From: skodak Date: Thu, 27 Apr 2006 21:30:18 +0000 (+0000) Subject: fixed some long standing and some new problems and SC#249, please consider backportin... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=8f414ab8aa01f9183fafb173070454dcb1a43ca9;p=moodle.git fixed some long standing and some new problems and SC#249, please consider backporting into STABLE --- diff --git a/mod/survey/details.php b/mod/survey/details.php index 7860055160..6104ef8edf 100644 --- a/mod/survey/details.php +++ b/mod/survey/details.php @@ -2,7 +2,7 @@ require_once("../../config.php"); - if ($form = data_submitted($destination)) { + if ($form = data_submitted($CFG->wwwroot.'/course/mod.php')) { if (! $course = get_record("course", "id", $form->course)) { error("This course doesn't exist"); @@ -19,7 +19,7 @@ print_header_simple("$streditingasurvey", "", "id\">$strsurveys". - " -> $form->name ($streditingasurvey)"); + " -> ".stripslashes_safe($form->name)." ($streditingasurvey)"); if (!$form->name or !$form->template) { error(get_string("filloutallfields"), $_SERVER["HTTP_REFERER"]); @@ -27,10 +27,10 @@ print_simple_box_start('center'); ?> -
+ - +
:name) ?>
name, true) ?>
@@ -44,16 +44,19 @@
+ diff --git a/mod/survey/download.php b/mod/survey/download.php index 2e31f212ff..51d8001a4f 100644 --- a/mod/survey/download.php +++ b/mod/survey/download.php @@ -44,6 +44,7 @@ $questions = get_records_list("survey_questions", "id", $survey->questions); $order = explode(",", $survey->questions); + $virtualscales = false; foreach ($order as $key => $qid) { // Do we have virtual scales? $question = $questions[$qid]; if ($question->type < 0) { diff --git a/mod/survey/lib.php b/mod/survey/lib.php index c28e04fa05..2c402991d1 100644 --- a/mod/survey/lib.php +++ b/mod/survey/lib.php @@ -441,11 +441,11 @@ function survey_print_single($question) { if ($question->type == 0) { // Plain text field - echo ""; + echo ""; } else if ($question->type > 0) { // Choose one of a number $strchoose = get_string("choose"); - echo "id\">"; echo ""; $options = explode( ",", $question->options); foreach ($options as $key => $val) { diff --git a/mod/survey/mod.html b/mod/survey/mod.html index 2fc9128a6b..94cb351a0c 100644 --- a/mod/survey/mod.html +++ b/mod/survey/mod.html @@ -39,8 +39,6 @@
-wwwroot/course/mod.php" ?>" /> - diff --git a/mod/survey/report.php b/mod/survey/report.php index 27178a9d54..44e60566f9 100644 --- a/mod/survey/report.php +++ b/mod/survey/report.php @@ -5,10 +5,11 @@ // Check that all the parameters have been provided. - $id = required_param('id', PARAM_INT); // Course Module ID - $action = optional_param('action', '', PARAM_ALPHA); // What to look at - $qid = optional_param('qid', 0, PARAM_INT); // Group ID - $student = optional_param('student', 0, PARAM_INT); // Student ID + $id = required_param('id', PARAM_INT); // Course Module ID + $action = optional_param('action', '', PARAM_ALPHA); // What to look at + $qid = optional_param('qid', 0, PARAM_INT); // Question ID + $student = optional_param('student', 0, PARAM_INT); // Student ID + $notes = optional_param('notes', '', PARAM_RAW); // Save teachers notes if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); @@ -104,6 +105,8 @@ /// Print the menu across the top + $virtualscales = false; + switch ($action) { case "summary": @@ -307,7 +310,7 @@ print_heading(get_string("analysisof", "survey", fullname($user))); - if (isset($notes)) { + if ($notes != '' and confirm_sesskey()) { if (survey_get_analysis($survey->id, $user->id)) { if (! survey_update_analysis($survey->id, $user->id, $notes)) { notify("An error occurred while saving your notes. Sorry."); @@ -369,7 +372,7 @@ $table = NULL; $table->head = array(get_string($question->text, "survey")); $table->align = array ("left"); - $table->data[] = array("$answer->answer1"); + $table->data[] = array(s($answer->answer1)); // no html here, just plain text print_table($table); print_spacer(30); } @@ -390,6 +393,7 @@ p($notes); echo "
"; echo ""; + echo ""; echo ""; echo "id\" />"; echo ""; diff --git a/mod/survey/save.php b/mod/survey/save.php index ac10167912..ec5547658b 100644 --- a/mod/survey/save.php +++ b/mod/survey/save.php @@ -47,10 +47,10 @@ foreach ($formdata as $key => $val) { if ($key <> "userid" && $key <> "id") { if ( substr($key,0,1) == "q") { - $key = substr($key,1); // keep everything but the 'q' + $key = clean_param(substr($key,1), PARAM_ALPHANUM); // keep everything but the 'q', number or Pnumber } if ( substr($key,0,1) == "P") { - $realkey = substr($key,1); + $realkey = (int) substr($key,1); $answers[$realkey][1] = $val; } else { $answers[$key][0] = $val; diff --git a/mod/survey/view.php b/mod/survey/view.php index dcecf8f6ca..8e903a8628 100644 --- a/mod/survey/view.php +++ b/mod/survey/view.php @@ -84,7 +84,7 @@ $table = NULL; $table->head = array(get_string($question->text, "survey")); $table->align = array ("left"); - $table->data[] = array("$answer->answer1"); + $table->data[] = array(s($answer->answer1));//no html here, just plain text print_table($table); print_spacer(30); }