|
|
|
|
@ -217,16 +217,16 @@ class survey_manager { |
|
|
|
|
} |
|
|
|
|
$sql = "INSERT INTO $table_survey (code, title, subtitle, author, lang, avail_from, avail_till, is_shared, template, intro, surveythanks, creation_date, anonymous".$additional['columns'].", session_id) VALUES ( |
|
|
|
|
'".Database::escape_string(strtolower(generate_course_code(api_substr($values['survey_code'],0))))."', |
|
|
|
|
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_title'])), COURSEMANAGERLOWSECURITY))."', |
|
|
|
|
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_subtitle'])), COURSEMANAGERLOWSECURITY))."', |
|
|
|
|
'".Database::escape_string($values['survey_title'])."', |
|
|
|
|
'".Database::escape_string($values['survey_subtitle'])."', |
|
|
|
|
'".Database::escape_string($_user['user_id'])."', |
|
|
|
|
'".Database::escape_string($values['survey_language'])."', |
|
|
|
|
'".Database::escape_string($values['start_date'])."', |
|
|
|
|
'".Database::escape_string($values['end_date'])."', |
|
|
|
|
'".Database::escape_string($shared_survey_id)."', |
|
|
|
|
'".Database::escape_string('template')."', |
|
|
|
|
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_introduction'])), COURSEMANAGERLOWSECURITY))."', |
|
|
|
|
'".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['survey_thanks'])), COURSEMANAGERLOWSECURITY))."', |
|
|
|
|
'".Database::escape_string($values['survey_introduction'])."', |
|
|
|
|
'".Database::escape_string($values['survey_thanks'])."', |
|
|
|
|
'".date('Y-m-d H:i:s')."', |
|
|
|
|
'".Database::escape_string($values['anonymous'])."'".$additional['values'].", |
|
|
|
|
".intval($_SESSION['id_session'])." |
|
|
|
|
|
Julio Montoya
16 years ago