From d6b8832a3bc23bae689742ead8657c580630d20f Mon Sep 17 00:00:00 2001
From: David Siegfried <david.siegfried@uni-vechta.de>
Date: Thu, 12 May 2022 10:20:33 +0000
Subject: [PATCH] fix password-validation, closes #741
Closes #741
Merge request studip/studip!605
---
app/controllers/course/admission.php | 12 +++++++++---
.../passwordadmission/PasswordAdmission.class.php | 7 ++-----
.../passwordadmission/templates/configure.php | 13 ++++++-------
3 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/app/controllers/course/admission.php b/app/controllers/course/admission.php
index fad97551206..efc7c22bac9 100644
--- a/app/controllers/course/admission.php
+++ b/app/controllers/course/admission.php
@@ -405,6 +405,7 @@ class Course_AdmissionController extends AuthenticatedController
$rule_types = AdmissionRule::getAvailableAdmissionRules(true);
if (isset($rule_types[$type])) {
$rule = new $type($rule_id);
+ $another_rule = null;
if (isset($rule_types[$another_type])) {
$another_rule = new $another_type($another_rule_id);
}
@@ -418,11 +419,16 @@ class Course_AdmissionController extends AuthenticatedController
return;
} else {
CSRFProtection::verifyUnsafeRequest();
- $rule->setAllData(Request::getInstance());
$errors = $rule->validate(Request::getInstance());
+ if (empty($errors)) {
+ $rule->setAllData(Request::getInstance());
+ }
if ($another_rule) {
- $another_rule->setAllData(Request::getInstance());
- $errors = array_merge($errors, $another_rule->validate(Request::getInstance()));
+ $another_errors = $another_rule->validate(Request::getInstance());
+ if (empty($another_errors)) {
+ $another_rule->setAllData(Request::getInstance());
+ }
+ $errors = array_merge($errors, $another_errors);
}
if (!mb_strlen(trim(Request::get('instant_course_set_name')))) {
$errors[] = _("Bitte geben Sie einen Namen für die Anmelderegel ein!");
diff --git a/lib/admissionrules/passwordadmission/PasswordAdmission.class.php b/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
index 08a687d3207..c0aa97070a7 100644
--- a/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
+++ b/lib/admissionrules/passwordadmission/PasswordAdmission.class.php
@@ -140,7 +140,7 @@ class PasswordAdmission extends AdmissionRule
*
* @param String userId
* @param String courseId
- * @return Boolean
+ * @return array
*/
public function ruleApplies($userId, $courseId)
{
@@ -235,7 +235,4 @@ class PasswordAdmission extends AdmissionRule
}
return $errors;
}
-
-} /* end of class PasswordAdmission */
-
-?>
+}
diff --git a/lib/admissionrules/passwordadmission/templates/configure.php b/lib/admissionrules/passwordadmission/templates/configure.php
index 7e067f6db59..e9ccac1618f 100644
--- a/lib/admissionrules/passwordadmission/templates/configure.php
+++ b/lib/admissionrules/passwordadmission/templates/configure.php
@@ -1,15 +1,14 @@
<h3><?= htmlReady($rule->getName()) ?></h3>
-<label for="message" class="caption">
+<label>
<?= _('Nachricht bei fehlgeschlagener Anmeldung') ?>:
+ <textarea name="message" rows="4" cols="50"><?= htmlReady($rule->getMessage()) ?></textarea>
</label>
-<textarea name="message" rows="4" cols="50"><?= $rule->getMessage() ?></textarea>
-<br/>
-<label for="password1" class="caption">
+<label>
<?= _('Zugangspasswort') ?>:
+ <input type="password" name="password1" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required>
</label>
-<input type="password" name="password1" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required/>
<br/>
-<label for="password2" class="caption">
+<label>
<?= _('Passwort wiederholen') ?>:
+ <input type="password" name="password2" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required>
</label>
-<input type="password" name="password2" size="25" max="40" value="<?= htmlReady($rule->getPassword()) ?>" required/>
\ No newline at end of file
--
GitLab