</tr>
<tr>
<td>
- <b>Official Tags</b>
+ <b><?php print_string('otags','blog'); ?></b>
</td>
<td>
- <b>User Defined Tags</b>
+ <b><?php print_string('ptags','blog'); ?></b>
</td>
</tr>
?>
</select>
</td>
-
+
<td>
<select name="ptags[]" multiple="multiple" size="8">
<?php
<tr>
<td>
<?php
- link_to_popup_window($CFG->wwwroot."/blog/tags.php",'popup',get_string('tagmanagement'));
+ link_to_popup_window("/blog/tags.php",'popup',get_string('tagmanagement'));
?>
</td>
</tr>
print_textarea($usehtmleditor, 6, 60, 600, 500, 'body', $post->body, $post->courseid); ?>
</td>
</tr>
-<?php
+<?php
if (isset($post->useextendedbody) && $post->useextendedbody) {
print '<tr valign=top>'."\n";
print '<td align=right><strong>'."\n";
print '<br />'."\n";
print_textarea($usehtmleditor, 25, 60, 600, 500, 'extendedbody', $post->extendedbody, $post->courseid);
print '</td></tr>';
- } else {
+ } else {
print '<input type="hidden" name="extendedbody" value="" />';
}
<td align="center" colspan="3">
<input type="hidden" name="editform" value="1" id="editform" />
<input type="hidden" name="courseid" value="<?php p($post->courseid) ?>" id="courseid" />
- <?php
- //groups not supported quite yet - pseudocode:
- /*if ( isset($post->groupid) ) {
- print '<input type="hidden" name="groupid" value="'. p($post->groupid) .'" />';
- }*/
- ?>
<input type="hidden" name="userid" value="<?php p($post->userid) ?>" id="userid" />
<input type="hidden" name="userid" value="<?php echo $userid; ?>" id="userid" />
<input type="hidden" name="tem" id="tem" />
<?php
if (isset($post->postid) && ($post->postid != -1) ) {
- ?>
+?>
<input type="hidden" name="postid" value="<?php echo $post->postid; ?>" id="postid" />
<input type="hidden" name="act" value="update" id="act" />
<input type="submit" value="Update" id="Submit1" name="Submit1" />
error(get_string('noguestpost', 'forum'), $referrer);
}
-$userid = optional_param('userid', 0);
-$editid = optional_param('editid', '');
+$userid = optional_param('userid', 0, PARAM_INT);
+$editid = optional_param('editid', 0, PARAM_INT);
global $USER, $CFG;
// print 'Debug: created a new entry - entryId = '.$entryID.'<br />'; //debug
// echo 'Debug: do_save() in edit.php calling blog_do_*back_pings<br />'."\n"; //debug
- $otags = optional_param('otags');
- $ptags = optional_param('ptags');
+ $otags = optional_param('otags','', PARAM_INT);
+ $ptags = optional_param('ptags','', PARAM_INT);
+
// Add tags information
foreach ($otags as $otag) {
$tag->entryid = $entryID;
// echo 'Debug: do_update in edit.php calling do_pings<br />'."\n"; //debug
delete_records('blog_tag_instance', 'entryid', $blogentry->entryId);
- $otags = optional_param('otags');
- $ptags = optional_param('ptags');
+ $otags = optional_param('otags','', PARAM_INT);
+ $ptags = optional_param('ptags','', PARAM_INT);
// Add tags information
foreach ($otags as $otag) {
$tag->entryid = $blogentry->entryId;
require_once($CFG->libdir .'/blocklib.php');
require_once($CFG->dirroot .'/course/lib.php');
-$blockaction = optional_param('blockaction');
+$blockaction = optional_param('blockaction','', PARAM_ALPHA);
$instanceid = optional_param('instanceid', 0, PARAM_INT);
$blockid = optional_param('blockid', 0, PARAM_INT);
$groupid = optional_param('groupid', 0, PARAM_INT);
$userid = optional_param('userid', 0, PARAM_INT);
-$pageTitle = optional_param('pageTitle');
-$pageHeading = optional_param('pageHeading'/*$site->fullname*/);
-$pageFocus = optional_param('pageFocus');
-$pageMeta = optional_param('pageMeta');
-$pageNavigation = optional_param('pageNavigation');
-
if (!isset($courseid)) {
$courseid = optional_param('courseid', SITEID, PARAM_INT);
}
'<a href="'.$CFG->wwwroot.'/course/view.php?id='.$course->id.'">'.$course->shortname.'</a> ->
<a href="'.$CFG->wwwroot.'/user/index.php?id='.$course->id.'">'.$participants.'</a> ->
<a href="'.$CFG->wwwroot.'/user/view.php?id='.$filterselect.'&course='.$course->id.'">'.fullname($user).'</a> ->
- <a href="index.php?courseid='.optional_param('courseid').'&filtertype=user&filterselect='.$filterselect.'">'. "$blogstring</a> -> $tagstring: $taginstance->text",'','',true,$PAGE->get_extra_header_string());
+ <a href="index.php?courseid='.optional_param('courseid', 0, PARAM_INT).'&filtertype=user&filterselect='.$filterselect.'">'. "$blogstring</a> -> $tagstring: $taginstance->text",'','',true,$PAGE->get_extra_header_string());
} else {
print_header("$course->shortname: $blogstring", "$course->fullname",
}
// Calculate the preferred width for left, right and center (both center positions will use the same)
-$preferred_width_left = optional_param('preferred_width_left', blocks_preferred_width($pageblocks[BLOCK_POS_LEFT]));
-$preferred_width_right = optional_param('preferred_width_right', blocks_preferred_width($pageblocks[BLOCK_POS_RIGHT]));
+$preferred_width_left = optional_param('preferred_width_left', blocks_preferred_width($pageblocks[BLOCK_POS_LEFT]), PARAM_INT);
+$preferred_width_right = optional_param('preferred_width_right', blocks_preferred_width($pageblocks[BLOCK_POS_RIGHT]), PARAM_INT);
$preferred_width_left = min($preferred_width_left, BLOCK_L_MAX_WIDTH);
$preferred_width_left = max($preferred_width_left, BLOCK_L_MIN_WIDTH);
$preferred_width_right = min($preferred_width_right, BLOCK_R_MAX_WIDTH);
require_once($CFG->dirroot .'/blog/lib.php');
require_once($CFG->libdir .'/blocklib.php');
-$id = optional_param('id');
-$limit = optional_param('limit');
-$formstart = optional_param('formstart', 'none');
-$m = optional_param('m', ''); //month
-$y = optional_param('y', ''); //year
-$d = optional_param('d', ''); //day
-$limit = optional_param('limit', 'none');
-$formstart = optional_param('formstart', 'none');
+$id = optional_param('id', 0, PARAM_INT);
+$limit = optional_param('limit', 0, PARAM_INT);
+$formstart = optional_param('formstart', 'none', PARAM_ALPHA);
+$m = optional_param('m', 0, PARAM_INT); //month
+$y = optional_param('y', 0, PARAM_INT); //year
+$d = optional_param('d', 0, PARAM_INT); //day
$userid = optional_param('userid',0,PARAM_INT);
$groupid = optional_param('groupid',0,PARAM_INT);
$courseid = optional_param('courseid',0,PARAM_INT);
-$tag = optional_param('tag');
-$tagid = optional_param('tagid');
+$tag = urldecode(optional_param('tag', '', PARAM_NOTAGS));
+$tagid = optional_param('tagid', 0, PARAM_INT);
$filtertype = optional_param('filtertype', '', PARAM_ALPHA);
$filterselect = optional_param('filterselect', 0, PARAM_INT);
*/
function blog_print_html_formatted_entries(&$blogFilter, $filtertype, $filterselect) {
global $CFG, $USER;
- $blogpage = optional_param('blogpage', 0);
+ $blogpage = optional_param('blogpage', 0, PARAM_INT);
$bloglimit = get_user_preferences('blogpagesize',8); // expose as user pref when MyMoodle comes around
// First let's see if the batchpublish form has submitted data
if ($post = data_submitted()) {
print_header();
- set_user_preference('blogpagesize', optional_param('pagesize'));
+ set_user_preference('blogpagesize', optional_param('pagesize', 10, PARAM_INT));
redirect($referrer, get_string('changessaved'), 1);
exit;
require_once('../config.php');
require_once('lib.php');
- $referrer = required_param('referrer');
- $var = required_param('var');
- $value = optional_param('value');
- $userid = optional_param('userid');
- $courseid = optional_param('courseid');
- $d = optional_param('d');
- $m = optional_param('m');
- $y = optional_param('y');
- $id = optional_param('id');
+ $referrer = required_param('referrer', PARAM_NOTAGS);
+ $var = required_param('var',PARAM_ALPHA);
+ $value = optional_param('value','', PARAM_NOTAGS);
+ $userid = optional_param('userid',0 , PARAM_INT);
+ $courseid = optional_param('courseid',0, PARAM_INT);
+ $d = optional_param('d', 0, PARAM_INT);
+ $m = optional_param('m', 0, PARAM_INT);
+ $y = optional_param('y', 0, PARAM_INT);
+ $id = optional_param('id', 0, PARAM_INT);
switch($var) {
case 'setcourse':
die('you can not add official tags');
}
- if (($otag = optional_param('otag')) && (!get_record('tags','text',$otag))) {
+ if (($otag = optional_param('otag', '', PARAM_ALPHA)) && (!get_record('tags','text',$otag))) {
$tag->userid = $USER->id;
$tag->text = $otag;
$tag->type = 'official';
error ('you can not add tags');
}
- if (($ptag = optional_param('ptag')) && (!get_record('tags','text',$ptag))) {
+ if (($ptag = optional_param('ptag', '', PARAM_ALPHA)) && (!get_record('tags','text',$ptag))) {
$tag->userid = $USER->id;
$tag->text = $ptag;
$tag->type = 'personal';
error('you can not delete tags');
}
- $tags = optional_param('tags');
- print_object($tags);
- foreach ($tags as $tag) {
-
- $blogtag = get_record('tags','id',$tag);
-
- if (!isadmin() and $USER->id != $blogtag->userid) {
- notify('no right to delete');
- continue;
- }
-
- /// Only admin can delete tags that are referenced
- if (!isadmin() && get_records('blog_tag_instance','tagid', $tag)) {
- notify('tag is used by other users, can not delete!');
- continue;
- }
-
- delete_records('tags','id',$tag);
- delete_records('blog_tag_instance', 'tagid', $tag);
-
- /// remove parent window option via javascript
- echo '<script>
- var i=0;
- while (i < window.opener.document.entry[\'otags[]\'].length) {
- if (window.opener.document.entry[\'otags[]\'].options[i].value == '.$tag.') {
- window.opener.document.entry[\'otags[]\'].removeChild(opener.document.entry[\'otags[]\'].options[i]);
+ if ($tags = optional_param('tags', 0, PARAM_INT)) {
+
+ foreach ($tags as $tag) {
+
+ $blogtag = get_record('tags','id',$tag);
+
+ if (!isadmin() and $USER->id != $blogtag->userid) {
+ notify('no right to delete');
+ continue;
}
- i++;
- }
-
- var i=0;
- while (i < window.opener.document.entry[\'ptags[]\'].length) {
- if (window.opener.document.entry[\'ptags[]\'].options[i].value == '.$tag.') {
- window.opener.document.entry[\'ptags[]\'].removeChild(opener.document.entry[\'ptags[]\'].options[i]);
+
+ /// Only admin can delete tags that are referenced
+ if (!isadmin() && get_records('blog_tag_instance','tagid', $tag)) {
+ notify('tag is used by other users, can not delete!');
+ continue;
}
- i++;
- }
- </script>';
+ delete_records('tags','id',$tag);
+ delete_records('blog_tag_instance', 'tagid', $tag);
+
+ /// remove parent window option via javascript
+ echo '<script>
+ var i=0;
+ while (i < window.opener.document.entry[\'otags[]\'].length) {
+ if (window.opener.document.entry[\'otags[]\'].options[i].value == '.$tag.') {
+ window.opener.document.entry[\'otags[]\'].removeChild(opener.document.entry[\'otags[]\'].options[i]);
+ }
+ i++;
+ }
+
+ var i=0;
+ while (i < window.opener.document.entry[\'ptags[]\'].length) {
+ if (window.opener.document.entry[\'ptags[]\'].options[i].value == '.$tag.') {
+ window.opener.document.entry[\'ptags[]\'].removeChild(opener.document.entry[\'ptags[]\'].options[i]);
+ }
+ i++;
+ }
+
+ </script>';
+ }
}
//write back to window.opener
break;
projects / moodle.git / commitdiff