Uploaded image for project: 'Plugins'
  1. Plugins
  2. CONTRIB-6065

Domoscio: SESSION abuse in doquiz.php

    XMLWordPrintable

    Details

    • Affected Branches:
      MOODLE_30_STABLE
    • Fixed Branches:
      MOODLE_27_STABLE, MOODLE_28_STABLE, MOODLE_29_STABLE, MOODLE_30_STABLE

      Description

      I am little bit worried about the code like

      if ($solo == 'true') {
          $SESSION->todo = null;
      }
      if ($t) {
          $SESSION->start = $t;
      }
      if ($first == 1) {
          $SESSION->todo = $SESSION->no_history;
      }
      

      If you really need to use $SESSION (the MUC might be cleaner), let me suggest to properly namespace all your session variables in a common object, like $SESSION->mod_domoscio->foobar

      Please avoid non-english inline comments (taky by se vám nelíbilo, kdybych vám psal komentáře jako je tento to help others to understand your code.

      Finally, things like this are valid in PHP, yet it does not mean they help to understand your intention:

      $solo = optional_param('solo', false, PARAM_INT); // Si test unitaire
      if ($solo == 'true') {
         ...
      }
      

      Note you declare the parameter as integer, set boolean false as its default value and finally compare it with a string. Please do not do such things, it hurts

        Attachments

          Activity

            People

            Assignee:
            domoscio Benoit Praly
            Reporter:
            mudrd8mz David Mudrák (@mudrd8mz)
            Participants:
            Component watchers:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              16/Nov/15