Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-16841

Mnet isn't work when the setting of mnet_dispatcher_mode is 'dangerous'.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.9.2
    • Fix Version/s: 2.0
    • Component/s: MNet
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE

      Description

      There is a bug in /mnet/xmlrpc/server.php line 504

      $includefile = $CFG->dirroot.'/'.$filename;

      I think

      $includefile = '/'.$filename;

      is true;

      First, $includefile is used in mnet_server_invoke_method line 506.
      Then $includefile is called at mnet_permit_rpc_call at line 691.

      The function, mnet_permit_rpc_call, is in /mnet/lib.php.

      In /mnet/lib.php line 414,

      The system checks whether there is the file you want to include or not.
      But, $CFG->dirroot is atatched again, here.

      So, if you want to call /filename, the system checks that whether $CFG->dirroot.$CFG->dirroot.'/filename' exists or not.(doubled!)

      Moodle isn't work when you access some function that isn't suported as normal function at setting mnet_dispather_mode='dangerous'.
      And it returns RPC_NOSUCHFILE error.

      Please check!

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                2 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  24/Nov/10