mirror of
https://github.com/moodle/moodle.git
synced 2025-08-05 00:46:50 +02:00
Security fixes
Fixed up styles handling to be more standard (the themes include them already so no need for modules to do it)
This commit is contained in:
moodler
parent
d1465c3d12
commit
6656bf0af1
4 changed files with 16 additions and 26 deletions
|
|
@ -23,6 +23,7 @@
|
|||
require("locallib.php");
|
||||
|
||||
$id = required_param('id', PARAM_INT); // Course Module ID
|
||||
$action = required_param('action', PARAM_ALPHA); // Action
|
||||
|
||||
// get some esential stuff...
|
||||
if (! $cm = get_record("course_modules", "id", $id)) {
|
||||
|
|
@ -54,11 +55,7 @@
|
|||
// ... print the header and...
|
||||
print_header("$course->shortname: $lesson->name", "$course->fullname",
|
||||
"$navigation <a href=index.php?id=$course->id>$strlessons</a> ->
|
||||
<a href=\"view.php?id=$cm->id\">$lesson->name</a>",
|
||||
"", "<style type=\"text/css\">@import url($CFG->wwwroot/mod/lesson/styles.php);</style>", true);
|
||||
|
||||
//...get the action
|
||||
$action = required_param('action');
|
||||
<a href=\"view.php?id=$cm->id\">$lesson->name</a>", "", "", true);
|
||||
|
||||
// include the appropriate action (check to make sure the file is there first)
|
||||
if (file_exists($CFG->dirroot.'/mod/lesson/action/'.$action.'.php')) {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
<!-- define a new instance of lesson -->
|
||||
<!-- It is used from /course/mod.php. The whole instance is available as $form. -->
|
||||
<?php
|
||||
echo "<style type=\"text/css\">@import url($CFG->wwwroot/mod/lesson/styles.php);</style>";
|
||||
require("$CFG->dirroot/mod/lesson/locallib.php"); // for parameter array
|
||||
if ($form->mode == "add") {
|
||||
if ($defaults = get_record("lesson_default", "course", $form->course)) {
|
||||
|
|
|
|||
|
|
@ -1,23 +1,19 @@
|
|||
<?php
|
||||
require_once("../../config.php");
|
||||
?>
|
||||
|
||||
img {
|
||||
.mod-lesson img {
|
||||
border:0;
|
||||
}
|
||||
|
||||
.hidden-label {
|
||||
.mod-lesson .hidden-label {
|
||||
display: none;
|
||||
}
|
||||
|
||||
.footer {
|
||||
.mod-lesson .footer {
|
||||
padding-top:40px; margin-top:40px;
|
||||
}
|
||||
|
||||
.footer a:link, .footer v:link, .footer a:visited {
|
||||
.mod-lesson .footer a:link, .footer v:link, .footer a:visited {
|
||||
}
|
||||
|
||||
.leftmenutable {
|
||||
.mod-lesson .leftmenutable {
|
||||
width:170px;
|
||||
height:400px;
|
||||
overflow:auto;
|
||||
|
|
@ -25,15 +21,15 @@ img {
|
|||
vertical-align:top;
|
||||
}
|
||||
|
||||
.leftmenu a:link, .leftmenu a:active, .leftmenu a:visited, .leftmenu1 a:link, .leftmenu1 a:active, .leftmenu1 a:visited{
|
||||
.mod-lesson .leftmenu a:link, .leftmenu a:active, .leftmenu a:visited, .leftmenu1 a:link, .leftmenu1 a:active, .leftmenu1 a:visited{
|
||||
font-size:.7em;
|
||||
vertical-align:top;
|
||||
}
|
||||
|
||||
.main a:link, .main a:active, .main a:visited{
|
||||
.mod-lesson .main a:link, .main a:active, .main a:visited{
|
||||
font-size:.9em;
|
||||
vertical-align:top;
|
||||
}
|
||||
|
||||
.viewpos {
|
||||
.mod-lesson .viewpos {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,9 +39,9 @@
|
|||
$action = 'teacherview';
|
||||
} elseif (time() < $lesson->available) {
|
||||
print_header($course->shortname .': '. $lesson->name, $course->fullname,
|
||||
$navigation .'<a href="index.php?id='. $course->id .'">'. $strlessons .'</a> -> <a href="view.php?id='. $cm->id .'">'. $lesson->name .'</a>', '',
|
||||
"<style type=\"text/css\">@import url($CFG->wwwroot/mod/lesson/styles.php);</style>", true,
|
||||
'', navmenu($course, $cm));
|
||||
$navigation .'<a href="index.php?id='. $course->id .'">'. $strlessons .'</a> -> '.
|
||||
'<a href="view.php?id='. $cm->id .'">'. $lesson->name .'</a>',
|
||||
'', '', true, '', navmenu($course, $cm));
|
||||
print_simple_box_start('center');
|
||||
echo '<div align="center">';
|
||||
echo get_string('lessonopen', 'lesson', userdate($lesson->available)).'<br />';
|
||||
|
|
@ -52,8 +52,7 @@
|
|||
exit();
|
||||
} elseif (time() > $lesson->deadline) {
|
||||
print_header($course->shortname .': '. $lesson->name, $course->fullname,
|
||||
"$navigation <a href=\"index.php?id=$course->id\">$strlessons</a> -> <a href=\"view.php?id=$cm->id\">$lesson->name</a>", '',
|
||||
"<style type=\"text/css\">@import url($CFG->wwwroot/mod/lesson/styles.php);</style>", true,
|
||||
"$navigation <a href=\"index.php?id=$course->id\">$strlessons</a> -> <a href=\"view.php?id=$cm->id\">$lesson->name</a>", '', "", true,
|
||||
'', navmenu($course, $cm));
|
||||
print_simple_box_start('center');
|
||||
echo '<div align="center">';
|
||||
|
|
@ -92,8 +91,7 @@
|
|||
}
|
||||
|
||||
print_header($course->shortname .': '. $lesson->name, $course->fullname,
|
||||
"$navigation <a href=\"index.php?id=$course->id\">$strlessons</a> -> <a href=\"view.php?id=$cm->id\">$lesson->name</a>", '',
|
||||
"<style type=\"text/css\">@import url($CFG->wwwroot/mod/lesson/styles.php);</style>", true,
|
||||
"$navigation <a href=\"index.php?id=$course->id\">$strlessons</a> -> <a href=\"view.php?id=$cm->id\">$lesson->name</a>", '', '', true,
|
||||
$button, // took out update_module_button($cm->id, $course->id, $strlesson) and replaced it with $button
|
||||
navmenu($course, $cm));
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue