Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quiz end with invalid attempt key causes fatal error #2824

Closed
4 tasks
brianhogg opened this issue Dec 3, 2024 · 0 comments
Closed
4 tasks

Quiz end with invalid attempt key causes fatal error #2824

brianhogg opened this issue Dec 3, 2024 · 0 comments
Assignees
@brianhogg
Labels
Status: Has PR This issue has an open pull request

Comments

@brianhogg
Copy link
Contributor

brianhogg commented Dec 3, 2024
edited
Loading

Reproduction Steps

I believe this would only happen if someone is maliciously trying to change the attempt ID when ending a quiz. Testing the fix for this is just going through and exiting a quiz early, and ensuring it can be completed.

Expected Behavior

No fatal error

Actual Behavior

Error message shown below if the attempt key for the quiz is invalid.

Error Messages / Logs

  • Include any relevant error messages or log files
NOTICE: PHP message: PHP Fatal error:  Uncaught Error: Call to a member function end() on bool in /www/wp-content/plugins/lifterlms/includes/class.llms.ajax.handler.php:953"

This issue has be recreated:

  • Locally
  • On a staging site
  • On a production website
  • With only LifterLMS and a default theme

HS-250772
@ideadude ideadude moved this to Awaiting Triage in Development Dec 3, 2024
@ideadude ideadude self-assigned this Dec 3, 2024
@brianhogg brianhogg mentioned this issue Dec 3, 2024
Merged
4 tasks
@brianhogg brianhogg moved this from Awaiting Triage to Awaiting Review in Development Dec 11, 2024
@brianhogg brianhogg added the Status: Has PR This issue has an open pull request label Dec 11, 2024
@brianhogg brianhogg assigned brianhogg and unassigned ideadude Dec 12, 2024
@github-project-automation github-project-automation bot moved this from Awaiting Review to Done in Development Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brianhogg brianhogg

Labels
Status: Has PR This issue has an open pull request
Projects
Development
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@brianhogg @ideadude