Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68068

Replace $_SESSION to $SESSION in lib/h5p

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 3.8, 3.9
    • 3.8.3
    • H5P
    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_38_STABLE
    • MDL-68068-master
    • Hide

      Setup

      1. Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine.
      2. Install a clean Moodle site.
      3. Access as an admin user.
      4. Place the script attached in the issue named testh5psession.php in the local folder of your installation.

      Test

      1. Log in as an admin.
      2. Go to http://MOODLESITE/local/testh5psession.php
      3. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code. 
      4. Go to http://MOODLESITE/local/testh5psession.php in a new tab.
      5. Expected Result: Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.
      Show
      Setup Please, you have to do this test BEFORE the PATCH and AFTER THE PATCH to validate that works fine. Install a clean Moodle site. Access as an admin user. Place the script attached in the issue named testh5psession.php in the local folder of your installation. Test Log in as an admin. Go to http://MOODLESITE/local/testh5psession.php Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' Where TOKENVALUE will be an alphanumeric code.  Go to  http://MOODLESITE/local/testh5psession.php  in a new tab. Expected Result : Confirm you could see this message in the browser 'H5P Test refactor $_SESSION to $SESSION: Valid security token: TOKENVALUE' And the TOKENVALUE will be the same in step 3.

    Description

      The third-party library H5P has some references to $_SESSION instead of Moodle's $SESSION. That implies that the information is not saved to backends and other issues, so only the Moodle one should be used by core (core should be free from $_SESSION and always use $SESSION.).

      Attachments

        Issue Links

          Activity

            People

              cescobedo Carlos Escobedo
              sarjona Sara Arjona (@sarjona)
              Sara Arjona (@sarjona) Sara Arjona (@sarjona)
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Anna Carissa Sadia Anna Carissa Sadia
              Amaia Anabitarte, Carlos Escobedo, Laurent David, Mikel Martín Corrales, Sabina Abellan, Sara Arjona (@sarjona)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                11/May/20

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 6 hours, 41 minutes
                  6h 41m