Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-17931

unable to remove a Moodle Network RPC call if description contains an apostrophe

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.9.3
    • Fix Version/s: 1.9.8
    • Component/s: MNet
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_19_STABLE

      Description

      If I create a custom Moodle Network RPC call, whose description includes an apostrophe, and then remove the call, it fails when trying to remove the record from the database, since it does not properly escape the "help" field:

      You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's roles from the Moodle system context.',profile = 'a:2:{i:0;a:2:{s:4:"type";s:5' at line 1

      UPDATE mdl_mnet_rpc SET function_name = 'user_get_roles',xmlrpc_path = 'mod/elis/rpclib.php/user_get_roles',parent_type = 'mod',parent = 'elis',enabled = '0',help = 'Returns a user's roles from the Moodle system context.',profile = 'a:2:{i:0;a:2:

      {s:4:"type";s:5:"array";s:11:"description";s:18:"of role shortnames";}

      i:1;s:8:"username";}' WHERE id = 15

      • line 1704 of lib/dmllib.php: call to debugging()
      • line 67 of admin/mnet/adminlib.php: call to update_record()
      • line 145 of admin/mnet/adminlib.php: call to mnet_get_functions()
      • line 466 of admin/index.php: call to upgrade_RPC_functions()

      A possible fix is to edit line 60 and following of admin/mnet/adminlib.php to:
      // Disable functions that don't exist (any more) in the source
      // Should these be deleted? What about their permissions records?
      $rpcrecords = get_records_select('mnet_rpc', ' parent=\''.$parentname.'\' AND parent_type=\''.$type.'\' ', 'function_name ASC ');
      if (!empty($rpcrecords)) {
      foreach($rpcrecords as $rpc) {
      if (!array_key_exists($rpc->function_name, $methodServiceArray))

      { $rec = new stdClass; $rec->id = $rpc->id; $rec->enabled = 0; update_record('mnet_rpc', $rec); }

      }
      }

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mjollnir Penny Leach
                  Reporter:
                  hchathi Hubert Chathi
                  Participants:
                  Component watchers:
                  David Mudrák, Sara Arjona
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    25/Mar/10