chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r13296] Fix encoding problem by using $charset inside calls to htmlentities() and htmlspecialchars

Browse Source
skala
Yannick Warnier 17 years ago
parent 06ec857bd1
commit 8b0ecbd1bb
10 changed files with 41 additions and 41 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      main/link/link.php
  2. 9
      main/link/linkfunctions.php
  3. 4
      main/online/online_chat.php
  4. 12
      main/online/online_links.php
  5. 10
      main/online/online_master.php
  6. 8
      main/online/online_message.php
  7. 6
      main/online/online_streaming.php
  8. 6
      main/survey/survey.php
  9. 5
      main/survey/survey_list.php
  10. 10
      main/work/work.lib.php

12
main/link/link.php
Unescape View File

@ -186,12 +186,12 @@ if (is_allowed_to_edit())
. "<td><input type=\"text\" name=\"urllink\" size=\"50\" value=\"" . (empty($urllink)?'http://':htmlentities($urllink)) . "\" /></td>" . "</tr>";
echo "<tr>"
. "<td align=\"right\">" . get_lang("LinkName") . " :</td>"
. "<td><input type=\"text\" name=\"title\" size=\"50\" value=\"" . htmlentities($title) . "\" /></td>"
. "<td><input type=\"text\" name=\"title\" size=\"50\" value=\"" . htmlentities($title,ENT_QUOTES,$charset) . "\" /></td>"
. "</tr>"
. "<tr>" .
"<td align=\"right\" valign=\"top\">" . get_lang("Description") . " :</td>" .
"<td><textarea rows=\"3\" cols=\"50\" name=\"description\">" .
htmlentities($description) . "</textarea></td></tr>";
htmlentities($description,ENT_QUOTES,$charset) . "</textarea></td></tr>";
$sqlcategories="SELECT * FROM ".$tbl_categories." ORDER BY display_order DESC";
$resultcategories = api_sql_query($sqlcategories)or die("Error: " . mysql_error());
@ -233,10 +233,10 @@ if (is_allowed_to_edit())
}
echo "<table><tr>",
"<td align=\"right\">".get_lang("CategoryName")."<span class=\"required\">*</span> :</td>",
"<td><input type=\"text\" name=\"category_title\" size=\"50\" value=\"",htmlentities($category_title)."\" /></td>",
"<td><input type=\"text\" name=\"category_title\" size=\"50\" value=\"",htmlentities($category_title,ENT_QUOTES,$charset)."\" /></td>",
"</tr>",
"<tr><td align=\"right\" valign=\"top\">".get_lang("Description")." :</td>",
"<td><textarea rows=\"3\" cols=\"50\" name=\"description\">",htmlentities($description)."</textarea></td></tr>",
"<td><textarea rows=\"3\" cols=\"50\" name=\"description\">",htmlentities($description,ENT_QUOTES,$charset)."</textarea></td></tr>",
"<tr><td></td><td><input type=\"Submit\" name=\"submitCategory\" value=\"".get_lang("Ok")."\" /></td></tr>",
"</table>",
"</form>";
@ -336,7 +336,7 @@ while ($myrow=@mysql_fetch_array($resultcategories))
$newurlview=$urlview;
$newurlview[$i]="0";
echo "<tr>",
"<th style=\"font-weight: bold; text-align:left;padding-left: 10px;\">- <a href=\"".api_get_self()."?".api_get_cidreq()."&urlview=".$newurlview."\">".htmlentities($myrow["category_title"])."</a><br/>&nbsp;&nbsp;&nbsp;".$myrow["description"];
"<th style=\"font-weight: bold; text-align:left;padding-left: 10px;\">- <a href=\"".api_get_self()."?".api_get_cidreq()."&urlview=".$newurlview."\">".htmlentities($myrow["category_title"],ENT_QUOTES,$charset)."</a><br/>&nbsp;&nbsp;&nbsp;".$myrow["description"];
if (is_allowed_to_edit())
{
showcategoryadmintools($myrow["id"]);
@ -353,7 +353,7 @@ while ($myrow=@mysql_fetch_array($resultcategories))
echo "<tr><th style=\"font-weight: bold; text-align:left;padding-left: 10px;\">+ <a href=\"".api_get_self()."?".api_get_cidreq()."&urlview=";
echo is_array($view)?implode('',$view):$view;
echo "\">".htmlentities($myrow["category_title"])."</a><br />&nbsp;&nbsp;&nbsp;";
echo "\">".htmlentities($myrow["category_title"],ENT_QUOTES,$charset)."</a><br />&nbsp;&nbsp;&nbsp;";
echo $myrow["description"];
if (is_allowed_to_edit())

9
main/link/linkfunctions.php
Unescape View File

@ -362,10 +362,7 @@ function change_visibility($id, $scope)
*/
function showlinksofcategory($catid)
{
global $is_allowed;
global $urlview;
global $up;
global $down;
global $is_allowed, $charset, $urlview, $up, $down;
$tbl_link = Database :: get_course_table(TABLE_LINK);
$TABLE_ITEM_PROPERTY = Database :: get_course_table(TABLE_ITEM_PROPERTY);
@ -383,13 +380,13 @@ function showlinksofcategory($catid)
$myrow[3] = text_filter($myrow[3]);
if ($myrow['visibility'] == '1')
{
echo "<tr class='".$css_class."'>", "<td align=\"center\" valign=\"middle\" width=\"15\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\">", "<img src=\"../../main/img/file_html.gif\" border=\"0\" alt=\"".get_lang('Links')."\"/>", "</a></td>", "<td width=\"580\" valign=\"top\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\">", htmlentities($myrow[2]), "</a>\n", "<br/>", $myrow[3], "";
echo "<tr class='".$css_class."'>", "<td align=\"center\" valign=\"middle\" width=\"15\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\">", "<img src=\"../../main/img/file_html.gif\" border=\"0\" alt=\"".get_lang('Links')."\"/>", "</a></td>", "<td width=\"580\" valign=\"top\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\">", htmlentities($myrow[2],ENT_QUOTES,$charset), "</a>\n", "<br/>", $myrow[3], "";
}
else
{
if (api_is_allowed_to_edit())
{
echo "<tr class='".$css_class."'>", "<td align=\"center\" valign=\"middle\" width=\"15\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\" class=\"invisible\">", Display::return_icon('file_html_na.gif', get_lang('Links')),"</a></td>", "<td width=\"580\" valign=\"top\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\" class=\"invisible\">", htmlentities($myrow[2]), "</a>\n", "<br />", $myrow[3], "";
echo "<tr class='".$css_class."'>", "<td align=\"center\" valign=\"middle\" width=\"15\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\" class=\"invisible\">", Display::return_icon('file_html_na.gif', get_lang('Links')),"</a></td>", "<td width=\"580\" valign=\"top\">", "<a href=\"link_goto.php?".api_get_cidreq()."&link_id=", $myrow[0], "&amp;link_url=", urlencode($myrow[1]), "\" target=\"_blank\" class=\"invisible\">", htmlentities($myrow[2],ENT_QUOTES,$charset), "</a>\n", "<br />", $myrow[3], "";
}
}
if (api_is_allowed_to_edit())

4
main/online/online_chat.php
Unescape View File

@ -108,8 +108,8 @@ if($isMaster)
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?rand=<?php echo $rand; ?>&reset=1#bottom" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmReset'))); ?>')) return false;"><img src="../img/delete.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('ClearList')); ?>"></a></td>
<td width="99%">&nbsp;<a href="<?php echo api_get_self(); ?>?rand=<?php echo $rand; ?>&reset=1#bottom" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmReset'))); ?>')) return false;"><?php echo get_lang('ClearList'); ?></a></td>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?rand=<?php echo $rand; ?>&reset=1#bottom" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmReset'),ENT_QUOTES,$charset)); ?>')) return false;"><img src="../img/delete.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('ClearList'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="99%">&nbsp;<a href="<?php echo api_get_self(); ?>?rand=<?php echo $rand; ?>&reset=1#bottom" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmReset'),ENT_QUOTES,$charset)); ?>')) return false;"><?php echo get_lang('ClearList'); ?></a></td>
</tr>
</table>

12
main/online/online_links.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: online_links.php 12272 2007-05-03 14:40:45Z elixir_julian $
<?php // $Id: online_links.php 13296 2007-09-27 02:19:40Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
@ -171,7 +171,7 @@ include('header_frame.inc.php');
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="1%" valign="middle"><a href="online_master.php"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Back')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_master.php"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Back'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="99%" align="left">&nbsp;<a href="online_master.php"><?php echo get_lang('Back'); ?></a></td>
</tr>
</table>
@ -183,7 +183,7 @@ include('header_frame.inc.php');
<table border="0" cellpadding="3" cellspacing="0">
<tr>
<td width="45%"><?php echo get_lang('LinkName'); ?> :</td>
<td width="55%"><input type="text" name="link_name" size="10" maxlength="50" value="<?php if($action == 'edit') echo htmlentities($link_name); ?>" style="width: 95px;"></td>
<td width="55%"><input type="text" name="link_name" size="10" maxlength="50" value="<?php if($action == 'edit') echo htmlentities($link_name,ENT_QUOTES,$charset); ?>" style="width: 95px;"></td>
</tr>
<tr>
<td width="45%"><?php echo get_lang('LinkURL'); ?> :</td>
@ -195,7 +195,7 @@ include('header_frame.inc.php');
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="<?php echo htmlentities(get_lang('Ok')); ?>">
<input type="submit" value="<?php echo htmlentities(get_lang('Ok'),ENT_QUOTES,$charset); ?>">
</td>
</tr>
</table>
@ -221,8 +221,8 @@ else
<tr>
<td width="98%"><a href="online_goto.php?url=<?php echo urlencode($enreg['url']); ?>" target="online_working_area"><?php echo $enreg['name']; ?></a></td>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?action=edit&link=<?php echo $enreg['id']; ?>"><img src="../img/edit.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Modify')); ?>"></a></td>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?action=delete&link=<?php echo $enreg['id']; ?>" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmYourChoice'))); ?>')) return false;"><img src="../img/delete.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Delete')); ?>"></a></td>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?action=edit&link=<?php echo $enreg['id']; ?>"><img src="../img/edit.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Modify'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="1%" valign="middle"><a href="<?php echo api_get_self(); ?>?action=delete&link=<?php echo $enreg['id']; ?>" onclick="javascript:if(!confirm('<?php echo addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset)); ?>')) return false;"><img src="../img/delete.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Delete'),ENT_QUOTES,$charset); ?>"></a></td>
</tr>
<?php

10
main/online/online_master.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: online_master.php 10204 2006-11-26 20:46:53Z pcool $
<?php // $Id: online_master.php 13296 2007-09-27 02:19:40Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
@ -126,10 +126,10 @@ include('header_frame.inc.php');
<?php if($isMaster): ?>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="1%" valign="middle"><a href="online_streaming.php"><img src="../img/conf.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Streaming')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_streaming.php"><img src="../img/conf.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Streaming'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="49%" align="left" nowrap="nowrap">&nbsp;<a href="online_streaming.php"><?php echo get_lang('Streaming'); ?></a></td>
<td width="49%" align="right" nowrap="nowrap"><a href="online_htmlarea.php" target="online_working_area"><?php echo get_lang('WhiteBoard'); ?></a>&nbsp;</td>
<td width="1%" valign="middle"><a href="online_htmlarea.php" target="online_working_area"><img src="../img/works.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('WhiteBoard')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_htmlarea.php" target="online_working_area"><img src="../img/works.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('WhiteBoard'),ENT_QUOTES,$charset); ?>"></a></td>
</tr>
</table>
@ -199,10 +199,10 @@ if(!$isMaster && !empty($stream_url))
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="1%" valign="middle"><a href="online_links.php"><img src="../img/links.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Links')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_links.php"><img src="../img/links.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Links'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="49%" align="left" nowrap="nowrap">&nbsp;<a href="online_links.php"><?php echo get_lang('Links'); ?></a></td>
<td width="49%" align="right" nowrap="nowrap"><a href="online_working_area.php" target="online_working_area"><?php echo get_lang('Home'); ?></a>&nbsp;</td>
<td width="1%" valign="middle"><a href="online_working_area.php" target="online_working_area"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Home')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_working_area.php" target="online_working_area"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Home'),ENT_QUOTES,$charset); ?>"></a></td>
</tr>
</table>
<?php endif; ?>

8
main/online/online_message.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: online_message.php 12269 2007-05-03 14:17:37Z elixir_julian $
<?php // $Id: online_message.php 13296 2007-09-27 02:19:40Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
@ -83,7 +83,7 @@ $chat_size=0;
if($sent)
{
$message=trim(htmlspecialchars(stripslashes($_POST['message'])));
$message=trim(htmlspecialchars(stripslashes($_POST['message']),ENT_QUOTES,$charset));
if(!empty($message))
{
@ -114,12 +114,12 @@ if($sent)
include('header_frame.inc.php');
?>
<form name="formMessage" method="post" action="<?php echo api_get_self(); ?>" onsubmit="javascript:if(document.formMessage.message.value == '') { alert('<?php echo addslashes(htmlentities(get_lang('TypeMessage'))); ?>'); document.formMessage.message.focus(); return false; }" autocomplete="off">
<form name="formMessage" method="post" action="<?php echo api_get_self(); ?>" onsubmit="javascript:if(document.formMessage.message.value == '') { alert('<?php echo addslashes(htmlentities(get_lang('TypeMessage'),ENT_QUOTES,$charset)); ?>'); document.formMessage.message.focus(); return false; }" autocomplete="off">
<input type="hidden" name="sent" value="1">
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<tr>
<td width="90%"><input type="text" name="message" size="50" value="" style="width: 100%;"></td>
<td width="9%" nowrap="nowrap"><?php echo get_lang('Question'); ?>&nbsp;<input type="checkbox" name="question" value="1" style="vertical-align: middle;" onclick="javascript:if(this.checked == true && !confirm('<?php echo addslashes(htmlentities(get_lang('OnlyCheckForImportantQuestion'))); ?>')) this.checked=false; document.formMessage.message.focus();"></td>
<td width="9%" nowrap="nowrap"><?php echo get_lang('Question'); ?>&nbsp;<input type="checkbox" name="question" value="1" style="vertical-align: middle;" onclick="javascript:if(this.checked == true && !confirm('<?php echo addslashes(htmlentities(get_lang('OnlyCheckForImportantQuestion'),ENT_QUOTES,$charset)); ?>')) this.checked=false; document.formMessage.message.focus();"></td>
<td width="1%"><input type="submit" value="OK" style="width: 30px;"></td>
</tr>
</table>

6
main/online/online_streaming.php
Unescape View File

@ -1,4 +1,4 @@
<?php // $Id: online_streaming.php 12269 2007-05-03 14:17:37Z elixir_julian $
<?php // $Id: online_streaming.php 13296 2007-09-27 02:19:40Z yannoo $
/*
==============================================================================
Dokeos - elearning and course management software
@ -95,7 +95,7 @@ include('header_frame.inc.php');
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="1%" valign="middle"><a href="online_master.php"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Back')); ?>"></a></td>
<td width="1%" valign="middle"><a href="online_master.php"><img src="../img/home.gif" border="0" alt="" title="<?php echo htmlentities(get_lang('Back'),ENT_QUOTES,$charset); ?>"></a></td>
<td width="99%" align="left">&nbsp;<a href="online_master.php"><?php echo get_lang('Back'); ?></a></td>
</tr>
</table>
@ -118,7 +118,7 @@ include('header_frame.inc.php');
</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" value="<?php echo htmlentities(get_lang('Modify')); ?>"></td>
<td colspan="2" align="center"><input type="submit" value="<?php echo htmlentities(get_lang('Modify'),ENT_QUOTES,$charset); ?>"></td>
</tr>
</table>
</form>

6
main/survey/survey.php
Unescape View File

@ -21,7 +21,7 @@ Tel. +32 (2) 211 34 56
* @package dokeos.survey
* @author unknown
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
* @version $Id: survey.php 12912 2007-08-31 15:52:45Z pcool $
* @version $Id: survey.php 13296 2007-09-27 02:19:40Z yannoo $
*
* @todo use quickforms for the forms
*/
@ -101,7 +101,7 @@ check_first_last_question($_GET['survey_id']);
// Action links
$survey_actions = get_lang('Survey').': ';
$survey_actions .= '<a href="create_new_survey.php?'.api_get_cidreq().'&amp;action=edit&amp;survey_id='.$_GET['survey_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
$survey_actions .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$_GET['survey_id'].'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurvey").'?')).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
$survey_actions .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$_GET['survey_id'].'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurvey").'?',ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
//$survey_actions .= '<a href="create_survey_in_another_language.php?id_survey='.$_GET['survey_id'].'">'.Display::return_icon('copy.gif', get_lang('Copy')).'</a>';
$survey_actions .= '<a href="preview.php?'.api_get_cidreq().'&amp;survey_id='.$_GET['survey_id'].'">'.Display::return_icon('preview.gif', get_lang('Preview')).'</a>';
$survey_actions .= '<a href="survey_invite.php?'.api_get_cidreq().'&amp;survey_id='.$_GET['survey_id'].'">'.Display::return_icon('survey_publish.gif', get_lang('Publish')).'</a>';
@ -159,7 +159,7 @@ while ($row = mysql_fetch_assoc($result))
echo ' <td>'.$row['number_of_options'].'</td>';
echo ' <td>';
echo ' <a href="question.php?'.api_get_cidreq().'&amp;action=edit&amp;type='.$row['type'].'&amp;survey_id='.$_GET['survey_id'].'&amp;question_id='.$row['question_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
echo ' <a href="survey.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$_GET['survey_id'].'&amp;question_id='.$row['question_id'].'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurveyQuestion").'?')).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
echo ' <a href="survey.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$_GET['survey_id'].'&amp;question_id='.$row['question_id'].'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurveyQuestion").'?',ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
if ($question_counter > 1)
{
echo ' <a href="survey.php?'.api_get_cidreq().'&amp;action=moveup&amp;survey_id='.$_GET['survey_id'].'&amp;question_id='.$row['question_id'].'">'.Display::return_icon('up.gif', get_lang('MoveUp')).'</a>';

5
main/survey/survey_list.php
Unescape View File

@ -21,7 +21,7 @@
* @package dokeos.survey
* @author unknown, the initial survey that did not make it in 1.8 because of bad code
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
* @version $Id: survey_list.php 12912 2007-08-31 15:52:45Z pcool $
* @version $Id: survey_list.php 13296 2007-09-27 02:19:40Z yannoo $
*
* @todo use quickforms for the forms
*/
@ -306,8 +306,9 @@ function get_survey_data($from, $number_of_items, $column, $direction)
*/
function modify_filter($survey_id)
{
global $charset;
$return = '<a href="create_new_survey.php?'.api_get_cidreq().'&amp;action=edit&amp;survey_id='.$survey_id.'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
$return .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurvey").'?')).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
$return .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurvey").'?',ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
//$return .= '<a href="create_survey_in_another_language.php?id_survey='.$survey_id.'">'.Display::return_icon('copy.gif', get_lang('Copy')).'</a>';
//$return .= '<a href="survey.php?survey_id='.$survey_id.'">'.Display::return_icon('add.gif', get_lang('Add')).'</a>';
$return .= '<a href="preview.php?'.api_get_cidreq().'&amp;survey_id='.$survey_id.'">'.Display::return_icon('preview.gif', get_lang('Preview')).'</a>';

10
main/work/work.lib.php
Unescape View File

@ -68,6 +68,7 @@ function display_action_links($cur_dir_path, $always_show_tool_options, $always_
*/
function display_tool_options($uploadvisibledisabled, $origin,$base_work_dir,$cur_dir_path,$cur_dir_path_url)
{
global $charset;
$is_allowed_to_edit = api_is_allowed_to_edit();
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
@ -80,7 +81,7 @@ function display_tool_options($uploadvisibledisabled, $origin,$base_work_dir,$cu
"<td>",
get_lang('AllFiles')." : </td>",
"<td><a href=\"".api_get_self()."?".api_get_cidreq()."&amp;curdirpath=".$cur_dir_path."&amp;origin=$origin&amp;delete=all&amp;display_tool_options=true\" ",
"onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang('ConfirmYourChoice')))."')) return false;\">",
"onclick=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."')) return false;\">",
"<img src=\"../img/delete.gif\" border=\"0\" alt=\"".get_lang('Delete')."\" />",
"</a>",
"&nbsp;";
@ -174,6 +175,7 @@ function display_default_visibility_form($uploadvisibledisabled)
*/
function display_student_publications_list($work_dir,$sub_course_dir,$currentCourseRepositoryWeb, $link_target_parameter, $dateFormatLong, $origin)
{
global $charset;
// Database table names
$work_table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
$iprop_table = Database::get_course_table(TABLE_ITEM_PROPERTY);
@ -265,7 +267,7 @@ function display_student_publications_list($work_dir,$sub_course_dir,$currentCou
//$action .= '<a href="'.api_get_self().'?cidReq='.api_get_course_id().
// '&edit_dir='.$mydir.'"><img src="../img/edit.gif" alt="'.get_lang('Modify').'"></a>';
$action .= '<a href="'.api_get_self().'?'.
api_get_cidreq().'&delete_dir='.$mydir.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice')))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('DirDelete').'"></a>';
api_get_cidreq().'&delete_dir='.$mydir.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('DirDelete').'"></a>';
$row[] = $action;
}else{
$row[] = "";
@ -304,7 +306,7 @@ function display_student_publications_list($work_dir,$sub_course_dir,$currentCou
{
$action = '';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;edit='.$work->id.'"><img src="../img/edit.gif" alt="'.get_lang('Modify').'"></a>';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;delete='.$work->id.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice')))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('WorkDelete').'"></a>';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;delete='.$work->id.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('WorkDelete').'"></a>';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;move='.$work->id.'"><img src="../img/deplacer_fichier.gif" border="0" title="'.get_lang('Move').'" alt="" /></a>';
if($work->accepted == '1')
{
@ -319,7 +321,7 @@ function display_student_publications_list($work_dir,$sub_course_dir,$currentCou
}elseif($is_author){
$action = '';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;edit='.$work->id.'"><img src="../img/edit.gif" alt="'.get_lang('Modify').'"></a>';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;delete='.$work->id.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice')))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('WorkDelete').'"></a>';
$action .= '<a href="'.api_get_self().'?'.api_get_cidreq().'&curdirpath='.urlencode($my_sub_dir).'&amp;origin='.$origin.'&amp;delete='.$work->id.'" onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmYourChoice'),ENT_QUOTES,$charset))."'".')) return false;"><img src="../img/delete.gif" alt="'.get_lang('WorkDelete').'"></a>';
$row[] = $action;
}else{

Write Preview
Loading…
Cancel
Save