Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-35991 - use PARAM_LOCALURL for local urls

Conflicts:
	user/files.php
  • Loading branch information...
commit b0f20bc995229d7f8eebf287759a2a2a65a2cbfa 1 parent 4e805e9
@simoncoggins simoncoggins authored danpoltawski committed
View
2  backup/backupfilesedit.php
@@ -33,7 +33,7 @@
// file parameters
$component = optional_param('component', null, PARAM_COMPONENT);
$filearea = optional_param('filearea', null, PARAM_AREA);
-$returnurl = optional_param('returnurl', null, PARAM_URL);
+$returnurl = optional_param('returnurl', null, PARAM_LOCALURL);
list($context, $course, $cm) = get_context_info_array($currentcontext);
$filecontext = get_context_instance_by_id($contextid);
View
2  comment/comment_post.php
@@ -34,7 +34,7 @@
$area = optional_param('area', '', PARAM_AREA);
$content = optional_param('content', '', PARAM_RAW);
$itemid = optional_param('itemid', '', PARAM_INT);
-$returnurl = optional_param('returnurl', '/', PARAM_URL);
+$returnurl = optional_param('returnurl', '/', PARAM_LOCALURL);
$component = optional_param('component', '', PARAM_COMPONENT);
// Currently this script can only add comments
View
4 course/switchrole.php
@@ -35,7 +35,7 @@
$id = required_param('id', PARAM_INT);
$switchrole = optional_param('switchrole',-1, PARAM_INT);
-$returnurl = optional_param('returnurl', false, PARAM_URL);
+$returnurl = optional_param('returnurl', false, PARAM_LOCALURL);
$PAGE->set_url('/course/switchrole.php', array('id'=>$id));
@@ -86,4 +86,4 @@
$returnurl = new moodle_url('/course/view.php', array('id' => $course->id));
}
-redirect($returnurl);
+redirect($returnurl);
View
2  mod/wiki/filesedit.php
@@ -31,7 +31,7 @@
$subwikiid = required_param('subwiki', PARAM_INT);
// not being used for file management, we use it to generate navbar link
$pageid = optional_param('pageid', 0, PARAM_INT);
-$returnurl = optional_param('returnurl', '', PARAM_URL);
+$returnurl = optional_param('returnurl', '', PARAM_LOCALURL);
if (!$subwiki = wiki_get_subwiki($subwikiid)) {
print_error('incorrectsubwikiid', 'wiki');
View
2  tag/coursetags_add.php
@@ -15,7 +15,7 @@
print_error('tagsaredisabled', 'tag');
}
-$returnurl = optional_param('returnurl', null, PARAM_TEXT);
+$returnurl = optional_param('returnurl', null, PARAM_LOCALURL);
$keyword = optional_param('coursetag_new_tag', '', PARAM_TEXT);
$courseid = optional_param('entryid', 0, PARAM_INT);
$userid = optional_param('userid', 0, PARAM_INT);
Please sign in to comment.
Something went wrong with that request. Please try again.