Moodle plugins directory: KT Dashboard | Moodle.org
KT Dashboard
Experimental ::: local_dashboard
Maintained by KT Learning
A simple dashboard plugin which creates a new dashboard for Moodle to access the various blocks present in an easy way.
Latest release:
396 sites
13 downloads
8 fans
Current versions available: 1
In Moodle Users are having a difficult time finding items in the courses.
To resolve this we proposed a new Plugin to cater these problems called the KT Dashboard Plugin.
After installing this plugin the user can see a custom dashboard installed in his home page.
Using this Dashboard users can easily navigate through various blocks.
To meet this following requisite we have introduced this Dashboard section.
We had developed this plugin that will cater to this need by providing a Dashboard interface to the user.
The user when logs in will see the dashboard plugin under Home.
To access path is Home---->dashboard ( /local/dashboard)
This dashboard plugin simplifies the ease of navigating through different blocks for a user. They are:
- My Modules
- My blogs
- My Assessment
- My Messages
which will simplify an user to access various blocks in a simple way.
Contributors
KT Learning (Lead maintainer)
Please login to view contributors details and/or to contact them
http://integration.moodle.org/job/Precheck%20remote%20branch/14146/artifact/work/smurf.html
thanks for sharing your plugin, unfortunately it does not meet the standards required for approval within the plugins db. The Prechecker results above show a very large number of issues that you should look at.
The link to your source control and tracker links above are invalid (although I found the repositories in your github account) - it would be good to rename those to a more standard moodle repository naming convention if possible such as "moodle-report_ktreeuserdedicationreport"
A very quick initial look at one of your files showed this:
https://github.com/KtreeOpenSource/moodle--General-_-KTree-Dashboard--V26/blob/master/exportreportcsv.php#L36
There are a number of issues with that line
* direct access to $_GET/$_POST is not allowed, optional/required_param functions should be used with appropriate sanitisation.
* Injecting user-input in-line into SQL is not allowed (and is very dangerous) - you should use correct Moodle DML syntax and parameterisation.
* Usernames are not "fixed" - many organisations modify the username of the admin user in particular. removing Guest/admin accounts should be done using moodle capability checks.
This code suggests you need to improve your knowledge on how to write secure code. OWASP and the moodle dev docs have some very useful information that you should investigate further.
https://docs.moodle.org/dev/Security
https://www.owasp.org/index.php/PHP_Top_5
I have not looked at other files in your plugin but you need to improve the quality of this code before we can look further, once you have addressed these issues throughout your code, feel free to upload a new version here in the plugins database for someone to take another look.