Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 400 and 401] [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Shibboleth authentication plugin upgrade code
  19   *
  20   * @package    auth_shibboleth
  21   * @copyright  2017 Stephen Bourget
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die();
  26  
  27  /**
  28   * Function to upgrade auth_shibboleth.
  29   * @param int $oldversion the version we are upgrading from
  30   * @return bool result
  31   */
  32  function xmldb_auth_shibboleth_upgrade($oldversion) {
  33      global $CFG, $DB, $OUTPUT;
  34  
  35      // Automatically generated Moodle v3.9.0 release upgrade line.
  36      // Put any upgrade step following this.
  37  
  38      if ($oldversion < 2021052501) {
  39          // The 'Data modification API' setting in the Shibboleth authentication plugin can no longer be configured
  40          // to use files located within the site data directory, as it exposes the site to security risks. Therefore,
  41          // we need to find every existing case and reset the 'Data modification API' setting to its default value.
  42  
  43          $convertdataconfig = get_config('auth_shibboleth', 'convert_data');
  44  
  45          if (preg_match('/' . preg_quote($CFG->dataroot, '/') . '/', realpath($convertdataconfig))) {
  46              set_config('convert_data', '', 'auth_shibboleth');
  47  
  48              $warn = 'Your \'Data modification API\' setting in the Shibboleth authentication plugin is currently
  49              configured to use a file located within the current site data directory ($CFG->dataroot). You are no
  50              longer able to use files from within this directory for this purpose as it exposes your site to security
  51              risks. This setting has been reset to its default value. Please reconfigure it by providing a path
  52              to a file which is not located within the site data directory.';
  53  
  54              echo $OUTPUT->notification($warn, 'notifyproblem');
  55          }
  56  
  57          upgrade_plugin_savepoint(true, 2021052501, 'auth', 'shibboleth');
  58      }
  59  
  60      // Automatically generated Moodle v4.0.0 release upgrade line.
  61      // Put any upgrade step following this.
  62  
  63      // Automatically generated Moodle v4.1.0 release upgrade line.
  64      // Put any upgrade step following this.
  65  
  66      return true;
  67  }