require_once ("backuplib.php");
require_once ("$CFG->libdir/adminlib.php");
- $id = optional_param( 'id' ); // course id
- $to = optional_param( 'to' ); // id of course to import into afterwards.
- $cancel = optional_param( 'cancel' );
- $launch = optional_param( 'launch' );
+ $id = optional_param('id', 0, PARAM_INT); // course id
+ $to = optional_param('to', 0, PARAM_INT); // id of course to import into afterwards.
+ $cancel = optional_param('cancel', '', PARAM_RAW);
+ $launch = optional_param('launch', '', PARAM_ACTION);
$loginurl = get_login_url();
//Check data
//Check module info
$var = "backup_".$modname;
- $$var = optional_param( $var,1);
+ $$var = optional_param( $var,1, PARAM_CLEAN);
//Check include user info
$var = "backup_user_info_".$modname;
- $$var = optional_param( $var,1);
+ $$var = optional_param( $var,1, PARAM_CLEAN);
}
}
//Check other parameters
- $backup_metacourse = optional_param('backup_metacourse',1);
- $backup_users = optional_param('backup_users',1);
- $backup_logs = optional_param('backup_logs',0);
- $backup_user_files = optional_param('backup_user_files',1);
- $backup_course_files = optional_param('backup_course_files',1);
- $backup_site_files = optional_param('backup_site_files',1);
+ $backup_metacourse = optional_param('backup_metacourse',1, PARAM_BOOL);
+ $backup_users = optional_param('backup_users',1, PARAM_BOOL);
+ $backup_logs = optional_param('backup_logs',0, PARAM_BOOL);
+ $backup_user_files = optional_param('backup_user_files',1, PARAM_BOOL);
+ $backup_course_files = optional_param('backup_course_files',1, PARAM_BOOL);
+ $backup_site_files = optional_param('backup_site_files',1, PARAM_BOOL);
$backup_gradebook_history = optional_param('backup_gradebook_history', 0, PARAM_INT);
- $backup_messages = optional_param('backup_messages',1);
- $backup_blogs = optional_param('backup_blogs',1);
+ $backup_messages = optional_param('backup_messages',1, PARAM_BOOL);
+ $backup_blogs = optional_param('backup_blogs',1, PARAM_BOOL);
if ($count == 0) {
notice("No backupable modules are installed!");
foreach ($instances as $instance) {
echo '<tr><td>';
$var = 'backup_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,1);
+ $$var = optional_param($var,1, PARAM_CLEAN);
print_checkbox($var,$$var,$$var,$instance->name,$instance->name,'this.form.elements[\'backup_'.$modname.'\'].checked=1;');
echo '</td><td align="right"> ';
$var = 'backup_user_info_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,1);
+ $$var = optional_param($var,1, PARAM_CLEAN);
if (empty($to)) {
print_checkbox($var,$$var,$$var,get_string('userdata'),'','this.form.elements[\'backup_user_info_'.$modname.'\'].checked=1;');
} else {
foreach ($preferences->$varname as $instance) {
$preferences->mods[$modname]->instances[$instance->id]->name = $instance->name;
$var = 'backup_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,0);
+ $$var = optional_param($var,0, PARAM_CLEAN);
$preferences->$var = $$var;
$preferences->mods[$modname]->instances[$instance->id]->backup = $$var;
$var = 'backup_user_info_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,0);
+ $$var = optional_param($var,0, PARAM_CLEAN);
$preferences->$var = $$var;
$preferences->mods[$modname]->instances[$instance->id]->userinfo = $$var;
$var = 'backup_'.$modname.'_instances';
$preferences->mods[$modname]->name = $modname;
$var = "backup_".$modname;
- $$var = optional_param( $var,0);
+ $$var = optional_param( $var,0, PARAM_CLEAN);
$preferences->$var = $$var;
$preferences->mods[$modname]->backup = $$var;
//Check include user info
$var = "backup_user_info_".$modname;
- $$var = optional_param( $var,0);
+ $$var = optional_param( $var,0, PARAM_CLEAN);
$preferences->$var = $$var;
$preferences->mods[$modname]->userinfo = $$var;
require_once("$CFG->libdir/adminlib.php");
//Optional
- $id = optional_param( 'id' );
- $file = optional_param( 'file' );
- $cancel = optional_param( 'cancel' );
- $launch = optional_param( 'launch' );
- $to = optional_param( 'to' );
- $method = optional_param( 'method' );
+ $id = optional_param('id', 0, PARAM_INT);
+ $file = optional_param( 'file', 0, PARAM_PATH);
+ $cancel = optional_param('cancel', '', PARAM_RAW);
+ $launch = optional_param( 'launch', '', PARAM_ACTION);
+ $to = optional_param('to', '', PARAM_INT);
+ $method = optional_param('method', '', PARAM_ACTION);
$backup_unique_code = optional_param('backup_unique_code',0,PARAM_INT);
//Get and check course
foreach ($allmods as $mod) {
$modname = $mod->name;
$var = "restore_".$modname;
- $$var = optional_param( $var,0);
+ $$var = optional_param( $var,0, PARAM_CLEAN);
$var = "restore_user_info_".$modname;
- $$var = optional_param( $var,0);
+ $$var = optional_param( $var,0, PARAM_CLEAN);
$instances = !empty($info->mods[$mod->name]->instances) ? $info->mods[$mod->name]->instances : NULL;
if ($instances === NULL) {
continue;
foreach ($instances as $instance) {
echo '<tr><td>';
$var = 'restore_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,1);
+ $$var = optional_param($var,1, PARAM_CLEAN);
print_checkbox($var,$$var,$$var,$instance->name,$instance->name,'this.form.elements[\'restore_'.$modname.'\'].checked=1;');
echo '</td><td align="right"> ';
$var = 'restore_user_info_'.$modname.'_instance_'.$instance->id;
- $$var = optional_param($var,1);
+ $$var = optional_param($var,1, PARAM_CLEAN);
if (!empty($info->mods[$modname]->instances) && ($info->mods[$modname]->instances[$instance->id]->userinfo == 'true')) {
print_checkbox($var,$$var,$$var,get_string('userdata'),'','this.form.elements[\'restore_user_info_'.$modname.'\'].checked=1;');
} else {
print_error('refoundtoorigi', '',
"$CFG->wwwroot/enrol/authorize/index.php?order=$orderid", $order->amount);
}
- $amount = round(optional_param('amount', $upto), 2);
+ $amount = round(optional_param('amount', $upto, PARAM_RAW), 2);
if ($amount > $upto) {
print_error('refoundto', '',
"$CFG->wwwroot/enrol/authorize/index.php?order=$orderid", $upto);
$this->sess->i_last = '';
}
- $this->currpage = optional_param($this->request[TABLE_VAR_PAGE], 0);
+ $this->currpage = optional_param($this->request[TABLE_VAR_PAGE], 0, PARAM_INT);
$this->setup = true;
/// Always introduce the "flexible" class for the table if not specified
$responsevalue[$key] = clean_param($value, PARAM_CLEAN);
}
} else {
- $responsevalue = optional_param($responsefield, '');
+ $responsevalue = optional_param($responsefield, '', PARAM_CLEAN);
}
if (is_array($responsevalue)) {
// incomplete jquiz multi-select
break;
case 'update':
if (confirm_sesskey() and $form = data_submitted()) {
- if (optional_param('cancel', 0)) {
+ if (optional_param('cancel', 0, PARAM_RAW)) {
redirect("$CFG->wwwroot/mod/lesson/essay.php?id=$cm->id");
}
}
}
- } else if ($lesson->highscores and !$lesson->practice and !optional_param('viewed', 0) and empty($pageid)) {
+ } else if ($lesson->highscores and !$lesson->practice and !optional_param('viewed', 0, PARAM_INT) and empty($pageid)) {
// Display high scores before starting lesson
redirect("$CFG->wwwroot/mod/lesson/highscores.php?id=$cm->id");
}
redirect($thispageurl);
}
-if (optional_param('addnewpagesafterselected', null) && !empty($selectedquestionids) && confirm_sesskey()) {
+if (optional_param('addnewpagesafterselected', null, PARAM_CLEAN) && !empty($selectedquestionids) && confirm_sesskey()) {
foreach ($selectedquestionids as $questionid) {
$quiz->questions = quiz_add_page_break_after($quiz->questions, $questionid);
}
further whenever desired
*/
function ewiki_id() {
- ($id = optional_param("id", '')) or
- ($id = optional_param("name", '')) or
- ($id = optional_param("page", '')) or
- ($id = optional_param("file", '')) or
+ ($id = optional_param("id", '', PARAM_CLEAN)) or
+ ($id = optional_param("name", '', PARAM_CLEAN)) or
+ ($id = optional_param("page", '', PARAM_CLEAN)) or
+ ($id = optional_param("file", '', PARAM_CLEAN)) or
(EWIKI_USE_PATH_INFO) and ($id = ltrim(@$_SERVER["PATH_INFO"], "/")) or
(!isset($_REQUEST["id"])) and ($id = trim(strtok($_SERVER["QUERY_STRING"], "&")));
if (!strlen($id) || ($id=="id=")) {
function ewiki_page_edit_form(&$id, &$data, &$hidden_postdata) {
global $ewiki_plugins, $ewiki_config, $moodle_format;
- $content = optional_param('content', '');
- $version = optional_param('version', '');
+ $content = optional_param('content', '', PARAM_CLEAN);
+ $version = optional_param('version', '', PARAM_CLEAN);
$o='';
global $ewiki_plugins;
global $USER; // MOODLE
- $id = optional_param(EWIKI_UP_BINARY, '');
+ $id = optional_param(EWIKI_UP_BINARY, '', PARAM_CLEAN);
#-- reject calls
if (!strlen($id) || !EWIKI_IDF_INTERNAL) {
global $ewiki_config;
- $ewiki_up_requestlv = optional_param(EWIKI_UP_REQUESTLV, 0);
+ $ewiki_up_requestlv = optional_param(EWIKI_UP_REQUESTLV, 0, PARAM_CLEAN);
$html = "";
srand(time()/17-1000*microtime());
if (($s = $upload_file["name"]) && (strlen($s) >= 3)
|| ($s = substr(md5(time()+microtime()),0,8) . ".dat"))
{
- if (strlen($uu = trim(optional_param("new_filename",''))) >= 3) {
+ if (strlen($uu = trim(optional_param("new_filename",'', PARAM_FILE))) >= 3) {
if ($uu != $s) {
$meta["Original-Filename"] = $s;
}
($p = strrpos($s, '\\')) and ($p++);
$meta["Content-Disposition"] = 'attachment; filename="'.urlencode(substr($s, $p)).'"';
}
- if (strlen($sect = optional_param("section",''))) {
+ if (strlen($sect = optional_param("section",'', PARAM_CLEAN))) {
if ($ewiki_upload_sections[$sect]
|| ($action==EWIKI_ACTION_ATTACHMENTS) && ($data["content"])
&& strlen($ewiki_plugins["action"][EWIKI_ACTION_ATTACHMENTS])) {
return($o);
}
}
- if (strlen($s = trim(optional_param("comment",'')))) {
+ if (strlen($s = trim(optional_param("comment",'', PARAM_CLEAN)))) {
$meta["comment"] = $s;
}
$cont=ewiki_page_wiki_dump_send($binaries,
$exportformatval,
$withvirtualpages,
- optional_param("exportdestinations", null));
+ optional_param("exportdestinations", null,PARAM_CLEAN));
}
if($cont===false) {
die;
projects / moodle.git / commitdiff