Skip to content
Browse files

MDL-43058 reports: updated sql to return fullnames in security check …

…reports.
  • Loading branch information...
1 parent ca3b210 commit 9daaa37aacddc19d06e4e70ef475f7e3c2b05265 @abgreeve abgreeve committed
Showing with 6 additions and 3 deletions.
  1. +6 −3 report/security/locallib.php
View
9 report/security/locallib.php
@@ -508,7 +508,8 @@ function report_security_check_riskxss($detailed=false) {
$result->info = get_string('check_riskxss_warning', 'report_security', $count);
if ($detailed) {
- $users = $DB->get_records_sql("SELECT DISTINCT u.id, u.firstname, u.lastname, u.picture, u.imagealt $sqlfrom", $params);
+ $userfields = user_picture::fields('u');
+ $users = $DB->get_records_sql("SELECT DISTINCT $userfields $sqlfrom", $params);
foreach ($users as $uid=>$user) {
$users[$uid] = fullname($user);
}
@@ -710,7 +711,8 @@ function report_security_check_riskadmin($detailed=false) {
$result->status = null;
$result->link = null;
- $sql = "SELECT u.id, u.firstname, u.lastname, u.picture, u.imagealt, u.email
+ $userfields = user_picture::fields('u');
+ $sql = "SELECT $userfields
FROM {user} u
WHERE u.id IN ($CFG->siteadmins)";
@@ -834,7 +836,8 @@ function report_security_check_riskbackup($detailed=false) {
$users = array();
list($sort, $sortparams) = users_order_by_sql('u');
- $rs = $DB->get_recordset_sql("SELECT DISTINCT u.id, u.firstname, u.lastname, u.picture, u.imagealt, u.email, ra.contextid, ra.roleid
+ $userfields = user_picture::fields('u');
+ $rs = $DB->get_recordset_sql("SELECT DISTINCT $userfields, ra.contextid, ra.roleid
$sqluserinfo ORDER BY $sort", array_merge($params, $sortparams));
foreach ($rs as $user) {

0 comments on commit 9daaa37

Please sign in to comment.
Something went wrong with that request. Please try again.