Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0
    • Fix Version/s: 2.0
    • Component/s: Filters
    • Labels:
      None
    • Affected Branches:
      MOODLE_20_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE

      Description

      1) OOP formats, making them pluggable (this is apart but could be good idea for 2.0)
      2) OOP filters
      3) Allow each filter to alter the md5key generated, via filter method. filter->hash() will return a unique string, the results for this could be something like, in this example: "censor:seecensoredwords" for users having the capability, or: "censor:" for the rest. Note that adding this info to the hash sounds nice because it automatically invalidates records when filters are changed, and that isn't happening right now.
      4) Make the rest of format_text() and format_string() to work as now, but using that "custom" $md5key that contains all the particularities of the text being formatted.

      This improvement will help fix this bug:
      > Students at our school figured out they could swear if they put the word within a hyperlink - e.g.
      > <a href='#'>SwearWord</a>

        Gliffy Diagrams

        1. filter2.patch
          52 kB
          Dongsheng Cai
        2. MDL-14582_filter_plugins.patch
          61 kB
          Dongsheng Cai
        3. MDL-14582_filters.patch
          51 kB
          Dongsheng Cai
        4. MDL-14582_lib.patch
          5 kB
          Dongsheng Cai
        5. MDL-14582_weblib_filterlib.patch
          6 kB
          Dongsheng Cai
        6. Moodle Censorship Filter Modification.pdf
          87 kB
          guy thomas

          Issue Links

            Activity

            guy thomas created issue -
            Dongsheng Cai made changes -
            Field Original Value New Value
            Parent MDL-14610 [ 26179 ]
            Issue Type Bug [ 1 ] Sub-task [ 5 ]
            Dongsheng Cai made changes -
            Attachment filter.patch [ 13804 ]
            Dongsheng Cai made changes -
            Assignee Nobody [ nobody ] Dongsheng Cai [ dongsheng ]
            Eloy Lafuente (stronk7) made changes -
            Affects Version/s 1.6.1 [ 10118 ]
            Affects Version/s 1.6.2 [ 10119 ]
            Affects Version/s 1.6.3 [ 10140 ]
            Affects Version/s 1.6.4 [ 10150 ]
            Affects Version/s 1.7.1 [ 10151 ]
            Affects Version/s 1.7.2 [ 10174 ]
            Affects Version/s 1.6.5 [ 10210 ]
            Affects Version/s 1.6.6 [ 10211 ]
            Affects Version/s 1.7.3 [ 10212 ]
            Affects Version/s 1.8.1 [ 10213 ]
            Affects Version/s 1.8.2 [ 10220 ]
            Affects Version/s 1.8.3 [ 10230 ]
            Affects Version/s 1.8.4 [ 10242 ]
            Affects Version/s 1.7.4 [ 10243 ]
            Affects Version/s 1.8.5 [ 10252 ]
            Martin Dougiamas made changes -
            Parent MDL-14610 [ 26179 ]
            Issue Type Sub-task [ 5 ] Bug [ 1 ]
            Dongsheng Cai made changes -
            Status Open [ 1 ] Resolved [ 5 ]
            Resolution Won't Fix [ 2 ]
            Dongsheng Cai made changes -
            Resolution Won't Fix [ 2 ]
            Status Resolved [ 5 ] Reopened [ 4 ]
            Martin Dougiamas made changes -
            Component/s Filters [ 10077 ]
            Component/s Chat [ 10053 ]
            Martin Dougiamas made changes -
            Fix Version/s 2.0 [ 10122 ]
            Dongsheng Cai made changes -
            Status Reopened [ 4 ] In Progress [ 3 ]
            Dongsheng Cai made changes -
            Attachment censor.diff [ 14060 ]
            Dongsheng Cai made changes -
            Attachment censor2.diff [ 14070 ]
            Dongsheng Cai made changes -
            Attachment censor.diff [ 14060 ]
            Dongsheng Cai made changes -
            Attachment censor2.diff [ 14070 ]
            Dongsheng Cai made changes -
            Attachment censor.diff [ 14081 ]
            Dongsheng Cai made changes -
            Attachment censor.diff [ 14081 ]
            Dongsheng Cai made changes -
            Attachment filter.patch [ 13804 ]
            Dongsheng Cai made changes -
            Attachment filters.diff [ 14102 ]
            Dongsheng Cai made changes -
            Attachment dofilter.diff [ 14103 ]
            Dongsheng Cai made changes -
            Summary Censorship filter can be bypassed by enclosing swears in hyperlink OOP Censorship filter
            QA Assignee stronk7
            Affects Version/s 2.0 [ 10122 ]
            Affects Version/s 1.6 [ 10110 ]
            Affects Version/s 1.7 [ 10120 ]
            Affects Version/s 1.8 [ 10130 ]
            Affects Version/s 1.9 [ 10190 ]
            Description Students at our school figured out they could swear if they put the word within a hyperlink - e.g.

            <a href='#'>SwearWord</a>

            I've fixed this and also improved the censorship title so that only admin's can see what the original word was.
            Currently the word is blacked out but if you hover over it you can see the swear.
            With my mod, hovering over the blacked out swear will show 'censored!' unless you are an admin user.

            Obviously, this could be further improved to work from a capability rather than just a legacy check for isadmin()
            1) OOP formats, making them pluggable (this is apart but could be good idea for 2.0)
            2) OOP filters
            3) Allow each filter to alter the md5key generated, via filter method. filter->hash() will return a unique string, the results for this could be something like, in this example: "censor:seecensoredwords" for users having the capability, or: "censor:" for the rest. Note that adding this info to the hash sounds nice because it automatically invalidates records when filters are changed, and that isn't happening right now.
            4) Make the rest of format_text() and format_string() to work as now, but using that "custom" $md5key that contains all the particularities of the text being formatted.

            This improvement will help fix this bug:
            > Students at our school figured out they could swear if they put the word within a hyperlink - e.g.
            > <a href='#'>SwearWord</a>
            Dongsheng Cai made changes -
            Attachment MDL-14582_filters.patch [ 14257 ]
            Dongsheng Cai made changes -
            Attachment dofilter.diff [ 14103 ]
            Dongsheng Cai made changes -
            Attachment filters.diff [ 14102 ]
            Dongsheng Cai made changes -
            Attachment MDL-14582_lib.patch [ 14258 ]
            Martin Dougiamas made changes -
            Link This issue has a non-specific relationship to MDL-15555 [ MDL-15555 ]
            Martin Dougiamas made changes -
            Summary OOP Censorship filter Filters 2.0
            Martin Dougiamas made changes -
            Priority Minor [ 4 ] Major [ 3 ]
            Dongsheng Cai made changes -
            Attachment MDL-14582_weblib_filterlib.patch [ 15852 ]
            Attachment MDL-14582_filter_plugins.patch [ 15853 ]
            Dongsheng Cai made changes -
            Attachment filter2.patch [ 15883 ]
            Dongsheng Cai made changes -
            Status In Progress [ 3 ] Open [ 1 ]
            Dongsheng Cai made changes -
            Status Open [ 1 ] Resolved [ 5 ]
            Resolution Fixed [ 1 ]
            Martin Dougiamas made changes -
            Status Resolved [ 5 ] Closed [ 6 ]
            Martin Dougiamas made changes -
            Workflow jira [ 26144 ] MDL Workflow [ 59592 ]
            Martin Dougiamas made changes -
            Workflow MDL Workflow [ 59592 ] MDL Full Workflow [ 88747 ]

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: