]> git.mjollnir.org Git - moodle.git/commitdiff
relative+cleaned paths
authorstronk7 <stronk7>
Tue, 29 Aug 2006 21:26:46 +0000 (21:26 +0000)
committerstronk7 <stronk7>
Tue, 29 Aug 2006 21:26:46 +0000 (21:26 +0000)
admin/xmldb/actions/revert_changes/revert_changes.class.php
admin/xmldb/actions/save_xml_file/save_xml_file.class.php

index 246ac0089ab8f561378871307322170145f0fefe..0a063a502feecac4ba93bdb402fa51cea173d1f2 100644 (file)
@@ -63,8 +63,8 @@ class revert_changes extends XMLDBAction {
     /// Do the job, setting result as needed
 
     /// Get the dir containing the file
-        $dirpath = required_param('dir', PARAM_CLEAN);
-        $dirpath = stripslashes_safe($dirpath);
+        $dirpath = required_param('dir', PARAM_PATH);
+        $dirpath = $CFG->dirroot . stripslashes_safe($dirpath);
 
         $confirmed = optional_param('confirmed', false, PARAM_BOOL);
 
@@ -75,7 +75,7 @@ class revert_changes extends XMLDBAction {
             $o.= '    <p align="center">' . $this->str['confirmrevertchanges'] . '<br /><br />' . $dirpath . '</p>';
             $o.= '    <table align="center" cellpadding="20"><tr><td>';
             $o.= '      <div class="singlebutton">';
-            $o.= '        <form action="index.php?action=revert_changes&amp;confirmed=yes&amp;dir=' . urlencode($dirpath) . '&amp;postaction=main_view#lastused" method="post">';
+            $o.= '        <form action="index.php?action=revert_changes&amp;confirmed=yes&amp;dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&amp;postaction=main_view#lastused" method="post">';
             $o.= '          <input type="submit" value="'. $this->str['yes'] .'" /></form></div>';
             $o.= '      </td><td>';
             $o.= '      <div class="singlebutton">';
index 7e365d0ae868a5e9ba227f7f753b18580cffc18a..aed9b92f4e8127ab9ab5d9e78a53e7fc69b5a50e 100644 (file)
@@ -61,8 +61,8 @@ class save_xml_file extends XMLDBAction {
     /// Do the job, setting result as needed
 
     /// Get the dir containing the file
-        $dirpath = required_param('dir', PARAM_CLEAN);
-        $dirpath = stripslashes_safe($dirpath);
+        $dirpath = required_param('dir', PARAM_PATH);
+        $dirpath = $CFG->dirroot . stripslashes_safe($dirpath);
 
     /// Get the edited dir 
         if (!empty($XMLDB->editeddirs)) {