chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Removing double format: addslashes(api_htmlentities

Browse Source
skala
Julio Montoya 12 years ago
parent bc5abfbc7a
commit d253e416ce
21 changed files with 94 additions and 102 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/admin/access_urls.php
  2. 4
      main/admin/class_list.php
  3. 2
      main/admin/course_category.php
  4. 2
      main/admin/course_list.php
  5. 2
      main/admin/course_request_accepted.php
  6. 6
      main/admin/course_request_rejected.php
  7. 8
      main/admin/course_request_review.php
  8. 2
      main/admin/extra_field_options.php
  9. 66
      main/admin/grade_models.php
  10. 4
      main/admin/group_list.php
  11. 60
      main/admin/promotions.php
  12. 2
      main/admin/session_course_list.php
  13. 2
      main/admin/system_announcements.php
  14. 2
      main/admin/user_fields.php
  15. 2
      main/admin/user_list.php
  16. 4
      main/admin/usergroups.php
  17. 6
      main/exercice/exercice.php
  18. 4
      main/exercice/exercise_admin.php
  19. 10
      main/exercice/live_stats.php
  20. 2
      main/exercice/media.php
  21. 4
      main/exercice/question_list_pagination_admin.inc.php

2
main/admin/access_urls.php
Unescape View File

@ -154,7 +154,7 @@ foreach($sortable_data as $row) {
$url_id = $row['id'];
$actions = Display::url(Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL), "access_url_edit.php?url_id=$url_id");
if ($url_id != '1') {
$actions .= '<a href="access_urls.php?action=delete_url&amp;url_id='.$url_id.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$actions .= '<a href="access_urls.php?action=delete_url&amp;url_id='.$url_id.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(get_lang("ConfirmYourChoice"))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
}
$urls[] = array($url, $name, $type, $tech, $contact, $status, $actions);
}

4
main/admin/class_list.php
Unescape View File

@ -65,7 +65,7 @@ function modify_filter($class_id) {
$result = '<a href="class_information.php?id='.$class_id.'">'.Display::return_icon('synthese_view.gif', get_lang('Info')).'</a>';
$result .= ' <a href="class_edit.php?idclass='.$class_id.'">'.Display::return_icon('edit.png', get_lang('Edit')).'</a>';
$result .= ' <a href="subscribe_user2class.php?idclass='.$class_id.'">'.Display::return_icon('add_multiple_users.gif', get_lang('AddUsersToAClass')).'</a>';
$result .= ' <a href="class_list.php?action=delete_class&amp;class_id='.$class_id.'" onclick="javascript: if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete')).'</a>';
$result .= ' <a href="class_list.php?action=delete_class&amp;class_id='.$class_id.'" onclick="javascript: if(!confirm('."'".addslashes(get_lang("ConfirmYourChoice"))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete')).'</a>';
return $result;
}
@ -128,4 +128,4 @@ $tpl = $app['template'];
$tpl->assign('content', $content);
$tpl->assign('actions', $actions);
$tpl->assign('message', $message);
$tpl->display_one_col_template();
$tpl->display_one_col_template();

2
main/admin/course_category.php
Unescape View File

@ -204,7 +204,7 @@ if ($action == 'add' || $action == 'edit') {
<li>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($enreg['code']); ?>"><?php Display::display_icon('folder_document.gif', get_lang('OpenNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=edit&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>"><?php Display::display_icon('edit.gif', get_lang('EditNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=delete&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>" onclick="javascript:if (!confirm('<?php echo addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)); ?>'))
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=delete&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>" onclick="javascript:if (!confirm('<?php echo addslashes(get_lang('ConfirmYourChoice')); ?>'))
return false;"><?php Display::display_icon('delete.gif', get_lang('DeleteNode')); ?></a>
<a href="<?php echo api_get_self(); ?>?category=<?php echo Security::remove_XSS($category); ?>&amp;action=moveUp&amp;id=<?php echo Security::remove_XSS($enreg['code']); ?>&amp;tree_pos=<?php echo $enreg['tree_pos']; ?>"><?php Display::display_icon('up.gif', get_lang('UpInSameLevel')); ?></a>
<?php echo $enreg['name']; ?>

2
main/admin/course_list.php
Unescape View File

@ -136,7 +136,7 @@ function modify_filter($code) {
'<a href="../tracking/courseLog.php?cidReq='.$code.'">'.Display::return_icon('statistics.gif', get_lang('Tracking')).'</a>&nbsp;'.
'<a href="course_edit.php?course_code='.$code.'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>&nbsp;'.
'<a href="../coursecopy/backup.php?cidReq='.$code.'">'.Display::return_icon('backup.gif', get_lang('CreateBackup')).'</a>&nbsp;'.
'<a href="course_list.php?delete_course='.$code.'" onclick="javascript: if (!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
'<a href="course_list.php?delete_course='.$code.'" onclick="javascript: if (!confirm('."'".addslashes(get_lang('ConfirmYourChoice'))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
}
/**

2
main/admin/course_request_accepted.php
Unescape View File

@ -124,7 +124,7 @@ function get_request_data($from, $number_of_items, $column, $direction) {
function modify_filter($id) {
$code = CourseRequestManager::get_course_request_code($id);
$result = '<a href="course_request_edit.php?id='.$id.'&caller=1">'.Display::return_icon('edit.gif', get_lang('Edit'), array('style' => 'vertical-align: middle;')).'</a>'.
'&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
'&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code)).'\')) return false;')).'</a>';
return $result;
}

6
main/admin/course_request_rejected.php
Unescape View File

@ -156,11 +156,11 @@ function get_request_data($from, $number_of_items, $column, $direction) {
function modify_filter($id) {
$code = CourseRequestManager::get_course_request_code($id);
$result = '<a href="course_request_edit.php?id='.$id.'&caller=2">'.Display::return_icon('edit.gif', get_lang('Edit'), array('style' => 'vertical-align: middle;')).'</a>'.
'&nbsp;<a href="?accept_course_request='.$id.'">'.Display::return_icon('action_accept.gif', get_lang('AcceptThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ANewCourseWillBeCreated'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
'&nbsp;<a href="?accept_course_request='.$id.'">'.Display::return_icon('action_accept.gif', get_lang('AcceptThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ANewCourseWillBeCreated'), $code)).'\')) return false;')).'</a>';
if (!CourseRequestManager::additional_info_asked($id)) {
$result .= '&nbsp;<a href="?request_info='.$id.'">'.Display::return_icon('request_info.gif', get_lang('AskAdditionalInfo'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('AdditionalInfoWillBeAsked'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
$result .= '&nbsp;<a href="?request_info='.$id.'">'.Display::return_icon('request_info.gif', get_lang('AskAdditionalInfo'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('AdditionalInfoWillBeAsked'), $code)).'\')) return false;')).'</a>';
}
$result .= '&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
$result .= '&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code)).'\')) return false;')).'</a>';
return $result;
}

8
main/admin/course_request_review.php
Unescape View File

@ -201,13 +201,13 @@ function email_filter($teacher) {
function modify_filter($id) {
$code = CourseRequestManager::get_course_request_code($id);
$result = '<a href="course_request_edit.php?id='.$id.'&caller=0">'.Display::return_icon('edit.gif', get_lang('Edit'), array('style' => 'vertical-align: middle;')).'</a>'.
'&nbsp;<a href="?accept_course_request='.$id.'">'.Display::return_icon('accept.png', get_lang('AcceptThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ANewCourseWillBeCreated'), $code), ENT_QUOTES)).'\')) return false;'),16).'</a>'.
'&nbsp;<a href="?reject_course_request='.$id.'">'.Display::return_icon('error.png', get_lang('RejectThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ACourseRequestWillBeRejected'), $code), ENT_QUOTES)).'\')) return false;'),16).'</a>';
'&nbsp;<a href="?accept_course_request='.$id.'">'.Display::return_icon('accept.png', get_lang('AcceptThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ANewCourseWillBeCreated'), $code)).'\')) return false;'),16).'</a>'.
'&nbsp;<a href="?reject_course_request='.$id.'">'.Display::return_icon('error.png', get_lang('RejectThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ACourseRequestWillBeRejected'), $code)).'\')) return false;'),16).'</a>';
if (!CourseRequestManager::additional_info_asked($id)) {
$result .= '&nbsp;<a href="?request_info='.$id.'">'.Display::return_icon('request_info.gif', get_lang('AskAdditionalInfo'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('AdditionalInfoWillBeAsked'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
$result .= '&nbsp;<a href="?request_info='.$id.'">'.Display::return_icon('request_info.gif', get_lang('AskAdditionalInfo'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('AdditionalInfoWillBeAsked'), $code)).'\')) return false;')).'</a>';
}
if (DELETE_ACTION_ENABLED) {
$result .= '&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code), ENT_QUOTES)).'\')) return false;')).'</a>';
$result .= '&nbsp;<a href="?delete_course_request='.$id.'">'.Display::return_icon('delete.gif', get_lang('DeleteThisCourseRequest'), array('style' => 'vertical-align: middle;', 'onclick' => 'javascript: if (!confirm(\''.addslashes(sprintf(get_lang('ACourseRequestWillBeDeleted'), $code)).'\')) return false;')).'</a>';
}
return $result;
}

2
main/admin/extra_field_options.php
Unescape View File

@ -80,7 +80,7 @@ $extra_params['height'] = 'auto';
//With this function we can add actions to the jgrid (edit, delete, etc)
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
return \'<a href="?action=edit&'.$params.'&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&'.$params.'&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&'.$params.'&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'\';
}';
$htmlHeadXtra[]='

66
main/admin/grade_models.php
Unescape View File

@ -28,9 +28,9 @@ $interbreadcrumb[]=array('url' => 'index.php','name' => get_lang('PlatformAdmin'
$action = isset($_GET['action']) ? $_GET['action'] : null;
$check = Security::check_token('request');
$token = Security::get_token();
$token = Security::get_token();
if ($action == 'add') {
if ($action == 'add') {
$interbreadcrumb[]=array('url' => 'grade_models.php','name' => get_lang('GradeModel'));
$interbreadcrumb[]=array('url' => '#','name' => get_lang('Add'));
} elseif ($action == 'edit') {
@ -41,7 +41,7 @@ if ($action == 'add') {
}
$htmlHeadXtra[]= '<script>
function plusItem(item) {
if (item != 1) {
document.getElementById(item).style.display = "inline";
@ -53,7 +53,7 @@ function plusItem(item) {
//document.getElementById("txta-"+(item-1)).value = "";
}
}
function minItem(item) {
if (item != 1) {
document.getElementById(item).style.display = "none";
@ -75,7 +75,7 @@ Display::display_header($tool_name);
//jqgrid will use this URL to do the selects
$url = api_get_path(WEB_AJAX_PATH).'model.ajax.php?a=get_grade_models';
//The order is important you need to check the the $column variable in the model.ajax.php file
//The order is important you need to check the the $column variable in the model.ajax.php file
$columns = array(get_lang('Name'), get_lang('Description'), get_lang('Actions'));
//Column config
@ -83,25 +83,25 @@ $column_model = array(
array('name'=>'name', 'index'=>'name', 'width'=>'80', 'align'=>'left'),
array('name'=>'description', 'index'=>'description', 'width'=>'500', 'align'=>'left','sortable'=>'false'),
array('name'=>'actions', 'index'=>'actions', 'width'=>'100', 'align'=>'left','formatter'=>'action_formatter','sortable'=>'false')
);
//Autowidth
);
//Autowidth
$extra_params['autowidth'] = 'true';
//height auto
$extra_params['height'] = 'auto';
//height auto
$extra_params['height'] = 'auto';
//With this function we can add actions to the jgrid (edit, delete, etc)
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
return \'<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'\';
return \'<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'\';
}';
?>
<script>
$(function() {
<?php
<?php
// grid definition see the $obj->display() function
echo Display::grid_js('grade_model', $url, $columns, $column_model, $extra_params, array(), $action_links,true);
?>
echo Display::grid_js('grade_model', $url, $columns, $column_model, $extra_params, array(), $action_links,true);
?>
});
</script>
<?php
@ -112,44 +112,44 @@ switch ($action) {
case 'add':
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
}
$url = api_get_self().'?action='.Security::remove_XSS($_GET['action']);
$form = $obj->return_form($url, 'add');
// The validation or display
if ($form->validate()) {
if ($check) {
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$res = $obj->save($values);
$res = $obj->save($values);
if ($res) {
Display::display_confirmation_message(get_lang('ItemAdded'));
}
}
}
$obj->display();
} else {
echo '<div class="actions">';
echo '<a href="'.api_get_self().'">'.Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM).'</a>';
echo '</div>';
echo '</div>';
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
$form->display();
}
break;
case 'edit':
// Action handling: Editing
// Action handling: Editing
$url = api_get_self().'?action='.Security::remove_XSS($_GET['action']).'&id='.intval($_GET['id']);
$form = $obj->return_form($url, 'edit');
$form = $obj->return_form($url, 'edit');
// The validation or display
if ($form->validate()) {
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$values = $form->exportValues();
$res = $obj->update($values);
Display::display_confirmation_message(get_lang('ItemUpdated'), false);
}
Display::display_confirmation_message(get_lang('ItemUpdated'), false);
}
$obj->display();
} else {
echo '<div class="actions">';
@ -169,9 +169,9 @@ switch ($action) {
}
}
$obj->display();
break;
break;
default:
$obj->display();
$obj->display();
break;
}
Display :: display_footer();
Display :: display_footer();

4
main/admin/group_list.php
Unescape View File

@ -174,7 +174,7 @@ function modify_filter($group_id, $url_params, $row) {
if (api_is_platform_admin()) {
$result .= '<a href="'.api_get_path(WEB_CODE_PATH).'admin/add_users_to_group.php?id='.$group_id.'">'.Display::return_icon('subscribe_users_social_network.png', get_lang('AddUsersToGroup'), '', ICON_SIZE_SMALL).'</a>';
$result .= '<a href="group_edit.php?id='.$group_id.'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>&nbsp;&nbsp;';
$result .= '<a href="group_list.php?action=delete_group&amp;group_id='.$group_id.'&amp;'.$url_params.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$result .= '<a href="group_list.php?action=delete_group&amp;group_id='.$group_id.'&amp;'.$url_params.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(get_lang("ConfirmYourChoice"))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
}
return $result;
}
@ -395,4 +395,4 @@ if (isset($_GET['search']) && $_GET['search'] == 'advanced') {
$table->set_form_actions(array('delete' => get_lang('DeleteFromPlatform')));
$table->display();
}
Display :: display_footer();
Display :: display_footer();

60
main/admin/promotions.php
Unescape View File

@ -25,13 +25,13 @@ $interbreadcrumb[] = array('url' => 'career_dashboard.php','name' => get_lang('C
$action = isset($_GET['action']) ? $_GET['action'] : null;
$check = Security::check_token('request');
$token = Security::get_token();
$token = Security::get_token();
if ($action == 'add') {
$interbreadcrumb[]=array('url' => 'promotions.php','name' => get_lang('Promotions'));
$interbreadcrumb[]=array('url' => '#','name' => get_lang('Add'));
} elseif ($action == 'edit') {
$interbreadcrumb[]=array('url' => 'promotions.php','name' => get_lang('Promotions'));
$interbreadcrumb[]=array('url' => 'promotions.php','name' => get_lang('Promotions'));
$interbreadcrumb[]=array('url' => '#','name' => get_lang('Edit'));
} else {
$interbreadcrumb[]=array('url' => '#','name' => get_lang('Promotions'));
@ -43,7 +43,7 @@ Display::display_header($tool_name);
// Tool name
if (isset($_GET['action']) && $_GET['action'] == 'add') {
$tool = 'Add';
$interbreadcrumb[] = array ('url' => api_get_self(), 'name' => get_lang('Promotion'));
$interbreadcrumb[] = array ('url' => api_get_self(), 'name' => get_lang('Promotion'));
}
if (isset($_GET['action']) && $_GET['action'] == 'edit') {
$tool = 'Modify';
@ -58,7 +58,7 @@ $column_model = array(
array('name'=>'career', 'index'=>'career', 'width'=>'100', 'align'=>'left'),
array('name'=>'description', 'index'=>'description', 'width'=>'500', 'align'=>'left','sortable'=>'false'),
array('name'=>'actions', 'index'=>'actions', 'width'=>'100', 'align'=>'left','formatter'=>'action_formatter','sortable'=>'false'),
);
);
$extra_params['autowidth'] = 'true'; //use the width of the parent
//$extra_params['editurl'] = $url; //use the width of the parent
@ -67,18 +67,18 @@ $extra_params['height'] = 'auto'; //use the width of the parent
$action_links = 'function action_formatter (cellvalue, options, rowObject) {
return \'<a href="add_sessions_to_promotion.php?id=\'+options.rowId+\'">'.Display::return_icon('session_to_promotion.png',get_lang('SubscribeSessionsToPromotions'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?sec_token='.$token.'&action=copy&id=\'+options.rowId+\'">'.Display::return_icon('copy.png',get_lang('Copy'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a> \';
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?sec_token='.$token.'&action=copy&id=\'+options.rowId+\'">'.Display::return_icon('copy.png',get_lang('Copy'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a> \';
}';
?>
<script>
$(function() {
<?php
echo Display::grid_js('promotions', $url,$columns,$column_model,$extra_params,array(), $action_links, true);
$(function() {
<?php
echo Display::grid_js('promotions', $url,$columns,$column_model,$extra_params,array(), $action_links, true);
?>
});
</script>
</script>
<?php
$promotion = new Promotion();
@ -99,55 +99,55 @@ switch ($action) {
}
$url = api_get_self().'?action='.Security::remove_XSS($_GET['action']);
$form = $promotion->return_form($url, 'add');
$form = $promotion->return_form($url, 'add');
// The validation or display
if ($form->validate()) {
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$res = $promotion->save($values);
$values = $form->exportValues();
$res = $promotion->save($values);
if ($res) {
Display::display_confirmation_message(get_lang('ItemAdded'));
}
}
}
$promotion->display();
} else {
echo '<div class="actions">';
echo '<div class="actions">';
echo Display::url(Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM), api_get_self());
echo '</div>';
echo '</div>';
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
$form->display();
}
break;
case 'edit':
//Editing
$url = api_get_self().'?action='.Security::remove_XSS($_GET['action']).'&id='.intval($_GET['id']);
//Editing
$url = api_get_self().'?action='.Security::remove_XSS($_GET['action']).'&id='.intval($_GET['id']);
$form = $promotion->return_form($url, 'edit');
// The validation or display
if ($form->validate()) {
if ($form->validate()) {
if ($check) {
$values = $form->exportValues();
$values = $form->exportValues();
$res = $promotion->update($values);
$promotion->update_all_sessions_status_by_promotion_id($values['id'], $values['status']);
$promotion->update_all_sessions_status_by_promotion_id($values['id'], $values['status']);
if ($values['status']) {
Display::display_confirmation_message(sprintf(get_lang('PromotionXUnarchived'), $values['name']), false);
} else {
Display::display_confirmation_message(sprintf(get_lang('PromotionXArchived'), $values['name']), false);
}
}
}
$promotion->display();
} else {
echo '<div class="actions">';
echo '<div class="actions">';
echo Display::url(Display::return_icon('back.png',get_lang('Back'),'',ICON_SIZE_MEDIUM), api_get_self());
echo '</div>';
echo '</div>';
$form->addElement('hidden', 'sec_token');
$form->setConstants(array('sec_token' => $token));
$form->display();
}
break;
case 'delete':
case 'delete':
if ($check) {
// Action handling: deleting an obj
$res = $promotion->delete($_GET['id']);
@ -155,17 +155,17 @@ switch ($action) {
Display::display_confirmation_message(get_lang('ItemDeleted'));
}
}
$promotion->display();
$promotion->display();
break;
case 'copy':
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
if ($check) {
$res = $promotion->copy($_GET['id'], null, true);
$res = $promotion->copy($_GET['id'], null, true);
if ($res) {
Display::display_confirmation_message(get_lang('ItemCopied').' - '.get_lang('ExerciseAndLPsAreInvisibleInTheNewCourse'));
}
}
}
$promotion->display();
break;
@ -173,4 +173,4 @@ switch ($action) {
$promotion->display();
break;
}
Display::display_footer();
Display::display_footer();

2
main/admin/session_course_list.php
Unescape View File

@ -89,7 +89,7 @@ foreach ($Courses as $key=>$enreg) {
$course[] = '<a href="session_course_user_list.php?id_session='.$id_session.'&course_code='.$enreg['c_id'].'">'.$enreg['nbr_users'].' '.get_lang('Users').'</a>';
$course[] = '<a href="'.api_get_path(WEB_COURSE_PATH).$enreg['c_id'].'/index.php?id_session='.$id_session.'">'.Display::return_icon('course_home.gif', get_lang('Course')).'</a>
<a href="session_course_edit.php?id_session='.$id_session.'&page=session_course_list.php&course_code='.$enreg['c_id'].'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>
<a href="'.api_get_self().'?id_session='.$id_session.'&sort='.$sort.'&action=delete&idChecked[]='.$enreg['c_id'].'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
<a href="'.api_get_self().'?id_session='.$id_session.'&sort='.$sort.'&action=delete&idChecked[]='.$enreg['c_id'].'" onclick="javascript:if(!confirm(\''.addslashes(get_lang("ConfirmYourChoice")).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
$tableCourses[] = $course;
}
echo '<form method="post" action="'.api_get_self().'">';

2
main/admin/system_announcements.php
Unescape View File

@ -245,7 +245,7 @@ if ($show_announcement_list) {
$row[] = "<a href=\"?id=".$announcement->id."&amp;person=".SystemAnnouncementManager::VISIBLE_GUEST."&amp;action=". ($announcement->visible_guest ? 'make_invisible' : 'make_visible')."\">".Display::return_icon(($announcement->visible_guest ? 'visible.gif' : 'invisible.gif'), get_lang('ShowOrHide'))."</a>";
$row[] = $announcement->lang;
$row[] = "<a href=\"?action=edit&id=".$announcement->id."\">".Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a> <a href=\"?action=delete&id=".$announcement->id."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)."</a>";
$row[] = "<a href=\"?action=edit&id=".$announcement->id."\">".Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL)."</a> <a href=\"?action=delete&id=".$announcement->id."\" onclick=\"javascript:if(!confirm('".addslashes(get_lang("ConfirmYourChoice"))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL)."</a>";
$announcement_data[] = $row;
}
$table = new SortableTableFromArray($announcement_data);

2
main/admin/user_fields.php
Unescape View File

@ -249,7 +249,7 @@ function modify_field_filter($changeability, $url_params, $row) {
function edit_filter($id, $url_params, $row) {
global $charset;
$return = '<a href="user_fields_add.php?action=edit&field_id=' . $row[0] . '&field_type=' . $row[2] . '&sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon('edit.png', get_lang('Edit')) . '</a>';
$return .= ' <a href="' . api_get_self() . '?action=delete&field_id=' . $row[0] . '&sec_token=' . Security::getCurrentToken() . '" onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, $charset)) . "'" . ')) return false;">' .
$return .= ' <a href="' . api_get_self() . '?action=delete&field_id=' . $row[0] . '&sec_token=' . Security::getCurrentToken() . '" onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' .
Display::return_icon('delete.png', get_lang('Delete')) . '</a>';
return $return;
}

2
main/admin/user_list.php
Unescape View File

@ -560,7 +560,7 @@ function modify_filter($user_id, $url_params, $row) {
if ($delete_user_available) {
if ($user_id != api_get_user_id() && !$user_is_anonymous && api_global_admin_can_edit_admin($user_id)) {
// you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
$result .= ' <a href="user_list.php?action=delete_user&amp;user_id='.$user_id.'&amp;'.$url_params.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$result .= ' <a href="user_list.php?action=delete_user&amp;user_id='.$user_id.'&amp;'.$url_params.'&amp;sec_token='.Security::getCurrentToken().'" onclick="javascript:if(!confirm('."'".addslashes(get_lang("ConfirmYourChoice"))."'".')) return false;">'.Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
} else {
$result .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
}

4
main/admin/usergroups.php
Unescape View File

@ -73,7 +73,7 @@ return \''
.' <a href="add_courses_to_usergroup.php?id=\'+options.rowId+\'">'.Display::return_icon('course_to_class.png', get_lang('SubscribeClassToCourses')).'</a>'
.' <a href="add_sessions_to_usergroup.php?id=\'+options.rowId+\'">'.Display::return_icon('sessions_to_class.png', get_lang('SubscribeClassToSessions')).'</a>'
.' <a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png', get_lang('Edit')).'</a>'
.' <a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png', get_lang('Delete')).'</a>\';
.' <a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png', get_lang('Delete')).'</a>\';
}';
?>
<script>
@ -169,4 +169,4 @@ elseif (isset($_GET['action']) && $_GET['action'] == 'delete' && is_numeric($_GE
} else {
$usergroup->display();
}
Display :: display_footer();
Display :: display_footer();

6
main/exercice/exercice.php
Unescape View File

@ -645,7 +645,7 @@ if (!empty($exercise_list)) {
$actions .='<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$my_exercise_id.'">'.Display :: return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>';
//Export
$actions .= Display::url(Display::return_icon('cd.gif', get_lang('CopyExercise')), '', array('onclick' => "javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('AreYouSureToCopy'), ENT_QUOTES, $charset))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=copy_exercise&sec_token='.$token.'&exerciseId='.$my_exercise_id));
$actions .= Display::url(Display::return_icon('cd.gif', get_lang('CopyExercise')), '', array('onclick' => "javascript:if(!confirm('".addslashes(get_lang('AreYouSureToCopy'))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=copy_exercise&sec_token='.$token.'&exerciseId='.$my_exercise_id));
if ($autolaunch_setting_on) {
$icon = Display::return_icon('launch.png', get_lang('AutoLaunch'));
@ -680,13 +680,13 @@ if (!empty($exercise_list)) {
// not session
$actions = Display::return_icon('edit_na.png', get_lang('ExerciseEditionNotAvailableInSession'));
$actions .='<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$my_exercise_id.'">'.Display :: return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>';
$actions .= Display::url(Display::return_icon('cd.gif', get_lang('CopyExercise')), '', array('onclick' => "javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('AreYouSureToCopy'), ENT_QUOTES, $charset))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=copy_exercise&sec_token='.$token.'&exerciseId='.$my_exercise_id));
$actions .= Display::url(Display::return_icon('cd.gif', get_lang('CopyExercise')), '', array('onclick' => "javascript:if(!confirm('".addslashes(get_lang('AreYouSureToCopy'))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=copy_exercise&sec_token='.$token.'&exerciseId='.$my_exercise_id));
}
//Delete
if ($session_id == $row['session_id']) {
if ($locked == false) {
$actions .= Display::url(Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL), '', array('onclick' => "javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('AreYouSureToDelete'), ENT_QUOTES, $charset))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=delete&sec_token='.$token.'&exerciseId='.$my_exercise_id));
$actions .= Display::url(Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL), '', array('onclick' => "javascript:if(!confirm('".addslashes(get_lang('AreYouSureToDelete'))." ".addslashes($row['title'])."?"."')) return false;", 'href' => 'exercice.php?'.api_get_cidreq().'&choice=delete&sec_token='.$token.'&exerciseId='.$my_exercise_id));
} else {
$actions .= Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), '', ICON_SIZE_SMALL);
}

4
main/exercice/exercise_admin.php
Unescape View File

@ -102,10 +102,10 @@ $htmlHeadXtra[] = '<script>
var my_display = document.getElementById(\'HiddenFCKexerciseDescription\').style.display;
if(my_display== \'none\' || my_display == \'\') {
document.getElementById(\'HiddenFCKexerciseDescription\').style.display = \'block\';
document.getElementById(\'media_icon\').innerHTML=\' '.Display::return_icon('media-question.png').' '.addslashes(api_htmlentities(get_lang('ExerciseDescription'))).'\';
document.getElementById(\'media_icon\').innerHTML=\' '.Display::return_icon('media-question.png').' '.addslashes(get_lang('ExerciseDescription')).'\';
} else {
document.getElementById(\'HiddenFCKexerciseDescription\').style.display = \'none\';
document.getElementById(\'media_icon\').innerHTML=\' '.Display::return_icon('media-question.png').' '.addslashes(api_htmlentities(get_lang('ExerciseDescription'))).'\';
document.getElementById(\'media_icon\').innerHTML=\' '.Display::return_icon('media-question.png').' '.addslashes(get_lang('ExerciseDescription')).'\';
}
}

10
main/exercice/live_stats.php
Unescape View File

@ -52,15 +52,7 @@ $column_model = array(
$extra_params['autowidth'] = 'true';
//height auto
$extra_params['height'] = 'auto';
/*
//With this function we can add actions to the jgrid (edit, delete, etc)
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
return \'<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?action=copy&id=\'+options.rowId+\'">'.Display::return_icon('copy.png',get_lang('Copy'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'\';
}';
*/
?>
<script>

2
main/exercice/media.php
Unescape View File

@ -92,7 +92,7 @@ $extra_params['height'] = 'auto';
//With this function we can add actions to the jgrid (edit, delete, etc)
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
return \'<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
'\';
}';
?>

4
main/exercice/question_list_pagination_admin.inc.php
Unescape View File

@ -112,12 +112,12 @@ $courseCode = api_get_course_id();
$delete_link = null;
if ($objExercise->edit_exercise_in_lp == true) {
$delete_link = '&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES))."\'".')) return false;" href="?exerciseId='.$exerciseId.'&cidReq='.$courseCode.'&sec_token='.$token.'&deleteQuestion=\'+options.rowId+\'">'.Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL).'</a>';
$delete_link = '&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?exerciseId='.$exerciseId.'&cidReq='.$courseCode.'&sec_token='.$token.'&deleteQuestion=\'+options.rowId+\'">'.Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL).'</a>';
}
//With this function we can add actions to the jgrid (edit, delete, etc)
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
return \'<a href="?exerciseId='.$exerciseId.'&myid=1&cidReq='.$courseCode.'&editQuestion=\'+options.rowId+\'">'.Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES))."\'".')) return false;" href="?cidReq='.$courseCode.'&sec_token='.$token.'&clone_question=\'+options.rowId+\'">'.Display::return_icon('cd.gif', get_lang('Copy'), '',ICON_SIZE_SMALL).'</a>'.
'&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(get_lang("ConfirmYourChoice"))."\'".')) return false;" href="?cidReq='.$courseCode.'&sec_token='.$token.'&clone_question=\'+options.rowId+\'">'.Display::return_icon('cd.gif', get_lang('Copy'), '',ICON_SIZE_SMALL).'</a>'.
$delete_link.'\';
}';
?>

Write Preview
Loading…
Cancel
Save