]> git.mjollnir.org Git - moodle.git/commitdiff
general cleanup of xxx_parameter() functions; fixed broken requesting of courses
authorskodak <skodak>
Wed, 12 Apr 2006 16:41:10 +0000 (16:41 +0000)
committerskodak <skodak>
Wed, 12 Apr 2006 16:41:10 +0000 (16:41 +0000)
course/index.php
course/pending-reject.html
course/pending.php
course/recent.php
course/request.html
course/request.php

index 40cb9f1dcbc89383e4884c013a289f826c7ce14d..c2e3a011e136e4f67452aa6f1e580cd0e5e48876 100644 (file)
@@ -60,7 +60,7 @@
             print_single_button("edit.php", NULL, get_string("addnewcourse"), "get");
         }
         if (!empty($CFG->enablecourserequests)) {
-            print_single_button('request.php',NULL, get_string('requestcourse'),"get");
+            print_single_button('pending.php',NULL, get_string('coursespending'),"get");
         }
         echo "</center>";
         print_footer();
index f0a4a5d41f7ec33eb4656d2d58814d500f91bbdb..6c6203e380312ba9477e2be4b7552ec3a107d308 100644 (file)
@@ -3,4 +3,5 @@
 <textarea name="rejectnotice" rows="10" cols="50"></textarea><br />
 <input type="submit" value="<?php print_string("savechanges");?>" />
 <input type="button" value="<?php print_string("cancel"); ?>"  onClick="window.location='pending.php';" />
+<input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
 </form>
\ No newline at end of file
index fefede22515bc71d89c2f1eea5129099361dadf3..a02022b6620d1dbc9ca3737a9e4f3324f92d18ae 100644 (file)
                 $course->shortname .= ' [*]';
                 $collision = 1;
             }
+            //do not output raw html from request, quote html entities using s()!!
             $table->data[] = array(((!empty($course->password)) ? 
                                     '<img hspace="1" alt="'.$strrequireskey.'" height="16" width="16" border="0" src="'.$CFG->pixpath.'/i/key.gif" />' : ''),
-                                   $course->shortname,$course->fullname,fullname($requester),
-                                   $course->summary,$course->reason,
-                                   '<a href="pending.php?approve='.$course->id.'">'.get_string('approve').'</a> | '
-                                   .'<a href="pending.php?reject='.$course->id.'">'.get_string('reject').'</a>');
+                                   s($course->shortname),s($course->fullname),fullname($requester),
+                                   s($course->summary),s($course->reason),
+                                   '<a href="pending.php?approve='.$course->id.'&amp;sesskey='.sesskey().'">'.get_string('approve').'</a> | '
+                                   .'<a href="pending.php?reject='.$course->id.'&amp;sesskey='.sesskey().'">'.get_string('reject').'</a>');
         }
         print_table($table);
         if (!empty($collision)) {
index 4ed8be6ff2b09135727d58658a3a816a7bf91807..632fab0605fd9cf5084c43c30ec202a45c1f5e12 100644 (file)
@@ -5,17 +5,16 @@
     require_once("../config.php");
     require_once("lib.php");
 
-    $id = required_param('id',PARAM_INT);
-
-    $user = optional_param('user', '0', PARAM_INT);
-    $sortby = optional_param('sortby', 'default');
-    $selectedgroup = optional_param('selectedgroup', '');
-    $date = optional_param('date','',PARAM_CLEAN);
-    $advancedfilter = optional_param('advancedfilter',0,PARAM_INT);
-    $modname = optional_param('modname','' );
-    $modid = optional_param('modid','' );
-    $modaction = optional_param('modaction','' );
-    $chooserecent = optional_param('chooserecent',0,PARAM_INT);
+    $id             = required_param('id', PARAM_INT);
+    $user           = optional_param('user', '0', PARAM_INT);
+    $sortby         = optional_param('sortby', 'default', PARAM_ALPHA);
+    $selectedgroup  = optional_param('selectedgroup', 0, PARAM_INT);
+    $date           = optional_param('date', '', PARAM_INT);
+    $advancedfilter = optional_param('advancedfilter', 0, PARAM_INT);
+    $modname        = optional_param('modname', '', PARAM_ALPHA);          // not used??
+    $modid          = optional_param('modid', 'activity/All', PARAM_FILE); // not a file, but looks like it anyway
+    $modaction      = optional_param('modaction', '', PARAM_ALPHA);        // not used??
+    $chooserecent   = optional_param('chooserecent', 0, PARAM_INT);
 
     if (! $course = get_record("course", "id", $id) ) {
         error("That's an invalid course id");
@@ -82,9 +81,6 @@
 
     }
 
-    if (!isset($modid)) {
-        $modid="activity/All";
-    }
     $tmpmodid = $modid;
 
     switch ($tmpmodid) {
                 $groupmode = groupmode($course, $coursemod);
                 switch ($groupmode) {
                     case SEPARATEGROUPS :  $groupid = mygroupid($course->id); break;
-                    case VISIBLEGROUPS  :
-                                           if ($selectedgroup == "allgroups") {
-                                               $groupid = "";
-                                           } else {
-                                               $groupid = $selectedgroup;
-                                           }
-                                           break;
+                    case VISIBLEGROUPS  :  $groupid = $selectedgroup; break;
                     case NOGROUPS       :
-                    default             :  $groupid = "";
+                    default             :  $groupid = 0;
                 }
 
                 $libfile = "$CFG->dirroot/mod/$coursemod->name/lib.php";
index 9ced5ff3b76ecce75a6efcf8e995f5077a10ee79..e41cf6286865d2db37f7c4923fa9c4900814b043 100644 (file)
@@ -65,5 +65,5 @@ if (empty($form->password)) {
     <td><input type="submit" value="<?php  print_string("savechanges") ?>" /></td>
 </tr>
 </table>
-<input type="hidden" name="sesskey" value="<?php echo $form->sesskey ?>" />
+<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
 </form>
\ No newline at end of file
index 18c1a57cd3e85f4a1957e6743edef5b219ef9eb7..099766403eb91dd7ae5ced5fdcd1f04831efa368 100644 (file)
@@ -1,11 +1,15 @@
-<?php
+<?php  // $Id$
  
     /// this allows a student to request a course be created for them.
 
-    require_once(dirname(dirname(__FILE__)).'/config.php');
+    require_once('../config.php');
   
     require_login();
 
+    if (isguest()) {
+        error("No guests here!");
+    }
+
     if (empty($CFG->enablecourserequests)) {
         error(get_string('courserequestdisabled'));
     }
@@ -14,8 +18,7 @@
 
     print_header($strtitle,$strtitle,$strtitle);
 
-    $form = data_submitted();
-    if (!empty($form) && confirm_sesskey()) {
+    if (($form = data_submitted()) and confirm_sesskey()) {
         validate_form($form,$err) ;
 
         if (empty($err)) {
@@ -32,8 +35,6 @@
         }
     }
 
-    $form->sesskey = !empty($USER->id) ? $USER->sesskey : '';
-
 //    print_simple_box(get_string('courserequestintro'),'center');
     print_simple_box_start("center");
     print_string('courserequestintro'); 
@@ -68,10 +69,19 @@ function validate_form(&$form,&$err) {
         $err["reason"] = get_string("missingreqreason");
     }
     
-    $foundcourses = get_records("course", "shortname", $form->shortname);
-    $foundreqcourses = get_records("course_request", "shortname", $form->shortname);
+    $foundcourses = null;
+    $foundreqcourses = null;
+
+    if (!empty($form->shortname)) {
+        $foundcourses = get_records("course", "shortname", $form->shortname);
+        $foundreqcourses = get_records("course_request", "shortname", $form->shortname);
+    }
     if (!empty($foundreqcourses)) {
-        $foundcourses = array_merge($foundcourses,$foundreqcourses);
+        if (!empty($foundcourses)) {
+            $foundcourses = array_merge($foundcourses,$foundreqcourses);
+        } else {
+            $foundcourses = $foundreqcourses;
+        }
     }
 
     if (!empty($foundcourses)) {