Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-20812 Wiki 2.0 for Moodle - META
  3. MDL-23137

require_course_login() used incorrectly in mod/wiki

    XMLWordPrintable

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0
    • 2.0
    • Wiki (2.x)
    • None
    • MOODLE_20_STABLE
    • MOODLE_20_STABLE

    Description

      require_course_login() is designed for resources that should be accessible on the frontpage without login BUT those are not pages that allow you to modify something. Luckily it is not a huge security problem in 2.0 anymore because we are forcing readonly access for guest account and not logged in users.

      Anyway please keep the require_course_login() on pages like view.php history.php (reading) and switch to normal require_login() in edit.php, comments.php, etc. (writing).

      Attachments

        Activity

          People

            pigui Jordi Piguillem Poch
            skodak Petr Skoda
            Nobody Nobody
            Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Laurent David, Sara Arjona (@sarjona)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              24/Nov/10