Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-79577

Site can be inaccessible if certain text format is saved in customusermenuitems setting with debugger on

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 4.2.6, 4.3.3
    • 4.1.5
    • Themes
    • MOODLE_401_STABLE
    • MOODLE_402_STABLE, MOODLE_403_STABLE
    • MDL-79577-403
    • Hide
      1. Log in as admin
      2. Navigate to Appearance > Theme settings in site administration
        • On main, navigate to Appearance > Advanced theme settings instead
      3. Set User menu items to the following and save: 

        profile,|/user/profile.php
        		 
        grades,grades|/grade/report/mygrades.php
        		 
        calendar,core_calendar|/calendar/view.php?view=month
        		 
        privatefiles,/user/files.php
        		 
        reports,core_reportbuilder|/reportbuilder/index.php

      4. Confirm there are no errors
      5. Open user menu
      6. Confirm Profile item is present in menu
      7. Confirm there is no reference to private files in menu
      Show
      Log in as admin Navigate to Appearance > Theme settings in site administration On main, navigate to Appearance > Advanced theme settings instead Set User menu items to the following and save: profile,|/user/profile.php grades,grades|/grade/report/mygrades.php calendar,core_calendar|/calendar/view.php?view=month privatefiles,/user/files.php reports,core_reportbuilder|/reportbuilder/index.php Confirm there are no errors Open user menu Confirm Profile item is present in menu Confirm there is no reference to private files in menu

      Steps to replicate:

      In a site with debugger on and theme Boost.

      • Login as admin.
      • Go to Theme settings in site administration (/admin/settings.php?section=themesettings). 
      • Go to the User menu items setting (customusermenuitems).
      • Set the following value in that setting:
        • reports,reportbuilder/index.php
      • Save changes.
      • Site is now inaccesible. 

       

      The correct way to set that setting would be `reports,core_reportbuilder|/reportbuilder/index.php`, but this can be done by mistake and I think that there could be an additional validation to avoid that error. 

       

      Thank you. 

        1. MDL-79577.png
          MDL-79577.png
          314 kB
        2. image-2023-10-03-09-18-54-527.png
          image-2023-10-03-09-18-54-527.png
          460 kB

            pholden Paul Holden
            daniel.cifuentes Daniel Cifuentes
            Glyn (Mathew) May Glyn (Mathew) May
            Sara Arjona (@sarjona) Sara Arjona (@sarjona)
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            0 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 30 minutes
                1h 30m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.