Reviewed: https://reviews.mahara.org/c/mahara/+/13082 Committed: https://git.mahara.org/mahara/mahara/commit/1c626c90b9d02535cff0e4708df3efc3f340aaa4 Submitter: "Robert Lyon <[email protected]>" Branch: 21.04_DEV
commit 1c626c90b9d02535cff0e4708df3efc3f340aaa4 Author: Robert Lyon <[email protected]> Date: Mon Jun 27 10:03:37 2022 +1200 Bug 1979921: Allow for checking if $group id is integer Currently we only check if string or class when calling View::get_artefactchooser_artefacts() and dealing with group information. Change-Id: Ifd3bcbd46db87ccdd44ce257b8a40a300702fe4d Signed-off-by: Robert Lyon <[email protected]> (cherry picked from commit 56dfed7fd53f5415c1a06053c5d56ec6ba06cabd) -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: mahara-contributors https://bugs.launchpad.net/bugs/1979921 Title: Potential issue with artefact chooser and getting group artefacts Status in Mahara: Fix Committed Status in Mahara 21.04 series: Fix Committed Status in Mahara 21.10 series: Fix Committed Status in Mahara 22.04 series: Fix Committed Status in Mahara 22.10 series: Fix Committed Bug description: There is an issue with View::get_artefactchooser_artefacts() if we pass it a $group identifier as a integer rather than a string or a class. We need to fix that up so a group ID passed in as integer is also handled other wise the error below can occur. The was reported by a community member and the only way I could replicate it was doing the following. Make this change: diff --git a/htdocs/blocktype/lib.php b/htdocs/blocktype/lib.php index 1bb21f32af..816969a241 100644 --- a/htdocs/blocktype/lib.php +++ b/htdocs/blocktype/lib.php @@ -2337,7 +2337,7 @@ class BlockInstance { list($allowed, $count) = View::get_artefactchooser_artefacts( $searchdata, $this->get_view()->get('owner'), - $this->get_view()->get('group'), + (int)$this->get_view()->get('group'), $this->get_view()->get('institution'), true ); Then create a new group and on the group homepage click 'edit'. Add a new block of content type 'image' to the page, upload an image to 'group files' tab, select it and click save. Then resize the image by dragging its corner to make it wider and higher. Reload page and see the error. But as they got the error without altering the code it would be best to harden the View::get_artefactchooser_artefacts() so it can deal with integer correctly. [WAR] f1 (lib/view.php:3841) get_class() expects parameter 1 to be object, int given Call stack (most recent first): log_message("get_class() expects parameter 1 to be object, int ...", 8, true, true, "/var/www/html/mahara.abc.xyz/lib/v...", 3841) at /var/www/html/mahara.abc.xyz/lib/errors.php:515 error(2, "get_class() expects parameter 1 to be object, int ...", "/var/www/html/mahara.abc.xyz/lib/v...", 3841, array(size 19)) at /var/www/html/mahara.abc.xyz/lib/view.php:3841 View::get_artefactchooser_artefacts(array(size 2), null, 603, null, true) at /var/www/html/mahara.abc.xyz/blocktype/lib.php:2336 BlockInstance->rebuild_artefact_list() at /var/www/html/mahara.abc.xyz/blocktype/lib.php:2275 BlockInstance->commit() at /var/www/html/mahara.abc.xyz/lib/view.php:2829 View->moveblockinstance(array(size 7)) at /var/www/html/mahara.abc.xyz/lib/view.php:2107 View->process_changes() at /var/www/html/mahara.abc.xyz/view/blocks.json.php:30 [WAR] f1 (lib/errors.php:853) Failed to get a recordset: mysqli error: [0: ] in EXECUTE("SELECT DISTINCT agg.* FROM (SELECT a.id, a.id AS b FROM "artefact" a LEFT JOIN "tag" t ON t.resourcetype = 'artefact' AND a.id = t.resourceid LEFT OUTER JOIN ( SELECT r.artefact, r.can_view, r.can_edit, m.group FROM "group_member" m JOIN "artefact" aa ON aa.group = m.group JOIN "artefact_access_role" r ON aa.id = r.artefact AND r.role = m.role WHERE m.group = ? AND m.member = ? AND r.can_view = 1 ) ga ON (ga.group = a.group AND a.id = ga.artefact) WHERE (a.institution = 'mahara' OR ga.can_view = 1 OR a.owner = ?) AND a.id = 291249) AS agg")Command was: SELECT DISTINCT agg.* FROM (SELECT a.id, a.id AS b FROM "artefact" a LEFT JOIN "tag" t ON t.resourcetype = 'artefact' AND a.id = t.resourceid LEFT OUTER JOIN ( SELECT r.artefact, r.can_view, r.can_edit, m.group FROM "group_member" m JOIN "artefact" aa ON aa.group = m.group JOIN "artefact_access_role" r ON aa.id = r.artefact AND r.role = m.role WHERE m.group = ? AND m.member = ? AND r.can_view = 1 ) ga ON (ga.group = a.group AND a.id = ga.artefact) WHERE (a.institution = 'mahara' OR ga.can_view = 1 OR a.owner = ?) AND a.id = 291249) AS agg and values was (0:1135) Call stack (most recent first): log_message("Failed to get a recordset: mysqli error: [0: ] in ...", 8, true, true) at /var/www/html/mahara.abc.xyz/lib/errors.php:89 log_warn("Failed to get a recordset: mysqli error: [0: ] in ...") at /var/www/html/mahara.abc.xyz/lib/errors.php:853 SQLException->__construct("Failed to get a recordset: mysqli error: [0: ] in ...") at /var/www/html/mahara.abc.xyz/lib/dml.php:540 get_recordset_sql("SELECT DISTINCT agg.* FROM (SELECT a.id, a.id AS b...", array(size 1), null, null) at /var/www/html/mahara.abc.xyz/lib/dml.php:720 get_records_sql_assoc("SELECT DISTINCT agg.* FROM (SELECT a.id, a.id AS b...", array(size 1), null, null) at /var/www/html/mahara.abc.xyz/lib/view.php:3967 View::get_artefactchooser_artefacts(array(size 2), null, 603, null, true) at /var/www/html/mahara.abc.xyz/blocktype/lib.php:2336 BlockInstance->rebuild_artefact_list() at /var/www/html/mahara.abc.xyz/blocktype/lib.php:2275 BlockInstance->commit() at /var/www/html/mahara.abc.xyz/lib/view.php:2829 View->moveblockinstance(array(size 7)) at /var/www/html/mahara.abc.xyz/lib/view.php:2107 View->process_changes() at /var/www/html/mahara.abc.xyz/view/blocks.json.php:30 To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1979921/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
