ $string['dbprefix'] = 'Prefix tabele';
$string['dirroot'] = 'Director Moodle';
$string['environmenthead'] = 'Se verifică mediul...';
$string['installation'] = 'Instalare';
$string['langdownloaderror'] = 'Din păcate, limba "{$a}" nu a putut fi descărcată. Procesul de instalare va continua în limba engleză.';
$string['paths'] = 'Căi';
$string['pathshead'] = 'Confirmare căi';
$string['pathsrodataroot'] = 'Directorul dataroot nu poate fi scris.';
$string['pathssubdirroot'] = '<p>Calea completă către directorul care conține codul Moodle .</p>';
$string['pathsunsecuredataroot'] = 'Locația dataroot nu este sigură';
$string['pathswrongadmindir'] = 'Directorul admin nu există';
$string['phpextension'] = 'extensie PHP {$a}';
$string['phpversion'] = 'Versiune PHP';
$string['welcomep10'] = '{$a->installername} ({$a->installerversion})';
+2 -2
View File
@@ -34,9 +34,9 @@ $string['clianswerno'] = 'n';
$string['cliansweryes'] = 'y';
$string['cliincorrectvalueerror'] = 'ผิดพลาด, ค่าต่อไปนี้ไม่ถูกต้อง "{$a->value}" สำหรับ "{$a->option}"';
$string['cliincorrectvalueretry'] = 'ค่าไม่ถูกต้องกรุณาลองใหม่อีกครั้ง';
$string['clitypevalue'] = 'ประเภทของค่า';
$string['clitypevalue'] = 'พิมพ์ค่า';
$string['clitypevaluedefault'] = 'ประเภทของค่า กด Enter หากต้องการใช้ค่าที่ตั้งไว้ ({$a})';
$string['cliunknowoption'] = 'ตัวเลือกที่ไม่สามารถระบุได้ : {$a}';
$string['cliunknowoption'] = 'ตัวเลือกที่ไม่สามารถระบุได้ : {$a} กรุณาเลือก การช่วยเหลือ';
$string['cliyesnoprompt'] = 'พิมพ์ y (สำหรับ ใช่) หรือ n (สำหรับ ไม่)';
$string['environmentrequireinstall'] = 'ต้องการเพื่อทำการติดตั้ง/เปิดใช้งาน';
$string['environmentrequireversion'] = 'ต้องการเวอร์ชัน {$a->needed} ขณะนี้ท่านกำลังใช้งานเวอร์ชัน {$a->current}';
+1
View File
@@ -33,3 +33,4 @@ defined('MOODLE_INTERNAL') || die();
$string['language'] = 'ภาษาที่ใช้ในเว็บ';
$string['next'] = 'ต่อไป';
$string['previous'] = 'หน้าก่อน';
$string['reload'] = 'โหลดใหม่';
+4
View File
@@ -32,6 +32,10 @@ require_once(dirname(__FILE__) . '/../../config.php');
/** Include course lib for its functions */
require_once($CFG->dirroot.'/course/lib.php');
if (!empty($CFG->forcelogin)) {
require_login();
}
try {
// Start buffer capture so that we can `remove` any errors
ob_start();
+103
View File
@@ -49,6 +49,9 @@ class core_user {
/** @var stdClass keep record of support user */
public static $supportuser = false;
/** @var array store user fields properties cache. */
protected static $propertiescache = null;
/**
* Return user object from db or create noreply or support user,
* if userid matches corse_user::NOREPLY_USER or corse_user::SUPPORT_USER
@@ -238,4 +241,104 @@ class core_user {
return true;
}
}
/**
* Definition of user profile fields and the expected parameter type for data validation.
*
* @return void
*/
protected static function fill_properties_cache() {
if (self::$propertiescache !== null) {
return;
}
// Array of user fields properties and expected parameters.
// Every new field on the user table should be added here otherwise it won't be validated.
$fields = array();
$fields['id'] = array('type' => PARAM_INT);
$fields['auth'] = array('type' => PARAM_NOTAGS);
$fields['confirmed'] = array('type' => PARAM_BOOL);
$fields['policyagreed'] = array('type' => PARAM_BOOL);
$fields['deleted'] = array('type' => PARAM_BOOL);
$fields['suspended'] = array('type' => PARAM_BOOL);
$fields['mnethostid'] = array('type' => PARAM_BOOL);
$fields['username'] = array('type' => PARAM_USERNAME);
$fields['password'] = array('type' => PARAM_NOTAGS);
$fields['idnumber'] = array('type' => PARAM_NOTAGS);
$fields['firstname'] = array('type' => PARAM_NOTAGS);
$fields['lastname'] = array('type' => PARAM_NOTAGS);
$fields['surname'] = array('type' => PARAM_NOTAGS);
$fields['email'] = array('type' => PARAM_RAW_TRIMMED);
$fields['emailstop'] = array('type' => PARAM_INT);
$fields['icq'] = array('type' => PARAM_NOTAGS);
$fields['skype'] = array('type' => PARAM_NOTAGS);
$fields['aim'] = array('type' => PARAM_NOTAGS);
$fields['yahoo'] = array('type' => PARAM_NOTAGS);
$fields['msn'] = array('type' => PARAM_NOTAGS);
$fields['phone1'] = array('type' => PARAM_NOTAGS);
$fields['phone2'] = array('type' => PARAM_NOTAGS);
$fields['institution'] = array('type' => PARAM_TEXT);
$fields['department'] = array('type' => PARAM_TEXT);
$fields['address'] = array('type' => PARAM_TEXT);
$fields['city'] = array('type' => PARAM_TEXT);
$fields['country'] = array('type' => PARAM_TEXT);
$fields['lang'] = array('type' => PARAM_TEXT);
$fields['calendartype'] = array('type' => PARAM_NOTAGS);
$fields['theme'] = array('type' => PARAM_NOTAGS);
$fields['timezones'] = array('type' => PARAM_TEXT);
$fields['firstaccess'] = array('type' => PARAM_INT);
$fields['lastaccess'] = array('type' => PARAM_INT);
$fields['lastlogin'] = array('type' => PARAM_INT);
$fields['currentlogin'] = array('type' => PARAM_INT);
$fields['lastip'] = array('type' => PARAM_NOTAGS);
$fields['secret'] = array('type' => PARAM_TEXT);
$fields['picture'] = array('type' => PARAM_INT);
$fields['url'] = array('type' => PARAM_URL);
$fields['description'] = array('type' => PARAM_CLEANHTML);
$fields['descriptionformat'] = array('type' => PARAM_INT);
$fields['mailformat'] = array('type' => PARAM_INT);
$fields['maildigest'] = array('type' => PARAM_INT);
$fields['maildisplay'] = array('type' => PARAM_INT);
$fields['autosubscribe'] = array('type' => PARAM_INT);
$fields['trackforums'] = array('type' => PARAM_INT);
$fields['timecreated'] = array('type' => PARAM_INT);
$fields['timemodified'] = array('type' => PARAM_INT);
$fields['trustbitmask'] = array('type' => PARAM_INT);
$fields['imagealt'] = array('type' => PARAM_TEXT);
$fields['lastnamephonetic'] = array('type' => PARAM_NOTAGS);
$fields['firstnamephonetic'] = array('type' => PARAM_NOTAGS);
$fields['middlename'] = array('type' => PARAM_NOTAGS);
$fields['alternatename'] = array('type' => PARAM_NOTAGS);
self::$propertiescache = $fields;
}
/**
* Get properties of a user field.
*
* @param string $property property name to be retrieved.
* @throws coding_exception if the requested property name is invalid.
* @return array the property definition.
*/
public static function get_property_definition($property) {
self::fill_properties_cache();
if (!array_key_exists($property, self::$propertiescache)) {
throw new coding_exception('Invalid property requested.');
}
return self::$propertiescache[$property];
}
/**
* Clean the properties cache.
*
* During unit tests we need to be able to reset all caches so that each new test starts in a known state.
* Intended for use only for testing, phpunit calls this before every test.
*/
public static function reset_caches() {
self::$propertiescache = null;
}
}
+66
View File
@@ -103,3 +103,69 @@ class HTMLPurifier_URIScheme_teamspeak extends HTMLPurifier_URIScheme {
}
}
/**
* A custom HTMLPurifier transformation. Adds rel="noreferrer" to all links with target="_blank".
*
* @package core
* @copyright Cameron Ball
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class HTMLPurifier_AttrTransform_Noreferrer extends HTMLPurifier_AttrTransform {
/** @var HTMLPurifier_URIParser $parser */
private $parser;
/**
* Constructor.
*/
public function __construct() {
$this->parser = new HTMLPurifier_URIParser();
}
/**
* Transforms a tags such that when a target attribute is present, rel="noreferrer" is added.
*
* Note that this will not respect Attr.AllowedRel
*
* @param array $attr Assoc array of attributes, usually from
* HTMLPurifier_Token_Tag::$attr
* @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.
* @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object
* @return array Processed attribute array.
*/
public function transform($attr, $config, $context) {
// Nothing to do If we already have noreferrer in the rel attribute
if (!empty($attr['rel']) && substr($attr['rel'], 'noreferrer') !== false) {
return $attr;
}
// If _blank target attribute exists, add rel=noreferrer
if (!empty($attr['target']) && $attr['target'] == '_blank') {
$attr['rel'] = !empty($attr['rel']) ? $attr['rel'] . ' noreferrer' : 'noreferrer';
}
return $attr;
}
}
/**
* A custom HTMLPurifier module to add rel="noreferrer" attributes a tags.
*
* @package core
* @copyright Cameron Ball
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class HTMLPurifier_HTMLModule_Noreferrer extends HTMLPurifier_HTMLModule {
/** @var string $name */
public $name = 'Noreferrer';
/**
* Module setup
*
* @param HTMLPurifier_Config $config
*/
public function setup($config) {
$a = $this->addBlankElement('a');
$a->attr_transform_post[] = new HTMLPurifier_AttrTransform_Noreferrer();
}
}
+1
View File
@@ -204,6 +204,7 @@ class phpunit_util extends testing_util {
filter_manager::reset_caches();
// Reset internal users.
core_user::reset_internal_users();
core_user::reset_caches();
//TODO MDL-25290: add more resets here and probably refactor them to new core function
+5 -1
View File
@@ -40,9 +40,13 @@ class core_htmlpurifier_testcase extends basic_testcase {
* Verify _blank target is allowed.
*/
public function test_allow_blank_target() {
// See MDL-52651 for an explanation as to why the rel="noreferrer" attribute is expected here.
// Also note we do not need to test links with an existing rel attribute as the HTML Purifier is configured to remove
// the rel attribute.
$text = '<a href="http://moodle.org" target="_blank">Some link</a>';
$expected = '<a href="http://moodle.org" target="_blank" rel="noreferrer">Some link</a>';
$result = format_text($text, FORMAT_HTML);
$this->assertSame($text, $result);
$this->assertSame($expected, $result);
$result = format_text('<a href="http://moodle.org" target="some">Some link</a>', FORMAT_HTML);
$this->assertSame('<a href="http://moodle.org">Some link</a>', $result);
+25
View File
@@ -116,4 +116,29 @@ class core_user_testcase extends advanced_testcase {
// Assert that a user not in the db return false.
$this->assertFalse(core_user::get_user_by_username('janedoe'));
}
/**
* Test get_property_definition() method.
*/
public function test_get_property_definition() {
// Try to get a existing property.
$properties = core_user::get_property_definition('id');
$this->assertEquals($properties['type'], PARAM_INT);
$properties = core_user::get_property_definition('username');
$this->assertEquals($properties['type'], PARAM_USERNAME);
// Invalid property.
try {
core_user::get_property_definition('fullname');
} catch (coding_exception $e) {
$this->assertRegExp('/Invalid property requested./', $e->getMessage());
}
// Empty parameter.
try {
core_user::get_property_definition('');
} catch (coding_exception $e) {
$this->assertRegExp('/Invalid property requested./', $e->getMessage());
}
}
}
+8
View File
@@ -1,6 +1,14 @@
This files describes API changes in core libraries and APIs,
information provided here is intended especially for developers.
=== 2.7.13 ===
* The core_user::fill_properties_cache() static method has been introduced to be a reference
and allow standard user fields data validation. Right now only type validation is supported
checking it against the parameter (PARAM_*) type of the target user field. MDL-52781 is
going to add support to null/not null and choices validation, replacing the existing code to
validate the user fields in different places in a common way.
=== 2.7.10 ===
* In the html_editors (tinyMCE, Atto), the manage files button can be hidden by changing the 'enable_filemanagement' option to false.
+4 -1
View File
@@ -1671,7 +1671,7 @@ function purify_html($text, $options = array()) {
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.DefinitionID', 'moodlehtml');
$config->set('HTML.DefinitionRev', 2);
$config->set('HTML.DefinitionRev', 3);
$config->set('Cache.SerializerPath', $cachedir);
$config->set('Cache.SerializerPermissions', $CFG->directorypermissions);
$config->set('Core.NormalizeNewlines', false);
@@ -1709,6 +1709,9 @@ function purify_html($text, $options = array()) {
$def->addElement('algebra', 'Inline', 'Inline', array()); // Algebra syntax, equivalent to @@xx@@.
$def->addElement('lang', 'Block', 'Flow', array(), array('lang'=>'CDATA')); // Original multilang style - only our hacked lang attribute.
$def->addAttribute('span', 'xxxlang', 'CDATA'); // Current very problematic multilang.
// Use the custom Noreferrer module.
$def->manager->addModule(new HTMLPurifier_HTMLModule_Noreferrer());
}
$purifier = new HTMLPurifier($config);
+10 -3
View File
@@ -25,11 +25,18 @@
require_once(dirname(__FILE__) . '/../../config.php');
require_once($CFG->dirroot.'/mod/assign/adminlib.php');
$subtype = required_param('subtype', PARAM_PLUGIN);
$action = optional_param('action', null, PARAM_PLUGIN);
$plugin = optional_param('plugin', null, PARAM_PLUGIN);
if (!empty($plugin)) {
require_sesskey();
}
// Create the class for this controller.
$pluginmanager = new assign_plugin_manager(required_param('subtype', PARAM_PLUGIN));
$pluginmanager = new assign_plugin_manager($subtype);
$PAGE->set_context(context_system::instance());
// Execute the controller.
$pluginmanager->execute(optional_param('action', null, PARAM_PLUGIN),
optional_param('plugin', null, PARAM_PLUGIN));
$pluginmanager->execute($action, $plugin);
+6 -3
View File
@@ -1634,9 +1634,12 @@ class mod_assign_external extends external_api {
$notices = array();
$submissiondata = (object)$params['plugindata'];
$assignment->save_submission($submissiondata, $notices);
if (!$assignment->submissions_open($USER->id)) {
$notices[] = get_string('duedatereached', 'assign');
} else {
$submissiondata = (object)$params['plugindata'];
$assignment->save_submission($submissiondata, $notices);
}
$warnings = array();
foreach ($notices as $notice) {
+10
View File
@@ -903,6 +903,16 @@ class mod_assign_external_testcase extends externallib_advanced_testcase {
$this->assertEquals(0, count($result));
// Set up a due and cutoff passed date.
$instance->duedate = time() - WEEKSECS;
$instance->cutoffdate = time() - WEEKSECS;
$DB->update_record('assign', $instance);
$result = mod_assign_external::save_submission($instance->id, $submissionpluginparams);
$result = external_api::clean_returnvalue(mod_assign_external::save_submission_returns(), $result);
$this->assertCount(1, $result);
$this->assertEquals(get_string('duedatereached', 'assign'), $result[0]['item']);
}
/**
+2 -2
View File
@@ -68,7 +68,7 @@ class data_field_file extends data_field_base {
$html .= '<fieldset><legend><span class="accesshide">'.$this->field->name.'</span></legend>';
// itemid element
$html .= '<input type="hidden" name="field_'.$this->field->id.'_file" value="'.$itemid.'" />';
$html .= '<input type="hidden" name="field_'.$this->field->id.'_file" value="'.s($itemid).'" />';
$options = new stdClass();
$options->maxbytes = $this->field->param3;
@@ -92,7 +92,7 @@ class data_field_file extends data_field_base {
function display_search_field($value = '') {
return '<label class="accesshide" for="f_' . $this->field->id . '">' . $this->field->name . '</label>' .
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function generate_sql($tablealias, $value) {
+1 -1
View File
@@ -71,7 +71,7 @@ class data_field_number extends data_field_base {
function display_search_field($value = '') {
return '<label class="accesshide" for="f_'.$this->field->id.'">' . get_string('fieldname', 'data') . '</label>' .
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function parse_search_field() {
+2 -2
View File
@@ -93,7 +93,7 @@ class data_field_picture extends data_field_base {
$str .= $output->render($fm);
$str .= '<div class="mdl-left">';
$str .= '<input type="hidden" name="field_'.$this->field->id.'_file" value="'.$itemid.'" />';
$str .= '<input type="hidden" name="field_'.$this->field->id.'_file" value="'.s($itemid).'" />';
$str .= '<label for="field_'.$this->field->id.'_alttext">'.get_string('alttext','data') .'</label>&nbsp;<input type="text" name="field_'
.$this->field->id.'_alttext" id="field_'.$this->field->id.'_alttext" value="'.s($alttext).'" />';
$str .= '</div>';
@@ -123,7 +123,7 @@ class data_field_picture extends data_field_base {
function display_search_field($value = '') {
return '<label class="accesshide" for="f_'.$this->field->id.'">' . get_string('fieldname', 'data') . '</label>' .
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function parse_search_field() {
+1 -1
View File
@@ -27,7 +27,7 @@ class data_field_text extends data_field_base {
var $type = 'text';
function display_search_field($value = '') {
return '<label class="accesshide" for="f_' . $this->field->id . '">'. $this->field->name.'</label>' . '<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
return '<label class="accesshide" for="f_' . $this->field->id . '">'. $this->field->name.'</label>' . '<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function parse_search_field() {
+2 -2
View File
@@ -120,7 +120,7 @@ class data_field_textarea extends data_field_base {
$formats[$fid] = $strformats[$fid];
}
$editor->use_editor($field, $options, $fpoptions);
$str .= '<input type="hidden" name="'.$field.'_itemid" value="'.$draftitemid.'" />';
$str .= '<input type="hidden" name="'.$field.'_itemid" value="'.s($draftitemid).'" />';
$str .= '<div><textarea id="'.$field.'" name="'.$field.'" rows="'.$this->field->param3.'" cols="'.$this->field->param2.'" spellcheck="true">'.s($text).'</textarea></div>';
$str .= '<div><label class="accesshide" for="' . $field . '_content1">' . get_string('format') . '</label>';
$str .= '<select id="' . $field . '_content1" name="'.$field.'_content1">';
@@ -138,7 +138,7 @@ class data_field_textarea extends data_field_base {
function display_search_field($value = '') {
return '<label class="accesshide" for="f_' . $this->field->id . '">' . $this->field->name . '</label>' .
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function parse_search_field() {
+3 -2
View File
@@ -54,7 +54,7 @@ class data_field_url extends data_field_base {
$str .= '<table><tr><td align="right">';
$str .= get_string('url','data').':</td><td>';
$str .= '<label class="accesshide" for="' . $fieldid . '">'. $this->field->name .'</label>';
$str .= '<input type="text" name="field_'.$this->field->id.'_0" id="'.$fieldid.'" value="'.$url.'" size="60" />';
$str .= '<input type="text" name="field_'.$this->field->id.'_0" id="'.$fieldid.'" value="'.s($url).'" size="60" />';
$str .= '<button id="filepicker-button-'.$options->client_id.'" style="display:none">'.$straddlink.'</button></td></tr>';
$str .= '<tr><td align="right">'.get_string('text','data').':</td><td><input type="text" name="field_'.$this->field->id.'_1" id="field_'.$this->field->id.'_1" value="'.s($text).'" size="60" /></td></tr>';
$str .= '</table>';
@@ -79,7 +79,7 @@ class data_field_url extends data_field_base {
function display_search_field($value = '') {
return '<label class="accesshide" for="f_'.$this->field->id.'">' . get_string('fieldname', 'data') . '</label>' .
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.$value.'" />';
'<input type="text" size="16" id="f_'.$this->field->id.'" name="f_'.$this->field->id.'" value="'.s($value).'" />';
}
function parse_search_field() {
@@ -114,6 +114,7 @@ class data_field_url extends data_field_base {
if ($this->field->param3) {
// param3 defines whether this URL should open in a new window.
$attributes['target'] = '_blank';
$attributes['rel'] = 'noreferrer';
}
if (empty($text)) {
+2 -2
View File
@@ -1741,9 +1741,9 @@ function data_print_preference_form($data, $perpage, $search, $sort='', $order='
$fn = !empty($search_array[DATA_FIRSTNAME]->data) ? $search_array[DATA_FIRSTNAME]->data : '';
$ln = !empty($search_array[DATA_LASTNAME]->data) ? $search_array[DATA_LASTNAME]->data : '';
$patterns[] = '/##firstname##/';
$replacement[] = '<label class="accesshide" for="u_fn">'.get_string('authorfirstname', 'data').'</label><input type="text" size="16" id="u_fn" name="u_fn" value="'.$fn.'" />';
$replacement[] = '<label class="accesshide" for="u_fn">'.get_string('authorfirstname', 'data').'</label><input type="text" size="16" id="u_fn" name="u_fn" value="'.s($fn).'" />';
$patterns[] = '/##lastname##/';
$replacement[] = '<label class="accesshide" for="u_ln">'.get_string('authorlastname', 'data').'</label><input type="text" size="16" id="u_ln" name="u_ln" value="'.$ln.'" />';
$replacement[] = '<label class="accesshide" for="u_ln">'.get_string('authorlastname', 'data').'</label><input type="text" size="16" id="u_ln" name="u_ln" value="'.s($ln).'" />';
// actual replacement of the tags
$newtext = preg_replace($patterns, $replacement, $data->asearchtemplate);
-1
View File
@@ -652,7 +652,6 @@ if ($mode === MODE_USERDETAILS) { // Print simple listing.
$row->cells[1]->text .= get_string('role').get_string('labelsep', 'langconfig').$user->role.'<br />';
}
if ($user->maildisplay == 1 or ($user->maildisplay == 2 and ($course->id != SITEID) and !isguestuser()) or
has_capability('moodle/course:viewhiddenuserfields', $context) or
in_array('email', $extrafields) or ($user->id == $USER->id)) {
$row->cells[1]->text .= get_string('email').get_string('labelsep', 'langconfig').html_writer::link("mailto:$user->email", $user->email) . '<br />';
}
+2 -2
View File
@@ -29,11 +29,11 @@
defined('MOODLE_INTERNAL') || die();
$version = 2014051212.00; // 20140512 = branching date YYYYMMDD - do not modify!
$version = 2014051213.00; // 20140512 = branching date YYYYMMDD - do not modify!
// RR = release increments - 00 in DEV branches.
// .XX = incremental changes.
$release = '2.7.12 (Build: 20160111)'; // Human-friendly version name
$release = '2.7.13 (Build: 20160314)'; // Human-friendly version name
$branch = '27'; // This version's branch.
$maturity = MATURITY_STABLE; // This version's maturity level.