chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Wiki, prevent tags into title

Browse Source
skala
Juan Carlos Raña 14 years ago
parent eed1fb97c6
commit 816c2f7445
2 changed files with 24 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      main/wiki/index.php
  2. 32
      main/wiki/wiki.inc.php

7
main/wiki/index.php
Unescape View File

@ -216,7 +216,12 @@ if (isset($_POST['SaveWikiNew']))
else
{
$return_message=save_new_wiki();
Display::display_confirmation_message($return_message, false);
if($return_message==false){
Display::display_error_message(get_lang('NoWikiPageTitle'), false);
}
else{
Display::display_confirmation_message($return_message, false);
}
}
}
}

32
main/wiki/wiki.inc.php
Unescape View File

@ -195,7 +195,7 @@ function make_wiki_link_clickable($input)
if ($input_array[$key-1]=='[[' AND $input_array[$key+1]==']]') //now doubles brackets
{
/////////// TODO: metawiki
/*
if ($session_id==0)
@ -218,19 +218,17 @@ function make_wiki_link_clickable($input)
*/
/////////
//now full wikilink
if (api_strpos($value, "|") !== false)
{
$full_link_array=explode("|", $value);
$link=trim($full_link_array[0]);
if (api_strpos($value, "|") !== false){
$full_link_array=explode("|", $value);
$link=trim(strip_tags($full_link_array[0]));
$title=trim($full_link_array[1]);
}
else
{
$link=trim($value);
}
else{
$link=trim(strip_tags($value));
$title=trim($value);
}
}
//if wikilink is homepage
if($link=='index'){
@ -443,10 +441,16 @@ function save_new_wiki() {
} else {
$page = str_replace(' ','_',$_POST['title']);
}
$_clean['reflink']=Database::escape_string(api_htmlentities($page));
$_clean['title']=Database::escape_string(trim($_POST['title']));
$_clean['reflink']=Database::escape_string(strip_tags(api_htmlentities($page)));
$_clean['title']=Database::escape_string(strip_tags(trim($_POST['title'])));
$_clean['content']= Database::escape_string($_POST['content']);
//re-check after strip_tags if the title is empty
if(empty($_clean['title']) || empty($_clean['reflink'])){
return false;
}
if($_clean['assignment']==2) {//config by default for individual assignment (students)
$_clean['user_id']=(int)Database::escape_string($assig_user_id);//Identifies the user as a creator, not the teacher who created

Write Preview
Loading…
Cancel
Save