Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68068

Replace $_SESSION to $SESSION in lib/h5p

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.8, 3.9
    • Fix Version/s: 3.8.3
    • Component/s: H5P
    • Testing Instructions:
      Hide

      Setup

      1. Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine.
      2. Install a clean Moodle site.
      3. Access as an admin user.
      4. Place the script attached in the issue named testh5psession.php in the local folder of your installation.

      Test

      1. Log in as an admin.
      2. Go to http://MOODLESITE/local/testh5psession.php
      3. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code. 
      4. Go to http://MOODLESITE/local/testh5psession.php in a new tab.
      5. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.
      Show
      Setup Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine. Install a clean Moodle site. Access as an admin user. Place the script attached in the issue named testh5psession.php in the local folder of your installation. Test Log in as an admin. Go to http://MOODLESITE/local/testh5psession.php Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code.  Go to  http://MOODLESITE/local/testh5psession.php  in a new tab. Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.
    • Affected Branches:
      MOODLE_38_STABLE, MOODLE_39_STABLE
    • Fixed Branches:
      MOODLE_38_STABLE
    • Pull Master Branch:
      MDL-68068-master

      Description

      The third-party library H5P has some references to $_SESSION instead of Moodle's $SESSION. That implies that the information is not saved to backends and other issues, so only the Moodle one should be used by core (core should be free from $_SESSION and always use $SESSION.).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cescobedo Carlos Escobedo
              Reporter:
              sarjona Sara Arjona (@sarjona)
              Peer reviewer:
              Sara Arjona (@sarjona) Sara Arjona (@sarjona)
              Integrator:
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Tester:
              Anna Carissa Sadia Anna Carissa Sadia
              Participants:
              Component watchers:
              Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Sara Arjona (@sarjona)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                11/May/20

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 6 hours, 41 minutes
                  6h 41m