From 68d646f3ebba9ef4554277dd82643b2011dc744c Mon Sep 17 00:00:00 2001 From: Dan Poltawski Date: Wed, 27 Mar 2013 16:07:44 +0800 Subject: [PATCH 1/3] MDL-38710 assign: fix missing setType calls --- mod/assign/extensionform.php | 4 ++++ mod/assign/feedback/file/batchuploadfilesform.php | 7 +++++++ mod/assign/feedback/file/importzipform.php | 6 ++++++ mod/assign/feedback/file/uploadzipform.php | 5 +++++ mod/assign/feedback/offline/importgradesform.php | 9 +++++++++ mod/assign/feedback/offline/uploadgradesform.php | 5 +++++ mod/assign/gradingbatchoperationsform.php | 4 ++++ mod/assign/mod_form.php | 1 + 8 files changed, 41 insertions(+) diff --git a/mod/assign/extensionform.php b/mod/assign/extensionform.php index f838638adfc..4c8d221706e 100644 --- a/mod/assign/extensionform.php +++ b/mod/assign/extensionform.php @@ -69,9 +69,13 @@ class mod_assign_extension_form extends moodleform { get_string('extensionduedate', 'assign'), array('optional'=>true)); $mform->setDefault('extensionduedate', $finaldate); $mform->addElement('hidden', 'id', $coursemoduleid); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'userid', $userid); + $mform->setType('userid', PARAM_INT); $mform->addElement('hidden', 'selectedusers', $batchusers); + $mform->setType('selectedusers', PARAM_TEXT); $mform->addElement('hidden', 'action', 'saveextension'); + $mform->setType('action', PARAM_ALPHA); $this->add_action_buttons(true, get_string('savechanges', 'assign')); if ($data) { diff --git a/mod/assign/feedback/file/batchuploadfilesform.php b/mod/assign/feedback/file/batchuploadfilesform.php index a0beb1722d1..7aa57d48daf 100644 --- a/mod/assign/feedback/file/batchuploadfilesform.php +++ b/mod/assign/feedback/file/batchuploadfilesform.php @@ -66,12 +66,19 @@ class assignfeedback_file_batch_upload_files_form extends moodleform { $this->set_data($data); $mform->addElement('hidden', 'id', $params['cm']); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'operation', 'plugingradingbatchoperation_file_uploadfiles'); + $mform->setType('operation', PARAM_ALPHAEXT); $mform->addElement('hidden', 'action', 'viewpluginpage'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'pluginaction', 'uploadfiles'); + $mform->setType('pluginaction', PARAM_ALPHA); $mform->addElement('hidden', 'plugin', 'file'); + $mform->setType('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); + $mform->setType('pluginsubtype', PARAM_PLUGIN); $mform->addElement('hidden', 'selectedusers', implode(',', $params['users'])); + $mform->setType('selectedusers', PARAM_TEXT); $this->add_action_buttons(true, get_string('uploadfiles', 'assignfeedback_file')); } diff --git a/mod/assign/feedback/file/importzipform.php b/mod/assign/feedback/file/importzipform.php index 33e75020315..3b995496a08 100644 --- a/mod/assign/feedback/file/importzipform.php +++ b/mod/assign/feedback/file/importzipform.php @@ -115,11 +115,17 @@ class assignfeedback_file_import_zip_form extends moodleform implements renderab } $mform->addElement('hidden', 'id', $assignment->get_course_module()->id); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'action', 'viewpluginpage'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'confirm', 'true'); + $mform->setType('confirm', PARAM_INT); $mform->addElement('hidden', 'plugin', 'file'); + $mform->setTYpe('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); + $mform->setTYpe('pluginsubtype', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginaction', 'uploadzip'); + $mform->setType('pluginaction', PARAM_ALPHA); if (count($updates)) { $this->add_action_buttons(true, get_string('confirm')); } else { diff --git a/mod/assign/feedback/file/uploadzipform.php b/mod/assign/feedback/file/uploadzipform.php index d9e7636772b..4d521307ccc 100644 --- a/mod/assign/feedback/file/uploadzipform.php +++ b/mod/assign/feedback/file/uploadzipform.php @@ -56,10 +56,15 @@ class assignfeedback_file_upload_zip_form extends moodleform { $mform->addHelpButton('feedbackzip', 'feedbackzip', 'assignfeedback_file'); $mform->addElement('hidden', 'id', $params['cm']); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'action', 'viewpluginpage'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'pluginaction', 'uploadzip'); + $mform->setType('pluginaction', PARAM_ALPHA); $mform->addElement('hidden', 'plugin', 'file'); + $mform->setType('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); + $mform->setType('pluginsubtype', PARAM_PLUGIN); $this->add_action_buttons(true, get_string('importfeedbackfiles', 'assignfeedback_file')); } diff --git a/mod/assign/feedback/offline/importgradesform.php b/mod/assign/feedback/offline/importgradesform.php index e3ac2e49a45..51c76702445 100644 --- a/mod/assign/feedback/offline/importgradesform.php +++ b/mod/assign/feedback/offline/importgradesform.php @@ -164,14 +164,23 @@ class assignfeedback_offline_import_grades_form extends moodleform implements re } $mform->addElement('hidden', 'id', $assignment->get_course_module()->id); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'action', 'viewpluginpage'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'confirm', 'true'); + $mform->setType('confirm', PARAM_BOOL); $mform->addElement('hidden', 'plugin', 'offline'); + $mform->setType('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); + $mform->setType('pluginsubtype', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginaction', 'uploadgrades'); + $mform->setType('pluginaction', PARAM_ALPHA); $mform->addElement('hidden', 'importid', $gradeimporter->importid); + $mform->setType('importid', PARAM_INT); $mform->addElement('hidden', 'ignoremodified', $ignoremodified); + $mform->setType('ignoremodified', PARAM_BOOL); $mform->addElement('hidden', 'draftid', $draftid); + $form->setType('draftid', PARAM_INT); if ($update) { $this->add_action_buttons(true, get_string('confirm')); } else { diff --git a/mod/assign/feedback/offline/uploadgradesform.php b/mod/assign/feedback/offline/uploadgradesform.php index c573efe864c..75355cf9e4c 100644 --- a/mod/assign/feedback/offline/uploadgradesform.php +++ b/mod/assign/feedback/offline/uploadgradesform.php @@ -59,10 +59,15 @@ class assignfeedback_offline_upload_grades_form extends moodleform { $mform->addHelpButton('ignoremodified', 'ignoremodified', 'assignfeedback_offline'); $mform->addElement('hidden', 'id', $params['cm']); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'action', 'viewpluginpage'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'pluginaction', 'uploadgrades'); + $mform->setType('pluginaction', PARAM_ALPHA); $mform->addElement('hidden', 'plugin', 'offline'); + $mform->setType('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); + $mform->setType('pluginsubtype', PARAM_PLUGIN); $this->add_action_buttons(true, get_string('uploadgrades', 'assignfeedback_offline')); } diff --git a/mod/assign/gradingbatchoperationsform.php b/mod/assign/gradingbatchoperationsform.php index d9f74a9617f..4a3b72f5693 100644 --- a/mod/assign/gradingbatchoperationsform.php +++ b/mod/assign/gradingbatchoperationsform.php @@ -66,9 +66,13 @@ class mod_assign_grading_batch_operations_form extends moodleform { } $mform->addElement('hidden', 'action', 'gradingbatchoperation'); + $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'id', $instance['cm']); + $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'selectedusers', '', array('class'=>'selectedusers')); + $mform->setType('selectedusers', PARAM_TEXT); $mform->addElement('hidden', 'returnaction', 'grading'); + $mform->setType('returnaction', PARAM_ALPHA); $objs = array(); $objs[] =& $mform->createElement('select', 'operation', get_string('chooseoperation', 'assign'), $options); diff --git a/mod/assign/mod_form.php b/mod/assign/mod_form.php index 6d232f2f889..f2d60e9dee2 100644 --- a/mod/assign/mod_form.php +++ b/mod/assign/mod_form.php @@ -117,6 +117,7 @@ class mod_assign_mod_form extends moodleform_mod { } else { $mform->addElement('hidden', 'requiresubmissionstatement', 1); } + $mform->setType('requiresubmissionstatement', PARAM_BOOL); $options = array( ASSIGN_ATTEMPT_REOPEN_METHOD_NONE => get_string('attemptreopenmethod_none', 'mod_assign'), From 9231cd88265cce550361ab3f1fead288c72129be Mon Sep 17 00:00:00 2001 From: Dan Poltawski Date: Mon, 15 Apr 2013 15:12:00 +0100 Subject: [PATCH 2/3] MDL-38710 assign: convert selectedusers to PARAM_SEQUENCE This param type is more appropiate. --- mod/assign/extensionform.php | 2 +- mod/assign/feedback/file/batchuploadfilesform.php | 2 +- mod/assign/feedback/file/locallib.php | 2 +- mod/assign/gradingbatchoperationsform.php | 2 +- mod/assign/locallib.php | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mod/assign/extensionform.php b/mod/assign/extensionform.php index 4c8d221706e..0b39697e3e7 100644 --- a/mod/assign/extensionform.php +++ b/mod/assign/extensionform.php @@ -73,7 +73,7 @@ class mod_assign_extension_form extends moodleform { $mform->addElement('hidden', 'userid', $userid); $mform->setType('userid', PARAM_INT); $mform->addElement('hidden', 'selectedusers', $batchusers); - $mform->setType('selectedusers', PARAM_TEXT); + $mform->setType('selectedusers', PARAM_SEQUENCE); $mform->addElement('hidden', 'action', 'saveextension'); $mform->setType('action', PARAM_ALPHA); $this->add_action_buttons(true, get_string('savechanges', 'assign')); diff --git a/mod/assign/feedback/file/batchuploadfilesform.php b/mod/assign/feedback/file/batchuploadfilesform.php index 7aa57d48daf..c025ee8d8d1 100644 --- a/mod/assign/feedback/file/batchuploadfilesform.php +++ b/mod/assign/feedback/file/batchuploadfilesform.php @@ -78,7 +78,7 @@ class assignfeedback_file_batch_upload_files_form extends moodleform { $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); $mform->setType('pluginsubtype', PARAM_PLUGIN); $mform->addElement('hidden', 'selectedusers', implode(',', $params['users'])); - $mform->setType('selectedusers', PARAM_TEXT); + $mform->setType('selectedusers', PARAM_SEQUENCE); $this->add_action_buttons(true, get_string('uploadfiles', 'assignfeedback_file')); } diff --git a/mod/assign/feedback/file/locallib.php b/mod/assign/feedback/file/locallib.php index d79053a5fd0..5f17e041ae6 100644 --- a/mod/assign/feedback/file/locallib.php +++ b/mod/assign/feedback/file/locallib.php @@ -589,7 +589,7 @@ class assign_feedback_file extends assign_feedback_plugin { */ public function view_page($action) { if ($action == 'uploadfiles') { - $users = required_param('selectedusers', PARAM_TEXT); + $users = required_param('selectedusers', PARAM_SEQUENCE); return $this->view_batch_upload_files(explode(',', $users)); } if ($action == 'uploadzip') { diff --git a/mod/assign/gradingbatchoperationsform.php b/mod/assign/gradingbatchoperationsform.php index 4a3b72f5693..4be18c35104 100644 --- a/mod/assign/gradingbatchoperationsform.php +++ b/mod/assign/gradingbatchoperationsform.php @@ -70,7 +70,7 @@ class mod_assign_grading_batch_operations_form extends moodleform { $mform->addElement('hidden', 'id', $instance['cm']); $mform->setType('id', PARAM_INT); $mform->addElement('hidden', 'selectedusers', '', array('class'=>'selectedusers')); - $mform->setType('selectedusers', PARAM_TEXT); + $mform->setType('selectedusers', PARAM_SEQUENCE); $mform->addElement('hidden', 'returnaction', 'grading'); $mform->setType('returnaction', PARAM_ALPHA); diff --git a/mod/assign/locallib.php b/mod/assign/locallib.php index 7e9ff3021e1..528d5b9a266 100644 --- a/mod/assign/locallib.php +++ b/mod/assign/locallib.php @@ -1730,7 +1730,7 @@ class assign { require_once($CFG->dirroot . '/mod/assign/extensionform.php'); $o = ''; - $batchusers = optional_param('selectedusers', '', PARAM_TEXT); + $batchusers = optional_param('selectedusers', '', PARAM_SEQUENCE); $data = new stdClass(); $data->extensionduedate = null; $userid = 0; @@ -4295,7 +4295,7 @@ class assign { // Need submit permission to submit an assignment. require_capability('mod/assign:grantextension', $this->context); - $batchusers = optional_param('selectedusers', '', PARAM_TEXT); + $batchusers = optional_param('selectedusers', '', PARAM_SEQUENCE); $userid = 0; if (!$batchusers) { $userid = required_param('userid', PARAM_INT); From 78d9d52a0a3a04345849581588c4deaa1e0af26f Mon Sep 17 00:00:00 2001 From: Damyon Wiese Date: Wed, 17 Apr 2013 13:49:24 +0800 Subject: [PATCH 3/3] MDL-38710 assign: Fix one typo and change one param to PARAM_BOOL --- mod/assign/feedback/file/importzipform.php | 2 +- mod/assign/feedback/offline/importgradesform.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/assign/feedback/file/importzipform.php b/mod/assign/feedback/file/importzipform.php index 3b995496a08..4ed2bfa5d57 100644 --- a/mod/assign/feedback/file/importzipform.php +++ b/mod/assign/feedback/file/importzipform.php @@ -119,7 +119,7 @@ class assignfeedback_file_import_zip_form extends moodleform implements renderab $mform->addElement('hidden', 'action', 'viewpluginpage'); $mform->setType('action', PARAM_ALPHA); $mform->addElement('hidden', 'confirm', 'true'); - $mform->setType('confirm', PARAM_INT); + $mform->setType('confirm', PARAM_BOOL); $mform->addElement('hidden', 'plugin', 'file'); $mform->setTYpe('plugin', PARAM_PLUGIN); $mform->addElement('hidden', 'pluginsubtype', 'assignfeedback'); diff --git a/mod/assign/feedback/offline/importgradesform.php b/mod/assign/feedback/offline/importgradesform.php index 51c76702445..b71bd5402f3 100644 --- a/mod/assign/feedback/offline/importgradesform.php +++ b/mod/assign/feedback/offline/importgradesform.php @@ -180,7 +180,7 @@ class assignfeedback_offline_import_grades_form extends moodleform implements re $mform->addElement('hidden', 'ignoremodified', $ignoremodified); $mform->setType('ignoremodified', PARAM_BOOL); $mform->addElement('hidden', 'draftid', $draftid); - $form->setType('draftid', PARAM_INT); + $mform->setType('draftid', PARAM_INT); if ($update) { $this->add_action_buttons(true, get_string('confirm')); } else {