Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-32787

Server-side code does not check whether the required custom profile filed is filled or not

    Details

    • Testing Instructions:
      Hide
      1. Log in as admin
      2. Add a custom (text input) user profile field (settings -> Site administration -> Users -> User profile fields).
      3. Set "Is this field required?" to yes
      4. Go to edit profile (settings -> My profile settings -> Edit profile)
      5. Make sure "custom text input" field is required field and you can't save form with empty value.
      Show
      Log in as admin Add a custom (text input) user profile field (settings -> Site administration -> Users -> User profile fields). Set "Is this field required?" to yes Go to edit profile (settings -> My profile settings -> Edit profile) Make sure "custom text input" field is required field and you can't save form with empty value.
    • Workaround:
      Hide

      Add these lines to function profile_field_base::edit_validate_field before return $errors to perform check

      if ($this->is_required() && strlen($usernew->{$this->inputname}) == 0) {
        $errors[$this->inputname] = get_string('fieldrequired', 'error', $this->field->name);
      }

      Remove check for moodle/user:update capability in function profile_field_base::edit_field_set_required to show admin user requirement of the field

      // if ($this->is_required() and !has_capability('moodle/user:update', get_context_instance(CONTEXT_SYSTEM))) {
      if ($this->is_required()) {
        $mform->addRule($this->inputname, get_string('required'), 'required', null, 'client');
      }

      Show
      Add these lines to function profile_field_base::edit_validate_field before return $errors to perform check if ($this->is_required() && strlen($usernew->{$this->inputname}) == 0) { $errors[$this->inputname] = get_string('fieldrequired', 'error', $this->field->name); } Remove check for moodle/user:update capability in function profile_field_base::edit_field_set_required to show admin user requirement of the field // if ($this->is_required() and !has_capability('moodle/user:update', get_context_instance(CONTEXT_SYSTEM))) { if ($this->is_required()) { $mform->addRule($this->inputname, get_string('required'), 'required', null, 'client'); }
    • Affected Branches:
      MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE
    • Pull Master Branch:
      wip-mdl-32787

      Description

      There is only check for uniqueness of data in function profile_field_base::edit_validate_field

      Also required custom profile field is marked as required only for users, that has no moodle/user:update capability in system context. For example these fields are not required for admin.

      If the required field is empty the program must point the user at the mistake.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  9/Jul/12