Minor - Code style changes and remove excess security escaping in new reports - refs BT#17648

main/inc/lib/extra_field.lib.php

@@ -1174,8 +1174,8 @@ class ExtraField extends Model
                         if (empty($defaultValueId)) {
                             $options[''] = get_lang('SelectAnOption');
                         }
-                        // for task BT#17648
-                        //When a varible is 'authors', this will be a select of  teachers
+                        // When a varible is 'authors', this will be a 
+                        // select element of teachers (see BT#17648)
                         $variable = $field_details['variable'];
                         if ($variable != 'authors') {
                             foreach ($field_details['options'] as $optionDetails) {
@@ -3134,15 +3134,11 @@ JAVASCRIPT;
         if ($variableName == null) {
             return null;
         }
-        $variableName = Security::remove_XSS($variableName);
         $variableName = Database::escape_string($variableName);
         $tblExtraField = Database::get_main_table(TABLE_EXTRA_FIELD);
-        $query = "SELECT
-			display_text
-		FROM
-			$tblExtraField
-		WHERE
-			variable = '$variableName'";
+        $query = "SELECT display_text
+            FROM $tblExtraField
+            WHERE variable = '$variableName'";
         $companyField = Database::fetch_assoc(Database::query($query));
 
         if ($companyField == false or !isset($companyField['display_text'])) {

main/inc/lib/myspace.lib.php

@@ -1254,11 +1254,13 @@ class MySpace
             $form->addDatePicker(
                 'startDate',
                 get_lang('DateStart'),
-                []);
+                []
+            );
             $form->addDatePicker(
                 'endDate',
                 get_lang('DateEnd'),
-                []);
+                []
+            );
             $form->addButtonSearch(get_lang('Search'));
             if (count($data) != 0) {
                 //$form->addButtonSave(get_lang('Ok'), 'export');

plugin/check_extra_field_author_company/CheckExtraFieldAuthorsCompanyPlugin.php

@@ -1,5 +1,7 @@
 <?php
 
+/* For licensing terms, see /license.txt */
+
 /**
  * Class CheckExtraFieldAuthorsCompanyPlugin.
  */

plugin/check_extra_field_author_company/README.md

@@ -1,5 +1,8 @@
-Adjust the variables to display the "Distribution by entity" and "Distribution by author" reports.
+Check Extra Fields 'author' and 'company'
 ======
+
+Make sure two extra fields exist in order to enable the "Distribution by entity" and "Distribution by author" reports.
+
 This plugin adds the extra fields necessary to display "Distribution by entity" and "Distribution by author" reports.
 * For the "Distribution by entity" report to be displayed, it is necessary to have the type of extra user field, with a multiple selector.
 The name of this field must be "company".

plugin/check_extra_field_author_company/index.php

@@ -1,8 +1,9 @@
 <?php
+
+/* For licensing terms, see /license.txt */
+
 // Check extra_field authors to lp and company to user
 require_once __DIR__.'/../../main/inc/global.inc.php';
-// public $isAdminPlugin = true;
-// $_template['show_message'] = false;
 
 if (api_is_anonymous()) {
 }

plugin/check_extra_field_author_company/install.php

@@ -1,4 +1,7 @@
 <?php
+
+/* For licensing terms, see /license.txt */
+
 // Check extra_field authors to lp and company to user
 require_once 'CheckExtraFieldAuthorsCompanyPlugin.php';
 

plugin/check_extra_field_author_company/plugin.php

@@ -1,4 +1,7 @@
 <?php
+
+/* For licensing terms, see /license.txt */
+
 /**
  * This script is a configuration file for the date plugin. You can use it as a master for other platform plugins
  * (course plugins are slightly different).

plugin/check_extra_field_author_company/uninstall.php

@@ -1,4 +1,5 @@
 <?php
+
 /* For license terms, see /license.txt */
 
 require_once 'CheckExtraFieldAuthorsCompanyPlugin.php';