From ff4240129ca90e097aad5360fb5b0f51a9998d0a Mon Sep 17 00:00:00 2001
From: stronk7 <stronk7>
Date: Wed, 15 Dec 2004 09:03:39 +0000
Subject: [PATCH] Some checks are now done. SC#18.

Merged from MOODLE_14_STABLE
---
 mod/glossary/lib.php   | 12 +++++++++++-
 mod/glossary/print.php |  2 +-
 mod/glossary/view.php  |  2 +-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/mod/glossary/lib.php b/mod/glossary/lib.php
index 3c4aab27f5..c4bf1a33af 100644
--- a/mod/glossary/lib.php
+++ b/mod/glossary/lib.php
@@ -75,7 +75,11 @@ function glossary_add_instance($glossary) {
     $glossary->timecreated = time();
     $glossary->timemodified = $glossary->timecreated;
 
-    # May have to add extra stuff in here #
+    //Check displayformat is a valid one
+    $formats = get_list_of_plugins('mod/glossary/formats','TEMPLATE');
+    if (!in_array($glossary->displayformat, $formats)) {
+        error("This format doesn't exist!");
+    }  
 
     return insert_record("glossary", $glossary);
 }
@@ -110,6 +114,12 @@ global $CFG;
         $glossary->assesstimefinish = 0;
     }
 
+    //Check displayformat is a valid one
+    $formats = get_list_of_plugins('mod/glossary/formats','TEMPLATE');
+    if (!in_array($glossary->displayformat, $formats)) {
+        error("This format doesn't exist!");
+    }
+
     $return = update_record("glossary", $glossary);
 	if ($return and $glossary->defaultapproval) {
         execute_sql("update {$CFG->prefix}glossary_entries SET approved = 1 where approved != 1 and glossaryid = " . $glossary->id,false);
diff --git a/mod/glossary/print.php b/mod/glossary/print.php
index 538a099a68..a241253e01 100644
--- a/mod/glossary/print.php
+++ b/mod/glossary/print.php
@@ -44,7 +44,7 @@
 
 /// setting the default values for the display mode of the current glossary
 /// only if the glossary is viewed by the first time
-    if ( $dp = get_record('glossary_formats','name', $glossary->displayformat) ) {
+    if ( $dp = get_record('glossary_formats','name', addslashes($glossary->displayformat)) ) {
         $printpivot = $dp->showgroup;
         if ( $mode == '' and $hook == '' and $show == '') {
             $mode      = $dp->defaultmode;
diff --git a/mod/glossary/view.php b/mod/glossary/view.php
index 3ce65b107d..e26f5b10fb 100644
--- a/mod/glossary/view.php
+++ b/mod/glossary/view.php
@@ -71,7 +71,7 @@
 
 /// setting the default values for the display mode of the current glossary
 /// only if the glossary is viewed by the first time
-    if ( $dp = get_record('glossary_formats','name', $glossary->displayformat) ) {
+    if ( $dp = get_record('glossary_formats','name', addslashes($glossary->displayformat)) ) {
         $printpivot = $dp->showgroup;
         if ( $mode == '' and $hook == '' and $show == '') {
             $mode      = $dp->defaultmode;
-- 
2.39.5