MDL-17832 - consistent adding and removing of slashes for track data.

diff --git a/mod/scorm/locallib.php b/mod/scorm/locallib.php
index e96f0614b541400c2fa2d178c8f4cb92f458ea10..5cf623c5fa61569405e24a5c5582018b964446eb 100755 (executable)
--- a/mod/scorm/locallib.php
+++ b/mod/scorm/locallib.php
@@ -362,7 +362,7 @@ function scorm_insert_track($userid,$scormid,$scoid,$attempt,$element,$value,$fo
     }
 
     if ($track = $DB->get_record('scorm_scoes_track',array('userid'=>$userid, 'scormid'=>$scormid, 'scoid'=>$scoid, 'attempt'=>$attempt, 'element'=>$element))) {
-        $track->value = $value;
+        $track->value = addslashes($value);
         $track->timemodified = time();
         $id = $DB->update_record('scorm_scoes_track',$track);
     } else {
@@ -371,7 +371,7 @@ function scorm_insert_track($userid,$scormid,$scoid,$attempt,$element,$value,$fo
         $track->scoid = $scoid;
         $track->attempt = $attempt;
         $track->element = $element;
-        $track->value = $value;
+        $track->value = addslashes($value);
         $track->timemodified = time();
         $id = $DB->insert_record('scorm_scoes_track',$track);
     }
@@ -409,6 +409,7 @@ function scorm_get_tracks($scoid,$userid,$attempt='') {
         $usertrack->timemodified = 0;
         foreach ($tracks as $track) {
             $element = $track->element;
+            $track->value = stripslashes_safe($track->value);
             $usertrack->{$element} = $track->value;
             switch ($element) {
                 case 'x.start.time':