From: skodak Date: Wed, 12 Apr 2006 07:25:09 +0000 (+0000) Subject: general cleanup of xxx_parameter() functions X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=6bf7fe6cf0c121d908d54e63d2ce711da2d55844;p=moodle.git general cleanup of xxx_parameter() functions --- diff --git a/course/pending.php b/course/pending.php index 81b5365e71..9092b90df7 100644 --- a/course/pending.php +++ b/course/pending.php @@ -1,10 +1,10 @@ -libdir.'/pagelib.php'); + require_once($CFG->libdir.'/blocklib.php'); + require_once('/lib.php'); require_login(); @@ -12,10 +12,11 @@ error("Only the admin can use this page"); } - $approve = optional_param('approve',NULL,PARAM_INT); - $reject = optional_param('reject',NULL,PARAM_INT); + $approve = optional_param('approve', 0, PARAM_INT); + $reject = optional_param('reject', 0, PARAM_INT); + $rejectnotice = optional_param('rejectnotice', '', PARAM_CLEANHTML); - if (!empty($approve)) { + if (!empty($approve) and confirm_sesskey()) { if ($course = get_record("course_request","id",$approve)) { foreach (array_keys((array)$course) as $key) { $course->$key = addslashes($course->$key); @@ -88,9 +89,8 @@ print_header($strtitle,$strheading,$strheading); - if (!empty($reject)) { + if (!empty($reject) and confirm_sesskey()) { if ($reject = get_record("course_request","id",$reject)) { - $rejectnotice = stripslashes(optional_param('rejectnotice',NULL,PARAM_CLEAN)); if (empty($rejectnotice)) { // display a form for writing a reason print_simple_box_start('center');