mirror of
https://github.com/moodle/moodle.git
synced 2025-04-19 07:25:30 +02:00
parameter cleaup - round 5; timezone.php fixed
This commit is contained in:
skodak
parent
459e90230f
commit
63d86fad67
@ -35,8 +35,7 @@
|
||||
}
|
||||
if(isset($form->forcetimezone)) {
|
||||
// To protect from SQL injections ...
|
||||
$form->forcetimezone = str_replace(';', '', $form->forcetimezone);
|
||||
$form->forcetimezone = str_replace('\'', '', $form->forcetimezone);
|
||||
$form->timezone = clean_param($form->timezone, PARAM_PATH); //not a path, but it looks like it anyway
|
||||
set_config('forcetimezone', $form->forcetimezone);
|
||||
}
|
||||
if(isset($form->startwday)) {
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
<?php // $Id$
|
||||
|
||||
include("../config.php");
|
||||
require_once('../config.php');
|
||||
|
||||
$zone = optional_param('zone', '', PARAM_PATH); //not a path, but it looks like it anyway
|
||||
|
||||
require_login();
|
||||
|
||||
@ -17,7 +19,7 @@
|
||||
|
||||
print_heading("");
|
||||
|
||||
if (isset($zone) and confirm_sesskey()) {
|
||||
if (!empty($zone) and confirm_sesskey()) {
|
||||
$db->debug = true;
|
||||
echo "<center>";
|
||||
execute_sql("UPDATE {$CFG->prefix}user SET timezone = '$zone'");
|
||||
@ -27,29 +29,12 @@
|
||||
$USER->timezone = $zone;
|
||||
}
|
||||
|
||||
$user = $USER;
|
||||
|
||||
if (abs($user->timezone) > 13) {
|
||||
$user->timezone = 99;
|
||||
}
|
||||
$timenow = time();
|
||||
$timeformat = get_string('strftimedaytime');
|
||||
|
||||
for ($tz = -26; $tz <= 26; $tz++) {
|
||||
$zone = (float)$tz/2.0;
|
||||
$usertime = $timenow + ($tz * 1800);
|
||||
if ($tz == 0) {
|
||||
$timezones["$zone"] = gmstrftime($timeformat, $usertime)." (GMT)";
|
||||
} else if ($tz < 0) {
|
||||
$timezones["$zone"] = gmstrftime($timeformat, $usertime)." (GMT$zone)";
|
||||
} else {
|
||||
$timezones["$zone"] = gmstrftime($timeformat, $usertime)." (GMT+$zone)";
|
||||
}
|
||||
}
|
||||
require_once($CFG->dirroot.'/calendar/lib.php');
|
||||
$timezones = get_list_of_timezones();
|
||||
|
||||
echo '<center><form action="timezone.php" method="get">';
|
||||
echo "$strusers ($strall): ";
|
||||
choose_from_menu ($timezones, "zone", $user->timezone, get_string("serverlocaltime"), "", "99");
|
||||
choose_from_menu ($timezones, "zone", 99, get_string("serverlocaltime"), "", "99");
|
||||
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
|
||||
echo "<input type=\"submit\" value=\"$strsavechanges\">";
|
||||
echo "</form></center>";
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
require_once($CFG->libdir.'/filelib.php');
|
||||
require_once($CFG->libdir.'/olson.php');
|
||||
|
||||
$ok = optional_param('ok');
|
||||
$ok = optional_param('ok', 0, PARAM_BOOL);
|
||||
|
||||
require_login();
|
||||
|
||||
|
||||
@ -121,8 +121,7 @@
|
||||
if ($CFG->forcetimezone != 99) { // Don't allow changing this in any way
|
||||
unset($usernew->timezone);
|
||||
} else { // Clean up the data a bit, just in case of injections
|
||||
$usernew->timezone = str_replace(';', '', $usernew->timezone);
|
||||
$usernew->timezone = str_replace('\'', '', $usernew->timezone);
|
||||
$usernew->timezone = clean_param($usernew->timezone, PARAM_PATH); //not a path, but it looks like it anyway
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user