MDL-30400 lti: Fixing warning in OAuthBodyPost
authorChris Scribner <scriby@gmail.com>
Mon, 28 Nov 2011 19:00:52 +0000 (14:00 -0500)
committerEloy Lafuente (stronk7) <stronk7@moodle.org>
Tue, 29 Nov 2011 14:42:43 +0000 (15:42 +0100)
This would have only shown up if the tool provider didn't set the
content-type header, which I don't think is valid to begin with.

(amended by integrator to follow coding style rules)

mod/lti/OAuthBody.php

index e5920d5..428099b 100644 (file)
@@ -83,8 +83,10 @@ function handleOAuthBodyPOST($oauth_consumer_key, $oauth_consumer_secret, $body,
     }
 
     // Must reject application/x-www-form-urlencoded
-    if ($request_headers['Content-type'] == 'application/x-www-form-urlencoded' ) {
-        throw new Exception("OAuth request body signing must not use application/x-www-form-urlencoded");
+    if (isset($request_headers['Content-type'])) {
+        if ($request_headers['Content-type'] == 'application/x-www-form-urlencoded' ) {
+            throw new Exception("OAuth request body signing must not use application/x-www-form-urlencoded");
+        }
     }
 
     if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {