mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-03-14 12:40:01 +01:00
Code Issues Projects Releases Wiki Activity

MDL-20639 fixed mnet security trouble - credit goes to Adrian Schlegel

Browse Source
This commit is contained in:
Petr Skoda 2009-11-17 17:32:17 +00:00
parent 99fd6ddec3
commit 3f226cc99f
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
mnet/lib.php
View File

@ -473,9 +473,10 @@ function mnet_permit_rpc_call($includefile, $functionname, $class=false) {
h2s.hostid in ($id_list) AND
h2s.publish = '1'";
$params = array("$callprefix/$functionname");
$permissionobj = $DB->record_exists_sql($sql, $params);
if ($permissionobj === false && 'dangerous' != $CFG->mnet_dispatcher_mode) {
$permission = $DB->count_records_sql($sql, $params);
if (!$permission && 'dangerous' != $CFG->mnet_dispatcher_mode) {
return RPC_FORBIDDENMETHOD;
}