[#MDL-18561] Too string filtering in feedback form return smashes - Moodle Tracker

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: 1.9.4
Fix Version/s: None
Component/s: Feedback
Labels:
None

Affected Branches:
MOODLE_19_STABLE

Description

Ligne §176 of complete.php shows

$post = clean_param($_POST, PARAM_ALPHANUM);

which is far too strict for long text inputs. Smashes the free text removing spaces and twicking all UTF8 accentuated chars.

should be PARAM_TEXT.

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Andreas Grabs added a comment - 14/Mar/09 6:46 AM

Hi Valery,

I'm sorry, but I can't find such line . Can you check, what version of the feedback do you use?

Andreas

Show

Andreas Grabs added a comment - 14/Mar/09 6:46 AM Hi Valery, I'm sorry, but I can't find such line

. Can you check, what version of the feedback do you use? Andreas

Hide

Permalink

Valery Fremaux added a comment - 14/Mar/09 7:49 AM

Hi Andreas, was suspecting something like that :

$module->version = 2008050111;

I update my MOODLE_STABLE_19... and check.

Show

Valery Fremaux added a comment - 14/Mar/09 7:49 AM Hi Andreas, was suspecting something like that : $module->version = 2008050111; I update my MOODLE_STABLE_19... and check.

Hide

Permalink

Michael de Raadt added a comment - 05/Jan/12 1:48 PM

Thanks for reporting this issue.

We have detected that this issue has been inactive for over a year has been recorded as affecting versions that are no longer supported.

If you believe that this issue is still relevant to current versions (2.1 and beyond), please comment on the issue. Issues left inactive for a further month will be closed.

Michael d;

lqjjLKA0p6

Show

Michael de Raadt added a comment - 05/Jan/12 1:48 PM Thanks for reporting this issue. We have detected that this issue has been inactive for over a year has been recorded as affecting versions that are no longer supported. If you believe that this issue is still relevant to current versions (2.1 and beyond), please comment on the issue. Issues left inactive for a further month will be closed. Michael d; lqjjLKA0p6

Hide

Permalink

Michael de Raadt added a comment - 06/Feb/12 4:33 PM

I'm closing this issue as it appears to have become inactive and is probably not relevant to a current supported version. If you are encountering this problem or one similar, please launch a new issue.

Show

Michael de Raadt added a comment - 06/Feb/12 4:33 PM I'm closing this issue as it appears to have become inactive and is probably not relevant to a current supported version. If you are encountering this problem or one similar, please launch a new issue.

People

Assignee:

Andreas Grabs

Reporter:

Valery Fremaux

Participants:

Andreas Grabs, Michael de Raadt, Valery Fremaux

Vote (0)

Watch (0)

Dates

Created:

14/Mar/09 6:17 AM

Updated:

06/Feb/12 4:33 PM

Resolved:

06/Feb/12 4:33 PM