chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix partially #7564

Browse Source
1.9.x
Julio Montoya 11 years ago
parent 11b0e96555
commit 9da1112af7
11 changed files with 36 additions and 32 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 19
      main/admin/configure_extensions.php
  2. 6
      main/admin/course_category.php
  3. 3
      main/admin/session_edit.php
  4. 6
      main/calendar/agenda.lib.php
  5. 2
      main/calendar/agenda_list.php
  6. 2
      main/inc/lib/diagnoser.lib.php
  7. 2
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php
  8. 6
      main/inc/lib/message.lib.php
  9. 2
      main/messages/new_message.php
  10. 6
      main/messages/outbox.php
  11. 14
      main/mySpace/student.php

19
main/admin/configure_extensions.php
Unescape View File

@ -4,9 +4,7 @@
* Edition of extensions configuration
* @package chamilo.admin
*/
/**
* Code
*/
// name of the language file that needs to be included
$language_file='admin';
$cidReset=true;
@ -154,17 +152,18 @@ if (isset($_POST['activeExtension'])) {
$listActiveServices = array();
// get the list of active services
$sql = 'SELECT variable FROM '.$tbl_settings_current.' WHERE variable LIKE "service_%" AND subkey="active" and selected_value="true"';
$sql = 'SELECT variable FROM '.$tbl_settings_current.'
WHERE variable LIKE "service_%" AND subkey="active" and selected_value="true"';
$rs = Database::query($sql);
while($row = Database::fetch_array($rs)){
$listActiveServices[] = $row['variable'];
}
$javascript_service_displayed = '';
if(isset($_GET['display'])){
/*$javascript_service_displayed = '';
if (isset($_GET['display'])) {
$javascript_service_displayed = 'document.getElementById("extension_content_'.$_GET['display'].'").style.display = "block"';
}
}*/
// javascript to handle accordion behaviour
$javascript_message = '';
@ -223,8 +222,6 @@ $nameTool = get_lang('ConfigureExtensions');
Display::display_header($nameTool);
?>
<div id="message" style="display: none">
<?php
if(!empty($message))
@ -299,7 +296,7 @@ Display::display_header($nameTool);
</div>
*/ ?>
<!-- PPT2LP -->
<div id="main_ppt2lp">
<div id="extension_header_ppt2lp" class="accordion_header">
@ -441,7 +438,7 @@ Display::display_header($nameTool);
</div>
*/
/*
<!-- SEARCH -->
<div id="main_search">
<div id="extension_header_search" class="accordion_header">

6
main/admin/course_category.php
Unescape View File

@ -73,7 +73,7 @@ if ($action == 'add' || $action == 'edit') {
echo '<div class="actions">';
echo Display::url(
Display::return_icon('folder_up.png', get_lang("Back"), '', ICON_SIZE_MEDIUM),
api_get_path(WEB_CODE_PATH).'admin/course_category.php?category='.$category
api_get_path(WEB_CODE_PATH).'admin/course_category.php?category='.Security::remove_XSS($category)
);
echo '</div>';
@ -81,7 +81,7 @@ if ($action == 'add' || $action == 'edit') {
if (!empty($category)) {
$form_title .= ' ' . get_lang('Into') . ' ' . Security::remove_XSS($category);
}
$url = api_get_self().'?action='.Security::remove_XSS($action).'&category='.Security::remove_XSS($category).'&id='.$category;
$url = api_get_self().'?action='.Security::remove_XSS($action).'&category='.Security::remove_XSS($category).'&id='.Security::remove_XSS($category);
$form = new FormValidator('course_category', 'post', $url);
$form->addElement('header', '', $form_title);
$form->addElement('hidden', 'formSent', 1);
@ -129,7 +129,7 @@ if ($action == 'add' || $action == 'edit') {
if (empty($parentInfo) || $parentInfo['auth_cat_child'] == 'TRUE') {
echo Display::url(
Display::return_icon('new_folder.png', get_lang("AddACategory"), '', ICON_SIZE_MEDIUM),
api_get_path(WEB_CODE_PATH).'admin/course_category.php?action=add&category='.$category
api_get_path(WEB_CODE_PATH).'admin/course_category.php?action=add&category='.Security::remove_XSS($category)
);
}

3
main/admin/session_edit.php
Unescape View File

@ -4,9 +4,6 @@
* Sessions edition script
* @package chamilo.admin
*/
/**
* Code
*/
// name of the language file that needs to be included
$language_file ='admin';

6
main/calendar/agenda.lib.php
Unescape View File

@ -68,7 +68,11 @@ class Agenda
*/
public function setType($type)
{
$this->type = $type;
$typeList = $this->getTypes();
if (in_array($type, $typeList)) {
$this->type = $type;
}
}
/**

2
main/calendar/agenda_list.php
Unescape View File

@ -18,7 +18,7 @@ $interbreadcrumb[] = array(
$agenda = new Agenda();
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;
$agenda->type = $type;
$agenda->setType($type);
$events = $agenda->get_events(
null,
null,

2
main/inc/lib/diagnoser.lib.php
Unescape View File

@ -27,7 +27,7 @@ class Diagnoser
$sections = array('chamilo', 'php', 'mysql', 'webserver');
if (!in_array($_GET['section'], $sections)) {
if (!in_array(trim($_GET['section']), $sections)) {
$current_section = 'chamilo';
} else {
$current_section = $_GET['section'];

2
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php
Unescape View File

@ -19,7 +19,7 @@ if (!isset($manager)) {
$pagination = new pagination(false);
$search_folder = null;
if (isset($_GET['search_folder'])) {
$search_folder = str_replace("'", "", $_GET['search_folder']); //security fix for Chamilo by cfasanando
$search_folder = str_replace("'", "", Security::remove_XSS($_GET['search_folder']));
}
if (!empty($_GET['search'])) {

6
main/inc/lib/message.lib.php
Unescape View File

@ -823,13 +823,13 @@ class MessageManager
$message[4] = '&nbsp;&nbsp;<a onclick="delete_one_message_outbox('.$result[0].')" href="javascript:void(0)" >'.Display::return_icon('delete.png', get_lang('DeleteMessage')).'</a>';
} else {
$link = '';
if ($_GET['f'] == 'social') {
if (isset($_GET['f']) && $_GET['f'] == 'social') {
$link = '&f=social';
}
$message[1] = '<a '.$class.' onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].$link.'">'.$result[2].'</a><br />'.GetFullUserName($result[4]);
//$message[2] = '<a '.$class.' onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].$link.'">'.$result[2].'</a>';
$message[2] = api_convert_and_format_date($result[3], DATE_TIME_FORMAT_LONG); //date stays the same
$message[3] = '<a href="outbox.php?action=deleteone&id='.$result[0].'&f='.Security::remove_XSS($_GET['f']).'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;" >'.Display::return_icon('delete.png', get_lang('DeleteMessage')).'</a>';
$message[3] = '<a href="outbox.php?action=deleteone&id='.$result[0].'&'.$link.'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;" >'.Display::return_icon('delete.png', get_lang('DeleteMessage')).'</a>';
}
foreach ($message as $key => $value) {
@ -1527,7 +1527,7 @@ class MessageManager
// display sortable table with messages of the current user
$table = new SortableTable('message_outbox', array('MessageManager', 'get_number_of_messages_sent'), array('MessageManager', 'get_message_data_sent'), 3, 20, 'DESC');
$parameters['f'] = Security::remove_XSS($_GET['f']);
$parameters['f'] = isset($_GET['f']) && $_GET['f'] == 'social' ? 'social' : null;
$table->set_additional_parameters($parameters);
$table->set_header(0, '', false, array('style' => 'width:15px;'));

2
main/messages/new_message.php
Unescape View File

@ -164,7 +164,7 @@ function show_compose_to_user ($receiver_id) {
function manage_form($default, $select_from_user_list = null, $sent_to = null) {
$group_id = isset($_REQUEST['group_id']) ? intval($_REQUEST['group_id']) : null;
$message_id = isset($_GET['message_id']) ? intval($_GET['message_id']) : null;
$param_f = isset($_GET['f']) ? Security::remove_XSS($_GET['f']):'';
$param_f = isset($_GET['f']) && $_GET['f'] == 'social' ? 'social' : null;
$form = new FormValidator('compose_message', null, api_get_self().'?f='.$param_f, null, array('enctype'=>'multipart/form-data'));
if (empty($group_id)) {

6
main/messages/outbox.php
Unescape View File

@ -6,13 +6,15 @@
// name of the language file that needs to be included
$language_file = array('registration','messages','userInfo');
$cidReset=true;
$cidReset = true;
require_once '../inc/global.inc.php';
api_block_anonymous_users();
if (isset($_GET['messages_page_nr'])) {
if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
if (api_get_setting('allow_social_tool')=='true' &&
api_get_setting('allow_message_tool')=='true'
) {
$social_link = '';
if ($_REQUEST['f']=='social') {
$social_link = '&f=social';

14
main/mySpace/student.php
Unescape View File

@ -4,9 +4,7 @@
* Student report
* @package chamilo.reporting
*/
/**
* Code
*/
// name of the language file that needs to be included
$language_file = array ('registration', 'index', 'tracking', 'admin');
$cidReset = true;
@ -198,8 +196,14 @@ if (api_is_drh()) {
}
$actions .= '<span style="float:right">';
$actions .= Display::url(Display::return_icon('printer.png', get_lang('Print'), array(), ICON_SIZE_MEDIUM), 'javascript: void(0);', array('onclick'=>'javascript: window.print();'));
$actions .= Display::url(Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), array(), ICON_SIZE_MEDIUM), api_get_self().'?export=csv&keyword='.$keyword);
$actions .= Display::url(
Display::return_icon('printer.png', get_lang('Print'), array(), ICON_SIZE_MEDIUM), 'javascript: void(0);',
array('onclick'=>'javascript: window.print();')
);
$actions .= Display::url(
Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), array(), ICON_SIZE_MEDIUM),
api_get_self().'?export=csv&keyword='.$keyword
);
$actions .= '</span>';
$actions .= '</div>';

Write Preview
Loading…
Cancel
Save