mirror/moodle-auth_outage
1
0
Fork 0
mirror of https://github.com/catalyst/moodle-auth_outage.git synced 2026-05-16 21:41:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed ipwhitelist escaping issue #150

Browse Source
This commit is contained in:
Brendan Heywood
2019-03-28 14:29:22 +11:00
parent e94d9c94ea
commit dec4c7bf53
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
classes/local/outagelib.php
View File

@@ -246,7 +246,7 @@ class outagelib {
}
// I know Moodle validation would clean up this field, but just in case, let's ensure no
// single-quotes (and double for the sake of it) are present otherwise it would break the code.
$allowedips = str_replace('\'"', '', $allowedips);
$allowedips = addslashes($allowedips);
$code = <<<'EOT'
<?php

4
tests/phpunit/local/outagelib_test.php
View File

@@ -113,7 +113,7 @@ class outagelib_test extends advanced_testcase {
public function test_inject_broken() {
$_GET = ['auth_outage_break_code' => '1'];
outagelib::reinject();
self::assertCount(2, phpunit_util::get_debugging_messages());
self::assertCount(0, phpunit_util::get_debugging_messages());
phpunit_util::reset_debugging();
}
@@ -289,7 +289,7 @@ class outagelib_test extends advanced_testcase {
if ((time() >= 123) && (time() < 456)) {
define('MOODLE_INTERNAL', true);
require_once($CFG->dirroot.'/lib/moodlelib.php');
if (!remoteip_in_list('heyyou
if (!remoteip_in_list('hey\'\"you
a.b.c.d
e.e.e.e/20')) {
header($_SERVER['SERVER_PROTOCOL'] . ' 503 Moodle under maintenance');