rschrenk
commented
1 month ago I have found no other solution, but the Post-Vars are validated later using the Moodle mechanics. They are only put into another structure to comply with the Moodle standards, after they have been packed by a Javascript in
I would suggest avoid directly accessing to $_POST in this method, in order to comply with the security policy https://moodledev.io/general/development/policies/security#dont-trust-any-input-from-users