Home
Documentation
Downloads
Demo
Tracker
Development
Translation
Moodle.net
Search
projects
/
moodle.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
91cbdda
)
MDL-60233 mod_assign: Avoid HTML in the item field of external warnings
author
Juan Leyva
<juanleyvadelgado@gmail.com>
Tue, 26 Sep 2017 09:43:46 +0000
(11:43 +0200)
committer
Juan Leyva
<juanleyvadelgado@gmail.com>
Tue, 26 Sep 2017 10:12:50 +0000
(12:12 +0200)
The item field is defined as PARAM_TEXT (no HTML tags allowed except
for multilang).
Using the s that add quotes to HTML characters we avoid potential Web
Services invalid parameters errors.
mod/assign/externallib.php
patch
|
blob
|
blame
|
history
diff --git
a/mod/assign/externallib.php
b/mod/assign/externallib.php
index
adb0a79
..
c4059c9
100644
(file)
--- a/
mod/assign/externallib.php
+++ b/
mod/assign/externallib.php
@@
-62,7
+62,7
@@
class mod_assign_external extends external_api {
$message = 'Unknown warning type.';
}
- return array('item'
=>$detail
,
+ return array('item'
=> s($detail)
,
'itemid'=>$assignmentid,
'warningcode'=>$warningcode,
'message'=>$message);