Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-43395

get_records*_sql silently converts invalid limit param to integer

    XMLWordPrintable

    Details

    • Story Points:
      13
    • Sprint:
      BACKEND Sprint 8

      Description

      The parameters for get_records are:

      get_records($table, array $conditions=null, $sort='', $fields='*', $limitfrom=0, $limitnum=0)
      

      The parameters for get_records_sql are:

      get_records_sql($sql, array $params=null, $limitfrom=0, $limitnum=0);
      

      Note that if you are a silly developer like Dan, you might accidentally pass a sort to $limitfrom.

      In that case, Moodle silently converts the string to an int without warning the developer. I propose to add a debugdeveloper warning for this.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              poltawski Dan Poltawski
              Reporter:
              poltawski Dan Poltawski
              Peer reviewer:
              Tim Hunt
              Integrator:
              Eloy Lafuente (stronk7)
              Tester:
              Michael de Raadt
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                12/May/14