mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-14 13:02:07 +02:00
Code Issues Projects Releases Wiki Activity

MDL-69431 course: validate section url param against maxsections

Browse Source
This commit is contained in:
David Watson 2021-01-10 17:26:31 +00:00
parent ed2400457b
commit ddc0da4b31
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
course/modedit.php
View File

@ -60,6 +60,15 @@ if (!empty($add)) {
// will be the closest match we have.
navigation_node::override_active_url(course_get_url($course, $section));
// MDL-69431 Validate that $section (url param) does not exceed the maximum for this course / format.
// If too high (e.g. section *id* not number) non-sequential sections inserted in course_sections table.
// Then on import, backup fills 'gap' with empty sections (see restore_rebuild_course_cache). Avoid this.
$courseformat = course_get_format($course);
$maxsections = $courseformat->get_max_sections();
if ($section > $maxsections) {
print_error('maxsectionslimit', 'moodle', '', $maxsections);
}
list($module, $context, $cw, $cm, $data) = prepare_new_moduleinfo_data($course, $add, $section);
$data->return = 0;
$data->sr = $sectionreturn;