From 27f31dd532c61c804f0b76f4f2e78e9de3326183 Mon Sep 17 00:00:00 2001 From: Isaac Flores Date: Mon, 18 May 2009 21:19:14 +0200 Subject: [PATCH] [svn r20802] minor - logic changes - replace COURSEMANAGER by COURSEMANAGERLOWSECURITY in notebook tool - (partial FS#3909) --- main/notebook/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main/notebook/index.php b/main/notebook/index.php index 19d500d481..ce77dc6622 100755 --- a/main/notebook/index.php +++ b/main/notebook/index.php @@ -216,7 +216,7 @@ function save_note($values) { '".Database::escape_string(api_get_course_id())."', '".Database::escape_string($_SESSION['id_session'])."', '".Database::escape_string(Security::remove_XSS($values['note_title']))."', - '".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['note_comment'])),COURSEMANAGER))."', + '".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['note_comment'])),COURSEMANAGERLOWSECURITY))."', '".Database::escape_string(date('Y-m-d H:i:s'))."', '".Database::escape_string(date('Y-m-d H:i:s'))."', '0')"; @@ -256,7 +256,7 @@ function update_note($values) { course = '".Database::escape_string(api_get_course_id())."', session_id = '".Database::escape_string($_SESSION['id_session'])."', title = '".Database::escape_string(Security::remove_XSS($values['note_title']))."', - description = '".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['note_comment'])),COURSEMANAGER))."', + description = '".Database::escape_string(Security::remove_XSS(stripslashes(api_html_entity_decode($values['note_comment'])),COURSEMANAGERLOWSECURITY))."', update_date = '".Database::escape_string(date('Y-m-d H:i:s'))."' WHERE notebook_id = '".Database::escape_string($values['notebook_id'])."'"; $result = api_sql_query($sql, __FILE__, __LINE__);