Formation of optimized learning groups - by topic preference or best match of individuals' characteristics and preferences; in one easy to use Moodle acticity
GNU General Public License v3.0
6
stars
5
forks
source link
hand-rolled forms should implement sesskey checks #2
you seem to have a few hand-rolled forms like this one: https://github.com/jkonert/moodle-mod_groupformation/blob/master/analysis_view.php#L130
you should be checking the sesskey using functions like confirm_sesskey() before performing any actions to help avoid csrf
https://docs.moodle.org/dev/Security:Cross-site_request_forgery