Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'w31_MDL-34538_m22_validatefloats' of git://github.com/s…

…kodak/moodle into MOODLE_22_STABLE
  • Loading branch information...
commit 368fb633462f636e88fa4e663f2e5ddcfb8c04fe 2 parents 617eaba + aee963d
Dan Poltawski danpoltawski authored
Showing with 11 additions and 2 deletions.
  1. +11 −2 lib/moodlelib.php
13 lib/moodlelib.php
View
@@ -655,7 +655,8 @@ function optional_param_array($parname, $default, $type) {
* @param string $type PARAM_ constant
* @param bool $allownull are nulls valid value?
* @param string $debuginfo optional debug information
- * @return mixed the $param value converted to PHP type or invalid_parameter_exception
+ * @return mixed the $param value converted to PHP type
+ * @throws invalid_parameter_exception if $param is not of given type
*/
function validate_param($param, $type, $allownull=NULL_NOT_ALLOWED, $debuginfo='') {
if (is_null($param)) {
@@ -670,7 +671,15 @@ function validate_param($param, $type, $allownull=NULL_NOT_ALLOWED, $debuginfo='
}
$cleaned = clean_param($param, $type);
- if ((string)$param !== (string)$cleaned) {
+
+ if ($type == PARAM_FLOAT) {
+ // Do not detect precision loss here.
+ if (is_float($param) or is_int($param)) {
+ // These always fit.
+ } else if (!is_numeric($param) or !preg_match('/^[\+-]?[0-9]*\.?[0-9]*(e[-+]?[0-9]+)?$/i', (string)$param)) {
+ throw new invalid_parameter_exception($debuginfo);
+ }
+ } else if ((string)$param !== (string)$cleaned) {
// conversion to string is usually lossless
throw new invalid_parameter_exception($debuginfo);
}
Please sign in to comment.
Something went wrong with that request. Please try again.