MDL-13915: Fixed add_to_log when very long url is specified (now does…

…n't try to insert more than 100 chars into database)
moodle · Mar 13, 2008 · c147575 · c147575
1 parent 5fd87bf
commit c147575
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/course/lib.php b/course/lib.php
@@ -296,6 +296,11 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per
         //Filter log->info
         $log->info = format_string($log->info);
 
+        // If $log->url has been trimmed short by the db size restriction
+        // code in add_to_log, keep a note so we don't add a link to a broken url
+        $tl=textlib_get_instance();
+        $brokenurl=($tl->strlen($log->url)==100 && $tl->substr($log->url,97)=='...');
+
         $log->url  = strip_tags(urldecode($log->url));   // Some XSS protection
         $log->info = strip_tags(urldecode($log->info));  // Some XSS protection
         $log->url  = s($log->url); /// XSS protection and XHTML compatibility - should be in link_to_popup_window() instead!!
@@ -320,7 +325,12 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per
         echo "    <a href=\"$CFG->wwwroot/user/view.php?id={$log->userid}&amp;course={$log->course}\">$fullname</a>\n";
         echo "</td>\n";
         echo "<td class=\"cell c4\">\n";
-        link_to_popup_window( make_log_url($log->module,$log->url), 'fromloglive',"$log->module $log->action", 440, 700);
+        $displayaction="$log->module $log->action";
+        if($brokenurl) {
+            echo $displayaction;
+        } else {
+            link_to_popup_window( make_log_url($log->module,$log->url), 'fromloglive',$displayaction, 440, 700);
+        }
         echo "</td>\n";;
         echo "<td class=\"cell c5\">{$log->info}</td>\n";
         echo "</tr>\n";

diff --git a/lib/datalib.php b/lib/datalib.php
@@ -1878,6 +1878,26 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
         $url = html_entity_decode($url); // for php < 4.3.0 this is defined in moodlelib.php
     }
 
+    // Restrict length of log lines to the space actually available in the
+    // database so that it doesn't cause a DB error. Log a warning so that
+    // developers can avoid doing things which are likely to cause this on a
+    // routine basis.
+    $tl=textlib_get_instance();
+    if(!empty($info) && $tl->strlen($info)>255) {
+        $info=$tl->substr($info,0,252).'...';
+        debugging('Warning: logged very long info',DEBUG_DEVELOPER);
+    }
+    // Note: Unlike $info, URL appears to be already slashed before this function
+    // is called. Since database limits are for the data before slashes, we need
+    // to remove them...
+    $url=stripslashes($url);
+    // If the 100 field size is changed, also need to alter print_log in course/lib.php
+    if(!empty($url) && $tl->strlen($url)>100) {
+        $url=$tl->substr($url,0,97).'...';
+        debugging('Warning: logged very long URL',DEBUG_DEVELOPER);
+    }
+    $url=addslashes($url);
+
     if (defined('MDL_PERFDB')) { global $PERF ; $PERF->dbqueries++; $PERF->logwrites++;};
 
     if ($CFG->type = 'oci8po') {