From f011a8fb57af659c622b634953361809c90dd838 Mon Sep 17 00:00:00 2001
From: Petr Skoda <skodak@moodle.org>
Date: Wed, 13 Oct 2010 17:19:17 +0000
Subject: [PATCH 1/1] MDL-24647 fixed mod/data approval file access check +
 fixed security issue + improved coding style

---
 mod/data/lib.php | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/mod/data/lib.php b/mod/data/lib.php
index 90e835de1a4..752f5b1a9ff 100755
--- a/mod/data/lib.php
+++ b/mod/data/lib.php
@@ -2736,12 +2736,6 @@ function data_pluginfile($course, $cm, $context, $filearea, $args, $forcedownloa
     if ($filearea === 'content') {
         $contentid = (int)array_shift($args);
 
-        if (!$cm = get_coursemodule_from_instance('data', $cm->instance, $course->id)) {
-            return false;
-        }
-
-        require_course_login($course, true, $cm);
-
         if (!$content = $DB->get_record('data_content', array('id'=>$contentid))) {
             return false;
         }
@@ -2758,8 +2752,13 @@ function data_pluginfile($course, $cm, $context, $filearea, $args, $forcedownloa
             return false;
         }
 
+        if ($data->id != $cm->instance) {
+            // hacker attempt - context does not match the contentid
+            return false;
+        }
+
         //check if approved
-        if (!$record->approved and !data_isowner($record) and !has_capability('mod/data:approve', $context)) {
+        if ($data->approval and !$record->approved and !data_isowner($record) and !has_capability('mod/data:approve', $context)) {
             return false;
         }
 
-- 
2.17.1