Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-27653

Incorrect $user check in is_enrolled() function

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0
    • Fix Version/s: 2.0.4, 2.1.1
    • Component/s: Libraries
    • Labels:

      Description

      This happened to me on a most recent Moodle 2.0.3+ site. I clicked the reply link in e-mail:
      http://lang.moodle.org/mod/forum/post.php?reply=722

      Instead of being offered the page "Sorry, guests are not allowed to post.", the following exception was thrown:

      PHP catchable fatal error
      Debug info: Object of class stdClass could not be converted to string
      Stack trace:
       
          * line 359 of /lib/setuplib.php: coding_exception thrown
          * line ? of unknownfile: call to default_error_handler()
          * line 636 of /lib/dml/pgsql_native_moodle_database.php: call to pg_query_params()
          * line 1562 of /lib/dml/moodle_database.php: call to pgsql_native_moodle_database->get_recordset_sql()
          * line 2967 of /lib/accesslib.php: call to moodle_database->record_exists_sql()
          * line 7636 of /mod/forum/lib.php: call to is_enrolled()
          * line 3209 of /lib/navigationlib.php: call to forum_extend_settings_navigation()
          * line 2617 of /lib/navigationlib.php: call to settings_navigation->load_module_settings()
          * line 583 of /lib/pagelib.php: call to settings_navigation->initialise()
          * line 599 of /lib/pagelib.php: call to moodle_page->magic_get_settingsnav()
          * line 2430 of /lib/navigationlib.php: call to moodle_page->__get()
          * line 2395 of /lib/outputrenderers.php: call to navbar->get_items()
          * line 65 of /theme/moodleofficial/layout/general.php: call to core_renderer->navbar()
          * line 650 of /lib/outputrenderers.php: call to include()
          * line 608 of /lib/outputrenderers.php: call to core_renderer->render_page_layout()
          * line ? of unknownfile: call to core_renderer->header()
          * line 1245 of /lib/setuplib.php: call to call_user_func_array()
          * line ? of unknownfile: call to bootstrap_renderer->__call()
          * line 91 of /mod/forum/post.php: call to bootstrap_renderer->header()

      Unfortunately I am not able to reproduce it any more, getting correct redirect to the login offer page now. Anyway, I tracked down the issue and I believe there is a mistake in is_enrolled() function. At the top of it, the parameter $user is checked to realize whether it is integer or object. In my situation, a global $USER with $USER->id = 0 was somehow passed (anonymous user). In this case, the $userid is evaluated into the passed $USER object instead of its id. The following code demonstrates it:

      function test_is_enrolled($user = null) {
          global $USER;
       
          // make sure there is a real user specified
          if ($user === null) {
              $userid = !empty($USER->id) ? $USER->id : 0;
          } else {
              $userid = !empty($user->id) ? $user->id : $user;
          }
       
          var_dump($userid);
      }
       
      $USER = (object)array('id' => 0);
      $usr = (object)array('id' => 2);
       
      test_is_enrolled();
      test_is_enrolled(0);
      test_is_enrolled(1);
      test_is_enrolled($usr);
      test_is_enrolled($USER);

      This test code outputs:

      int(0)
      int(0)
      int(1)
      int(2)
      object(stdClass)#1 (1) {
        ["id"]=>
        int(0)
      }

      As you can see, the last case when $USER with $USER->id set to integer 0 is not evaluated correctly.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                1/Aug/11