From 86f97c625e8bb9d583f52f61b384f44ce3fdacd0 Mon Sep 17 00:00:00 2001 From: Jun Pataleta Date: Mon, 28 Mar 2022 13:08:47 +0800 Subject: [PATCH] MDL-74321 mod_forum: Forum_check_throttling improvements and fixes * Fetch only the fields required by the function. * Quick validation of the passed forum parameter. If the forum parameter is an object, it should have the forum ID and the course ID. * Default return when there's no need to show a warning yet. --- mod/forum/lib.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/mod/forum/lib.php b/mod/forum/lib.php index c3d54972101..8bbdcfe0644 100644 --- a/mod/forum/lib.php +++ b/mod/forum/lib.php @@ -5038,11 +5038,16 @@ function forum_check_throttling($forum, $cm = null) { global $CFG, $DB, $USER; if (is_numeric($forum)) { - $forum = $DB->get_record('forum', array('id' => $forum), '*', MUST_EXIST); + $forum = $DB->get_record('forum', ['id' => $forum], 'id, course, blockperiod, blockafter, warnafter', MUST_EXIST); } - if (!is_object($forum)) { - return false; // This is broken. + if (!is_object($forum) || !isset($forum->id) || !isset($forum->course)) { + // The passed forum parameter is invalid. This can happen if: + // - a non-object and non-numeric forum is passed; or + // - the forum object does not have an ID or course attributes. + // This is unlikely to happen with properly formed forum record fetched from the database, + // so it's most likely a dev error if we hit such this case. + throw new coding_exception('Invalid forum parameter passed'); } if (empty($forum->blockafter)) { @@ -5108,6 +5113,9 @@ function forum_check_throttling($forum, $cm = null) { return $warning; } + + // No warning needs to be shown yet. + return false; } /**