diff --git a/main/document/create_document.php b/main/document/create_document.php index febf4659ad..9078e1c473 100755 --- a/main/document/create_document.php +++ b/main/document/create_document.php @@ -209,7 +209,7 @@ if (!$is_certificate_mode) { 'name' => get_lang('GroupSpace').' '.$group_properties['name'], ]; $path = explode('/', $dir); - if ('/'.$path[1] != $group_properties['directory']) { + if (strcasecmp('/'.$path[1], $group_properties['directory']) !== 0) { api_not_allowed(true); } } diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php index 4dd3f7c180..03dd63f617 100755 --- a/main/inc/lib/sessionmanager.lib.php +++ b/main/inc/lib/sessionmanager.lib.php @@ -3051,17 +3051,17 @@ class SessionManager $sday_end ) { $tbl_session_category = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY); - $name = html_filter(trim($sname)); + + $name = Database::escape_string(trim($sname)); + $year_start = intval($syear_start); $month_start = intval($smonth_start); $day_start = intval($sday_start); $year_end = intval($syear_end); $month_end = intval($smonth_end); $day_end = intval($sday_end); - $date_start = "$year_start-".(($month_start < 10) ? "0$month_start" : $month_start)."-".(($day_start < 10) ? "0$day_start" : $day_start); $date_end = "$year_end-".(($month_end < 10) ? "0$month_end" : $month_end)."-".(($day_end < 10) ? "0$day_end" : $day_end); - if (empty($name)) { $msg = get_lang('SessionCategoryNameIsRequired'); @@ -3081,8 +3081,8 @@ class SessionManager return $msg; } - $access_url_id = api_get_current_access_url_id(); + $params = [ 'name' => $name, 'date_start' => $date_start, diff --git a/tests/behat/features/sessionManagement.feature b/tests/behat/features/sessionManagement.feature index 0e9c2cbc6e..a5dc27c085 100644 --- a/tests/behat/features/sessionManagement.feature +++ b/tests/behat/features/sessionManagement.feature @@ -5,11 +5,13 @@ Feature: Session management tool Background: Given I am a platform administrator + @javascript Scenario: Create a session category Given I am on "/main/session/session_category_add.php" When I fill in the following: | name | category_1 | And I press "Add category" + And wait very long for the page to be loaded Then I should see "The category has been added" @javascript @@ -19,7 +21,7 @@ Feature: Session management tool | name | Session1 | And I fill in select2 input "#coach_username" with id "1" and value "admin" And I press "submit" - Then wait for the page to be loaded + And wait for the page to be loaded Then I should see "Add courses to this session (Session1)" Then I select "TEMP (TEMP)" from "NoSessionCoursesList[]" And I press "add_course" @@ -33,7 +35,7 @@ Feature: Session management tool | name | Temp Session | And I press advanced settings And I fill in select2 input "#coach_username" with id "1" and value "admin" - And wait for the page to be loaded + And wait very long for the page to be loaded And I fill in ckeditor field "description" with "Description for Temp Session" And I press "submit" Then I should see "Add courses to this session (Temp Session)" @@ -82,7 +84,7 @@ Feature: Session management tool Scenario: Delete session "Session1" Given I am on "/main/session/session_list.php?keyword=Session1" - And wait for the page to be loaded + And wait very long for the page to be loaded And I follow "Delete" And I confirm the popup Then I should see "Deleted" @@ -91,4 +93,5 @@ Feature: Session management tool Given I am on "/main/session/session_category_list.php" And I follow "Delete" And I confirm the popup + And wait for the page to be loaded Then I should see "The selected categories have been deleted"