Skip to content

Commit

Permalink
MDL-37411 Notes: unset courseid and userid when updating the note to …
Browse files Browse the repository at this point in the history 
…prevent accidental changes. Thank you Sam Hemelryk for suggesting an alternative solution.
  • Loading branch information
Rossiani Wijaya authored and Sam Hemelryk committed Mar 5, 2013
1 parent 88906d0 commit 6a9235c
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions notes/edit.php
View file
Expand Up @@ -70,6 +70,12 @@


/// if data was submitted and validated, then save it to database /// if data was submitted and validated, then save it to database
if ($note = $noteform->get_data()){ if ($note = $noteform->get_data()){
if ($noteid) {
// A noteid has been used, we don't allow editing of course or user so
// lets unset them to be sure we never change that by accident.
unset($note->courseid);
unset($note->userid);
}
note_save($note); note_save($note);
// redirect to notes list that contains this note // redirect to notes list that contains this note
redirect($CFG->wwwroot . '/notes/index.php?course=' . $note->courseid . '&user=' . $note->userid); redirect($CFG->wwwroot . '/notes/index.php?course=' . $note->courseid . '&user=' . $note->userid);
Expand Down

0 comments on commit 6a9235c

Please sign in to comment.