if ($stockcomments = get_records_select("workshop_stockcomments", "workshopid = $workshop->id
AND elementno = $i", "id")) { // show comments in fixed order (oldest first)
foreach ($stockcomments as $stockcomment) {
- echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'$stockcomment->comments';\"><<$stockcomment->comments>></a>\n";
+ echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'".
+ addslashes($stockcomment->comments)."';\"><<$stockcomment->comments>></a>\n";
if (isteacheredit($course->id, $USER->id)) {
echo " <a onclick=\"document.assessmentform.action.value='removestockcomment';document.assessmentform.stockcommentid.value=$stockcomment->id;document.assessmentform.submit();\"> <small><i><--".get_string("delete","workshop")."</i></small></a>\n";
}
if ($stockcomments = get_records_select("workshop_stockcomments", "workshopid = $workshop->id
AND elementno = $i", "id")) { // get comments in a fixed order - oldest first
foreach ($stockcomments as $stockcomment) {
- echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'$stockcomment->comments';\"><<$stockcomment->comments>></a>\n";
+ echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'".
+ addslashes($stockcomment->comments).
+ "';\"><<$stockcomment->comments>></a>\n";
if (isteacheredit($course->id, $USER->id)) {
echo " <a onclick=\"document.assessmentform.action.value='removestockcomment';document.assessmentform.stockcommentid.value=$stockcomment->id;document.assessmentform.submit();\"> <small><i><--".get_string("delete","workshop")."</i></small></a>\n";
}
if ($stockcomments = get_records_select("workshop_stockcomments", "workshopid = $workshop->id
AND elementno = $i", "id")) { // get comments in a fixed order - oldest first
foreach ($stockcomments as $stockcomment) {
- echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'$stockcomment->comments';\"><<$stockcomment->comments>></a>\n";
+ echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'".
+ addslashes($stockcomment->comments).
+ "';\"><<$stockcomment->comments>></a>\n";
if (isteacheredit($course->id, $USER->id)) {
echo " <a onclick=\"document.assessmentform.action.value='removestockcomment';document.assessmentform.stockcommentid.value=$stockcomment->id;document.assessmentform.submit();\"> <small><i><--".get_string("delete","workshop")."</i></small></a>\n";
}
if ($stockcomments = get_records_select("workshop_stockcomments", "workshopid = $workshop->id
AND elementno = $i", "id")) { // show comments in fixed (creation) order
foreach ($stockcomments as $stockcomment) {
- echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'$stockcomment->comments';\"><<$stockcomment->comments>></a>\n";
+ echo "<a onclick=\"document.assessmentform.feedback_$i.value+=' '+'".
+ addslashes($stockcomment->comments).
+ "';\"><<$stockcomment->comments>></a>\n";
if (isteacheredit($course->id, $USER->id)) {
echo " <a onclick=\"document.assessmentform.action.value='removestockcomment';document.assessmentform.stockcommentid.value=$stockcomment->id;document.assessmentform.submit();\"> <small><i><--".get_string("delete","workshop")."</i></small></a>\n";
}
if ($stockcomments = get_records_select("workshop_stockcomments", "workshopid = $workshop->id
AND elementno = 99", "id")) { // show in the same order (oldest at the top)
foreach ($stockcomments as $stockcomment) {
- echo "<a onclick=\"document.assessmentform.generalcomment.value+=' '+'$stockcomment->comments';\"><<$stockcomment->comments>></a>\n";
+ echo "<a onclick=\"document.assessmentform.generalcomment.value+=' '+'".
+ addslashes($stockcomment->comments)."';\"><<$stockcomment->comments>></a>\n";
if (isteacheredit($course->id, $USER->id)) {
echo " <a onclick=\"document.assessmentform.action.value='removestockcomment';document.assessmentform.stockcommentid.value=$stockcomment->id;document.assessmentform.submit();\"> <small><i><--".get_string("delete","workshop")."</i></small></a>\n";
}
projects / moodle.git / commitdiff