]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 99fd6dd)
MDL-20639 fixed mnet security trouble - credit goes to Adrian Schlegel
authorPetr Skoda <skodak@moodle.org>
Tue, 17 Nov 2009 17:32:17 +0000 (17:32 +0000)
committerPetr Skoda <skodak@moodle.org>
Tue, 17 Nov 2009 17:32:17 +0000 (17:32 +0000)
mnet/lib.php patch | blob | history

diff --git a/mnet/lib.php b/mnet/lib.php
index ed3825694412e6a2c7d555b1742ec71537b2063b..4a02505e8ed16121f494bed158234353aa1072a2 100644 (file)
--- a/mnet/lib.php
+++ b/mnet/lib.php
@@ -473,9 +473,10 @@ function mnet_permit_rpc_call($includefile, $functionname, $class=false) {
             h2s.hostid in ($id_list) AND
             h2s.publish = '1'";
     $params = array("$callprefix/$functionname");
-    $permissionobj = $DB->record_exists_sql($sql, $params);
 
-    if ($permissionobj === false && 'dangerous' != $CFG->mnet_dispatcher_mode) {
+    $permission = $DB->count_records_sql($sql, $params);
+
+    if (!$permission && 'dangerous' != $CFG->mnet_dispatcher_mode) {
         return RPC_FORBIDDENMETHOD;
     }
 
Unnamed repository; edit this file to name it for gitweb.