Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MDL-37411 Notes: unset courseid and userid when updating the note to …

…prevent accidental changes. Thank you Sam Hemelryk for suggesting an alternative solution.
  • Loading branch information...
commit 6a9235c998dab2ec0ddc49898a59dd5089156cb0 1 parent 88906d0
rwijaya rwijaya authored samhemelryk committed
Showing with 6 additions and 0 deletions.
  1. +6 −0 notes/edit.php
6 notes/edit.php
View
@@ -70,6 +70,12 @@
/// if data was submitted and validated, then save it to database
if ($note = $noteform->get_data()){
+ if ($noteid) {
+ // A noteid has been used, we don't allow editing of course or user so
+ // lets unset them to be sure we never change that by accident.
+ unset($note->courseid);
+ unset($note->userid);
+ }
note_save($note);
// redirect to notes list that contains this note
redirect($CFG->wwwroot . '/notes/index.php?course=' . $note->courseid . '&user=' . $note->userid);
Please sign in to comment.
Something went wrong with that request. Please try again.