From: skodak Date: Tue, 6 Jun 2006 10:17:18 +0000 (+0000) Subject: Bug #5678 - Question marks, single quotes in field name cause trouble - cleaning... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=002ccfc7a044484cbe39726df6bc12183b1fb7d0;p=moodle.git Bug #5678 - Question marks, single quotes in field name cause trouble - cleaning hack ported from clean_filename(); merged from MOODLE_16_STABLE --- diff --git a/mod/data/field.php b/mod/data/field.php index 9d03e1cf47..332b6a46de 100755 --- a/mod/data/field.php +++ b/mod/data/field.php @@ -79,8 +79,7 @@ case 'add': ///add a new field if (confirm_sesskey() and $fieldinput = data_submitted($CFG->wwwroot.'/mod/data/field.php')){ - $fieldinput->name = clean_param($fieldinput->name, PARAM_NOTAGS); - $fieldinput->name = trim($fieldinput->name); + $fieldinput->name = data_clean_field_name($fieldinput->name); /// Only store this new field if it doesn't already exist. if (($fieldinput->name == '') or data_fieldname_exists($fieldinput->name, $data->id)) { @@ -114,8 +113,7 @@ case 'update': ///update a field if (confirm_sesskey() and $fieldinput = data_submitted($CFG->wwwroot.'/mod/data/field.php')){ - $fieldinput->name = clean_param($fieldinput->name, PARAM_NOTAGS); - $fieldinput->name = trim($fieldinput->name); + $fieldinput->name = data_clean_field_name($fieldinput->name); if (($fieldinput->name == '') or data_fieldname_exists($fieldinput->name, $data->id, $fieldinput->fid)) { diff --git a/mod/data/lib.php b/mod/data/lib.php index 2d3c2fcbc1..6f8be542c0 100755 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -1239,5 +1239,13 @@ function data_convert_arrays_to_strings(&$fieldinput) { } } +function data_clean_field_name($fn) { + $fn = trim($fn); + //hack from clean_filename - to be replaced by something nicer later + $fn = preg_replace("/[\\000-\\x2c\\x2f\\x3a-\\x40\\x5b-\\x5e\\x60\\x7b-\\177]/s", '_', $fn); + $fn = preg_replace("/_+/", '_', $fn); + $fn = preg_replace("/\.\.+/", '.', $fn); + return $fn; +} ?>