Saving a skin doesn't look to sanitize the values before saving to a serialized object
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Robert Lyon | ||
20.10 |
Fix Released
|
High
|
Unassigned | ||
21.04 |
Fix Released
|
High
|
Unassigned | ||
21.10 |
Fix Released
|
High
|
Unassigned | ||
22.04 |
Fix Released
|
High
|
Robert Lyon |
Bug Description
The $values when being saved to a skin either via designskinform_
Also there is a bug which is causing skins not to re-save after an upgrade
by default when you create a skin object it does an array merge with the defaults
but if you pull the viewskin out directly and un-serialize (like in style/skin.php)
it doesn't do the array merge with the defaults and a bunch of the values are unset
which causes a crash when it tries to do operations on null.
However, when you save it again, manually, it manages to update the values to include the new defaults so that bit works.
Need to tidy up these issues
Changed in mahara: | |
milestone: | none → 22.04.0 |
Changed in mahara: | |
status: | New → In Progress |
Changed in mahara: | |
assignee: | nobody → Robert Lyon (robertl-9) |
Changed in mahara: | |
status: | In Progress → Fix Committed |
information type: | Private Security → Public Security |
https:/ /reviews. mahara. org/c/mahara/ +/12547 for part of the problem