chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixes CT#586

Browse Source
skala
Julio Montoya 16 years ago
parent 0e468d9365
commit cedfa9eb53
3 changed files with 19 additions and 91 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 27
      main/forum/viewthread_flat.inc.php
  2. 24
      main/forum/viewthread_nested.inc.php
  3. 59
      main/forum/viewthread_threaded.inc.php

27
main/forum/viewthread_flat.inc.php
Unescape View File

@ -1,25 +1,5 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2008 Dokeos SPRL
Copyright (c) 2006 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/* For licensing terms, see /license.txt */
/**
* @package dokeos.forum
*/
@ -133,9 +113,8 @@ foreach ($rows as $row) {
// The post message
//var_dump($messageclass);
$row['post_text']= Security::remove_XSS($row['post_text']);
//we can see now the html tags
$row['post_text']= Security::remove_XSS($row['post_text'], STUDENT);
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display($row['post_text'])."</td>\n";

24
main/forum/viewthread_nested.inc.php
Unescape View File

@ -1,25 +1,5 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2006 Dokeos SPRL
Copyright (c) 2006 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 44 rue des palais, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/* For licensing terms, see /license.txt */
/**
* @Author Patrick Cool <patrick.cool@UGent.be>, Ghent University
@ -130,7 +110,7 @@ foreach ($rows as $post) {
// The post message
$post['post_text']= Security::remove_XSS($post['post_text']);
$post['post_text']= Security::remove_XSS($post['post_text'], STUDENT);
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display($post['post_text'])."</td>\n";

59
main/forum/viewthread_threaded.inc.php
Unescape View File

@ -1,25 +1,5 @@
<?php
/*
==============================================================================
Dokeos - elearning and course management software
Copyright (c) 2006-2008 Dokeos SPRL
Copyright (c) 2006 Ghent University (UGent)
For a full list of contributors, see "credits.txt".
The full license can be read in "license.txt".
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Contact address: Dokeos, 108 rue du Corbeau, B-1030 Brussels, Belgium
Mail: info@dokeos.com
==============================================================================
*/
/* For licensing terms, see /license.txt */
/**
* These files are a complete rework of the forum. The database structure is
@ -56,12 +36,9 @@
$rows=get_posts($_GET['thread']); // note: this has to be cleaned first
$rows=calculate_children($rows);
if ($_GET['post'])
{
$display_post_id=Security::remove_XSS($_GET['post']); // note: this has to be cleaned first
}
else
{
if ($_GET['post']) {
$display_post_id = intval($_GET['post']); // note: this has to be cleaned first
} else {
// we need to display the first post
reset($rows);
$current=current($rows);
@ -70,8 +47,7 @@ else
//are we in a lp ?
$origin = '';
if(isset($_GET['origin']))
{
if(isset($_GET['origin'])) {
$origin = Security::remove_XSS($_GET['origin']);
}
@ -206,14 +182,12 @@ unset($whatsnew_post_info[$current_forum['forum_id']][$current_thread['thread_id
echo "<table width=\"100%\" class=\"post\" cellspacing=\"5\" border=\"0\">\n";
echo "\t<tr>\n";
echo "\t\t<td rowspan=\"3\" class=\"$leftclass\">";
if ($rows[$display_post_id]['user_id']=='0')
{
if ($rows[$display_post_id]['user_id']=='0') {
$name=prepare4display($rows[$display_post_id]['poster_name']);
}
else
{
} else {
$name=api_get_person_name($rows[$display_post_id]['firstname'], $rows[$display_post_id]['lastname']);
}
if (api_get_course_setting('allow_user_image_forum')) {echo '<br />'.display_user_image($rows[$display_post_id]['user_id'],$name, $origin).'<br />'; }
echo display_user_link($rows[$display_post_id]['user_id'], $name, $origin).'<br />';
echo $rows[$display_post_id]['post_date'].'<br /><br />';
@ -308,17 +282,14 @@ echo "\t</tr>\n";
// The post message
$rows[$display_post_id]['post_text']= Security::remove_XSS($rows[$display_post_id]['post_text']);
echo "\t<tr>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text']))."</td>\n";
echo "\t\t<td class=\"$messageclass\">".prepare4display(Security::remove_XSS($rows[$display_post_id]['post_text']), STUDENT)."</td>\n";
echo "\t</tr>\n";
// The check if there is an attachment
$attachment_list=get_attachment($display_post_id);
$attachment_list = get_attachment($display_post_id);
if (!empty($attachment_list))
{
if (!empty($attachment_list)) {
echo '<tr><td height="50%">';
$realname=$attachment_list['path'];
$user_filename=$attachment_list['filename'];
@ -327,7 +298,7 @@ if (!empty($attachment_list))
echo '<a href="download.php?file=';
echo $realname;
echo ' "> '.$user_filename.' </a>';
echo '<span class="forum_attach_comment" >'.Security::remove_XSS($attachment_list['comment'],STUDENT).'</span>';
echo '<span class="forum_attach_comment" >'.Security::remove_XSS($attachment_list['comment'], STUDENT).'</span>';
if (($current_forum['allow_edit']==1 AND $rows[$display_post_id]['user_id']==$_user['user_id']) or (api_is_allowed_to_edit(false,true) && !(api_is_course_coach() && $current_forum['session_id']!=$_SESSION['id_session']))) {
echo '&nbsp;&nbsp;<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;origin='.Security::remove_XSS($_GET['origin']).'&amp;action=delete_attach&amp;id_attach='.$attachment_list['id'].'&amp;forum='.Security::remove_XSS($_GET['forum']).'&amp;thread='.Security::remove_XSS($_GET['thread']).'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif',get_lang('Delete')).'</a><br />';
}
@ -354,8 +325,7 @@ echo $thread_structure;
* @return an array containing all the information on the posts of a thread
* @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
*/
function calculate_children($rows)
{
function calculate_children($rows) {
foreach($rows as $row)
{
$rows_with_children[$row["post_id"]]=$row;
@ -368,8 +338,7 @@ function calculate_children($rows)
return $sorted_rows;
}
function _phorum_recursive_sort($rows, &$threads, $seed=0, $indent=0)
{
function _phorum_recursive_sort($rows, &$threads, $seed=0, $indent=0) {
if($seed>0)
{
$threads[$rows[$seed]["post_id"]]=$rows[$seed];

Write Preview
Loading…
Cancel
Save