[WWcvs] webwork2: stop printing the problem path and the problem seed in hidden variables students

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Log Message:
-----------
stop printing the problem path and the problem seed in hidden variables

students could use this to reverse engineer the problem using the library
website.

Modified Files:
--------------
    webwork2/lib/WeBWorK/ContentGenerator:
        Problem.pm

Revision Data
-------------
Index: Problem.pm
===================================================================
RCS file: /webwork/cvs/system/webwork2/lib/WeBWorK/ContentGenerator/Problem.pm,v
retrieving revision 1.220
retrieving revision 1.221
diff -Llib/WeBWorK/ContentGenerator/Problem.pm -Llib/WeBWorK/ContentGenerator/Problem.pm -u -r1.220 -r1.221

--- lib/WeBWorK/ContentGenerator/Problem.pm
+++ lib/WeBWorK/ContentGenerator/Problem.pm
@@ -1129,15 +1129,17 @@
 			   -value   => $self->{editMode},
 		   )
 	) if defined($self->{editMode}) and $self->{editMode} eq 'temporaryFile';
-	print( CGI::hidden(
-		   		-name   => 'sourceFilePath',
-		   		-value  =>  $self->{problem}->{source_file}
-	))  if defined($self->{problem}->{source_file});
+	
+	# this is a security risk -- students can use this to find the source code for the problem
+# 	print( CGI::hidden(
+# 		   		-name   => 'sourceFilePath',
+# 		   		-value  =>  $self->{problem}->{source_file}
+# 	))  if defined($self->{problem}->{source_file});
 
-	print( CGI::hidden(
-		   		-name   => 'problemSeed',
-		   		-value  =>  $r->param("problemSeed")
-	))  if defined($r->param("problemSeed"));
+# 	print( CGI::hidden(
+# 		   		-name   => 'problemSeed',
+# 		   		-value  =>  $r->param("problemSeed")
+# 	))  if defined($r->param("problemSeed"));
 			
 	# end of main form
 	print CGI::endform();
@@ -1171,27 +1173,6 @@
 			CGI::endform();
 	}
 	
-	## feedback form url
-	#my $feedbackPage = $urlpath->newFromModule("WeBWorK::ContentGenerator::Feedback",
-	#	courseID => $courseName);
-	#my $feedbackURL = $self->systemLink($feedbackPage, authen => 0); # no authen info for form action
-	#
-	##print feedback form
-	#print
-	#	CGI::start_form(-method=>"POST", -action=>$feedbackURL),"\n",
-	#	$self->hidden_authen_fields,"\n",
-	#	CGI::hidden("module",             __PACKAGE__),"\n",
-	#	CGI::hidden("set",                $set->set_id),"\n",
-	#	CGI::hidden("problem",            $problem->problem_id),"\n",
-	#	CGI::hidden("displayMode",        $self->{displayMode}),"\n",
-	#	CGI::hidden("showOldAnswers",     $will{showOldAnswers}),"\n",
-	#	CGI::hidden("showCorrectAnswers", $will{showCorrectAnswers}),"\n",
-	#	CGI::hidden("showHints",          $will{showHints}),"\n",
-	#	CGI::hidden("showSolutions",      $will{showSolutions}),"\n",
-	#	CGI::p({-align=>"left"},
-	#		CGI::submit(-name=>"feedbackForm", -label=>"Email instructor")
-	#	),
-	#	CGI::endform(),"\n";
 	
 	print $self->feedbackMacro(
 		module             => __PACKAGE__,




[WWcvs] webwork2: stop printing the problem path and the problem seed in hidden variables students

[WWcvs] webwork2: stop printing the problem path and the problem seed in hidden variables students could use this to reverse engineer