Permalink
Browse files

MDL-34612 Grade condition range validation allows impossible conditions

  • Loading branch information...
1 parent d08da96 commit 90cbde0cb7e085406c2e46fdff735de6a7486181 @sammarshallou sammarshallou committed with danpoltawski Nov 7, 2012
Showing with 33 additions and 2 deletions.
  1. +32 −1 course/editsection_form.php
  2. +1 −1 course/moodleform_mod.php
@@ -228,10 +228,41 @@ public function validation($data, $files) {
// Conditions: Don't let them set dates which make no sense
if (array_key_exists('availablefrom', $data) &&
$data['availablefrom'] && $data['availableuntil'] &&
- $data['availablefrom'] > $data['availableuntil']) {
+ $data['availablefrom'] >= $data['availableuntil']) {
$errors['availablefrom'] = get_string('badavailabledates', 'condition');
}
+ // Conditions: Verify that the grade conditions are numbers, and make sense.
+ if (array_key_exists('conditiongradegroup', $data)) {
+ foreach ($data['conditiongradegroup'] as $i => $gradedata) {
+ if ($gradedata['conditiongrademin'] !== '' &&
+ !is_numeric(unformat_float($gradedata['conditiongrademin']))) {
+ $errors["conditiongradegroup[{$i}]"] = get_string('gradesmustbenumeric', 'condition');
+ continue;
+ }
+ if ($gradedata['conditiongrademax'] !== '' &&
+ !is_numeric(unformat_float($gradedata['conditiongrademax']))) {
+ $errors["conditiongradegroup[{$i}]"] = get_string('gradesmustbenumeric', 'condition');
+ continue;
+ }
+ if ($gradedata['conditiongrademin'] !== '' && $gradedata['conditiongrademax'] !== '' &&
+ unformat_float($gradedata['conditiongrademax']) <= unformat_float($gradedata['conditiongrademin'])) {
+ $errors["conditiongradegroup[{$i}]"] = get_string('badgradelimits', 'condition');
+ continue;
+ }
+ if ($gradedata['conditiongrademin'] === '' && $gradedata['conditiongrademax'] === '' &&
+ $gradedata['conditiongradeitemid']) {
+ $errors["conditiongradegroup[{$i}]"] = get_string('gradeitembutnolimits', 'condition');
+ continue;
+ }
+ if (($gradedata['conditiongrademin'] !== '' || $gradedata['conditiongrademax'] !== '') &&
+ !$gradedata['conditiongradeitemid']) {
+ $errors["conditiongradegroup[{$i}]"] = get_string('gradelimitsbutnoitem', 'condition');
+ continue;
+ }
+ }
+ }
+
// Conditions: Verify that the user profile field has not been declared more than once
if (array_key_exists('conditionfieldgroup', $data)) {
// Array to store the existing fields
@@ -341,7 +341,7 @@ function validation($data, $files) {
continue;
}
if ($gradedata['conditiongrademin'] !== '' && $gradedata['conditiongrademax'] !== '' &&
- unformat_float($gradedata['conditiongrademax']) < unformat_float($gradedata['conditiongrademin'])) {
+ unformat_float($gradedata['conditiongrademax']) <= unformat_float($gradedata['conditiongrademin'])) {
$errors["conditiongradegroup[{$i}]"] = get_string('badgradelimits', 'condition');
continue;
}

0 comments on commit 90cbde0

Please sign in to comment.