Moodle

bulk user operations cleanup/fixes

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Critical Critical
  • Resolution: Fixed
  • Affects Version/s: 1.9
  • Fix Version/s: 1.9
  • Component/s: Administration
  • Labels:
    None
  • Affected Branches:
    MOODLE_19_STABLE
  • Fixed Branches:
    MOODLE_19_STABLE

Description

There are several problems:
1/ unitialized arrays - XSS
2/ bad sql syntax - wrong quotes used in filters
3/ incorrect use of formslib - not nice at all, very fragile and hackish
4/ user filters ORed, should be ANDed - we can simulate OR by select all + clearing the filters, we can not do AND filters now
5/ localization unfinished and problematic
6/ hardcoded guest user id
7/ some more...

Solution:

  • split the forms
  • move the data processing logic from forms
  • general cleanup

Issue Links

This issue will help resolve:
MDL-11424 mform1 form has no properties in moodle19/admin/user/user_bulk.php Minor Open
MDL-11755 hard coded lang strings in user_bulk.php Minor Closed
This issue is duplicated by:
MDL-21983 No means to identify users who accessed the site between given date range Major Closed
This issue has been marked as being related by:
MDL-10464 Allow administrators dowloading all users to a file Minor Closed
MDL-3982 Searching by username Minor Closed

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Petr Škoda (skodak) added a comment -

sending fresh patch - should be ready for commit

Show
Petr Škoda (skodak) added a comment - sending fresh patch - should be ready for commit
Hide
Permalink
Petr Škoda (skodak) added a comment -

fixed in cvs

Show
Petr Škoda (skodak) added a comment - fixed in cvs

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.