From a8ff614fb88bf6308ab948daf141f30ea5061aaa Mon Sep 17 00:00:00 2001 From: skodak Date: Wed, 12 Apr 2006 16:41:10 +0000 Subject: [PATCH] general cleanup of xxx_parameter() functions; fixed broken requesting of courses --- course/index.php | 2 +- course/pending-reject.html | 1 + course/pending.php | 9 +++++---- course/recent.php | 34 ++++++++++++---------------------- course/request.html | 2 +- course/request.php | 28 +++++++++++++++++++--------- 6 files changed, 39 insertions(+), 37 deletions(-) diff --git a/course/index.php b/course/index.php index 40cb9f1dcb..c2e3a011e1 100644 --- a/course/index.php +++ b/course/index.php @@ -60,7 +60,7 @@ print_single_button("edit.php", NULL, get_string("addnewcourse"), "get"); } if (!empty($CFG->enablecourserequests)) { - print_single_button('request.php',NULL, get_string('requestcourse'),"get"); + print_single_button('pending.php',NULL, get_string('coursespending'),"get"); } echo ""; print_footer(); diff --git a/course/pending-reject.html b/course/pending-reject.html index f0a4a5d41f..6c6203e380 100644 --- a/course/pending-reject.html +++ b/course/pending-reject.html @@ -3,4 +3,5 @@
" /> " onClick="window.location='pending.php';" /> + \ No newline at end of file diff --git a/course/pending.php b/course/pending.php index fefede2251..a02022b662 100644 --- a/course/pending.php +++ b/course/pending.php @@ -120,12 +120,13 @@ $course->shortname .= ' [*]'; $collision = 1; } + //do not output raw html from request, quote html entities using s()!! $table->data[] = array(((!empty($course->password)) ? ''.$strrequireskey.'' : ''), - $course->shortname,$course->fullname,fullname($requester), - $course->summary,$course->reason, - ''.get_string('approve').' | ' - .''.get_string('reject').''); + s($course->shortname),s($course->fullname),fullname($requester), + s($course->summary),s($course->reason), + ''.get_string('approve').' | ' + .''.get_string('reject').''); } print_table($table); if (!empty($collision)) { diff --git a/course/recent.php b/course/recent.php index 4ed8be6ff2..632fab0605 100644 --- a/course/recent.php +++ b/course/recent.php @@ -5,17 +5,16 @@ require_once("../config.php"); require_once("lib.php"); - $id = required_param('id',PARAM_INT); - - $user = optional_param('user', '0', PARAM_INT); - $sortby = optional_param('sortby', 'default'); - $selectedgroup = optional_param('selectedgroup', ''); - $date = optional_param('date','',PARAM_CLEAN); - $advancedfilter = optional_param('advancedfilter',0,PARAM_INT); - $modname = optional_param('modname','' ); - $modid = optional_param('modid','' ); - $modaction = optional_param('modaction','' ); - $chooserecent = optional_param('chooserecent',0,PARAM_INT); + $id = required_param('id', PARAM_INT); + $user = optional_param('user', '0', PARAM_INT); + $sortby = optional_param('sortby', 'default', PARAM_ALPHA); + $selectedgroup = optional_param('selectedgroup', 0, PARAM_INT); + $date = optional_param('date', '', PARAM_INT); + $advancedfilter = optional_param('advancedfilter', 0, PARAM_INT); + $modname = optional_param('modname', '', PARAM_ALPHA); // not used?? + $modid = optional_param('modid', 'activity/All', PARAM_FILE); // not a file, but looks like it anyway + $modaction = optional_param('modaction', '', PARAM_ALPHA); // not used?? + $chooserecent = optional_param('chooserecent', 0, PARAM_INT); if (! $course = get_record("course", "id", $id) ) { error("That's an invalid course id"); @@ -82,9 +81,6 @@ } - if (!isset($modid)) { - $modid="activity/All"; - } $tmpmodid = $modid; switch ($tmpmodid) { @@ -180,15 +176,9 @@ $groupmode = groupmode($course, $coursemod); switch ($groupmode) { case SEPARATEGROUPS : $groupid = mygroupid($course->id); break; - case VISIBLEGROUPS : - if ($selectedgroup == "allgroups") { - $groupid = ""; - } else { - $groupid = $selectedgroup; - } - break; + case VISIBLEGROUPS : $groupid = $selectedgroup; break; case NOGROUPS : - default : $groupid = ""; + default : $groupid = 0; } $libfile = "$CFG->dirroot/mod/$coursemod->name/lib.php"; diff --git a/course/request.html b/course/request.html index 9ced5ff3b7..e41cf62868 100644 --- a/course/request.html +++ b/course/request.html @@ -65,5 +65,5 @@ if (empty($form->password)) { " /> - + \ No newline at end of file diff --git a/course/request.php b/course/request.php index 18c1a57cd3..099766403e 100644 --- a/course/request.php +++ b/course/request.php @@ -1,11 +1,15 @@ -enablecourserequests)) { error(get_string('courserequestdisabled')); } @@ -14,8 +18,7 @@ print_header($strtitle,$strtitle,$strtitle); - $form = data_submitted(); - if (!empty($form) && confirm_sesskey()) { + if (($form = data_submitted()) and confirm_sesskey()) { validate_form($form,$err) ; if (empty($err)) { @@ -32,8 +35,6 @@ } } - $form->sesskey = !empty($USER->id) ? $USER->sesskey : ''; - // print_simple_box(get_string('courserequestintro'),'center'); print_simple_box_start("center"); print_string('courserequestintro'); @@ -68,10 +69,19 @@ function validate_form(&$form,&$err) { $err["reason"] = get_string("missingreqreason"); } - $foundcourses = get_records("course", "shortname", $form->shortname); - $foundreqcourses = get_records("course_request", "shortname", $form->shortname); + $foundcourses = null; + $foundreqcourses = null; + + if (!empty($form->shortname)) { + $foundcourses = get_records("course", "shortname", $form->shortname); + $foundreqcourses = get_records("course_request", "shortname", $form->shortname); + } if (!empty($foundreqcourses)) { - $foundcourses = array_merge($foundcourses,$foundreqcourses); + if (!empty($foundcourses)) { + $foundcourses = array_merge($foundcourses,$foundreqcourses); + } else { + $foundcourses = $foundreqcourses; + } } if (!empty($foundcourses)) { -- 2.39.5