Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68068

Replace $_SESSION to $SESSION in lib/h5p

XMLWordPrintable

    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_38_STABLE
    • MDL-68068-master
    • Hide

      Setup

      1. Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine.
      2. Install a clean Moodle site.
      3. Access as an admin user.
      4. Place the script attached in the issue named testh5psession.php in the local folder of your installation.

      Test

      1. Log in as an admin.
      2. Go to http://MOODLESITE/local/testh5psession.php
      3. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code. 
      4. Go to http://MOODLESITE/local/testh5psession.php in a new tab.
      5. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.
      Show
      Setup Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine. Install a clean Moodle site. Access as an admin user. Place the script attached in the issue named testh5psession.php in the local folder of your installation. Test Log in as an admin. Go to http://MOODLESITE/local/testh5psession.php Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code.  Go to  http://MOODLESITE/local/testh5psession.php  in a new tab. Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.

      The third-party library H5P has some references to $_SESSION instead of Moodle's $SESSION. That implies that the information is not saved to backends and other issues, so only the Moodle one should be used by core (core should be free from $_SESSION and always use $SESSION.).

            cescobedo Carlos Escobedo
            sarjona Sara Arjona (@sarjona)
            Sara Arjona (@sarjona) Sara Arjona (@sarjona)
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Anna Carissa Sadia Anna Carissa Sadia
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 6 hours, 41 minutes
                6h 41m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.