diff --git a/main/survey/survey.lib.php b/main/survey/survey.lib.php index b187a0b8fd..e1264827ed 100644 --- a/main/survey/survey.lib.php +++ b/main/survey/survey.lib.php @@ -24,7 +24,7 @@ * @package dokeos.survey * @author Patrick Cool , Ghent University: cleanup, refactoring and rewriting large parts (if not all) of the code @author Julio Montoya Armas , Dokeos: Personality Test modification and rewriting large parts of the code -* @version $Id: survey.lib.php 19517 2009-04-02 21:59:06Z cvargas1 $ +* @version $Id: survey.lib.php 19606 2009-04-07 17:53:13Z iflorespaz $ * * @todo move this file to inc/lib * @todo use consistent naming for the functions (save vs store for instance) @@ -1585,7 +1585,7 @@ class yesno extends question $this->html .= ' '; $this->html .= '  '; $this->html .= ' '; - $this->html .= ' html .= ' html .= 'checked="checked"'; @@ -1679,7 +1679,7 @@ class multiplechoice extends question $this->html .= ' '; $this->html .= '  '; $this->html .= ' '; - $this->html .= ' html .= ' html .= 'checked="checked"'; @@ -1764,7 +1764,7 @@ class personality extends question $this->html .= ' '; $this->html .= '  '; $this->html .= ' '; - $this->html .= ' html .= ' html .= ' '; $this->html .= '  '; $this->html .= ' '; - $this->html .= ' html .= ' html .= 'checked="checked"'; diff --git a/main/survey/survey.php b/main/survey/survey.php index a63e0ac3ea..822a877065 100644 --- a/main/survey/survey.php +++ b/main/survey/survey.php @@ -1,4 +1,4 @@ -, Ghent University: cleanup, refactoring and rewriting large parts of the code -* @version $Id: survey.php 19004 2009-03-12 18:04:08Z juliomontoya $ +* @version $Id: survey.php 19606 2009-04-07 17:53:13Z iflorespaz $ * * @todo use quickforms for the forms */ @@ -109,32 +109,31 @@ if($is_survey_type_1 && ($_GET['action']=='addgroup')||($_GET['action']=='delete Display::display_header($tool_name,'Survey'); // Action handling +$my_action_survey = Security::remove_XSS($_GET['action']); +$my_question_id_survey = Security::remove_XSS($_GET['question_id']); +$my_survey_id_survey = Security::remove_XSS($_GET['survey_id']); +$message_information = Security::remove_XSS($_GET['message']); if (isset($_GET['action'])) { if (($_GET['action'] == 'moveup' OR $_GET['action'] == 'movedown') AND isset($_GET['question_id'])) { - survey_manager::move_survey_question($_GET['action'], $_GET['question_id'], $_GET['survey_id']); - Display::display_confirmation_message(get_lang('SurveyQuestionMoved'), false); + survey_manager::move_survey_question($my_action_survey,$my_question_id_survey,$my_survey_id_survey); + Display::display_confirmation_message(get_lang('SurveyQuestionMoved')); } if ($_GET['action'] == 'delete' AND is_numeric($_GET['question_id'])) { - survey_manager::delete_survey_question($_GET['survey_id'], $_GET['question_id'], $survey_data['is_shared']); + survey_manager::delete_survey_question($my_survey_id_survey, $my_question_id_survey, $survey_data['is_shared']); } } - -if (isset($_GET['message'])) -{ +if (isset($_GET['message'])) { // we have created the survey or updated the survey - if (in_array($_GET['message'], array('SurveyUpdatedSuccesfully','SurveyCreatedSuccesfully'))) - { - Display::display_confirmation_message(get_lang($_GET['message']).'
'.get_lang('YouCanNowAddQuestionToYourSurvey'), false); + if (in_array($_GET['message'], array('SurveyUpdatedSuccesfully','SurveyCreatedSuccesfully'))) { + Display::display_confirmation_message(get_lang($message_information).','.PHP_EOL.strtolower(get_lang('YouCanNowAddQuestionToYourSurvey'))); } // we have added a question - if (in_array($_GET['message'], array('QuestionAdded','QuestionUpdated'))) - { - Display::display_confirmation_message(get_lang($_GET['message']), false); + if (in_array($_GET['message'], array('QuestionAdded','QuestionUpdated'))) { + Display::display_confirmation_message(get_lang($message_information)); } - if (in_array($_GET['message'], array('YouNeedToCreateGroups'))) - { - Display::display_warning_message(get_lang($_GET['message']), false); + if (in_array($_GET['message'], array('YouNeedToCreateGroups'))) { + Display::display_warning_message(get_lang($message_information), false); } } if(!empty($survey_data['survey_version'])) echo ''.get_lang('Version').': '.$survey_data['survey_version'].''; diff --git a/main/survey/survey_invite.php b/main/survey/survey_invite.php index 83ce81570c..d8d23eb978 100644 --- a/main/survey/survey_invite.php +++ b/main/survey/survey_invite.php @@ -94,7 +94,7 @@ Display::display_header($tool_name,'Survey'); // If this is the case there will be a language choice $sql = "SELECT * FROM $table_survey WHERE code='".Database::escape_string($survey_data['code'])."'"; $result = api_sql_query($sql, __FILE__, __LINE__); -if (mysql_num_rows($result) > 1) +if (Database::num_rows($result) > 1) { Display::display_warning_message(get_lang('IdenticalSurveycodeWarning')); } @@ -193,7 +193,7 @@ if ($form->validate()) // updating the invited field in the survey table SurveyUtil::update_count_invited($survey_data['code']); $total_count = $count_course_users + $counter_additional_users; - Display :: display_confirmation_message($total_count.' '.get_lang('InvitationsSend'), false); + Display :: display_confirmation_message($total_count.' '.get_lang('InvitationsSend')); } else {