Merge

main/document/edit_document.php

@@ -448,7 +448,7 @@ if (file_exists($filepath.$doc)) {
 /*	Display user interface */
 
 // Display the header
-$nameTools = get_lang('EditDocument') . ': '.$file_name;
+$nameTools = get_lang('EditDocument') . ': '.$oldTitle;
 Display::display_header($nameTools, 'Doc');
 
 // Display the tool title
@@ -541,6 +541,7 @@ if ($owner_id == $_user['user_id'] || api_is_platform_admin() || $is_allowed_to_
 			$checked->setChecked(true);
 		}
 	}
+	
 	if ($is_certificate_mode)
 		$form->addElement('style_submit_button', 'submit', get_lang('SaveCertificate'), 'class="save"');
 	else
@@ -571,6 +572,7 @@ if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') {
 		$create_certificate=get_lang('CreateCertificateWithTags');
 		Display::display_normal_message($create_certificate.': <br /><br />'.$str_info,false);
 	}
+	
 	if ($is_certificate_mode) {
 		echo '<div class="actions">';
 				echo '<a href="document.php?curdirpath='.Security::remove_XSS($_GET['curdirpath']).'&selectcat=' . Security::remove_XSS($_GET['selectcat']).'">'.Display::return_icon('back.png',get_lang('Back').' '.get_lang('To').' '.get_lang('CertificateOverview')).get_lang('Back').' '.get_lang('To').' '.get_lang('CertificateOverview').'</a>';
@@ -582,6 +584,7 @@ if (isset($_REQUEST['curdirpath']) && $_GET['curdirpath']=='/certificates') {
 			nav_to_slideshow($slide_id);
 		}
 	}
+	
 	$form->display();
 	//Display::display_error_message(get_lang('ReadOnlyFile'));
 }

main/inc/lib/formvalidator/Rule/allowed_tags.inc.php

@@ -2,7 +2,7 @@
 /* For licensing terms, see /license.txt */
 /**
  * This page defines all HTML-tages and their attributes that are allowed in
- * Dokeos. 2 arrays are defined, one contains the allowed HTML for students and
+ * Chamilo. 2 arrays are defined, one contains the allowed HTML for students and
  * the other the allowed HTML for teachers.
  *
  * Modifying this page:
@@ -33,17 +33,22 @@ $attribute_anonymous=array();
 // ADDRESS
 $allowed_tags_student['address'] =  array();
 // APPLET
+/*
 $allowed_tags_student['applet'] =  array();
 $allowed_tags_student['applet']['codebase'] =  array();
 $allowed_tags_student['applet']['code'] =  array();
 $allowed_tags_student['applet']['name'] =  array();
 $allowed_tags_student['applet']['alt'] =  array();
+*/
+
 // AREA
+/*
 $allowed_tags_student['area'] =  array();
 $allowed_tags_student['area']['shape'] =  array();
 $allowed_tags_student['area']['coords'] =  array();
 $allowed_tags_student['area']['href'] =  array();
 $allowed_tags_student['area']['alt'] =  array();
+*/
 // A
 $allowed_tags_student['a'] =  array();
 $allowed_tags_student['a']['class'] =  array();
@@ -64,8 +69,9 @@ $allowed_tags_student['b'] =  array();
 $allowed_tags_student['b']['class'] =  array();
 $allowed_tags_student['b']['id'] =  array();
 // BASE
+/*
 $allowed_tags_student['base'] =  array();
-$allowed_tags_student['base']['href'] =  array();
+$allowed_tags_student['base']['href'] =  array();*/
 // BASEFONT
 $allowed_tags_student['basefont'] =  array();
 $allowed_tags_student['basefont']['size'] =  array();
@@ -88,11 +94,12 @@ $allowed_tags_student_full_page['body']['vlink'] =  array();
 // BR
 $allowed_tags_student['br'] =  array();
 // BUTTON
+/*
 $allowed_tags_student['button'] =  array();
 $allowed_tags_student['button']['disabled'] =  array();
 $allowed_tags_student['button']['name'] =  array();
 $allowed_tags_student['button']['type'] =  array();
-$allowed_tags_student['button']['value'] =  array();
+$allowed_tags_student['button']['value'] =  array(); */
 // CAPTION
 $allowed_tags_student['caption'] =  array();
 $allowed_tags_student['caption']['align'] =  array();
@@ -101,13 +108,13 @@ $allowed_tags_student['code'] =  array();
 // COL
 $allowed_tags_student['col'] =  array();
 $allowed_tags_student['col']['align'] =  array();
-$allowed_tags_student['col']['char'] =  array();
+//$allowed_tags_student['col']['char'] =  array();
 $allowed_tags_student['col']['charoff'] =  array();
 $allowed_tags_student['col']['valign'] =  array();
 $allowed_tags_student['col']['width'] =  array();
 // DEL
 $allowed_tags_student['del'] =  array();
-$allowed_tags_student['del']['datetime'] =  array();
+//$allowed_tags_student['del']['datetime'] =  array();
 // DD
 $allowed_tags_student['dd'] =  array();
 // DIV
@@ -127,17 +134,18 @@ $allowed_tags_student['embed'] =  array();
 $allowed_tags_student['embed']['height'] =  array();
 $allowed_tags_student['embed']['width'] =  array();
 $allowed_tags_student['embed']['type'] =  array();
-$allowed_tags_student['embed']['quality'] =  array();
+//$allowed_tags_student['embed']['quality'] =  array();
 $allowed_tags_student['embed']['src'] =  array();
 
 $allowed_tags_student['embed']['flashvars'] =  array();
 $allowed_tags_student['embed']['allowscriptaccess'] =  array();
-$allowed_tags_student['embed']['allowfullscreen'] =  array();
-$allowed_tags_student['embed']['bgcolor'] =  array();
-$allowed_tags_student['embed']['pluginspage'] =  array();
+//$allowed_tags_student['embed']['allowfullscreen'] =  array();
+//$allowed_tags_student['embed']['bgcolor'] =  array();
+//$allowed_tags_student['embed']['pluginspage'] =  array();
 
 // FIELDSET
-$allowed_tags_student['fieldset'] =  array();
+/*
+$allowed_tags_student['fieldset'] =  array(); */
 // FONT
 $allowed_tags_student['font'] =  array();
 $allowed_tags_student['font']['color'] =  array();
@@ -145,6 +153,7 @@ $allowed_tags_student['font']['face'] =  array();
 $allowed_tags_student['font']['size'] =  array();
 //$allowed_tags_student['font']['style'] =  array(); //filtered out for security (see kses security report)
 // FORM
+/*
 $allowed_tags_student['form'] =  array();
 $allowed_tags_student['form']['action'] =  array();
 $allowed_tags_student['form']['accept'] =  array();
@@ -152,7 +161,7 @@ $allowed_tags_student['form']['accept-charset'] =  array();
 $allowed_tags_student['form']['enctype'] =  array();
 $allowed_tags_student['form']['method'] =  array();
 $allowed_tags_student['form']['name'] =  array();
-$allowed_tags_student['form']['target'] =  array();
+$allowed_tags_student['form']['target'] =  array();*/
 // FRAME
 $allowed_tags_student_full_page['frame'] =  array();
 $allowed_tags_student_full_page['frame']['frameborder'] =  array();
@@ -214,6 +223,7 @@ $allowed_tags_student_full_page['html']['xmlns'] =  array();
 // I
 $allowed_tags_student['i'] =  array();
 // IFRAME
+/*
 $allowed_tags_student['iframe'] =  array();
 $allowed_tags_student['iframe']['align'] =  array();
 $allowed_tags_student['iframe']['frameborder'] =  array();
@@ -224,7 +234,7 @@ $allowed_tags_student['iframe']['marginwidth'] =  array();
 $allowed_tags_student['iframe']['name'] =  array();
 $allowed_tags_student['iframe']['scrolling'] =  array();
 $allowed_tags_student['iframe']['src'] =  array();
-$allowed_tags_student['iframe']['width'] =  array();
+$allowed_tags_student['iframe']['width'] =  array();*/
 // IMG
 $allowed_tags_student['img'] =  array();
 $allowed_tags_student['img']['alt'] =  array();
@@ -232,13 +242,14 @@ $allowed_tags_student['img']['align'] =  array();
 $allowed_tags_student['img']['border'] =  array();
 $allowed_tags_student['img']['height'] =  array();
 $allowed_tags_student['img']['hspace'] =  array();
-$allowed_tags_student['img']['ismap'] =  array();
+//$allowed_tags_student['img']['ismap'] =  array();
 $allowed_tags_student['img']['longdesc'] =  array();
 $allowed_tags_student['img']['src'] =  array();
-$allowed_tags_student['img']['usemap'] =  array();
+//$allowed_tags_student['img']['usemap'] =  array();
 $allowed_tags_student['img']['vspace'] =  array();
 $allowed_tags_student['img']['width'] =  array();
 // INPUT
+/*
 $allowed_tags_student['input'] =  array();
 $allowed_tags_student['input']['accept'] =  array();
 $allowed_tags_student['input']['align'] =  array();
@@ -252,18 +263,22 @@ $allowed_tags_student['input']['size'] =  array();
 $allowed_tags_student['input']['src'] =  array();
 $allowed_tags_student['input']['type'] =  array();
 $allowed_tags_student['input']['value'] =  array();
+*/
 // INS
 $allowed_tags_student['ins'] =  array();
-$allowed_tags_student['ins']['datetime'] =  array();
+//$allowed_tags_student['ins']['datetime'] =  array();
 $allowed_tags_student['ins']['cite'] =  array();
 // KBD
 $allowed_tags_student['kbd'] =  array();
 // LABEL
+/*
 $allowed_tags_student['label'] =  array();
 $allowed_tags_student['label']['for'] =  array();
+*/
 // LEGEND
+/*
 $allowed_tags_student['legend'] =  array();
-$allowed_tags_student['legend']['align'] =  array();
+$allowed_tags_student['legend']['align'] =  array();*/
 // LI
 $allowed_tags_student['li'] =  array();
 // LINK
@@ -277,9 +292,10 @@ $allowed_tags_student_full_page['link']['rev'] =  array();
 $allowed_tags_student_full_page['link']['target'] =  array();
 $allowed_tags_student_full_page['link']['type'] =  array();
 // MAP
+/*
 $allowed_tags_student['map'] =  array();
 $allowed_tags_student['map']['id'] =  array();
-$allowed_tags_student['map']['name'] =  array();
+$allowed_tags_student['map']['name'] =  array();*/
 // MENU
 $allowed_tags_student['menu'] =  array();
 // META
@@ -292,21 +308,21 @@ $allowed_tags_student_full_page['meta']['scheme'] =  array();
 $allowed_tags_student_full_page['noframes'] =  array();
 // OBJECT
 $allowed_tags_student['object'] =  array();
-$allowed_tags_student['object']['align'] =  array();
-$allowed_tags_student['object']['archive'] =  array();
-$allowed_tags_student['object']['border'] =  array();
+//$allowed_tags_student['object']['align'] =  array();
+//$allowed_tags_student['object']['archive'] =  array();
+//$allowed_tags_student['object']['border'] =  array();
 $allowed_tags_student['object']['classid'] =  array();
 $allowed_tags_student['object']['codebase'] =  array();
-$allowed_tags_student['object']['codetype'] =  array();
+//$allowed_tags_student['object']['codetype'] =  array();
 $allowed_tags_student['object']['data'] =  array();
-$allowed_tags_student['object']['declare'] =  array();
+//$allowed_tags_student['object']['declare'] =  array();
 $allowed_tags_student['object']['height'] =  array();
-$allowed_tags_student['object']['hspace'] =  array();
-$allowed_tags_student['object']['name'] =  array();
-$allowed_tags_student['object']['standby'] =  array();
+//$allowed_tags_student['object']['hspace'] =  array();
+//$allowed_tags_student['object']['name'] =  array();
+//$allowed_tags_student['object']['standby'] =  array();
 $allowed_tags_student['object']['type'] =  array();
-$allowed_tags_student['object']['usemap'] =  array();
-$allowed_tags_student['object']['vspace'] =  array();
+//$allowed_tags_student['object']['usemap'] =  array();
+//$allowed_tags_student['object']['vspace'] =  array();
 $allowed_tags_student['object']['width'] =  array();
 // OL
 $allowed_tags_student['ol'] =  array();
@@ -314,24 +330,26 @@ $allowed_tags_student['ol']['compact'] =  array();
 $allowed_tags_student['ol']['start'] =  array();
 $allowed_tags_student['ol']['type'] =  array();
 // OPTGROUP
+/*
 $allowed_tags_student['optgroup'] =  array();
 $allowed_tags_student['optgroup']['label'] =  array();
-$allowed_tags_student['optgroup']['disabled'] =  array();
+$allowed_tags_student['optgroup']['disabled'] =  array();*/
 // OPTION
+/*
 $allowed_tags_student['option'] =  array();
 $allowed_tags_student['option']['disabled'] =  array();
 $allowed_tags_student['option']['label'] =  array();
 $allowed_tags_student['option']['selected'] =  array();
-$allowed_tags_student['option']['value'] =  array();
+$allowed_tags_student['option']['value'] =  array();*/
 // P
 $allowed_tags_student['p'] =  array();
 $allowed_tags_student['p']['align'] =  array();
 // PARAM
 $allowed_tags_student['param'] =  array();
 $allowed_tags_student['param']['name'] =  array();
-$allowed_tags_student['param']['type'] =  array();
+//$allowed_tags_student['param']['type'] =  array();
 $allowed_tags_student['param']['value'] =  array();
-$allowed_tags_student['param']['valuetype'] =  array();
+//$allowed_tags_student['param']['valuetype'] =  array();
 // PRE
 $allowed_tags_student['pre'] =  array();
 $allowed_tags_student['pre']['width'] =  array();
@@ -373,67 +391,69 @@ $allowed_tags_student['table']['width'] =  array();
 // TBODY
 $allowed_tags_student['tbody'] =  array();
 $allowed_tags_student['tbody']['align'] =  array();
-$allowed_tags_student['tbody']['char'] =  array();
+//$allowed_tags_student['tbody']['char'] =  array();
 $allowed_tags_student['tbody']['charoff'] =  array();
 $allowed_tags_student['tbody']['valign'] =  array();
 // TD
 $allowed_tags_student['td'] =  array();
 $allowed_tags_student['td']['abbr'] =  array();
 $allowed_tags_student['td']['align'] =  array();
-$allowed_tags_student['td']['axis'] =  array();
+//$allowed_tags_student['td']['axis'] =  array();
 $allowed_tags_student['td']['bgcolor'] =  array();
-$allowed_tags_student['td']['char'] =  array();
+//$allowed_tags_student['td']['char'] =  array();
 $allowed_tags_student['td']['charoff'] =  array();
 $allowed_tags_student['td']['colspan'] =  array();
-$allowed_tags_student['td']['headers'] =  array();
+//$allowed_tags_student['td']['headers'] =  array();
 $allowed_tags_student['td']['height'] =  array();
 $allowed_tags_student['td']['nowrap'] =  array();
 $allowed_tags_student['td']['rowspan'] =  array();
-$allowed_tags_student['td']['scope'] =  array();
+//$allowed_tags_student['td']['scope'] =  array();
 $allowed_tags_student['td']['valign'] =  array();
 $allowed_tags_student['td']['width'] =  array();
 // TEXTAREA
+/*
 $allowed_tags_student['textarea'] =  array();
 $allowed_tags_student['textarea']['cols'] =  array();
 $allowed_tags_student['textarea']['rows'] =  array();
 $allowed_tags_student['textarea']['disabled'] =  array();
 $allowed_tags_student['textarea']['name'] =  array();
-$allowed_tags_student['textarea']['readonly'] =  array();
+$allowed_tags_student['textarea']['readonly'] =  array();*/
 // TFOOT
 $allowed_tags_student['tfoot'] =  array();
 $allowed_tags_student['tfoot']['align'] =  array();
-$allowed_tags_student['tfoot']['char'] =  array();
+//$allowed_tags_student['tfoot']['char'] =  array();
 $allowed_tags_student['tfoot']['charoff'] =  array();
 $allowed_tags_student['tfoot']['valign'] =  array();
 // TH
 $allowed_tags_student['th'] =  array();
 $allowed_tags_student['th']['abbr'] =  array();
 $allowed_tags_student['th']['align'] =  array();
-$allowed_tags_student['th']['axis'] =  array();
+//$allowed_tags_student['th']['axis'] =  array();
 $allowed_tags_student['th']['bgcolor'] =  array();
-$allowed_tags_student['th']['char'] =  array();
+//$allowed_tags_student['th']['char'] =  array();
 $allowed_tags_student['th']['charoff'] =  array();
 $allowed_tags_student['th']['colspan'] =  array();
-$allowed_tags_student['th']['headers'] =  array();
+//$allowed_tags_student['th']['headers'] =  array();
 $allowed_tags_student['th']['height'] =  array();
 $allowed_tags_student['th']['nowrap'] =  array();
 $allowed_tags_student['th']['rowspan'] =  array();
-$allowed_tags_student['th']['scope'] =  array();
+//$allowed_tags_student['th']['scope'] =  array();
 $allowed_tags_student['th']['valign'] =  array();
 $allowed_tags_student['th']['width'] =  array();
 // THEAD
 $allowed_tags_student['thead'] =  array();
 $allowed_tags_student['thead']['align'] =  array();
-$allowed_tags_student['thead']['char'] =  array();
+//$allowed_tags_student['thead']['char'] =  array();
 $allowed_tags_student['thead']['charoff'] =  array();
 $allowed_tags_student['thead']['valign'] =  array();
 // TITLE
-$allowed_tags_student['title'] =  array();
+/*
+$allowed_tags_student['title'] =  array();*/
 // TR
 $allowed_tags_student['tr'] =  array();
 $allowed_tags_student['tr']['align'] =  array();
 $allowed_tags_student['tr']['bgcolor'] =  array();
-$allowed_tags_student['tr']['char'] =  array();
+//$allowed_tags_student['tr']['char'] =  array();
 $allowed_tags_student['tr']['charoff'] =  array();
 $allowed_tags_student['tr']['valign'] =  array();
 // TT