Merge pull request #12 from catalyst/paramfix

Use core required_param for toggle parameters.
gjbarnard · Dec 10, 2014 · 7338983 · 7338983
2 parents 9979052 + 954fd9a
commit 7338983
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 58 deletions.
diff --git a/format.php b/format.php
@@ -88,7 +88,7 @@
     $defaulttogglepersistence = clean_param(get_config('format_topcoll', 'defaulttogglepersistence'), PARAM_INT);
 
     if ($defaulttogglepersistence == 1) {
-        user_preference_allow_ajax_update('topcoll_toggle_' . $course->id, PARAM_TOPCOLL);
+        user_preference_allow_ajax_update('topcoll_toggle_' . $course->id, PARAM_RAW);
         $userpreference = get_user_preferences('topcoll_toggle_' . $course->id);
     } else {
         $userpreference = null;

diff --git a/settopcollpref.php b/settopcollpref.php
@@ -44,7 +44,7 @@
 }
 
 // Get and set the value.
-$value = required_topcoll_param('value', $USER->ajax_updatable_user_prefs[$name]);
+$value = required_topcoll_param('value');
 // Update
 if (!set_user_preference($name, $value)) {
     print_error('errorsettinguserpref');

diff --git a/togglelib.php b/togglelib.php
@@ -220,85 +220,48 @@ public function test() {
     }
 }
 
-// Toggle user preference code as PARAM_TEXT is unsuitable.  See: CONTRIB-5211 & MDL-46754.
-define('PARAM_TOPCOLL',  'topcoll');
-
 /**
- * Returns a particular value for the named variable, taken from
- * POST or GET.  If the parameter doesn't exist then an error is
- * thrown because we require this variable.
- *
- * This function should be used to initialise all required values
- * in a script that are based on parameters.  Usually it will be
- * used like this:
- *    $id = required_param('value', PARAM_TOPCOLL);
- *
- * Please note the $type parameter is now required and the value can not be array.
+ * Returns a required_param() toggle value for the named user preference.
  *
- * @param string $parname the name of the page parameter we want
- * @param string $type expected type of parameter
+ * @param string $parname the name of the user preference we want
  * @return mixed
  * @throws coding_exception
  */
-function required_topcoll_param($parname, $type) {
-    if (func_num_args() != 2 or empty($parname) or empty($type)) {
-        throw new coding_exception('required_topcoll_param() requires $parname and $type to be specified (parameter: '.$parname.')');
-    }
-    // POST has precedence.
-    if (isset($_POST[$parname])) {
-        $param = $_POST[$parname];
-    } else if (isset($_GET[$parname])) {
-        $param = $_GET[$parname];
-    } else {
-        print_error('missingparam', '', '', $parname);
-    }
-
-    if (is_array($param)) {
-        debugging('Invalid array parameter detected in required_topcoll_param(): '.$parname);
-        // TODO: switch to fatal error in Moodle 2.3.
-        return required_param_array($parname, $type);
+function required_topcoll_param($parname) {
+    if (empty($parname)) {
+        throw new coding_exception('required_topcoll_param() requires $parname to be specified');
     }
+    $param = required_param($parname, PARAM_RAW);
 
-    return clean_topcoll_param($param, $type);
+    return clean_topcoll_param($param);
 }
 
 /**
- * Used by required_topcoll_param to clean the variables and/or cast
- * to specific types, based on an options field.
+ * Used by required_topcoll_param to clean the toggle parameter.
  *
- * @param mixed $param the variable we are cleaning
- * @param string $type expected format of param after cleaning.
+ * @param string $param the variable we are cleaning
  * @return mixed
  * @throws coding_exception
  */
-function clean_topcoll_param($param, $type) {
+function clean_topcoll_param($param) {
     global $CFG;
 
     if (is_array($param)) {
-        throw new coding_exception('clean_topcoll_param() can not process arrays, please use clean_param_array() instead.');
+        throw new coding_exception('clean_topcoll_param() can not process arrays.');
     } else if (is_object($param)) {
         if (method_exists($param, '__toString')) {
             $param = $param->__toString();
         } else {
-            throw new coding_exception('clean_topcoll_param() can not process objects, please use clean_param_array() instead.');
+            throw new coding_exception('clean_topcoll_param() can not process objects.');
         }
     }
 
-    switch ($type) {
-        case PARAM_TOPCOLL:
-            $param = fix_utf8($param);
-
-            $chars = strlen($param);
-            for ($i = 0; $i < $chars; $i++) {
-                $charval = ord($param[$i]);
-                if (($charval < 58) || ($charval > 121)) {
-                    return '';
-                }
-            }
-            return $param;
-
-        default:
-            // Doh! throw error, switched parameters in optional_param or another serious problem.
-            print_error("unknownparamtype", '', '', $type);
+    $chars = strlen($param);
+    for ($i = 0; $i < $chars; $i++) {
+        $charval = ord($param[$i]);
+        if (($charval < 58) || ($charval > 121)) {
+            return '';
+        }
     }
+    return $param;
 }