Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 3.9.x will end* 10 May 2021 (12 months).
  • Bug fixes for security issues in 3.9.x will end* 8 May 2023 (36 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.

Differences Between: [Versions 39 and 310] [Versions 39 and 311] [Versions 39 and 400] [Versions 39 and 401] [Versions 39 and 402] [Versions 39 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Shibboleth authentication plugin upgrade code
  19   *
  20   * @package    auth_shibboleth
  21   * @copyright  2017 Stephen Bourget
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die();
  26  
  27  /**
  28   * Function to upgrade auth_shibboleth.
  29   * @param int $oldversion the version we are upgrading from
  30   * @return bool result
  31   */
  32  function xmldb_auth_shibboleth_upgrade($oldversion) {
  33      global $CFG, $DB, $OUTPUT;
  34  
  35      // Automatically generated Moodle v3.5.0 release upgrade line.
  36      // Put any upgrade step following this.
  37  
  38      // Automatically generated Moodle v3.6.0 release upgrade line.
  39      // Put any upgrade step following this.
  40  
  41      // Automatically generated Moodle v3.7.0 release upgrade line.
  42      // Put any upgrade step following this.
  43  
  44      // Automatically generated Moodle v3.8.0 release upgrade line.
  45      // Put any upgrade step following this.
  46  
  47      // Automatically generated Moodle v3.9.0 release upgrade line.
  48      // Put any upgrade step following this.
  49  
  50      if ($oldversion < 2020061501) {
  51          // The 'Data modification API' setting in the Shibboleth authentication plugin can no longer be configured
  52          // to use files located within the site data directory, as it exposes the site to security risks. Therefore,
  53          // we need to find every existing case and reset the 'Data modification API' setting to its default value.
  54  
  55          $convertdataconfig = get_config('auth_shibboleth', 'convert_data');
  56  
  57          if (preg_match('/' . preg_quote($CFG->dataroot, '/') . '/', realpath($convertdataconfig))) {
  58              set_config('convert_data', '', 'auth_shibboleth');
  59  
  60              $warn = 'Your \'Data modification API\' setting in the Shibboleth authentication plugin is currently
  61              configured to use a file located within the current site data directory ($CFG->dataroot). You are no
  62              longer able to use files from within this directory for this purpose as it exposes your site to security
  63              risks. This setting has been reset to its default value. Please reconfigure it by providing a path
  64              to a file which is not located within the site data directory.';
  65  
  66              echo $OUTPUT->notification($warn, 'notifyproblem');
  67          }
  68  
  69          upgrade_plugin_savepoint(true, 2020061501, 'auth', 'shibboleth');
  70      }
  71  
  72      return true;
  73  }