Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Lists all users with XSS risk
  19   *
  20   * It would be great to combine this with risk trusts in user table,
  21   * unfortunately nobody implemented user trust UI yet :-(
  22   *
  23   * @package    core
  24   * @category   check
  25   * @copyright  2020 Brendan Heywood <brendan@catalyst-au.net>
  26   * @copyright  2008 petr Skoda
  27   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  28   */
  29  
  30  namespace core\check\access;
  31  
  32  defined('MOODLE_INTERNAL') || die();
  33  
  34  use core\check\result;
  35  
  36  /**
  37   * Lists all users with XSS risk
  38   *
  39   * It would be great to combine this with risk trusts in user table,
  40   * unfortunately nobody implemented user trust UI yet :-(
  41   *
  42   * @copyright  2020 Brendan Heywood <brendan@catalyst-au.net>
  43   * @copyright  2008 petr Skoda
  44   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  45   */
  46  class riskxss extends \core\check\check {
  47  
  48      /**
  49       * Get the short check name
  50       *
  51       * @return string
  52       */
  53      public function get_name(): string {
  54          return get_string('check_riskxss_name', 'report_security');
  55      }
  56  
  57      /**
  58       * A link to a place to action this
  59       *
  60       * @return action_link|null
  61       */
  62      public function get_action_link(): ?\action_link {
  63          return new \action_link(
  64              new \moodle_url('/admin/roles/manage.php'),
  65              get_string('manageroles', 'role'));
  66      }
  67  
  68      /**
  69       * Return result
  70       * @return result
  71       */
  72      public function get_result(): result {
  73          return new riskxss_result();
  74      }
  75  }
  76