From: tjhunt <tjhunt>
Date: Wed, 15 Jul 2009 06:17:39 +0000 (+0000)
Subject: moodlellib: MDL-19828 PARAM_LOCALURL should accept URLs like course/view.php?id=2
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=4bea5e85828b2ef400dc31533945439fce40d4aa;p=moodle.git

moodlellib: MDL-19828 PARAM_LOCALURL should accept URLs like course/view.php?id=2
---

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 7082105932..2578f61963 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -529,7 +529,7 @@ function clean_param($param, $type) {
                     // absolute, and matches our wwwroot
                 } else {
                     // relative - let's make sure there are no tricks
-                    if (validateUrlSyntax($param, 's-u-P-a-p-f+q?r?')) {
+                    if (validateUrlSyntax('/' . $param, 's-u-P-a-p-f+q?r?')) {
                         // looks ok.
                     } else {
                         $param = '';
diff --git a/lib/simpletest/testmoodlelib.php b/lib/simpletest/testmoodlelib.php
index a571ef2a64..ab55d43d22 100644
--- a/lib/simpletest/testmoodlelib.php
+++ b/lib/simpletest/testmoodlelib.php
@@ -296,6 +296,7 @@ class moodlelib_test extends UnitTestCase {
         $this->assertEqual(clean_param($CFG->wwwroot, PARAM_LOCALURL), $CFG->wwwroot);
         $this->assertEqual(clean_param('/just/a/path', PARAM_LOCALURL), '/just/a/path');
         $this->assertEqual(clean_param('funny:thing', PARAM_LOCALURL), '');
+        $this->assertEqual(clean_param('course/view.php?id=3', PARAM_LOCALURL), 'course/view.php?id=3');
     }
 
     function test_make_user_directory() {