moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-10517 Use of addslashes in assignment/lib.php

Browse source
This commit is contained in:
skodak 2007-07-18 18:42:45 +00:00
parent 72c7ee0c4d
commit 3a935caf4d
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
mod/assignment/lib.php
View file

@ -670,7 +670,7 @@ class assignment_base {
if (empty($SESSION->flextable['mod-assignment-submissions']->collapse['timemodified']) && if (empty($SESSION->flextable['mod-assignment-submissions']->collapse['timemodified']) &&
$submission->timemodified) { $submission->timemodified) {
$output.= 'opener.document.getElementById("ts'.$submission->userid. $output.= 'opener.document.getElementById("ts'.$submission->userid.
'").innerHTML="'.addslashes($this->print_student_answer($submission->userid)).userdate($submission->timemodified)."\";\n"; '").innerHTML="'.addslashes_js($this->print_student_answer($submission->userid)).userdate($submission->timemodified)."\";\n";
} }
if (empty($SESSION->flextable['mod-assignment-submissions']->collapse['timemarked']) && if (empty($SESSION->flextable['mod-assignment-submissions']->collapse['timemarked']) &&
@ -684,7 +684,7 @@ class assignment_base {
$buttontext = get_string('update'); $buttontext = get_string('update');
$button = link_to_popup_window ('/mod/assignment/submissions.php?id='.$this->cm->id.'&userid='.$submission->userid.'&mode=single'.'&offset='.(optional_param('offset', '', PARAM_INT)-1), $button = link_to_popup_window ('/mod/assignment/submissions.php?id='.$this->cm->id.'&userid='.$submission->userid.'&mode=single'.'&offset='.(optional_param('offset', '', PARAM_INT)-1),
'grade'.$submission->userid, $buttontext, 450, 700, $buttontext, 'none', true, 'button'.$submission->userid); 'grade'.$submission->userid, $buttontext, 450, 700, $buttontext, 'none', true, 'button'.$submission->userid);
$output.= 'opener.document.getElementById("up'.$submission->userid.'").innerHTML="'.addslashes($button).'";'; $output.= 'opener.document.getElementById("up'.$submission->userid.'").innerHTML="'.addslashes_js($button).'";';
} }
$output .= "\n-->\n</script>"; $output .= "\n-->\n</script>";
return $output; return $output;