// took out hspace="\10\", because it does not validate. don't know what to replace with.
$icon = "<img src=\"$CFG->modpixpath/$module->name/icon.gif\" class=\"icon\" alt=\"\" />";
- $delete = "<a href=\"modules.php?delete=$module->name&sesskey=$USER->sesskey\">$strdelete</a>";
+ $delete = "<a href=\"modules.php?delete=$module->name&sesskey=".sesskey()."\">$strdelete</a>";
if (file_exists("$CFG->dirroot/mod/$module->name/settings.php") ||
file_exists("$CFG->dirroot/mod/$module->name/settingstree.php")) {
}
if ($module->visible) {
- $visible = "<a href=\"modules.php?hide=$module->name&sesskey=$USER->sesskey\" title=\"$strhide\">".
+ $visible = "<a href=\"modules.php?hide=$module->name&sesskey=".sesskey()."\" title=\"$strhide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" class=\"icon\" alt=\"$strhide\" /></a>";
$class = "";
} else {
- $visible = "<a href=\"modules.php?show=$module->name&sesskey=$USER->sesskey\" title=\"$strshow\">".
+ $visible = "<a href=\"modules.php?show=$module->name&sesskey=".sesskey()."\" title=\"$strshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" class=\"icon\" alt=\"$strshow\" /></a>";
$class = " class=\"dimmed_text\"";
}
echo '<center><form action="timezone.php" method="post">';
echo "$strusers ($strall): ";
choose_from_menu ($timezones, "zone", $current, get_string("serverlocaltime"), "", "99");
- echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
+ echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
echo '<input type="submit" value="'.s($strsavechanges).'" />';
echo "</form></center>";
$deletebutton = "";
} else {
if (has_capability('moodle/user:delete', $sitecontext)) {
- $deletebutton = "<a href=\"user.php?delete=$user->id&sesskey=$USER->sesskey\">$strdelete</a>";
+ $deletebutton = "<a href=\"user.php?delete=$user->id&sesskey=".sesskey()."\">$strdelete</a>";
} else {
$deletebutton ="";
}
if (has_capability('moodle/user:update', $sitecontext) and ($user->id==$USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) {
$editbutton = "<a href=\"$securewwwroot/user/editadvanced.php?id=$user->id&course=$site->id\">$stredit</a>";
if ($user->confirmed == 0) {
- $confirmbutton = "<a href=\"user.php?confirmuser=$user->id&sesskey=$USER->sesskey\">" . get_string('confirm') . "</a>";
+ $confirmbutton = "<a href=\"user.php?confirmuser=$user->id&sesskey=".sesskey()."\">" . get_string('confirm') . "</a>";
} else {
$confirmbutton = "";
}
$buttonadd = get_string('add', $tagslang);
$arrowtitle = get_string('arrowtitle', $tagslang);
$coursetaghelpbutton = helpbutton('addtags', 'adding tags', $tagslang, TRUE, FALSE, '', TRUE);
+ $sesskey = sesskey();
$this->content->footer .= <<<EOT
<hr />
<form action="{$CFG->wwwroot}/tag/coursetags_add.php" method="post" id="coursetag"
<div style="display: none;">
<input type="hidden" name="entryid" value="$COURSE->id" />
<input type="hidden" name="userid" value="$USER->id" />
- <input type="hidden" name="sesskey" value="$USER->sesskey" />
+ <input type="hidden" name="sesskey" value="$sesskey" />
</div>
<div><label for="coursetag_new_tag">$tagthisunit</label></div>
<div class="coursetag_form_wrapper">
unset($tempdisplaylist[$key]);
}
}
- popup_form ("index.php?move=$category->id&sesskey=$USER->sesskey&moveto=", $tempdisplaylist, "moveform$category->id", $category->parent, '', '', '', false);
+ popup_form ("index.php?move=$category->id&sesskey=".sesskey()."&moveto=", $tempdisplaylist, "moveform$category->id", $category->parent, '', '', '', false);
}
echo '</td>';
echo '</tr>';
///add the module parameter to the paging bar if they exists
$modulelink = "";
if (!empty($modulelist) and confirm_sesskey()) {
- $modulelink = "&modulelist=".$modulelist."&sesskey=".$USER->sesskey;
+ $modulelink = "&modulelist=".$modulelist."&sesskey=".sesskey();
}
print_navigation_bar($totalcount, $page, $perpage, $encodedsearch, $modulelink);
} else {
/// Show editing UI.
echo "<form id=\"movecourses\" action=\"search.php\" method=\"post\">\n";
- echo "<div><input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
+ echo "<div><input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />\n";
echo "<input type=\"hidden\" name=\"search\" value=\"".s($search)."\" />\n";
echo "<input type=\"hidden\" name=\"page\" value=\"$page\" />\n";
echo "<input type=\"hidden\" name=\"perpage\" value=\"$perpage\" /></div>\n";
// checks whether user can change visibility
if (has_capability('moodle/course:visibility', $coursecontext)) {
if (!empty($course->visible)) {
- echo "<a title=\"".get_string("hide")."\" href=\"search.php?search=$encodedsearch&perpage=$perpage&page=$page&hide=$course->id&sesskey=
$USER->sesskey\">\n<img".
+ echo "<a title=\"".get_string("hide")."\" href=\"search.php?search=$encodedsearch&perpage=$perpage&page=$page&hide=$course->id&sesskey=
".sesskey()."\">\n<img".
" src=\"$pixpath/t/hide.gif\" class=\"iconsmall\" alt=\"".get_string("hide")."\" /></a>\n ";
} else {
- echo "<a title=\"".get_string("show")."\" href=\"search.php?search=$encodedsearch&perpage=$perpage&page=$page&show=$course->id&sesskey=
$USER->sesskey\">\n<img".
+ echo "<a title=\"".get_string("show")."\" href=\"search.php?search=$encodedsearch&perpage=$perpage&page=$page&show=$course->id&sesskey=
".sesskey()."\">\n<img".
" src=\"$pixpath/t/show.gif\" class=\"iconsmall\" alt=\"".get_string("show")."\" /></a>\n ";
}
}
"index.php?id={$courseid}", "index.php?id={$courseid}",
array('outcomeid' => $outcome->id,
'action'=> 'delete',
- 'sesskey' => $USER->sesskey,
+ 'sesskey' => sesskey(),
'deleteconfirmed'=> 1)
);
print_footer();
$buttons .= "<a title=\"$stredit\" href=\"edit.php?courseid=$courseid&id=$outcome->id\"><img".
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
if ($outcome->can_delete()) {
- $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&outcomeid=$outcome->id&action=delete&sesskey=
$USER->sesskey\"><img".
+ $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&outcomeid=$outcome->id&action=delete&sesskey=
".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
}
if (has_capability('moodle/grade:manage', get_context_instance(CONTEXT_SYSTEM)) and $outcome->can_delete()) {
- $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&outcomeid=$outcome->id&action=delete&sesskey=
$USER->sesskey\"><img".
+ $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&outcomeid=$outcome->id&action=delete&sesskey=
".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
$buttons .= "<a title=\"$stredit\" href=\"edit.php?courseid=$courseid&id=$scale->id\"><img".
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
if (!$used) {
- $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&scaleid=$scale->id&action=delete&sesskey=
$USER->sesskey\"><img".
+ $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&scaleid=$scale->id&action=delete&sesskey=
".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
}
if (!$used and has_capability('moodle/course:managescales', get_context_instance(CONTEXT_SYSTEM))) {
- $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&scaleid=$scale->id&action=delete&sesskey=
$USER->sesskey\"><img".
+ $buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&scaleid=$scale->id&action=delete&sesskey=
".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
global $USER, $CFG;
$this->courseid = $courseid;
- $this->commonvars = "&sesskey=$USER->sesskey&id=$this->courseid";
+ $this->commonvars = "&sesskey=".sesskey()."&id=$this->courseid";
$this->context = get_context_instance(CONTEXT_COURSE, $courseid);
// get course grade tree
global $USER, $CFG;
$this->courseid = $courseid;
- $this->commonvars = "&sesskey=$USER->sesskey&id=$this->courseid";
+ $this->commonvars = "&sesskey=".sesskey()."&id=$this->courseid";
$this->levels = array();
$this->context = get_context_instance(CONTEXT_COURSE, $courseid);
if (ismoving($SITE->id)) {
$stractivityclipboard = strip_tags(get_string('activityclipboard', '', $USER->activitycopyname));
echo '<p><font size="2">';
- echo "$stractivityclipboard (<a href=\"course/mod.php?cancelcopy=true&sesskey=$USER->sesskey\">". get_string('cancel') .'</a>)';
+ echo "$stractivityclipboard (<a href=\"course/mod.php?cancelcopy=true&sesskey=".sesskey()."\">". get_string('cancel') .'</a>)';
echo '</font></p>';
}
return "<form $CFG->frametarget method=\"get\" action=\"$CFG->wwwroot/course/search.php\">".
'<div>'.
"<input type=\"hidden\" name=\"edit\" value=\"$edit\" />".
- "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />".
+ "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />".
"<input type=\"hidden\" name=\"search\" value=\"".s($search, true)."\" />".
"<input type=\"hidden\" name=\"page\" value=\"$page\" />".
"<input type=\"hidden\" name=\"perpage\" value=\"$perpage\" />".
if ($deletesession and has_capability('mod/chat:deletelog', $context)) {
notice_yesno(get_string('deletesessionsure', 'chat'),
- "report.php?id=$cm->id&deletesession=1&confirmdelete=1&start=$start&end=$end&sesskey=$USER->sesskey",
+ "report.php?id=$cm->id&deletesession=1&confirmdelete=1&start=$start&end=$end&sesskey=".sesskey(),
"report.php?id=$cm->id");
}
}
//check whether the user has a session
- if(!isset($USER->sesskey) OR !$USER->sesskey) {
- print_error('error');
- }
+ // there used to be a sesskey test - this could not work - sorry
//check whether the feedback is located and! started from the mainsite
if($course->id == SITEID AND !$courseid) {
//check, if all required items have a value
if(feedback_check_values($_POST, $startitempos, $lastitempos)) {
$userid = $USER->id; //arb
- if($completedid = feedback_save_guest_values($_POST, $USER->sesskey)){
+ if($completedid = feedback_save_guest_values($_POST, sesskey())){
add_to_log($course->id, 'feedback', 'startcomplete', 'view.php?id='.$cm->id, $feedback->id); //arb: log even guest submissions or at least the startcomplete since the other add log event is elsewhere
if(!$gonextpage AND !$gopreviouspage) $preservevalues = false;//es kann gespeichert werden
$firstpagebreak = false;
}
$maxitemcount = $DB->count_records('feedback_item', array('feedback'=>$feedback->id));
- $feedbackcompletedtmp = feedback_get_current_completed($feedback->id, true, $courseid, $USER->sesskey);
+ $feedbackcompletedtmp = feedback_get_current_completed($feedback->id, true, $courseid, sesskey());
/// Print the main part of the page
///////////////////////////////////////////////////////////////////////////
$value = isset($formdata->{$frmvaluename})?$formdata->{$frmvaluename}:NULL;
}else {
if(isset($feedbackcompletedtmp->id)) {
- $value = feedback_get_item_value($feedbackcompletedtmp->id, $feedbackitem->id, $USER->sesskey);
+ $value = feedback_get_item_value($feedbackcompletedtmp->id, $feedbackitem->id, sesskey());
}
}
echo '<tr>';
echo '<input type="hidden" name="deletetempl" value="'.$template->id.'" />';
echo '<input type="hidden" name="shoulddelete" value="1" />';
echo '<input type="hidden" name="id" value="'.$id.'" />';
- echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '</form>';
echo '</td></tr>';
}
}
?>
<form name="frm" action="<?php echo $ME;?>" method="post">
- <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey;?>" />
+ <input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<input type="hidden" name="id" value="<?php echo $id;?>" />
<input type="hidden" name="canceldelete" value="0" />
<button type="button" onclick="this.form.canceldelete.value=1;this.form.submit();"><?php print_string('cancel');?></button>
$query = 'id='.$id;
$query .= '&do_show='.$tab;
- //$query .= '&sesskey='.$USER->sesskey;
+ //$query .= '&sesskey='.sesskey();
return $query;
}
function feedback_edit_print_default_form_values($id, $tab) {
global $USER;
- echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<input type="hidden" name="id" value="'.$id.'" />';
echo '<input type="hidden" name="do_show" value="'.$tab.'" />';
}
// print_simple_box_start('center');
print_box_start('generalbox boxwidthwide boxaligncenter');
echo '<form action="'.$ME.'" method="post">';
- echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
//this div makes the buttons stand side by side
echo '<div>';
<td align="right">
<?php
$show_button_link = $ME;
- $show_button_options = array('sesskey'=>$USER->sesskey, 'userid'=>$student->id, 'do_show'=>'showoneentry', 'id'=>$id);
+ $show_button_options = array('sesskey'=>sesskey(), 'userid'=>$student->id, 'do_show'=>'showoneentry', 'id'=>$id);
$show_button_label = get_string('show_entries', 'feedback');
print_single_button($show_button_link, $show_button_options, $show_button_label, 'post');
?>
<td align="right">
<?php
$delete_button_link = 'delete_completed.php';
- $delete_button_options = array('sesskey'=>$USER->sesskey, 'completedid'=>$feedbackcompleted->id, 'do_show'=>'showoneentry', 'id'=>$id);
+ $delete_button_options = array('sesskey'=>sesskey(), 'completedid'=>$feedbackcompleted->id, 'do_show'=>'showoneentry', 'id'=>$id);
$delete_button_label = get_string('delete_entry', 'feedback');
print_single_button($delete_button_link, $delete_button_options, $delete_button_label, 'post');
?>
<td align="right">
<?php
$show_anon_button_link = 'show_entries_anonym.php';
- $show_anon_button_options = array('sesskey'=>$USER->sesskey, 'userid'=>0, 'do_show'=>'showoneentry', 'id'=>$id);
+ $show_anon_button_options = array('sesskey'=>sesskey(), 'userid'=>0, 'do_show'=>'showoneentry', 'id'=>$id);
$show_anon_button_label = get_string('show_entries', 'feedback');
print_single_button($show_anon_button_link, $show_anon_button_options, $show_anon_button_label, 'post');
?>
// print_simple_box_start("center", '50%');
print_box_start('generalbox boxaligncenter boxwidthnormal');
echo '<form>';
- echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<table width="100%">';
$itemnr = 0;
foreach($feedbackitems as $feedbackitem){
<table>
<tr>
<td>
- <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey;?>" />
+ <input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<select name="completedid" size="<?php echo (sizeof($feedbackcompleteds)>10)?10:5;?>">
<?php
if(is_array($feedbackcompleteds)) {
// print_simple_box_start("center", '50%');
print_box_start('generalbox boxaligncenter boxwidthnormal');
echo '<form>';
- echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<table width="100%">';
$itemnr = 0;
foreach($feedbackitems as $feedbackitem){
//if the user is not known so we cannot save the values temporarly
if(!isset($USER->username) OR $USER->username == 'guest') {
$completefile = 'complete_guest.php';
- $guestid = $USER->sesskey;
+ $guestid = sesskey();
}else {
$completefile = 'complete.php';
$guestid = false;
add_to_log($course->id, "hotpot", "view all", "index.php?id=$course->id", "");
- // Moodle 1.4+ requires sesskey to be passed in forms
- if (isset($USER->sesskey)) {
- $sesskey = '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
- } else {
- $sesskey = '';
- }
+ $sesskey = '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
// get message strings for titles
$strmodulenameplural = get_string("modulenameplural", "hotpot");
<form method="post" action="edit.php"><div>
<fieldset class="invisiblefieldset" style="display: block;">
<label for="<?php echo "inputq$qnum" ?>"><?php echo $strgrade; ?></label>:<br />
- <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<?php echo $pageurl->hidden_params_out(); ?>
<input type="hidden" name="savechanges" value="save" />
<?php
$strsave=get_string('save',"quiz");
echo "<form method=\"post\" action=\"edit.php\"><div>";
echo '<fieldset class="invisiblefieldset" style="display: block;">';
- echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
+ echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
echo $pageurl->hidden_params_out();
$a='<input type="text" id="inputmaxgrade" name="maxgrade" size="' . ($quiz->decimalpoints + 2) . '" tabindex="'.($tabindex)
.'" value="'.quiz_format_grade($quiz, $quiz->grade).'" />';
$options['courseid'] = $course->id;
$options['cmid'] = $cm->id;
$options['file'] = $resource->reference;
- $options['sesskey'] = $USER->sesskey;
+ $options['sesskey'] = sesskey();
$options['inpopup'] = $inpopup;
if ($errorcode == 3) {
$label = get_string ('deploy', 'resource');
}
//popupwin(datastring);
var myRequest = NewHttpReq();
- result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
+ result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
results = result.split('\n');
errorCode = results[1];
return results[0];
datastring += '&scoid=<?php echo $scoid ?>';
var myRequest = NewHttpReq();
- result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
+ result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
results = String(result).split('\n');
errorCode = results[1];
return results[0];
// }
?>
var myRequest = NewHttpReq();
- var result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
+ var result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
<?php
// if (scorm_debugging($scorm)) {
// echo 'popupwin(result);';
if (question_has_capability_on($question, 'edit', $question->category)) {
// hide-feature
if($question->hidden) {
- echo "<a title=\"$strrestore\" href=\"edit.php?".$pageurl->get_query_string()."&unhide=$question->id&sesskey=
$USER->sesskey\"><img
+ echo "<a title=\"$strrestore\" href=\"edit.php?".$pageurl->get_query_string()."&unhide=$question->id&sesskey=
".sesskey()."\"><img
src=\"$CFG->pixpath/t/restore.gif\" alt=\"$strrestore\" /></a>";
} else {
echo "<a title=\"$strdelete\" href=\"edit.php?".$pageurl->get_query_string()."&deleteselected=$question->id&q$question->id=1\"><img
$script = coursetag_get_jscript();
$addtagshelp = helpbutton('addtags', 'adding tags', $tagslang, TRUE, FALSE, '', TRUE);
$edittagthisunit = get_string('edittagthisunit', $tagslang);
- $arrowtitle = get_string('arrowtitle', $tagslang);
+ $arrowtitle = get_string('arrowtitle', $tagslang);
+ $sesskey = sesskey();
$outstr .= <<<EOT
$script
<form action="$CFG->wwwroot/tag/coursetags_edit.php" method="post" id="coursetag">
<div style="display: none;">
<input type="hidden" name="courseid" value="$course->id" />
- <input type="hidden" name="sesskey" value="$USER->sesskey" />
+ <input type="hidden" name="sesskey" value="$sesskey" />
</div>
<div class="coursetag_edit_centered">
<div class="coursetag_edit_row">
print_heading($strthemes);
$themes = get_list_of_plugins("theme");
- $sesskey = !empty($USER->id) ? $USER->sesskey : '';
+ $sesskey = sesskey();
echo "<table style=\"margin-left:auto;margin-right:auto;\" cellpadding=\"7\" cellspacing=\"5\">\n";
projects / moodle.git / commitdiff