[#MDL-15603] an array of 'choosecoursefile' elements returns no value (with a solution) - Moodle Tracker

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.0
Fix Version/s: None
Component/s: Forms Library
Labels:
None

Affected Branches:
MOODLE_20_STABLE

Description

The problem :

when i used several 'choosecoursefile' element with an array of it, the return key of the value is for example :
file[0]
file[1]

and not an array of file.

The solution :
The problem is in the 'MoodleQuickForm_choosecoursefile' class with the function 'exportValue' (file : \lib\form\choosecoursefile.php).

The original code is :
#
function exportValue(&$submitValues, $assoc = false)

{ $value = null; $valuearray = $this->_elements[0]->exportValue($submitValues[$this->getName()], true); $value[$this->getName()]=$valuearray['value']; return $value; }

I proposed this modification wich works fine
#
function exportValue(&$submitValues, $assoc = false)
{
$value = null;
$valuearray = $this->_elements[0]->exportValue($submitValues[$this->getName()], true);

$name = $this->getName();
if (!strpos($name, '[')) { $value[$this->getName()]=$valuearray['value']; return $value; } else { $valueAry = array(); $myIndex = "['" . str_replace(array(']', '['), array('', "']['"), $name) . "']"; eval("\$valueAry$myIndex = \$valuearray['value'];"); return $valueAry; }
}
#

More Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Download All

Attachments

choosecoursefile.php.patch

11/Jul/08 9:38 PM

1.0 kB

Matthieu Nué

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Jamie Pratt added a comment - 11/Jul/08 12:09 PM

We would have to consider this very carefully. Haven't looked in detail at the code yet but I don't think we need to use eval here do we? This could be a potential security hole. Better not to use eval even if the data is not coming from the user / browser IMHO.

Show

Jamie Pratt added a comment - 11/Jul/08 12:09 PM We would have to consider this very carefully. Haven't looked in detail at the code yet but I don't think we need to use eval here do we? This could be a potential security hole. Better not to use eval even if the data is not coming from the user / browser IMHO.

Hide

Permalink

Matthieu Nué added a comment - 11/Jul/08 5:31 PM

I have taken for example the "exportValue" and "_prepareValue" of the HTML_QuickForm_element class (in "lib\pear\HTML\QuickForm\element.php" file) which use eval.

Show

Matthieu Nué added a comment - 11/Jul/08 5:31 PM I have taken for example the "exportValue" and "_prepareValue" of the HTML_QuickForm_element class (in "lib\pear\HTML\QuickForm\element.php" file) which use eval.

Hide

Permalink

Matthieu Nué added a comment - 12/Jul/08 5:59 AM - edited

After reading the 'Guidelines for contributed code', i have put this issue in "Add a project here" of the "contrib" project.
Excuse me for my ignorance.
Perhaps, someone can delete this one.

Amitiés

Matthieu

Show

Matthieu Nué added a comment - 12/Jul/08 5:59 AM - edited After reading the 'Guidelines for contributed code', i have put this issue in "Add a project here" of the "contrib" project. Excuse me for my ignorance. Perhaps, someone can delete this one. Amitiés Matthieu

People

Assignee:

Jamie Pratt

Reporter:

Matthieu Nué

Participants:

Jamie Pratt, Matthieu Nué

Vote (0)

Watch (1)

Dates

Created:

10/Jul/08 8:55 PM

Updated:

12/Jul/08 5:59 AM