Please unblock moodle-1.8.2-2
Hello,
There is currently a freeze exception for version 1.8.2-1.3 of the moodle
package. However that version never made it to testing since it didn't fix
all of the RC bugs.
All RC bug have been fixed in 1.8.2-2 so I would like to suggest that this
version be unblocked instead.
Attached to this email is a debdiff between -1.3 and -2.
Please note that the package is no longer orphaned and now has a committed
maintenance team behind it.
Cheers,
Francois
diff -u moodle-1.8.2/debian/rules moodle-1.8.2/debian/rules
--- moodle-1.8.2/debian/rules
+++ moodle-1.8.2/debian/rules
@@ -45,6 +45,7 @@
rm debian/moodle/usr/share/moodle/search/Zend/LICENSE.txt
rm debian/moodle/usr/share/moodle/lib/smarty/COPYING.lib
rm debian/moodle/usr/share/moodle/iplookup/ipatlas/COPYING
+ rm debian/moodle/usr/share/moodle/lib/libcurlemu/LICENSE
find debian/moodle/usr -type f -exec chmod 644 {} \;
find debian/moodle/usr -type d -exec chmod 755 {} \;
@@ -56,6 +57,11 @@
chmod 755 debian/moodle/usr/share/moodle/admin/process_email.php
rm -f debian/moodle/usr/share/moodle/filter/tex/*mimetex*
rm -f debian/moodle/usr/share/moodle/admin/delete.php
+ rm -f debian/moodle/usr/share/moodle/mod/wiki/ewiki/fragments/mkhuge
+ rm -f debian/moodle/usr/share/moodle/search/.cvsignore
+
+ rm -rf debian/moodle/usr/share/moodle/lib/smarty
+ rm -rf debian/moodle/usr/share/moodle/lib/yui
dh_installdebconf
dh_link
diff -u moodle-1.8.2/debian/changelog moodle-1.8.2/debian/changelog
--- moodle-1.8.2/debian/changelog
+++ moodle-1.8.2/debian/changelog
@@ -1,3 +1,37 @@
+moodle (1.8.2-2) unstable; urgency=high
+
+ * Adopt orphaned package (closes: #494642)
+ * Acknowledge security NMU (closes: #489533, #432264)
+ * Add Vcs-* fields to debian/control
+
+ Release-critical and security bugs:
+
+ * Depend on smarty instead of using the embedded copy that is shipped
+ with Moodle (closes: #471158, #488525, #504345)
+ * Patch security bug in the embedded (and customised) copy of phpmailer
+ (CVE-2007-3215, closes: #429339, #429190)
+ * Patch cross-site scripting bug (CVE-2008-3326, closes: #492492)
+ * Patch snoopy input sanitising (CVE-2008-4796, closes: #504235)
+ * Upgrade to new LGPL version of domxml-php4-to-php5 (closes: #496069)
+
+ Trivial bug fixes:
+
+ * Depend on zip (closes: #408995)
+ * Add mysql-client as an alternative to postgresql-client
+ (closes: #417554, #469094)
+ * Recommend php5-ldap (closes: #425839)
+ * Delete unnecessary script with bashisms (closes: #489634)
+
+ Lintian warnings:
+
+ * Bump Standards-Version to 3.8.0
+ * Add homepage field to debian/control
+ * Remove cvsignore file
+ * Remove extra license file
+ * Depend on yui instead of using an embedded copy
+
+ -- Francois Marier <francois@debian.org> Fri, 07 Nov 2008 08:24:28 +1300
+
moodle (1.8.2-1.3) unstable; urgency=high
* Non-maintainer upload by the Security Team.
diff -u moodle-1.8.2/debian/copyright moodle-1.8.2/debian/copyright
--- moodle-1.8.2/debian/copyright
+++ moodle-1.8.2/debian/copyright
@@ -30,6 +30,7 @@
htmlArea, licensed under a BSD license (see below)
TinyMCE, licensed under the LGPL
bennu, licensed under the LGPL
+ domxmlphp4-php5, licensed under the LGPL
LGPL can be found in the file /usr/share/common-licenses/LGPL,
GPL can be found in the file /usr/share/common-licenses/GPL, and
diff -u moodle-1.8.2/debian/postinst moodle-1.8.2/debian/postinst
--- moodle-1.8.2/debian/postinst
+++ moodle-1.8.2/debian/postinst
@@ -132,6 +132,10 @@
ln -s /etc/moodle/config.php $moodledir/config.php
fi
+ # Links to external libraries
+ [ ! -h /usr/share/moodle/lib/smarty ] && ln -s /usr/share/php/smarty/libs /usr/share/moodle/lib/smarty
+ [ ! -h /usr/share/moodle/lib/yui ] && ln -s /var/www/yui /usr/share/moodle/lib/yui
+
# Care about the repository
repository=/var/lib/moodle
if [ -d $repository ]; then
diff -u moodle-1.8.2/debian/control moodle-1.8.2/debian/control
--- moodle-1.8.2/debian/control
+++ moodle-1.8.2/debian/control
@@ -1,16 +1,20 @@
Source: moodle
Section: web
Priority: optional
-Maintainer: Isaac Clerencia <isaac@debian.org>
+Maintainer: Moodle Packaging Team <moodle-packaging@catalyst.net.nz>
+Uploaders: Francois Marier <francois@debian.org>, Penny Leach <penny@mjollnir.org>, Mathieu Petit-Clair <mat@moodle.com>
Build-Depends-Indep: po-debconf
Build-Depends: debhelper (>= 4.1.13), dpatch
-Standards-Version: 3.7.2
+Standards-Version: 3.8.0
+Homepage: http://www.moodle.org/
+Vcs-Git: git://git.debian.org/git/pkg-moodle/moodle.git
+Vcs-Browser: http://git.debian.org/?p=pkg-moodle/moodle.git;a=summary
Package: moodle
Architecture: all
-Depends: ${misc:Depends}, libapache2-mod-php5 | php5-cgi, php5-pgsql | php5-mysql, php5-gd, php5-curl, php5-cli, apache2-mpm-prefork | httpd, wwwconfig-common (>= 0.0.7), mimetex, ucf, postgresql-client
+Depends: ${misc:Depends}, libapache2-mod-php5 | php5-cgi, php5-pgsql | php5-mysql, php5-gd, php5-curl, php5-cli, apache2-mpm-prefork | httpd, wwwconfig-common (>= 0.0.7), mimetex, ucf, postgresql-client | mysql-client, zip, smarty, yui
Pre-Depends: debconf (>= 0.5) | debconf-2.0
-Recommends: postgresql | mysql-server
+Recommends: postgresql | mysql-server, php5-ldap
Description: Course Management System for Online Learning
Moodle (Modular Object-Oriented Dynamic Learning Environment) is a course
management system - a software package designed to help educators create
only in patch2:
unchanged:
--- moodle-1.8.2.orig/auth/cas/CAS/domxml-php4-php5.php
+++ moodle-1.8.2/auth/cas/CAS/domxml-php4-php5.php
@@ -1,277 +1,498 @@
-<?php
-/**
- * @file domxml-php4-php5.php
- * Require PHP5, uses built-in DOM extension.
- * To be used in PHP4 scripts using DOMXML extension.
- * Allows PHP4/DOMXML scripts to run on PHP5/DOM.
- * (Requires PHP5/XSL extension for domxml_xslt functions)
- *
- * Typical use:
- * <pre>
- * {
- * if (version_compare(PHP_VERSION,'5','>='))
- * require_once('domxml-php4-to-php5.php');
- * }
- * </pre>
- *
- * Version 1.5.5, 2005-01-18, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
- *
- * ------------------------------------------------------------------<br>
- * Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/
- *
- * Copyright 2004, Licence: Creative Commons "Attribution-ShareAlike 2.0 France" BY-SA (FR),
- * http://creativecommons.org/licenses/by-sa/2.0/fr/
- * http://alexandre.alapetite.net/divers/apropos/#by-sa
- * - Attribution. You must give the original author credit
- * - Share Alike. If you alter, transform, or build upon this work,
- * you may distribute the resulting work only under a license identical to this one
- * - The French law is authoritative
- * - Any of these conditions can be waived if you get permission from Alexandre Alapetite
- * - Please send to Alexandre Alapetite the modifications you make,
- * in order to improve this file for the benefit of everybody
- *
- * If you want to distribute this code, please do it as a link to:
- * http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
- */
-
-function domxml_new_doc($version) {return new php4DOMDocument('');}
-function domxml_open_file($filename) {return new php4DOMDocument($filename);}
-function domxml_open_mem($str)
-{
- $dom=new php4DOMDocument('');
- $dom->myDOMNode->loadXML($str);
- return $dom;
-}
-function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->query($eval_str,$contextnode);}
-function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}
-
-class php4DOMAttr extends php4DOMNode
-{
- function php4DOMAttr($aDOMAttr) {$this->myDOMNode=$aDOMAttr;}
- function Name() {return $this->myDOMNode->name;}
- function Specified() {return $this->myDOMNode->specified;}
- function Value() {return $this->myDOMNode->value;}
-}
-
-class php4DOMDocument extends php4DOMNode
-{
- function php4DOMDocument($filename='')
- {
- $this->myDOMNode=new DOMDocument();
- if ($filename!='') $this->myDOMNode->load($filename);
- }
- function create_attribute($name,$value)
- {
- $myAttr=$this->myDOMNode->createAttribute($name);
- $myAttr->value=$value;
- return new php4DOMAttr($myAttr,$this);
- }
- function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);}
- function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);}
- function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);}
- function create_text_node($content) {return new php4DOMNode($this->myDOMNode->createTextNode($content),$this);}
- function document_element() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
- function dump_file($filename,$compressionmode=false,$format=false) {return $this->myDOMNode->save($filename);}
- function dump_mem($format=false,$encoding=false) {return $this->myDOMNode->saveXML();}
- function get_element_by_id($id) {return new php4DOMElement($this->myDOMNode->getElementById($id),$this);}
- function get_elements_by_tagname($name)
- {
- $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this);
- $i++;
- }
- return $nodeSet;
- }
- function html_dump_mem() {return $this->myDOMNode->saveHTML();}
- function root() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
-}
-
-class php4DOMElement extends php4DOMNode
-{
- function get_attribute($name) {return $this->myDOMNode->getAttribute($name);}
- function get_elements_by_tagname($name)
- {
- $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);}
- function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);}
- function set_attribute($name,$value) {return $this->myDOMNode->setAttribute($name,$value);}
- function tagname() {return $this->myDOMNode->tagName;}
-}
-
-class php4DOMNode
-{
- var $myDOMNode;
- var $myOwnerDocument;
- function php4DOMNode($aDomNode,$aOwnerDocument)
- {
- $this->myDOMNode=$aDomNode;
- $this->myOwnerDocument=$aOwnerDocument;
- }
- function __get($name)
- {
- if ($name=='type') return $this->myDOMNode->nodeType;
- elseif ($name=='tagname') return $this->myDOMNode->tagName;
- elseif ($name=='content') return $this->myDOMNode->textContent;
- else
- {
- $myErrors=debug_backtrace();
- trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE);
- return false;
- }
- }
- function append_child($newnode) {return new php4DOMElement($this->myDOMNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
- function append_sibling($newnode) {return new php4DOMElement($this->myDOMNode->parentNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
- function attributes()
- {
- $myDOMNodeList=$this->myDOMNode->attributes;
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function child_nodes()
- {
- $myDOMNodeList=$this->myDOMNode->childNodes;
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function children() {return $this->child_nodes();}
- function clone_node($deep=false) {return new php4DOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);}
- function first_child() {return new php4DOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);}
- function get_content() {return $this->myDOMNode->textContent;}
- function has_attributes() {return $this->myDOMNode->hasAttributes();}
- function has_child_nodes() {return $this->myDOMNode->hasChildNodes();}
- function insert_before($newnode,$refnode) {return new php4DOMElement($this->myDOMNode->insertBefore($newnode->myDOMNode,$refnode->myDOMNode),$this->myOwnerDocument);}
- function is_blank_node()
- {
- $myDOMNodeList=$this->myDOMNode->childNodes;
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- if (($node->nodeType==XML_ELEMENT_NODE)||
- (($node->nodeType==XML_TEXT_NODE)&&!ereg('^([[:cntrl:]]|[[:space:]])*$',$node->nodeValue)))
- return false;
- $i++;
- }
- return true;
- }
- function last_child() {return new php4DOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);}
- function new_child($name,$content)
- {
- $mySubNode=$this->myDOMNode->ownerDocument->createElement($name);
- $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($content));
- $this->myDOMNode->appendChild($mySubNode);
- return new php4DOMElement($mySubNode,$this->myOwnerDocument);
- }
- function next_sibling() {return new php4DOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);}
- function node_name() {return $this->myDOMNode->localName;}
- function node_type() {return $this->myDOMNode->nodeType;}
- function node_value() {return $this->myDOMNode->nodeValue;}
- function owner_document() {return $this->myOwnerDocument;}
- function parent_node() {return new php4DOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);}
- function prefix() {return $this->myDOMNode->prefix;}
- function previous_sibling() {return new php4DOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);}
- function remove_child($oldchild) {return new php4DOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);}
- function replace_child($oldnode,$newnode) {return new php4DOMElement($this->myDOMNode->replaceChild($oldnode->myDOMNode,$newnode->myDOMNode),$this->myOwnerDocument);}
- function set_content($text)
- {
- if (($this->myDOMNode->hasChildNodes())&&($this->myDOMNode->firstChild->nodeType==XML_TEXT_NODE))
- $this->myDOMNode->removeChild($this->myDOMNode->firstChild);
- return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($text));
- }
-}
-
-class php4DOMNodelist
-{
- var $myDOMNodelist;
- var $nodeset;
- function php4DOMNodelist($aDOMNodelist,$aOwnerDocument)
- {
- $this->myDOMNodelist=$aDOMNodelist;
- $this->nodeset=array();
- $i=0;
- if (isset($this->myDOMNodelist))
- while ($node=$this->myDOMNodelist->item($i))
- {
- $this->nodeset[]=new php4DOMElement($node,$aOwnerDocument);
- $i++;
- }
- }
-}
-
-class php4DOMXPath
-{
- var $myDOMXPath;
- var $myOwnerDocument;
- function php4DOMXPath($dom_document)
- {
- $this->myOwnerDocument=$dom_document;
- $this->myDOMXPath=new DOMXPath($dom_document->myDOMNode);
- }
- function query($eval_str,$contextnode)
- {
- if (isset($contextnode)) return new php4DOMNodelist($this->myDOMXPath->query($eval_str,$contextnode->myDOMNode),$this->myOwnerDocument);
- else return new php4DOMNodelist($this->myDOMXPath->query($eval_str),$this->myOwnerDocument);
- }
- function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
-}
-
-if (extension_loaded('xsl'))
-{//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/
- function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));}
- function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);}
- function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));}
- class php4DomXsltStylesheet
- {
- var $myxsltProcessor;
- function php4DomXsltStylesheet($dom_document)
- {
- $this->myxsltProcessor=new xsltProcessor();
- $this->myxsltProcessor->importStyleSheet($dom_document);
- }
- function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false)
- {
- foreach ($xslt_parameters as $param=>$value)
- $this->myxsltProcessor->setParameter('',$param,$value);
- $myphp4DOMDocument=new php4DOMDocument();
- $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode);
- return $myphp4DOMDocument;
- }
- function result_dump_file($dom_document,$filename)
- {
- $html=$dom_document->myDOMNode->saveHTML();
- file_put_contents($filename,$html);
- return $html;
- }
- function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();}
- }
-}
-?>
\ No newline at end of file
+<?php
+/*
+ Requires PHP5, uses built-in DOM extension.
+ To be used in PHP4 scripts using DOMXML extension: allows PHP4/DOMXML scripts to run on PHP5/DOM.
+ (Optional: requires PHP5/XSL extension for domxml_xslt functions, PHP>=5.1 for XPath evaluation functions, and PHP>=5.1/libxml for DOMXML error reports)
+
+ Typical use:
+ {
+ if (PHP_VERSION>='5')
+ require_once('domxml-php4-to-php5.php');
+ }
+
+ Version 1.20a, 2008-11-06, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
+
+ ------------------------------------------------------------------
+ Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/
+
+ Copyright 2004-2008, GNU Lesser General Public License,
+ http://www.gnu.org/licenses/lgpl.html
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/lgpl.html>
+
+ == Rights and obligations ==
+ - Attribution: You must give the original author credit.
+ - Share Alike: If you alter or transform this library,
+ you may distribute the resulting library only under the same license GNU/LGPL.
+ - In case of jurisdiction dispute, the French law is authoritative.
+ - Any of these conditions can be waived if you get permission from Alexandre Alapetite.
+ - Not required, but please send to Alexandre Alapetite the modifications you make,
+ in order to improve this file for the benefit of everybody.
+
+ If you want to distribute this code, please do it as a link to:
+ http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
+*/
+
+define('DOMXML_LOAD_PARSING',0);
+define('DOMXML_LOAD_VALIDATING',1);
+define('DOMXML_LOAD_RECOVERING',2);
+define('DOMXML_LOAD_SUBSTITUTE_ENTITIES',4);
+//define('DOMXML_LOAD_COMPLETE_ATTRS',8);
+define('DOMXML_LOAD_DONT_KEEP_BLANKS',16);
+
+function domxml_new_doc($version) {return new php4DOMDocument();}
+function domxml_new_xmldoc($version) {return new php4DOMDocument();}
+function domxml_open_file($filename,$mode=DOMXML_LOAD_PARSING,&$error=null)
+{
+ $dom=new php4DOMDocument($mode);
+ $errorMode=(func_num_args()>2)&&defined('LIBXML_VERSION');
+ if ($errorMode) libxml_use_internal_errors(true);
+ if (!$dom->myDOMNode->load($filename)) $dom=null;
+ if ($errorMode)
+ {
+ $error=array_map('_error_report',libxml_get_errors());
+ libxml_clear_errors();
+ }
+ return $dom;
+}
+function domxml_open_mem($str,$mode=DOMXML_LOAD_PARSING,&$error=null)
+{
+ $dom=new php4DOMDocument($mode);
+ $errorMode=(func_num_args()>2)&&defined('LIBXML_VERSION');
+ if ($errorMode) libxml_use_internal_errors(true);
+ if (!$dom->myDOMNode->loadXML($str)) $dom=null;
+ if ($errorMode)
+ {
+ $error=array_map('_error_report',libxml_get_errors());
+ libxml_clear_errors();
+ }
+ return $dom;
+}
+function html_doc($html_doc,$from_file=false)
+{
+ $dom=new php4DOMDocument();
+ if ($from_file) $result=$dom->myDOMNode->loadHTMLFile($html_doc);
+ else $result=$dom->myDOMNode->loadHTML($html_doc);
+ return $result ? $dom : null;
+}
+function html_doc_file($filename) {return html_doc($filename,true);}
+function xmldoc($str) {return domxml_open_mem($str);}
+function xmldocfile($filename) {return domxml_open_file($filename);}
+function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->xpath_eval($eval_str,$contextnode);}
+function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}
+function xpath_register_ns($xpath_context,$prefix,$namespaceURI) {return $xpath_context->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
+function _entityDecode($text) {return html_entity_decode(strtr($text,array('''=>'\'')),ENT_QUOTES,'UTF-8');}
+function _error_report($error) {return array('errormessage'=>$error->message,'nodename'=>'','line'=>$error->line,'col'=>$error->column)+($error->file==''?array():array('directory'=>dirname($error->file),'file'=>basename($error->file)));}
+
+class php4DOMAttr extends php4DOMNode
+{
+ function __get($name)
+ {
+ if ($name==='name') return $this->myDOMNode->name;
+ else return parent::__get($name);
+ }
+ function name() {return $this->myDOMNode->name;}
+ function set_content($text) {}
+ //function set_value($content) {return $this->myDOMNode->value=htmlspecialchars($content,ENT_QUOTES);}
+ function specified() {return $this->myDOMNode->specified;}
+ function value() {return $this->myDOMNode->value;}
+}
+
+class php4DOMDocument extends php4DOMNode
+{
+ function php4DOMDocument($mode=DOMXML_LOAD_PARSING)
+ {
+ $this->myDOMNode=new DOMDocument();
+ $this->myOwnerDocument=$this;
+ if ($mode & DOMXML_LOAD_VALIDATING) $this->myDOMNode->validateOnParse=true;
+ if ($mode & DOMXML_LOAD_RECOVERING) $this->myDOMNode->recover=true;
+ if ($mode & DOMXML_LOAD_SUBSTITUTE_ENTITIES) $this->myDOMNode->substituteEntities=true;
+ if ($mode & DOMXML_LOAD_DONT_KEEP_BLANKS) $this->myDOMNode->preserveWhiteSpace=false;
+ }
+ function add_root($name)
+ {
+ if ($this->myDOMNode->hasChildNodes()) $this->myDOMNode->removeChild($this->myDOMNode->firstChild);
+ return new php4DOMElement($this->myDOMNode->appendChild($this->myDOMNode->createElement($name)),$this->myOwnerDocument);
+ }
+ function create_attribute($name,$value)
+ {
+ $myAttr=$this->myDOMNode->createAttribute($name);
+ $myAttr->value=htmlspecialchars($value,ENT_QUOTES);
+ return new php4DOMAttr($myAttr,$this);
+ }
+ function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);}
+ function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);}
+ function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);}
+ function create_element_ns($uri,$name,$prefix=null)
+ {
+ if ($prefix==null) $prefix=$this->myDOMNode->lookupPrefix($uri);
+ if (($prefix==null)&&(($this->myDOMNode->documentElement==null)||(!$this->myDOMNode->documentElement->isDefaultNamespace($uri)))) $prefix='a'.sprintf('%u',crc32($uri));
+ return new php4DOMElement($this->myDOMNode->createElementNS($uri,$prefix==null ? $name : $prefix.':'.$name),$this);
+ }
+ function create_entity_reference($content) {return new php4DOMNode($this->myDOMNode->createEntityReference($content),$this);} //By Walter Ebert 2007-01-22
+ function create_processing_instruction($target,$data=''){return new php4DomProcessingInstruction($this->myDOMNode->createProcessingInstruction($target,$data),$this);}
+ function create_text_node($content) {return new php4DOMText($this->myDOMNode->createTextNode($content),$this);}
+ function document_element() {return parent::_newDOMElement($this->myDOMNode->documentElement,$this);}
+ function dump_file($filename,$compressionmode=false,$format=false)
+ {
+ $format0=$this->myDOMNode->formatOutput;
+ $this->myDOMNode->formatOutput=$format;
+ $res=$this->myDOMNode->save($filename);
+ $this->myDOMNode->formatOutput=$format0;
+ return $res;
+ }
+ function dump_mem($format=false,$encoding=false)
+ {
+ $format0=$this->myDOMNode->formatOutput;
+ $this->myDOMNode->formatOutput=$format;
+ $encoding0=$this->myDOMNode->encoding;
+ if ($encoding) $this->myDOMNode->encoding=$encoding;
+ $dump=$this->myDOMNode->saveXML();
+ $this->myDOMNode->formatOutput=$format0;
+ if ($encoding) $this->myDOMNode->encoding= $encoding0=='' ? 'UTF-8' : $encoding0; //UTF-8 is XML default encoding
+ return $dump;
+ }
+ function free()
+ {
+ if ($this->myDOMNode->hasChildNodes()) $this->myDOMNode->removeChild($this->myDOMNode->firstChild);
+ $this->myDOMNode=null;
+ $this->myOwnerDocument=null;
+ }
+ function get_element_by_id($id) {return parent::_newDOMElement($this->myDOMNode->getElementById($id),$this);}
+ function get_elements_by_tagname($name)
+ {
+ $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
+ $nodeSet=array();
+ $i=0;
+ if (isset($myDOMNodeList))
+ while ($node=$myDOMNodeList->item($i++)) $nodeSet[]=new php4DOMElement($node,$this);
+ return $nodeSet;
+ }
+ function html_dump_mem() {return $this->myDOMNode->saveHTML();}
+ function root() {return parent::_newDOMElement($this->myDOMNode->documentElement,$this);}
+ function xpath_new_context() {return new php4DOMXPath($this);}
+}
+
+class php4DOMElement extends php4DOMNode
+{
+ function add_namespace($uri,$prefix)
+ {
+ if ($this->myDOMNode->hasAttributeNS('http://www.w3.org/2000/xmlns/',$prefix)) return false;
+ else
+ {
+ $this->myDOMNode->setAttributeNS('http://www.w3.org/2000/xmlns/','xmlns:'.$prefix,$uri); //By Daniel Walker 2006-09-08
+ return true;
+ }
+ }
+ function get_attribute($name) {return $this->myDOMNode->getAttribute($name);}
+ function get_attribute_node($name) {return parent::_newDOMElement($this->myDOMNode->getAttributeNode($name),$this->myOwnerDocument);}
+ function get_elements_by_tagname($name)
+ {
+ $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
+ $nodeSet=array();
+ $i=0;
+ if (isset($myDOMNodeList))
+ while ($node=$myDOMNodeList->item($i++)) $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
+ return $nodeSet;
+ }
+ function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);}
+ function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);}
+ function set_attribute($name,$value)
+ {
+ //return $this->myDOMNode->setAttribute($name,$value); //Does not return a DomAttr
+ $myAttr=$this->myDOMNode->ownerDocument->createAttribute($name);
+ $myAttr->value=htmlspecialchars($value,ENT_QUOTES); //Entity problem reported by AL-DesignWorks 2007-09-07
+ $this->myDOMNode->setAttributeNode($myAttr);
+ return new php4DOMAttr($myAttr,$this->myOwnerDocument);
+ }
+ /*function set_attribute_node($attr)
+ {
+ $this->myDOMNode->setAttributeNode($this->_importNode($attr));
+ return $attr;
+ }*/
+ function set_name($name)
+ {
+ if ($this->myDOMNode->prefix=='') $newNode=$this->myDOMNode->ownerDocument->createElement($name);
+ else $newNode=$this->myDOMNode->ownerDocument->createElementNS($this->myDOMNode->namespaceURI,$this->myDOMNode->prefix.':'.$name);
+ $myDOMNodeList=$this->myDOMNode->attributes;
+ $i=0;
+ if (isset($myDOMNodeList))
+ while ($node=$myDOMNodeList->item($i++))
+ if ($node->namespaceURI=='') $newNode->setAttribute($node->name,$node->value);
+ else $newNode->setAttributeNS($node->namespaceURI,$node->nodeName,$node->value);
+ $myDOMNodeList=$this->myDOMNode->childNodes;
+ if (isset($myDOMNodeList))
+ while ($node=$myDOMNodeList->item(0)) $newNode->appendChild($node);
+ $this->myDOMNode->parentNode->replaceChild($newNode,$this->myDOMNode);
+ $this->myDOMNode=$newNode;
+ return true;
+ }
+ function tagname() {return $this->tagname;}
+}
+
+class php4DOMNode
+{
+ public $myDOMNode;
+ public $myOwnerDocument;
+ function php4DOMNode($aDomNode,$aOwnerDocument)
+ {
+ $this->myDOMNode=$aDomNode;
+ $this->myOwnerDocument=$aOwnerDocument;
+ }
+ function __get($name)
+ {
+ switch ($name)
+ {
+ case 'type': return $this->myDOMNode->nodeType;
+ case 'tagname': return ($this->myDOMNode->nodeType===XML_ELEMENT_NODE) ? $this->myDOMNode->localName : $this->myDOMNode->tagName; //Avoid namespace prefix for DOMElement
+ case 'content': return $this->myDOMNode->textContent;
+ case 'value': return $this->myDOMNode->value;
+ default:
+ $myErrors=debug_backtrace();
+ trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE);
+ return false;
+ }
+ }
+ function add_child($newnode) {return append_child($newnode);}
+ function add_namespace($uri,$prefix) {return false;}
+ function append_child($newnode) {return self::_newDOMElement($this->myDOMNode->appendChild($this->_importNode($newnode)),$this->myOwnerDocument);}
+ function append_sibling($newnode) {return self::_newDOMElement($this->myDOMNode->parentNode->appendChild($this->_importNode($newnode)),$this->myOwnerDocument);}
+ function attributes()
+ {
+ $myDOMNodeList=$this->myDOMNode->attributes;
+ if (!(isset($myDOMNodeList)&&$this->myDOMNode->hasAttributes())) return null;
+ $nodeSet=array();
+ $i=0;
+ while ($node=$myDOMNodeList->item($i++)) $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument);
+ return $nodeSet;
+ }
+ function child_nodes()
+ {
+ $myDOMNodeList=$this->myDOMNode->childNodes;
+ $nodeSet=array();
+ $i=0;
+ if (isset($myDOMNodeList))
+ while ($node=$myDOMNodeList->item($i++)) $nodeSet[]=self::_newDOMElement($node,$this->myOwnerDocument);
+ return $nodeSet;
+ }
+ function children() {return $this->child_nodes();}
+ function clone_node($deep=false) {return self::_newDOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);}
+ //dump_node($node) should only be called on php4DOMDocument
+ function dump_node($node=null) {return $node==null ? $this->myOwnerDocument->myDOMNode->saveXML($this->myDOMNode) : $this->myOwnerDocument->myDOMNode->saveXML($node->myDOMNode);}
+ function first_child() {return self::_newDOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);}
+ function get_content() {return $this->myDOMNode->textContent;}
+ function has_attributes() {return $this->myDOMNode->hasAttributes();}
+ function has_child_nodes() {return $this->myDOMNode->hasChildNodes();}
+ function insert_before($newnode,$refnode) {return self::_newDOMElement($this->myDOMNode->insertBefore($this->_importNode($newnode),$refnode==null?null:$refnode->myDOMNode),$this->myOwnerDocument);}
+ function is_blank_node() {return ($this->myDOMNode->nodeType===XML_TEXT_NODE)&&preg_match('%^\s*$%',$this->myDOMNode->nodeValue);}
+ function last_child() {return self::_newDOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);}
+ function new_child($name,$content)
+ {
+ $mySubNode=$this->myDOMNode->ownerDocument->createElement($name);
+ $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode(_entityDecode($content)));
+ $this->myDOMNode->appendChild($mySubNode);
+ return new php4DOMElement($mySubNode,$this->myOwnerDocument);
+ }
+ function next_sibling() {return self::_newDOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);}
+ function node_name() {return ($this->myDOMNode->nodeType===XML_ELEMENT_NODE) ? $this->myDOMNode->localName : $this->myDOMNode->nodeName;} //Avoid namespace prefix for DOMElement
+ function node_type() {return $this->myDOMNode->nodeType;}
+ function node_value() {return $this->myDOMNode->nodeValue;}
+ function owner_document() {return $this->myOwnerDocument;}
+ function parent_node() {return self::_newDOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);}
+ function prefix() {return $this->myDOMNode->prefix;}
+ function previous_sibling() {return self::_newDOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);}
+ function remove_child($oldchild) {return self::_newDOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);}
+ function replace_child($newnode,$oldnode) {return self::_newDOMElement($this->myDOMNode->replaceChild($this->_importNode($newnode),$oldnode->myDOMNode),$this->myOwnerDocument);}
+ function replace_node($newnode) {return self::_newDOMElement($this->myDOMNode->parentNode->replaceChild($this->_importNode($newnode),$this->myDOMNode),$this->myOwnerDocument);}
+ function set_content($text) {return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode(_entityDecode($text)));} //Entity problem reported by AL-DesignWorks 2007-09-07
+ //function set_name($name) {return $this->myOwnerDocument->renameNode($this->myDOMNode,$this->myDOMNode->namespaceURI,$name);}
+ function set_namespace($uri,$prefix=null)
+ {//Contributions by Daniel Walker 2006-09-08
+ $nsprefix=$this->myDOMNode->lookupPrefix($uri);
+ if ($nsprefix==null)
+ {
+ $nsprefix= $prefix==null ? $nsprefix='a'.sprintf('%u',crc32($uri)) : $prefix;
+ if ($this->myDOMNode->nodeType===XML_ATTRIBUTE_NODE)
+ {
+ if (($prefix!=null)&&$this->myDOMNode->ownerElement->hasAttributeNS('http://www.w3.org/2000/xmlns/',$nsprefix)&&
+ ($this->myDOMNode->ownerElement->getAttributeNS('http://www.w3.org/2000/xmlns/',$nsprefix)!=$uri))
+ {//Remove namespace
+ $parent=$this->myDOMNode->ownerElement;
+ $parent->removeAttributeNode($this->myDOMNode);
+ $parent->setAttribute($this->myDOMNode->localName,$this->myDOMNode->nodeValue);
+ $this->myDOMNode=$parent->getAttributeNode($this->myDOMNode->localName);
+ return;
+ }
+ $this->myDOMNode->ownerElement->setAttributeNS('http://www.w3.org/2000/xmlns/','xmlns:'.$nsprefix,$uri);
+ }
+ }
+ if ($this->myDOMNode->nodeType===XML_ATTRIBUTE_NODE)
+ {
+ $parent=$this->myDOMNode->ownerElement;
+ $parent->removeAttributeNode($this->myDOMNode);
+ $parent->setAttributeNS($uri,$nsprefix.':'.$this->myDOMNode->localName,$this->myDOMNode->nodeValue);
+ $this->myDOMNode=$parent->getAttributeNodeNS($uri,$this->myDOMNode->localName);
+ }
+ elseif ($this->myDOMNode->nodeType===XML_ELEMENT_NODE)
+ {
+ $NewNode=$this->myDOMNode->ownerDocument->createElementNS($uri,$nsprefix.':'.$this->myDOMNode->localName);
+ foreach ($this->myDOMNode->attributes as $n) $NewNode->appendChild($n->cloneNode(true));
+ foreach ($this->myDOMNode->childNodes as $n) $NewNode->appendChild($n->cloneNode(true));
+ $xpath=new DOMXPath($this->myDOMNode->ownerDocument);
+ $myDOMNodeList=$xpath->query('namespace::*[name()!="xml"]',$this->myDOMNode); //Add old namespaces
+ foreach ($myDOMNodeList as $n) $NewNode->setAttributeNS('http://www.w3.org/2000/xmlns/',$n->nodeName,$n->nodeValue);
+ $this->myDOMNode->parentNode->replaceChild($NewNode,$this->myDOMNode);
+ $this->myDOMNode=$NewNode;
+ }
+ }
+ function unlink_node()
+ {
+ if ($this->myDOMNode->parentNode!=null)
+ {
+ if ($this->myDOMNode->nodeType===XML_ATTRIBUTE_NODE) $this->myDOMNode->parentNode->removeAttributeNode($this->myDOMNode);
+ else $this->myDOMNode->parentNode->removeChild($this->myDOMNode);
+ }
+ }
+ protected function _importNode($newnode) {return $this->myOwnerDocument===$newnode->myOwnerDocument ? $newnode->myDOMNode : $this->myOwnerDocument->myDOMNode->importNode($newnode->myDOMNode,true);} //To import DOMNode from another DOMDocument
+ static function _newDOMElement($aDOMNode,$aOwnerDocument)
+ {//Check the PHP5 DOMNode before creating a new associated PHP4 DOMNode wrapper
+ if ($aDOMNode==null) return null;
+ switch ($aDOMNode->nodeType)
+ {
+ case XML_ELEMENT_NODE: return new php4DOMElement($aDOMNode,$aOwnerDocument);
+ case XML_TEXT_NODE: return new php4DOMText($aDOMNode,$aOwnerDocument);
+ case XML_ATTRIBUTE_NODE: return new php4DOMAttr($aDOMNode,$aOwnerDocument);
+ case XML_PI_NODE: return new php4DomProcessingInstruction($aDOMNode,$aOwnerDocument);
+ default: return new php4DOMNode($aDOMNode,$aOwnerDocument);
+ }
+ }
+}
+
+class php4DomProcessingInstruction extends php4DOMNode
+{
+ function data() {return $this->myDOMNode->data;}
+ function target() {return $this->myDOMNode->target;}
+}
+
+class php4DOMText extends php4DOMNode
+{
+ function __get($name)
+ {
+ if ($name==='tagname') return '#text';
+ else return parent::__get($name);
+ }
+ function tagname() {return '#text';}
+ function set_content($text) {$this->myDOMNode->nodeValue=$text; return true;}
+}
+
+if (!defined('XPATH_NODESET'))
+{
+ define('XPATH_UNDEFINED',0);
+ define('XPATH_NODESET',1);
+ define('XPATH_BOOLEAN',2);
+ define('XPATH_NUMBER',3);
+ define('XPATH_STRING',4);
+ /*define('XPATH_POINT',5);
+ define('XPATH_RANGE',6);
+ define('XPATH_LOCATIONSET',7);
+ define('XPATH_USERS',8);
+ define('XPATH_XSLT_TREE',9);*/
+}
+
+class php4DOMNodelist
+{
+ private $myDOMNodelist;
+ public $nodeset;
+ public $type=XPATH_UNDEFINED;
+ public $value;
+ function php4DOMNodelist($aDOMNodelist,$aOwnerDocument)
+ {
+ if (!isset($aDOMNodelist)) return;
+ elseif (is_object($aDOMNodelist)||is_array($aDOMNodelist))
+ {
+ if ($aDOMNodelist->length>0)
+ {
+ $this->myDOMNodelist=$aDOMNodelist;
+ $this->nodeset=array();
+ $this->type=XPATH_NODESET;
+ $i=0;
+ while ($node=$this->myDOMNodelist->item($i++)) $this->nodeset[]=php4DOMNode::_newDOMElement($node,$aOwnerDocument);
+ }
+ }
+ elseif (is_int($aDOMNodelist)||is_float($aDOMNodelist))
+ {
+ $this->type=XPATH_NUMBER;
+ $this->value=$aDOMNodelist;
+ }
+ elseif (is_bool($aDOMNodelist))
+ {
+ $this->type=XPATH_BOOLEAN;
+ $this->value=$aDOMNodelist;
+ }
+ elseif (is_string($aDOMNodelist))
+ {
+ $this->type=XPATH_STRING;
+ $this->value=$aDOMNodelist;
+ }
+ }
+}
+
+class php4DOMXPath
+{
+ public $myDOMXPath;
+ private $myOwnerDocument;
+ function php4DOMXPath($dom_document)
+ {
+ //TODO: If $dom_document is a DomElement, make that default $contextnode and modify XPath. Ex: '/test'
+ $this->myOwnerDocument=$dom_document->myOwnerDocument;
+ $this->myDOMXPath=new DOMXPath($this->myOwnerDocument->myDOMNode);
+ }
+ function xpath_eval($eval_str,$contextnode=null)
+ {
+ if (method_exists($this->myDOMXPath,'evaluate')) $xp=isset($contextnode) ? $this->myDOMXPath->evaluate($eval_str,$contextnode->myDOMNode) : $this->myDOMXPath->evaluate($eval_str);
+ else $xp=isset($contextnode) ? $this->myDOMXPath->query($eval_str,$contextnode->myDOMNode) : $this->myDOMXPath->query($eval_str);
+ $xp=new php4DOMNodelist($xp,$this->myOwnerDocument);
+ return ($xp->type===XPATH_UNDEFINED) ? false : $xp;
+ }
+ function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
+}
+
+if (extension_loaded('xsl'))
+{//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/
+ function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));}
+ function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);}
+ function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));}
+ class php4DomXsltStylesheet
+ {
+ private $myxsltProcessor;
+ function php4DomXsltStylesheet($dom_document)
+ {
+ $this->myxsltProcessor=new xsltProcessor();
+ $this->myxsltProcessor->importStyleSheet($dom_document);
+ }
+ function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false)
+ {
+ foreach ($xslt_parameters as $param=>$value) $this->myxsltProcessor->setParameter('',$param,$value);
+ $myphp4DOMDocument=new php4DOMDocument();
+ $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode);
+ return $myphp4DOMDocument;
+ }
+ function result_dump_file($dom_document,$filename)
+ {
+ $html=$dom_document->myDOMNode->saveHTML();
+ file_put_contents($filename,$html);
+ return $html;
+ }
+ function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();}
+ }
+}
+?>
only in patch2:
unchanged:
--- moodle-1.8.2.orig/blog/lib.php
+++ moodle-1.8.2/blog/lib.php
@@ -144,9 +144,8 @@
global $USER, $CFG, $COURSE, $ME;
$template['body'] = format_text($blogEntry->summary, $blogEntry->format);
- //$template['title'] = '<a name="'. $blogEntry->subject .'"></a>';
//enclose the title in nolink tags so that moodle formatting doesn't autolink the text
- $template['title'] = '<span class="nolink">'.$blogEntry->subject.'</span>';
+ $template['title'] = '<span class="nolink">'.strip_tags(format_string($blogEntry->subject, true)).'</span>';
$template['userid'] = $blogEntry->userid;
$template['author'] = fullname(get_record('user','id',$blogEntry->userid));
$template['lastmod'] = userdate($blogEntry->lastmodified);
only in patch2:
unchanged:
--- moodle-1.8.2.orig/lib/phpmailer/class.phpmailer.php
+++ moodle-1.8.2/lib/phpmailer/class.phpmailer.php
@@ -404,9 +404,9 @@
*/
function SendmailSend($header, $body) {
if ($this->Sender != "")
- $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);
+ $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
else
- $sendmail = sprintf("%s -oi -t", $this->Sendmail);
+ $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail));
if(!@$mail = popen($sendmail, "w"))
{
only in patch2:
unchanged:
--- moodle-1.8.2.orig/lib/snoopy/Snoopy.class.inc
+++ moodle-1.8.2/lib/snoopy/Snoopy.class.inc
@@ -1013,8 +1013,7 @@
$headerfile = tempnam($temp_dir, "sno");
- $safer_URI = strtr( $URI, "\"", " " ); // strip quotes from the URI to avoid shell access
- exec($this->curl_path." -D \"$headerfile\"".$cmdline_params." \"".$safer_URI."\"",$results,$return);
+ exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);
if($return)
{
Reply to: