Merge pull request #238 from michael-milette/fix-201

Fix 201: Process report names / filenames through Moodle filters
jleyva · Oct 3, 2024 · a6d3a0a · a6d3a0a
2 parents a98f23f + d4fd062
commit a6d3a0a
Show file tree

Hide file tree

Showing 7 changed files with 13 additions and 9 deletions.
diff --git a/components/customsql/form.php b/components/customsql/form.php
@@ -131,7 +131,7 @@ public function validation_high_security($data, $files): array {
 
  } else if (strpos($sql, ';') !== false) {
  // Do not allow any semicolons.
- $errors['querysql'] = get_string('nosemicolon', 'report_customsql');
+ $errors['querysql'] = get_string('nosemicolon', 'block_configurable_reports');
 
  } else if ($CFG->prefix != '' && preg_match('/\b' . $CFG->prefix . '\w+/i', $sql)) {
  // Make sure prefix is prefix_, not explicit.

diff --git a/editcomp.php b/editcomp.php
@@ -135,9 +135,9 @@
 $managereporturl = new moodle_url('/blocks/configurable_reports/managereport.php', ['courseid' => $courseid]);
 $PAGE->navbar->add(get_string('managereports', 'block_configurable_reports'), $managereporturl);
 
-$PAGE->navbar->add($report->name);
-
 $title = format_string($report->name);
+$PAGE->navbar->add($title);
+
 $PAGE->set_title($title);
 $PAGE->set_heading($title);
 $PAGE->set_cacheable(true);

diff --git a/export/csv/export.php b/export/csv/export.php
@@ -34,8 +34,9 @@ function export_report($report) {
  require_once($CFG->libdir . '/csvlib.class.php');
 
  $table = $report->table;
+
  $matrix = [];
- $filename = 'report';
+ $filename = format_string($report->name) ?? 'report';
 
  if (!empty($table->head)) {
  foreach ($table->head as $key => $heading) {

diff --git a/export/json/export.php b/export/json/export.php
@@ -31,7 +31,8 @@
  */
 function export_report($report) {
  $table = $report->table;
- $filename = 'report_' . (time()) . '.json';
+ $report_name = format_string($report->name) ?? 'report';
+ $filename = $report_name.'_'.(time()).'.json';
  $json = [];
  $headers = $table->head;
  foreach ($table->data as $data) {

diff --git a/export/ods/export.php b/export/ods/export.php
@@ -35,7 +35,8 @@ function export_report($report) {
 
  $table = $report->table;
  $matrix = [];
- $filename = 'report_' . (time()) . '.ods';
+ $reportname = format_string($report->name) ?? 'report';
+ $filename = $reportname . (time()) . '.ods';
 
  if (!empty($table->head)) {
  foreach ($table->head as $key => $heading) {

diff --git a/export/xls/export.php b/export/xls/export.php
@@ -35,7 +35,8 @@ function export_report($report) {
 
  $table = $report->table;
  $matrix = [];
- $filename = 'report_' . (time()) . '.xls';
+ $reportname = format_string($report->name) ?? 'report';
+ $filename = $reportname . (time()) . '.xls';
 
  if (!empty($table->head)) {
  foreach ($table->head as $key => $heading) {

diff --git a/report.class.php b/report.class.php
@@ -85,6 +85,8 @@ abstract class report_base {
  * @var null
  */
  public $filterform = null;
+ public $config;
+ public $currentcourseid;
 
  /**
  * @var int
@@ -1028,5 +1030,3 @@ public function utf8_strrev(string $str): string {
  }
 
 }
-
-