From e3ef7f2745685c4de04f9156f06618b4cc29fd2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Mudr=C3=A1k?= Date: Wed, 29 Nov 2017 21:18:55 +0100 Subject: [PATCH] MDL-36056 enrol_self: Do not allow enrol key with wrapping whitespace This is to avoid accidental misconfiguration while copy/pasting the enrolment key. --- enrol/self/lang/en/enrol_self.php | 1 + enrol/self/lib.php | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/enrol/self/lang/en/enrol_self.php b/enrol/self/lang/en/enrol_self.php index 5f4e5e1a39..948409331c 100644 --- a/enrol/self/lang/en/enrol_self.php +++ b/enrol/self/lang/en/enrol_self.php @@ -87,6 +87,7 @@ If an enrolment key is specified, any user attempting to enrol in the course wil $string['passwordinvalid'] = 'Incorrect enrolment key, please try again'; $string['passwordinvalidhint'] = 'That enrolment key was incorrect, please try again
(Here\'s a hint - it starts with \'{$a}\')'; +$string['passwordwhitespace'] = 'The enrolment key must not start or end with whitespace'; $string['pluginname'] = 'Self enrolment'; $string['pluginname_desc'] = 'The self enrolment plugin allows users to choose which courses they want to participate in. The courses may be protected by an enrolment key. Internally the enrolment is done via the manual enrolment plugin which has to be enabled in the same course.'; $string['requirepassword'] = 'Require enrolment key'; diff --git a/enrol/self/lib.php b/enrol/self/lib.php index 170da243e0..42997d4769 100644 --- a/enrol/self/lib.php +++ b/enrol/self/lib.php @@ -880,6 +880,10 @@ class enrol_self_plugin extends enrol_plugin { $errors['expirythreshold'] = get_string('errorthresholdlow', 'core_enrol'); } + if ($data['password'] !== trim($data['password'])) { + $errors['password'] = get_string('passwordwhitespace', 'enrol_self'); + } + // Now these ones are checked by quickforms, but we may be called by the upload enrolments tool, or a webservive. if (core_text::strlen($data['name']) > 255) { $errors['name'] = get_string('err_maxlength', 'form', 255); -- 2.13.6