]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 203b7e2)
MDL-18212 - switch to addslashes_js - thanks Tim.
authorpiers <piers>
Wed, 25 Feb 2009 22:56:59 +0000 (22:56 +0000)
committerpiers <piers>
Wed, 25 Feb 2009 22:56:59 +0000 (22:56 +0000)
mod/scorm/locallib.php patch | blob | history
mod/scorm/report.php patch | blob | history

diff --git a/mod/scorm/locallib.php b/mod/scorm/locallib.php
index 5cf623c5fa61569405e24a5c5582018b964446eb..23239655ad7768dbb52df035a69dc24b18104e5f 100755 (executable)
--- a/mod/scorm/locallib.php
+++ b/mod/scorm/locallib.php
@@ -362,7 +362,7 @@ function scorm_insert_track($userid,$scormid,$scoid,$attempt,$element,$value,$fo
     }
 
     if ($track = $DB->get_record('scorm_scoes_track',array('userid'=>$userid, 'scormid'=>$scormid, 'scoid'=>$scoid, 'attempt'=>$attempt, 'element'=>$element))) {
-        $track->value = addslashes($value);
+        $track->value = addslashes_js($value);
         $track->timemodified = time();
         $id = $DB->update_record('scorm_scoes_track',$track);
     } else {
@@ -371,7 +371,7 @@ function scorm_insert_track($userid,$scormid,$scoid,$attempt,$element,$value,$fo
         $track->scoid = $scoid;
         $track->attempt = $attempt;
         $track->element = $element;
-        $track->value = addslashes($value);
+        $track->value = addslashes_js($value);
         $track->timemodified = time();
         $id = $DB->insert_record('scorm_scoes_track',$track);
     }
diff --git a/mod/scorm/report.php b/mod/scorm/report.php
index 37986e8faafa9e2142ca8ad425ee200635c39cbd..1c0c1ea6608440135ad1d9e4a523afd546afe9d3 100755 (executable)
--- a/mod/scorm/report.php
+++ b/mod/scorm/report.php
@@ -194,7 +194,7 @@
                 }
                 echo '<div id="scormtablecontainer">';
                 if (has_capability('mod/scorm:deleteresponses',$contextmodule)) {
-                    echo '<form id="attemptsform" method="post" action="'.$FULLSCRIPT.'" onsubmit="var menu = document.getElementById(\'menuaction\'); return (menu.options[menu.selectedIndex].value == \'delete\' ? \''.addslashes(get_string('deleteattemptcheck','quiz')).'\' : true);">';
+                    echo '<form id="attemptsform" method="post" action="'.$FULLSCRIPT.'" onsubmit="var menu = document.getElementById(\'menuaction\'); return (menu.options[menu.selectedIndex].value == \'delete\' ? \''.addslashes_js(get_string('deleteattemptcheck','quiz')).'\' : true);">';
                     echo '<input type="hidden" name="id" value="'.$id.'">';
                     print_table($table);
                     echo '<a href="javascript:select_all_in(\'DIV\',null,\'scormtablecontainer\');">'.get_string('selectall', 'quiz').'</a> / ';
Unnamed repository; edit this file to name it for gitweb.