From ea105539bf6cf64a5090eba22cba3fad6abce075 Mon Sep 17 00:00:00 2001 From: Cristian Fasanando Date: Mon, 11 May 2009 22:28:23 +0200 Subject: [PATCH] [svn r20492] Fixed apostrophes problem in learning path - partial FS#4143 (by rvelasquez) --- main/newscorm/learnpath.class.php | 34 ++++++++++++++++++------------- main/newscorm/lp_edit.php | 4 +++- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/main/newscorm/learnpath.class.php b/main/newscorm/learnpath.class.php index 85863df652..16dbb56d37 100644 --- a/main/newscorm/learnpath.class.php +++ b/main/newscorm/learnpath.class.php @@ -1001,7 +1001,7 @@ class learnpath { $sql_update = " UPDATE " . $tbl_lp_item . " SET - title = '" . $this->escape_string(htmlspecialchars($title, ENT_QUOTES, $charset)) . "', + title = '" . $this->escape_string(api_htmlentities($title, ENT_QUOTES, $charset)) . "', prerequisite = '".$prerequisites."', description = '" . $this->escape_string(api_htmlentities($description, ENT_QUOTES, $charset)) . "' ". $audio_update_sql . ", @@ -1118,7 +1118,7 @@ class learnpath { $sql_update = " UPDATE " . $tbl_lp_item . " SET - title = '" . $this->escape_string(htmlspecialchars($title, ENT_QUOTES, $charset)) . "', + title = '" . $this->escape_string(api_htmlentities($title, ENT_QUOTES, $charset)) . "', description = '" . $this->escape_string(api_htmlentities($description, ENT_QUOTES, $charset)) . "', parent_item_id = " . $parent . ", previous_item_id = " . $previous . ", @@ -4681,7 +4681,7 @@ class learnpath { $title=''; for($i = 0; $i < count($arrLP); $i++) { - $title = api_html_entity_decode(addslashes($arrLP[$i]['title']), ENT_QUOTES, $charset); + $title = addslashes($arrLP[$i]['title']); $menu_page = api_get_self() . '?cidReq=' . $_GET['cidReq'] . '&action=view_item&id=' . $arrLP[$i]['id'] . '&lp_id=' . $_SESSION['oLP']->lp_id; $icon_name = str_replace(' ', '', $arrLP[$i]['item_type']); if (file_exists("../img/lp_" . $icon_name . ".png")) @@ -6254,7 +6254,8 @@ class learnpath { require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); $form = new FormValidator('form','POST',api_get_self()."?".$_SERVER["QUERY_STRING"]); - $defaults["title"] = api_convert_encoding($item_title, $charset, $this->encoding); + //$defaults["title"] = api_convert_encoding($item_title, $charset, $this->encoding); + $defaults["title"] = api_html_entity_decode(api_convert_encoding($item_title, $charset, $this->encoding), ENT_QUOTES, $charset); $defaults["description"] = api_convert_encoding($item_description, $charset, $this->encoding); $form->addElement('html',$return); @@ -6538,11 +6539,13 @@ class learnpath { require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); $form = new FormValidator('form','POST',api_get_self()."?".$_SERVER["QUERY_STRING"],'','enctype="multipart/form-data"'); - $defaults["title"]= api_convert_encoding($defaults["title"], $charset, $this->encoding); - if(empty($defaults["title"])) - { + + $defaults["title"] = api_html_entity_decode(api_convert_encoding($item_title, $charset, $this->encoding), ENT_QUOTES, $charset); + + if (empty($item_title)) { $defaults["title"] = api_html_entity_decode(api_convert_encoding($item_title, $charset, $this->encoding), ENT_QUOTES, $charset); } + $defaults["description"] = api_convert_encoding($item_description, $charset, $this->encoding); $form->addElement('html',$return); @@ -7599,6 +7602,8 @@ class learnpath { */ function display_item_small_form($item_type, $title = '', $data) { + global $charset; + $return .= '
' . "\n"; $return .= '

' . $title . '

'; @@ -7610,16 +7615,17 @@ class learnpath { $return .= "\t\t" . '' . "\n"; $return .= "\t\t\t" . '' . "\n"; - $return .= "\t\t\t" . '' . "\n"; - + $return .= "\t\t\t" . '' . "\n"; + $return .= "\t\t" . '' . "\n"; - $return .= "\t\t" . '' . "\n"; + //it said these lines of code - see SVN#11724 and SVN#10770 + //$return .= "\t\t" . '' . "\n"; - $return .= "\t\t\t" . '' . "\n"; - $return .= "\t\t\t" . '' . "\n"; - - $return .= "\t\t" . '' . "\n"; + //$return .= "\t\t\t" . '' . "\n"; + //$return .= "\t\t\t" . '' . "\n"; + + //$return .= "\t\t" . '' . "\n"; $return .= "\t\t" . '' . "\n"; diff --git a/main/newscorm/lp_edit.php b/main/newscorm/lp_edit.php index f2deac1d86..565593a0b5 100644 --- a/main/newscorm/lp_edit.php +++ b/main/newscorm/lp_edit.php @@ -8,6 +8,8 @@ require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'); require_once(api_get_path(LIBRARY_PATH) . 'specific_fields_manager.lib.php'); +global $charset; + $show_description_field = false; //for now $nameTools = get_lang("Doc"); event_access_tool(TOOL_LEARNPATH); @@ -148,7 +150,7 @@ if (api_get_setting('search_enabled') === 'true') $content_proximity_select -> setSelected($s_selected_proximity); $origin_select -> setSelected($s_selected_origin); $encoding_select -> setSelected($s_selected_encoding); -$defaults['lp_name']=$_SESSION['oLP']->get_name(); +$defaults['lp_name'] = api_html_entity_decode(api_convert_encoding($_SESSION['oLP']->get_name(), $charset, $_SESSION['oLP']->encoding), ENT_QUOTES, $charset); $defaults['lp_author'] = $_SESSION['oLP']->get_author(); //Submit button