Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-23824

standardise CLI scripts - use the same logic as ajax

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0
    • Fix Version/s: 2.0
    • Component/s: Administration
    • Labels:
      None
    • Affected Branches:
      MOODLE_20_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE

      Description

      instead of setting up CLI_SCRIPT inside lib/setup.php and adding manual protection for direct page access, we should do the opposite - if somebody defines CLI_SCRIPT before the require 'config.php' we should automatically prevent access from web. We already use this logic for ajax scripts. The benefit is we can prevent cli access in normal scripts.

      The only potential problem is cron which is supposed to be used from both web and CLI, in the long term we should imo abstract the code and use admin/cli/cron.php for cli and keep separate script admin/cron.php for web access ... (in 2.1)

        Attachments

          Activity

            People

            Assignee:
            skodak Petr Skoda
            Reporter:
            skodak Petr Skoda
            Tester:
            Nobody
            Participants:
            Component watchers:
            Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              24/Nov/10