$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $thefeedback;
+ $element->feedback = clean_param($thefeedback, PARAM_CLEAN);
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
}
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $form->feedback[$key];
+ $element->feedback = clean_param($form->feedback[$key]);
$element->grade = $thegrade;
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = $i;
- $element->feedback = $form->feedback[$i];
+ $element->feedback = clean_param($form->feedback[$i], PARAM_CLEAN);
$element->grade = $form->grade[$i];
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $form->feedback[$key];
+ $element->feedback = clean_param($form->feedback[$key], PARAM_CLEAN);
$element->grade = $thegrade;
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
// any comment?
if (!empty($form->generalcomment)) {
- set_field("exercise_assessments", "generalcomment", $form->generalcomment, "id", $assessment->id);
+ set_field("exercise_assessments", "generalcomment", clean_param($form->generalcomment, PARAM_CLEAN), "id", $assessment->id);
}
// is user allowed to resubmit?
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $thefeedback;
+ $element->feedback = clean_param($thefeedback, PARAM_CLEAN);
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
}
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $form->feedback[$key];
+ $element->feedback = clean_param($form->feedback[$key], PARAM_CLEAN);
$element->grade = $thegrade;
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = $i;
- $element->feedback = $form->feedback[$i];
+ $element->feedback = clean_param($form->feedback[$i], PARAM_CLEAN);
$element->grade = $form->grade[$i];
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
$element->exerciseid = $exercise->id;
$element->assessmentid = $assessment->id;
$element->elementno = clean_param($key, PARAM_INT);
- $element->feedback = $form->feedback[$key];
+ $element->feedback = clean_param($form->feedback[$key], PARAM_CLEAN);
$element->grade = $thegrade;
if (!$element->id = insert_record("exercise_grades", $element)) {
error("Could not insert exercise element!");
// any comment?
if (!empty($form->generalcomment)) {
- set_field("exercise_assessments", "generalcomment", $form->generalcomment, "id", $assessment->id);
+ set_field("exercise_assessments", "generalcomment", clean_param($form->generalcomment, PARAM_CLEAN), "id", $assessment->id);
}
// now calculate the (grading) grade of the student's assessment...
projects / moodle.git / commitdiff