chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r17779] Fixed excessive filtering added in SVN#17605

Browse Source
skala
Yannick Warnier 17 years ago
parent 640d218d17
commit 465e711bb7
3 changed files with 11 additions and 13 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      main/exercice/exercice.php
  2. 3
      main/newscorm/learnpathItem.class.php

9
main/exercice/exercice.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: exercice.php 17769 2009-01-16 04:07:35Z ivantcholakov $ <?php // $Id: exercice.php 17779 2009-01-16 17:06:30Z yannoo $
/* /*
============================================================================== ==============================================================================
@ -272,13 +272,12 @@ api_mail_html($emailid, $emailid, $subject, $mess, $from_name, $from);
if (in_array($origin, array('tracking_course','user_course'))){ if (in_array($origin, array('tracking_course','user_course'))){
// update score when you qualify the exercises in Learning path detail // update score when you qualify the exercises in Learning path detail
if (isset($_REQUEST['lp_item_id']) && isset($_REQUEST['lp_item_view_id']) && isset($_REQUEST['student_id']) && isset($_REQUEST['total_score'])) { if (isset($_REQUEST['lp_item_id']) && isset($_REQUEST['lp_item_view_id']) && isset($_REQUEST['student_id']) && isset($_REQUEST['total_score'])) {
$lp_item_id = Security::remove_XSS($_REQUEST['lp_item_id']); if ($lp_item_id == strval(intval($lp_item_id)) && $lp_item_view_id == strval(intval($lp_item_view_id)) && $student_id == strval(intval($student_id))) {
$lp_item_view_id = Security::remove_XSS($_REQUEST['lp_item_view_id']); $score = Database::escape_string($_REQUEST['total_score']);
$student_id = Security::remove_XSS($_REQUEST['student_id']);
$score = Security::remove_XSS($_REQUEST['total_score']);
$sql = "UPDATE $TBL_LP_ITEM_VIEW SET score = '$score' WHERE lp_item_id = '$lp_item_id' $sql = "UPDATE $TBL_LP_ITEM_VIEW SET score = '$score' WHERE lp_item_id = '$lp_item_id'
AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '$student_id' and lp_id='$lp_item_view_id')"; AND lp_view_id = (SELECT id from $TBL_LP_VIEW WHERE user_id = '$student_id' and lp_id='$lp_item_view_id')";
api_sql_query($sql,__FILE__,__LINE__); api_sql_query($sql,__FILE__,__LINE__);
}
} }
//Redirect to the reporting //Redirect to the reporting
header('location: ../mySpace/myStudents.php?origin='.$origin.'&student='.$_GET['student'].'&details=true&course='.$_GET['course']); header('location: ../mySpace/myStudents.php?origin='.$origin.'&student='.$_GET['student'].'&details=true&course='.$_GET['course']);

3
main/newscorm/learnpathItem.class.php
Unescape View File

@ -2191,9 +2191,8 @@ function get_terms()
//now save into DB //now save into DB
$res = 0; $res = 0;
if(Database::num_rows($check_res)<1){ if(Database::num_rows($check_res)<1){
if ($this->type=='quiz') {
$my_status = ''; $my_status = '';
}else { if ($this->type!='quiz') {
$my_status = $this->get_status(false); $my_status = $this->get_status(false);
} }
$sql = "INSERT INTO $item_view_table " . $sql = "INSERT INTO $item_view_table " .

Write Preview
Loading…
Cancel
Save