MDL-20169 fixed coding style, parameter type required

backup/backup.php

@@ -8,10 +8,10 @@
     require_once ("backuplib.php");
     require_once ("$CFG->libdir/adminlib.php");
 
-    $id = optional_param( 'id' );       // course id
-    $to = optional_param( 'to' ); // id of course to import into afterwards.
-    $cancel = optional_param( 'cancel' );
-    $launch = optional_param( 'launch' );
+    $id = optional_param('id', 0, PARAM_INT);       // course id
+    $to = optional_param('to', 0, PARAM_INT); // id of course to import into afterwards.
+    $cancel = optional_param('cancel', '', PARAM_RAW);
+    $launch = optional_param('launch', '', PARAM_ACTION);
 
     $loginurl = get_login_url();
 

backup/backup_form.html

@@ -54,23 +54,23 @@
             //Check data
             //Check module info
             $var = "backup_".$modname;
-            $$var = optional_param( $var,1);
+            $$var = optional_param( $var,1, PARAM_CLEAN);
             //Check include user info
             $var = "backup_user_info_".$modname;
-            $$var = optional_param( $var,1);
+            $$var = optional_param( $var,1, PARAM_CLEAN);
         }
     }
 
     //Check other parameters
-    $backup_metacourse = optional_param('backup_metacourse',1);
-    $backup_users = optional_param('backup_users',1);
-    $backup_logs = optional_param('backup_logs',0);
-    $backup_user_files = optional_param('backup_user_files',1);
-    $backup_course_files = optional_param('backup_course_files',1);
-    $backup_site_files = optional_param('backup_site_files',1);
+    $backup_metacourse = optional_param('backup_metacourse',1, PARAM_BOOL);
+    $backup_users = optional_param('backup_users',1, PARAM_BOOL);
+    $backup_logs = optional_param('backup_logs',0, PARAM_BOOL);
+    $backup_user_files = optional_param('backup_user_files',1, PARAM_BOOL);
+    $backup_course_files = optional_param('backup_course_files',1, PARAM_BOOL);
+    $backup_site_files = optional_param('backup_site_files',1, PARAM_BOOL);
     $backup_gradebook_history =  optional_param('backup_gradebook_history', 0, PARAM_INT);
-    $backup_messages = optional_param('backup_messages',1);
-    $backup_blogs = optional_param('backup_blogs',1);
+    $backup_messages = optional_param('backup_messages',1, PARAM_BOOL);
+    $backup_blogs = optional_param('backup_blogs',1, PARAM_BOOL);
 
     if ($count == 0) {
         notice("No backupable modules are installed!");
@@ -175,11 +175,11 @@
                 foreach ($instances as $instance) {
                     echo '<tr><td>';
                     $var = 'backup_'.$modname.'_instance_'.$instance->id;
-                    $$var = optional_param($var,1);
+                    $$var = optional_param($var,1, PARAM_CLEAN);
                     print_checkbox($var,$$var,$$var,$instance->name,$instance->name,'this.form.elements[\'backup_'.$modname.'\'].checked=1;');
                     echo '</td><td align="right">&nbsp;';
                     $var = 'backup_user_info_'.$modname.'_instance_'.$instance->id;
-                    $$var = optional_param($var,1);
+                    $$var = optional_param($var,1, PARAM_CLEAN);
                     if (empty($to)) {
                         print_checkbox($var,$$var,$$var,get_string('userdata'),'','this.form.elements[\'backup_user_info_'.$modname.'\'].checked=1;');
                     } else {

backup/backuplib.php

@@ -2724,11 +2724,11 @@ function backup_fetch_prefs_from_request(&$preferences,&$count,$course) {
                 foreach ($preferences->$varname as $instance) {
                     $preferences->mods[$modname]->instances[$instance->id]->name = $instance->name;
                     $var = 'backup_'.$modname.'_instance_'.$instance->id;
-                    $$var = optional_param($var,0);
+                    $$var = optional_param($var,0, PARAM_CLEAN);
                     $preferences->$var = $$var;
                     $preferences->mods[$modname]->instances[$instance->id]->backup = $$var;
                     $var = 'backup_user_info_'.$modname.'_instance_'.$instance->id;
-                    $$var = optional_param($var,0);
+                    $$var = optional_param($var,0, PARAM_CLEAN);
                     $preferences->$var = $$var;
                     $preferences->mods[$modname]->instances[$instance->id]->userinfo = $$var;
                     $var = 'backup_'.$modname.'_instances';
@@ -2740,13 +2740,13 @@ function backup_fetch_prefs_from_request(&$preferences,&$count,$course) {
                 $preferences->mods[$modname]->name = $modname;
 
                 $var = "backup_".$modname;
-                $$var = optional_param( $var,0);
+                $$var = optional_param( $var,0, PARAM_CLEAN);
                 $preferences->$var = $$var;
                 $preferences->mods[$modname]->backup = $$var;
 
                 //Check include user info
                 $var = "backup_user_info_".$modname;
-                $$var = optional_param( $var,0);
+                $$var = optional_param( $var,0, PARAM_CLEAN);
                 $preferences->$var = $$var;
                 $preferences->mods[$modname]->userinfo = $$var;
 

backup/restore.php

@@ -14,12 +14,12 @@
     require_once("$CFG->libdir/adminlib.php");
 
     //Optional
-    $id = optional_param( 'id' );
-    $file = optional_param( 'file' );
-    $cancel = optional_param( 'cancel' );
-    $launch = optional_param( 'launch' );
-    $to = optional_param( 'to' );
-    $method = optional_param( 'method' );
+    $id = optional_param('id', 0, PARAM_INT);
+    $file = optional_param( 'file', 0, PARAM_PATH);
+    $cancel = optional_param('cancel', '', PARAM_RAW);
+    $launch = optional_param( 'launch', '', PARAM_ACTION);
+    $to = optional_param('to', '', PARAM_INT);
+    $method = optional_param('method', '', PARAM_ACTION);
     $backup_unique_code = optional_param('backup_unique_code',0,PARAM_INT);
 
     //Get and check course

backup/restore_check.html

@@ -68,9 +68,9 @@
             foreach ($allmods as $mod) {
                 $modname = $mod->name;
                 $var = "restore_".$modname;
-                $$var = optional_param( $var,0);
+                $$var = optional_param( $var,0, PARAM_CLEAN);
                 $var = "restore_user_info_".$modname;
-                $$var = optional_param( $var,0);
+                $$var = optional_param( $var,0, PARAM_CLEAN);
                 $instances = !empty($info->mods[$mod->name]->instances) ? $info->mods[$mod->name]->instances : NULL;
                 if ($instances === NULL) {
                     continue;

backup/restore_form.html

@@ -370,11 +370,11 @@
                             foreach ($instances as $instance) {
                                 echo '<tr><td>';
                                 $var = 'restore_'.$modname.'_instance_'.$instance->id;
-                                $$var = optional_param($var,1);
+                                $$var = optional_param($var,1, PARAM_CLEAN);
                                 print_checkbox($var,$$var,$$var,$instance->name,$instance->name,'this.form.elements[\'restore_'.$modname.'\'].checked=1;');
                                 echo '</td><td align="right">&nbsp;';
                                 $var = 'restore_user_info_'.$modname.'_instance_'.$instance->id;
-                                $$var = optional_param($var,1);
+                                $$var = optional_param($var,1, PARAM_CLEAN);
                                 if (!empty($info->mods[$modname]->instances) && ($info->mods[$modname]->instances[$instance->id]->userinfo == 'true')) {
                                     print_checkbox($var,$$var,$$var,get_string('userdata'),'','this.form.elements[\'restore_user_info_'.$modname.'\'].checked=1;');
                                 } else {

enrol/authorize/locallib.php

@@ -339,7 +339,7 @@ function authorize_print_order($orderid)
             print_error('refoundtoorigi', '',
                     "$CFG->wwwroot/enrol/authorize/index.php?order=$orderid", $order->amount);
         }
-        $amount = round(optional_param('amount', $upto), 2);
+        $amount = round(optional_param('amount', $upto, PARAM_RAW), 2);
         if ($amount > $upto) {
             print_error('refoundto', '',
                     "$CFG->wwwroot/enrol/authorize/index.php?order=$orderid", $upto);

lib/tablelib.php

@@ -516,7 +516,7 @@ function setup() {
             $this->sess->i_last  = '';
         }
 
-        $this->currpage = optional_param($this->request[TABLE_VAR_PAGE], 0);
+        $this->currpage = optional_param($this->request[TABLE_VAR_PAGE], 0, PARAM_INT);
         $this->setup = true;
 
     /// Always introduce the "flexible" class for the table if not specified

mod/hotpot/attempt.php

@@ -261,7 +261,7 @@ function hotpot_set_attempt_details(&$attempt) {
                 $responsevalue[$key] = clean_param($value, PARAM_CLEAN);
             }
         } else {
-            $responsevalue = optional_param($responsefield, '');
+            $responsevalue = optional_param($responsefield, '', PARAM_CLEAN);
         }
         if (is_array($responsevalue)) {
             // incomplete jquiz multi-select

mod/lesson/essay.php

@@ -83,7 +83,7 @@
             break;
         case 'update':
             if (confirm_sesskey() and $form = data_submitted()) {
-                if (optional_param('cancel', 0)) {
+                if (optional_param('cancel', 0, PARAM_RAW)) {
                     redirect("$CFG->wwwroot/mod/lesson/essay.php?id=$cm->id");
                 }
 

mod/lesson/view.php

@@ -157,7 +157,7 @@
                 }
             }
 
-        } else if ($lesson->highscores and !$lesson->practice and !optional_param('viewed', 0) and empty($pageid)) {
+        } else if ($lesson->highscores and !$lesson->practice and !optional_param('viewed', 0, PARAM_INT) and empty($pageid)) {
             // Display high scores before starting lesson
             redirect("$CFG->wwwroot/mod/lesson/highscores.php?id=$cm->id");
         }

mod/quiz/edit.php

@@ -311,7 +311,7 @@ function module_specific_controls($totalnumber, $recurse, $category, $cmid, $cmo
     redirect($thispageurl);
 }
 
-if (optional_param('addnewpagesafterselected', null) && !empty($selectedquestionids) && confirm_sesskey()) {
+if (optional_param('addnewpagesafterselected', null, PARAM_CLEAN) && !empty($selectedquestionids) && confirm_sesskey()) {
     foreach ($selectedquestionids as $questionid) {
         $quiz->questions = quiz_add_page_break_after($quiz->questions, $questionid);
     }

mod/wiki/ewiki/ewiki.php

@@ -785,10 +785,10 @@ function ewiki_page_view($id, &$data, $action, $all=1) {
     further whenever desired
 */
 function ewiki_id() {
-   ($id = optional_param("id", '')) or
-   ($id = optional_param("name", '')) or
-   ($id = optional_param("page", '')) or
-   ($id = optional_param("file", '')) or
+   ($id = optional_param("id", '', PARAM_CLEAN)) or
+   ($id = optional_param("name", '', PARAM_CLEAN)) or
+   ($id = optional_param("page", '', PARAM_CLEAN)) or
+   ($id = optional_param("file", '', PARAM_CLEAN)) or
    (EWIKI_USE_PATH_INFO) and ($id = ltrim(@$_SERVER["PATH_INFO"], "/")) or
    (!isset($_REQUEST["id"])) and ($id = trim(strtok($_SERVER["QUERY_STRING"], "&")));
    if (!strlen($id) || ($id=="id=")) {
@@ -1544,8 +1544,8 @@ function ewiki_data_update(&$data, $author="") {
 function ewiki_page_edit_form(&$id, &$data, &$hidden_postdata) {
    global $ewiki_plugins, $ewiki_config, $moodle_format;   
 
-   $content = optional_param('content', '');
-   $version = optional_param('version', '');
+   $content = optional_param('content', '', PARAM_CLEAN);
+   $version = optional_param('version', '', PARAM_CLEAN);
 
    $o='';
 
@@ -2562,7 +2562,7 @@ function ewiki_binary($break=0) {
    global $ewiki_plugins;
    global $USER;   // MOODLE
 
-   $id = optional_param(EWIKI_UP_BINARY, '');
+   $id = optional_param(EWIKI_UP_BINARY, '', PARAM_CLEAN);
 
    #-- reject calls
    if (!strlen($id) || !EWIKI_IDF_INTERNAL) {

mod/wiki/ewiki/plugins/email_protect.php

@@ -235,7 +235,7 @@ function ewiki_email_protect_feedbots() {
 
     global $ewiki_config;
 
-    $ewiki_up_requestlv = optional_param(EWIKI_UP_REQUESTLV, 0);
+    $ewiki_up_requestlv = optional_param(EWIKI_UP_REQUESTLV, 0, PARAM_CLEAN);
 
     $html = "";
     srand(time()/17-1000*microtime());

mod/wiki/ewiki/plugins/moodle/downloads.php

@@ -144,7 +144,7 @@ function ewiki_page_fileupload($id, $data, $action, $def_sec="") {
       if (($s = $upload_file["name"]) && (strlen($s) >= 3)
          || ($s = substr(md5(time()+microtime()),0,8) . ".dat"))
       {
-         if (strlen($uu = trim(optional_param("new_filename",''))) >= 3) {
+         if (strlen($uu = trim(optional_param("new_filename",'', PARAM_FILE))) >= 3) {
             if ($uu != $s) {
                $meta["Original-Filename"] = $s;
             }
@@ -156,7 +156,7 @@ function ewiki_page_fileupload($id, $data, $action, $def_sec="") {
          ($p = strrpos($s, '\\')) and ($p++);
          $meta["Content-Disposition"] = 'attachment; filename="'.urlencode(substr($s, $p)).'"';
       }
-      if (strlen($sect = optional_param("section",''))) {
+      if (strlen($sect = optional_param("section",'', PARAM_CLEAN))) {
          if ($ewiki_upload_sections[$sect]
             || ($action==EWIKI_ACTION_ATTACHMENTS) && ($data["content"])
                && strlen($ewiki_plugins["action"][EWIKI_ACTION_ATTACHMENTS])) {
@@ -168,7 +168,7 @@ function ewiki_page_fileupload($id, $data, $action, $def_sec="") {
             return($o);
          }
       }
-      if (strlen($s = trim(optional_param("comment",'')))) {
+      if (strlen($s = trim(optional_param("comment",'', PARAM_CLEAN)))) {
          $meta["comment"] = $s;
       }
 

mod/wiki/ewiki/plugins/moodle/moodle_wikidump.php

@@ -60,7 +60,7 @@ function moodle_ewiki_page_wiki_dump($id=0, $data=0, $action=0) {
     $cont=ewiki_page_wiki_dump_send($binaries, 
                                 $exportformatval, 
                                 $withvirtualpages, 
-                                optional_param("exportdestinations", null));
+                                optional_param("exportdestinations", null,PARAM_CLEAN));
   }  
   if($cont===false) {
      die;