Latest stable version 1.9.9+

There are 6 commits into the stable branch from the last development week (from Tue Aug 10 to Mon Aug 16). ♦ Petr Škoda applied Matt Clarkson’s SQL related patch in external database enrolment plugin (MDL-23667). ♦ Andrew Davis committed a patch into the Gradebook dealing with a situation when a grade item is linked with a scale that does not exist any more (MDL-19070) and backported a recent Gradebook UI improvement suggested by Caroline Moore (MDL-22931). ♦ Tim Hunt fixed a bug in Quiz module overview report spotted by Brandon Quinn. The bug caused that Moodle notification message could get included in the output stream when generating XLS or ODS report (MDL-23161). Tim also committed a patch provided by Oleg Sychev to properly quote HTML special characters in extra question fields during the question XML export (MDL-23198). ♦ Ashley Holman removed a three seconds delay after sending user-to-user message copy via email. This results in significant speed boost when a mass message is sent to multiple recipients. It seems to me that the delay was intended there to prevent SMTP queue floods and I am personally worried a bit about possible functionality regressions here (MDL-23755).

Future version Moodle 2.0 Preview 4

There were 110 patches committed into the main development branch during the last development week. A single one QA test (MDLQA-245) of all 145 current test cases for the first round of Moodle 2.0 does not pass yet and there are 15 non resolved blockers in the tracker.
Petr Škoda started up his personal crusade against MySQL default storage engine – MyISAM. After a long and flamy discussion in Moodle development chat room, he created an issue in the tracker to discourage all Moodle administrators from using this storage engine. “MyISAM is a not a good choice for Moodle, it will thrash your data sooner or later – this is usually discovered much later during upgrades when it is too late,” says Petr in the tracker. Eloy Lafuente, the Knight in Shining Armor and our database guru, does not agree with Petr’s radical attitude: “I can see the point about recommending to switch to InnoDB (or any other ACID engine), but Moodle has worked under MyISAM for ages and IMO should continue working, at least until 2.1,” he objects.
As a result, InnoDB or XtraDB storage engines are now being used by default for new Moodle 2.0 installations, unless the administrator explicitly claims their will to use MyISAM. A migration tool from MyISAM to InnoDB was added to Moodle to ease the procedure for existing installations. See more details in MDL-23682.

Quotes of the week

“mysqldump is a joke”
– Petr Škoda blames MyISAM for a high chance to produce non-consistent dumps without actual stopping the access to the database for all other clients.

“pg_dump is a utility for backing up a PostgreSQL database. It makes consistent backups even if the database is being used concurrently. pg_dump does not block other users accessing the database (readers or writers).”
– PostgreSQL documentation

“Adding a handful of fields to Moodle core tables is simple in the same way that lighting the fuse on a sticky of dynamite is simple – you don’t want to hang around to look after it.”
– Tim Hunt does not recommend to modify Moodle core tables without trying all other ways of customizations

Playing hide-and-seek with mform elements

During a review of my own code, I realized I constantly forget to declare the value type of hidden elements in my mforms. Especially in those cases where the hidden element is defined as in

$mform->addElement('hidden', 'id', $current->id);

Such usage of hidden elements as carriers of known static values (which is typical usage for them in fact) may give us false impression that the set value is sort of constant. Wrong. Hidden elements are ordinary form elements, they just do not have any visible widget. But for an experienced user (did someone say hacker?) it is easy to set their value manually before submitting the form. So the values of hidden element must be validated as if they were normal input fields, there is nothing special about them. And setting the allowed data type is a first step of the validation. For the example above, something like

$mform->setType('id', PARAM_INT);

should be added into the form definiton() method.

Latest stable version 1.9.9+

There are 17 commits into the stable branch from the last development week. Tim Hunt fixed problem with deleting quiz attempts, occurring in quizzes in group mode with a group currently selected (MDL-22847) and two other issues in quiz. Dan Marsden and Piers Harding backported a series of patches from Moodle 2.0. That patches fix various issues in SCORM module (MDL-22332, MDL-22340, MDL-22168, MDL-21333, MDL-17891, MDL-21551, MDL-22741, MDL-21492, MDL-21761, MDL-12834 and MDL-21306).

Future version Moodle 2.0 Preview 3

There were 159 commits into the main development branch in the last week. Microsoft contributed native SQL*Server adapter for their new SQL Server PHP driver (sqlsrv). PHP extension XML-RPC become required for Moodle 2.0 and the prerequisite was set in admin/environment.xml. Moodle uses XML-RPC extension for hub communication, web services and Moodle networking (MNet). There are already first reports from the community that this will be issue with some cheaper web hosting providers and even some core developers are not quite sure about this step, so the decision may not be final yet. On the other hand, Moodle is not trivial application and one should not expect it runs just everywhere (just because of memory requirements, at least).

Quotes of the week

“Loan calculator 2.0! Now with extra mortgage sales! Order now and get 2 licenses of Moodle 2.0 for free.”
– David Mudrak can’t believe the Loan calculator block still survives in standard Moodle distribution

“Eventually there will be unicorns and rainbows and everyone gets a pony.”
– Sam Marshall dreaming about the future when developers would be happy with how Internet Explorer renders Moodle 2.0 pages

Cleaning user input

Sanitizing data inserted by users is a must. Without proper cleaning, data submitted by users could break database integrity or contain SQL injection (and it is not just about hackers, parents are malicious, too). In Moodle, there are two basic functions that every developer MUST use before processing user input. These are required_param() or optional_param(). They both use clean_param() to make sure that the script does not get unwanted values. Developer declares what type the parameter is – for example PARAM_INT for integers, PARAM_BOOL for booleans, PARAM_FILE for safe file name etc. See the top of lib/moodlelib.php for the comprehensive list of them.
In most of cases, clean_param() just uses regular expressions to get rid of invalid characters. Sometimes it returns the original value without the dangerous parts (as in PARAM_ALPHANUM, for example) and sometimes it returns empty value if the parameter does not fit the conditions (as in PARAM_URL that either returns the original value if it is ok, or nothing).
In some cases, just formal syntax check is not enough. For example PARAM_LANG not only checks that the provided value is safe name of the language pack directory (by checking it against PARAM_SAFEDIR internally) but also checks that the given language is actually installed at the site. The same applies to PARAM_CAPABILITY, PARAM_AUTH or PARAM_THEME. As I realized recently (thanks to one of quite frequent discussions with Petr Škoda), this sort of checks must be implemented with extra care and security risks analysis. If clean_param() calls other core functions, we must know exactly what is happening with the value itself during its clean-up, especially when we rely on 3rd party libraries. The point is that parameters are usually checked before the script calls require_login() so that we do not know much about the current user’s rights yet. Therefore, parameter handling functions are potential doors into Moodle core system for anonymous users. Simple checks based on formal syntax rules are generally safer as they keep the request “ante portas” and additional validation can be done later during the script execution, for example when we already know who the user is, what capabilities she/he has, if the combination of all parameters is valid (like the submission, assessment, course module and the course must match).

Post scriptum

Moodle 2.0 translation portal http://lang.moodle.org is up and running in production mode now, language pack maintainers can start translate Moodle 2.0 now. Thank you all for being patient.

Latest stable version 1.9.9+

There were 5 commits into the stable branch in the last development week (from Tuesday Jun 8 to Monday Jun 14). Martin Dougiamas bumped the version to 1.9.9 and fixed a potential memory overflow problem occurring during the activity import when a teacher is enrolled in many courses (MDL-19880). This fix caused a regression, spotted and patched by Alan Trick and committed by Eloy Lafuente (MDL-22740). Tim Hunt committed patch provided by Vadim Dvorovenko, fixing a typo causing breakage of the questions restore process (MDL-22720). Gordon Bateson committed a patch submitted by Ramon Eixarch, fixing questions import problem in case of Hotpot format JMatch and JMix (MDL-22726).
Security announcements for Moodle 1.9.9 were published yesterday at our MSA page. Moodle 1.9.9 fixes four security problems, two of them are considered critical and one of them major. Registered administrators were notified and encouraged to upgrade their sites before the detailed description of these issues was published, see Moodle security procedures for details.

Future version Moodle 2.0 Preview 3

There were 76 commits into the main development branch during the last week. Repository plugins mahara and remotemoodle were moved from standard distribution into contrib.

Quotes of the week

“Oh dear I’m a geek. New neighbours move into the next flat while their extension’s built. How do I welcome them? Let them connect to my wifi”
– Tim Hunt

“Only people that truly hate PHP can program something with it. The others who love it are not programmers ”
– Petr Škoda

As reported in a community support forum at http://moodle.cz, at least one Czech Moodle site has been hacked, probably because of the recently discovered vulnerability in Snoopy library (announced in MSA-09-0003). Well, the hacked site was running Moodle 1.5 which I consider hazard. But the exploit exists for all currentMoodle versions. Upgrade to the most recent weekly build is warmly recommended.

Strange feeling to realize (again) that a bad guy lives next door in this global village…