[svn r20443] FS#306 - The authentication modules: Improvements for better encoding management.

17 years ago · ea5faceb57
parent a473c53c02
commit ea5faceb57
4 changed files with 19 additions and 19 deletions
--- a/main/auth/courses.php
+++ b/main/auth/courses.php
@ -1,4 +1,4 @@
-<?php // $Id: courses.php 20343 2009-05-05 20:31:47Z juliomontoya $
+<?php // $Id: courses.php 20443 2009-05-10 08:41:46Z ivantcholakov $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -472,7 +472,7 @@ function display_search_courses()
 					"</form>";
 	if (isset($_POST['search_course']))
 	{
-		echo "<p><b>".get_lang("SearchResultsFor")." ".htmlentities($_POST['search_term'],ENT_QUOTES,$charset)."</b><br />";
+		echo "<p><b>".get_lang("SearchResultsFor")." ".api_htmlentities($_POST['search_term'],ENT_QUOTES,$charset)."</b><br />";
 		$result_search_courses_array=search_courses($_POST['search_term']);
 		display_subscribe_to_courses($result_search_courses_array);
 	}
@ -609,7 +609,7 @@ function store_course_category()
 	$result=api_sql_query($sql,__FILE__,__LINE__);
 	if (Database::num_rows($result) == 0)
 	{
-		$sql_insert="INSERT INTO $tucc (user_id, title,sort) VALUES ('".$_user['user_id']."', '".htmlentities($_POST['title_course_category'],ENT_QUOTES,$charset)."', '".$nextsort."')";
+		$sql_insert="INSERT INTO $tucc (user_id, title,sort) VALUES ('".$_user['user_id']."', '".api_htmlentities($_POST['title_course_category'],ENT_QUOTES,$charset)."', '".$nextsort."')";
 		api_sql_query($sql_insert,__FILE__,__LINE__);
 		Display::display_confirmation_message(get_lang("CourseCategoryStored"));
 	}
@ -991,7 +991,7 @@ function display_course_icons($key, $number_of_courses, $course)
 	{
 		if ($course['unsubscr'] == 1)
 			{	// changed link to submit to avoid action by the search tool indexer
-				echo	"<form action=\"".api_get_self()."\" method=\"post\" onsubmit=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("ConfirmUnsubscribeFromCourse"),ENT_QUOTES,$charset))."')) return false;\">";
+				echo	"<form action=\"".api_get_self()."\" method=\"post\" onsubmit=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("ConfirmUnsubscribeFromCourse"),ENT_QUOTES,$charset))."')) return false;\">";
 				echo    '<input type="hidden" name="sec_token" value="'.$stok.'">';
 				echo 	"<input type=\"hidden\" name=\"unsubscribe\" value=\"".$course['code']."\" />";
 				echo 	"<input type=\"image\" name=\"unsub\" src=\"../img/delete.gif\" alt=\"".get_lang("_unsubscribe")."\" /></form>";
@ -1045,7 +1045,7 @@ function display_category_icons($current_category, $all_user_categories)
   		echo "</td>";
 		echo "<td rowspan=\"2\">";
 		echo " <a href=\"courses.php?action=deletecoursecategory&amp;id=".$current_category."&amp;sec_token=".$stok."\">";
-		Display::display_icon('delete.gif',get_lang('Delete'),array('onclick'=>"javascript:if(!confirm('".addslashes(htmlentities(get_lang("CourseCategoryAbout2bedeleted"),ENT_QUOTES,$charset))."')) return false;"));
+		Display::display_icon('delete.gif',get_lang('Delete'),array('onclick'=>"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("CourseCategoryAbout2bedeleted"),ENT_QUOTES,$charset))."')) return false;"));
 		echo "</a>";
 		echo "</td>";
 		echo "</tr>";
@ -1112,7 +1112,7 @@ function display_unsubscribe_icons($course)
 	{
 		if ($course['unsubscribe'] == 1)
 			{	// changed link to submit to avoid action by the search tool indexer
-				echo	"<form action=\"".api_get_self()."\" method=\"post\" onsubmit=\"javascript:if(!confirm('".addslashes(htmlentities(get_lang("ConfirmUnsubscribeFromCourse"),ENT_QUOTES,$charset))."')) return false;\">";
+				echo	"<form action=\"".api_get_self()."\" method=\"post\" onsubmit=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang("ConfirmUnsubscribeFromCourse"),ENT_QUOTES,$charset))."')) return false;\">";
 				echo    '<input type="hidden" name="sec_token" value="'.$stok.'">';
 				echo 	"<input type=\"hidden\" name=\"unsubscribe\" value=\"".$course['code']."\" />";
 				echo 	"<input type=\"image\" name=\"unsub\" src=\"../img/delete.gif\" alt=\"".get_lang("_unsubscribe")."\" /></form>";
@ -1235,8 +1235,8 @@ function store_edit_course_category()
 	global $_user, $_configuration, $charset;

 	$tucc = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY);
-	$sql_update="UPDATE $tucc SET title='".htmlentities($_POST['title_course_category'],ENT_QUOTES,$charset)."' WHERE id='".(int)$_POST['edit_course_category']."'";
+	$sql_update="UPDATE $tucc SET title='".api_htmlentities($_POST['title_course_category'],ENT_QUOTES,$charset)."' WHERE id='".(int)$_POST['edit_course_category']."'";
 	api_sql_query($sql_update,__FILE__,__LINE__);
 	return get_lang("CourseCategoryEditStored");
 }
-?>
+?>
--- a/main/auth/inscription.php
+++ b/main/auth/inscription.php
@ -1,5 +1,5 @@
 <?php
-// $Id: inscription.php 20290 2009-05-04 18:04:33Z iflorespaz $
+// $Id: inscription.php 20443 2009-05-10 08:41:46Z ivantcholakov $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -294,7 +294,7 @@ if ($form->validate()) {
 	  -----------------------------------------------------*/
 	$values = $form->exportValues();
 	
-	$values['username'] = substr($values['username'],0,20); //make *sure* the login isn't too long
+	$values['username'] = api_substr($values['username'],0,20); //make *sure* the login isn't too long

 	if (get_setting('allow_registration_as_teacher') == 'false') {
 		$values['status'] = STUDENT;
@ -500,4 +500,4 @@ if (!isset($_POST['username'])) {
 */

 Display :: display_footer();
-?>
+?>
--- a/main/auth/ldap/authldap.php
+++ b/main/auth/ldap/authldap.php
@ -1,4 +1,4 @@
-<?php // $Id: authldap.php 16978 2008-11-27 11:04:12Z pcool $
+<?php // $Id: authldap.php 20443 2009-05-10 08:41:46Z ivantcholakov $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -532,8 +532,8 @@ function ldap_get_user_data($from, $number_of_items, $column, $direction)
 				//$user[] = $dn_array[0]; // uid is first key
 				$user[] = $info[$key]['uid'][0];
 				$user[] = $info[$key]['uid'][0];
-				$user[] = iconv('utf-8', api_get_setting('platform_charset'), $info[$key]['sn'][0]);
-				$user[] = iconv('utf-8', api_get_setting('platform_charset'), $info[$key]['givenname'][0]);
+				$user[] = api_convert_encoding($info[$key]['givenname'][0], api_get_system_encoding(), 'UTF-8');
+				$user[] = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8');
 				$user[] = $info[$key]['mail'][0];
 				$outab[] = $info[$key]['eduPersonPrimaryAffiliation'][0]; // Ici "student"
 				$users[] = $user;
@ -559,7 +559,7 @@ function modify_filter($user_id,$url_params, $row)
 {
 	$url_params_id="id[]=".$row[0];
 	//$url_params_id="id=".$row[0];	
-	$result .= '<a href="ldap_users_list.php?action=add_user&amp;user_id='.$user_id.'&amp;id_session='.Security::remove_XSS($_GET['id_session']).'&amp;'.$url_params_id.'&amp;sec_token='.$_SESSION['sec_token'].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang("ConfirmYourChoice")))."'".')) return false;">'.Display::return_icon('add_user.gif', get_lang('AddUsers')).'</a>';
+	$result .= '<a href="ldap_users_list.php?action=add_user&amp;user_id='.$user_id.'&amp;id_session='.Security::remove_XSS($_GET['id_session']).'&amp;'.$url_params_id.'&amp;sec_token='.$_SESSION['sec_token'].'"  onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, api_get_system_encoding()))."'".')) return false;">'.Display::return_icon('add_user.gif', get_lang('AddUsers')).'</a>';
 	return $result;
 }

@ -585,8 +585,8 @@ function ldap_add_user($login)

 		for ($key = 0; $key < $info['count']; $key ++)
 		{
-			$lastname = iconv('utf-8', api_get_setting('platform_charset'), $info[$key]['sn'][0]);
-			$firstname = iconv('utf-8', api_get_setting('platform_charset'), $info[$key]['givenname'][0]);
+			$lastname = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8');
+			$firstname = api_convert_encoding($info[$key]['givenname'][0], api_get_system_encoding(), 'UTF-8');
 			$email = $info[$key]['mail'][0];
 			// Get uid from dn
 			$dn_array=ldap_explode_dn($info[$key]['dn'],1);
@ -688,4 +688,4 @@ function ldap_add_user_to_session($UserList, $id_session)
 	list($nbr_users) = Database::fetch_array($rs);
 	api_sql_query("UPDATE $tbl_session SET nbr_users=$nbr_users WHERE id='$id_session'",__FILE__,__LINE__);
 }
-?>
+?>
--- a/main/auth/my_progress.php
+++ b/main/auth/my_progress.php
@ -95,7 +95,7 @@ foreach($Courses as $enreg)

 <tr class='<?php echo $i?'row_odd':'row_even'; ?>'>
  	<td>
-		<?php echo html_entity_decode($enreg['title'],ENT_QUOTES,$charset); ?>
+		<?php echo api_html_entity_decode($enreg['title'],ENT_QUOTES,$charset); ?>
  	</td>

  	<td align='center'>