From b3aab66d7f887d3f97a854c5eede8e165fbd93a7 Mon Sep 17 00:00:00 2001 From: Isaac Flores Date: Tue, 7 Apr 2009 17:44:18 +0200 Subject: [PATCH] [svn r19601] logic changes - fixed error in query sql, when you edit an evaluation - (partial FS#3991) --- main/gradebook/lib/be/abstractlink.class.php | 2 +- main/gradebook/lib/be/evaluation.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/main/gradebook/lib/be/abstractlink.class.php b/main/gradebook/lib/be/abstractlink.class.php index d1278b123c..ad491fa0e5 100644 --- a/main/gradebook/lib/be/abstractlink.class.php +++ b/main/gradebook/lib/be/abstractlink.class.php @@ -289,7 +289,7 @@ abstract class AbstractLink implements GradebookItem $name_log=$arreval['course_code']; } //error_log($name_log); - $sql="INSERT INTO ".$tbl_grade_linkeval_log."(id_linkeval_log,name,description,date_log,weight,visible,type,user_id_log)VALUES('".$arreval['id']."','".$name_log."','".$description_log."','".$current_date_server."','".$arreval['weight']."','".$arreval['visible']."','Link',".api_get_user_id().")"; + $sql="INSERT INTO ".$tbl_grade_linkeval_log."(id_linkeval_log,name,description,date_log,weight,visible,type,user_id_log)VALUES('".Database::escape_string($arreval['id'])."','".Database::escape_string($name_log)."','".Database::escape_string($description_log)."','".Database::escape_string($current_date_server)."','".Database::escape_string($arreval['weight'])."','".Database::escape_string($arreval['visible'])."','Link',".api_get_user_id().")"; api_sql_query($sql,__FILE__,__LINE__); } diff --git a/main/gradebook/lib/be/evaluation.class.php b/main/gradebook/lib/be/evaluation.class.php index 04b8d5c780..bfb72a7f2f 100644 --- a/main/gradebook/lib/be/evaluation.class.php +++ b/main/gradebook/lib/be/evaluation.class.php @@ -258,7 +258,7 @@ class Evaluation implements GradebookItem $rs=api_sql_query($sql_eval,__FILE__,__LINE__); $row_old_weight=Database::fetch_array($rs,'ASSOC'); $current_date=strtotime(date('Y-m-d H:i:s',time())); - $sql="INSERT INTO ".$tbl_grade_linkeval_log."(id_linkeval_log,name,description,date_log,weight,visible,type,user_id_log)VALUES('".$arreval['id']."','".$arreval['name']."','".$arreval['description']."','".$current_date."','".$row_old_weight['weight']."','".$arreval['visible']."','evaluation',".api_get_user_id().")"; + $sql="INSERT INTO ".$tbl_grade_linkeval_log."(id_linkeval_log,name,description,date_log,weight,visible,type,user_id_log)VALUES('".Database::escape_string($arreval['id'])."','".Database::escape_string($arreval['name'])."','".Database::escape_string($arreval['description'])."','".Database::escape_string($current_date)."','".Database::escape_string($row_old_weight['weight'])."','".Database::escape_string($arreval['visible'])."','evaluation',".api_get_user_id().")"; api_sql_query($sql,__FILE__,__LINE__); } /**