From aa8139414efc6d986a65b7b06e686ddc558a3501 Mon Sep 17 00:00:00 2001 From: moodler Date: Wed, 7 Dec 2005 06:21:58 +0000 Subject: [PATCH] Replaced optional_var with optional_param --- mod/glossary/approve.php | 8 +++--- mod/glossary/comment.php | 12 ++++----- mod/glossary/comments.php | 4 +-- mod/glossary/deleteentry.php | 8 +++--- mod/glossary/edit.php | 10 +++---- mod/glossary/editcategories.php | 17 +++++------- mod/glossary/export.php | 6 ++--- mod/glossary/exportentry.php | 10 +++---- mod/glossary/formats.php | 3 +-- mod/glossary/import.php | 14 +++++----- mod/glossary/index.php | 2 +- mod/glossary/print.php | 14 +++++----- mod/glossary/rate.php | 2 +- mod/glossary/report.php | 2 +- mod/glossary/showentry.php | 8 +++--- mod/glossary/view.php | 27 +++++++++---------- .../categorydatasetdefinitions.php | 4 +-- mod/wiki/view.php | 24 +++++++++-------- 18 files changed, 85 insertions(+), 90 deletions(-) diff --git a/mod/glossary/approve.php b/mod/glossary/approve.php index f5f01c28508..34df476b213 100644 --- a/mod/glossary/approve.php +++ b/mod/glossary/approve.php @@ -3,11 +3,11 @@ require_once("../../config.php"); require_once("lib.php"); - require_variable($id); // Course Module ID - optional_variable($eid); // Entry ID + $id = required_param('id', PARAM_INT); // Course Module ID + $eid = optional_param('eid', 0, PARAM_INT); // Entry ID - $mode = optional_param('mode','approval'); - $hook = optional_param('hook','ALL'); + $mode = optional_param('mode','approval', PARAM_ALPHA); + $hook = optional_param('hook','ALL', PARAM_CLEAN); if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); diff --git a/mod/glossary/comment.php b/mod/glossary/comment.php index 4030e6a3167..ee646b13d9e 100644 --- a/mod/glossary/comment.php +++ b/mod/glossary/comment.php @@ -4,13 +4,11 @@ require_once('../../config.php'); require_once('lib.php'); - require_variable($id); // Course Module ID - require_variable($eid); // Entry ID - optional_variable($cid,0); // Comment ID - - optional_variable($confirm,0); // Confirm the action - - $action = optional_param('action','add'); + $id = required_param('id', PARAM_INT); // Course Module ID + $eid = required_param('eid', PARAM_INT); // Entry ID + $cid = optional_param('cid', 0, PARAM_INT); // Comment ID + $confirm = optional_param('confirm',0, PARAM_INT); // Confirm the action + $action = optional_param('action','add', PARAM_ALPHA); $action = strtolower($action); diff --git a/mod/glossary/comments.php b/mod/glossary/comments.php index eac76891602..646e32b4233 100644 --- a/mod/glossary/comments.php +++ b/mod/glossary/comments.php @@ -4,8 +4,8 @@ require_once('../../config.php'); require_once('lib.php'); - require_variable($id); // Course Module ID - require_variable($eid); // Entry ID + $id = required_param('id', PARAM_INT); // Course Module ID + $eid = required_param('eid', PARAM_INT); // Entry ID global $USER, $CFG; diff --git a/mod/glossary/deleteentry.php b/mod/glossary/deleteentry.php index a207d513f29..8eba0c0354d 100644 --- a/mod/glossary/deleteentry.php +++ b/mod/glossary/deleteentry.php @@ -3,12 +3,12 @@ require_once("../../config.php"); require_once("lib.php"); - require_variable($id); // course module ID - optional_variable($confirm); // commit the operation? - optional_variable($entry); // entry id + $id = required_param('id', PARAM_INT); // course module ID + $confirm = optional_param('confirm', 0, PARAM_INT); // commit the operation? + $entry = optional_param('entry', 0, PARAM_INT); // entry id $prevmode = required_param('prevmode'); - $hook = optional_param('hook'); + $hook = optional_param('hook', '', PARAM_CLEAN); $strglossary = get_string("modulename", "glossary"); $strglossaries = get_string("modulenameplural", "glossary"); diff --git a/mod/glossary/edit.php b/mod/glossary/edit.php index a229a199d4e..aeadee0f9f8 100644 --- a/mod/glossary/edit.php +++ b/mod/glossary/edit.php @@ -5,12 +5,12 @@ require_once('lib.php'); global $CFG, $USER; -require_variable($id); // Course Module ID -optional_variable($e); // EntryID -optional_variable($confirm,0); // proceed. Edit the edtry +$id = required_param('id', PARAM_INT); // Course Module ID +$e = optional_param('e', 0, PARAM_INT); // EntryID +$confirm = optional_param('confirm',0, PARAM_INT); // proceed. Edit the edtry -$mode = optional_param('mode'); // categories if by category? -$hook = optional_param('hook'); // CategoryID +$mode = optional_param('mode', '', PARAM_ALPHA); // categories if by category? +$hook = optional_param('hook', '', PARAM_ALPHANUM); // CategoryID if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); diff --git a/mod/glossary/editcategories.php b/mod/glossary/editcategories.php index 19a8bb012f9..9543b02886b 100644 --- a/mod/glossary/editcategories.php +++ b/mod/glossary/editcategories.php @@ -5,17 +5,14 @@ require_once("../../config.php"); require_once("lib.php"); - require_variable($id); // Course Module ID, or - optional_variable($usedynalink); // category ID - optional_variable($confirm); // confirm the action + $id = required_param('id', PARAM_INT); // Course Module ID, or + $usedynalink = optional_param('usedynalink', 0, PARAM_INT); // category ID + $confirm = optional_param('confirm', 0, PARAM_INT); // confirm the action + $name = optional_param('name', '', PARAM_ALPHANUM); // confirm the name - optional_variable($name); // confirm the name - - $name = clean_text($name); - - $action = optional_param('action'); // what to do - $hook = optional_param('hook',0); // category ID - $mode = optional_param('mode'); // cat + $action = optional_param('action', '', PARAM_ALPHA ); // what to do + $hook = optional_param('hook', '', PARAM_ALPHANUM); // category ID + $mode = optional_param('mode', '', PARAM_ALPHA); // cat $action = strtolower($action); diff --git a/mod/glossary/export.php b/mod/glossary/export.php index 381c9dd0b89..6b480a5105c 100644 --- a/mod/glossary/export.php +++ b/mod/glossary/export.php @@ -4,10 +4,10 @@ require_once("lib.php"); global $CFG, $USER; - require_variable($id); // Course Module ID + $id = required_param('id', PARAM_INT); // Course Module ID - optional_variable($l,""); - optional_variable($cat,0); + $l = optional_param('l','', PARAM_ALPHANUM); + $cat = optional_param('cat',0, PARAM_ALPHANUM); if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); diff --git a/mod/glossary/exportentry.php b/mod/glossary/exportentry.php index 676ffd7b117..06ab91def2b 100644 --- a/mod/glossary/exportentry.php +++ b/mod/glossary/exportentry.php @@ -2,12 +2,12 @@ require_once('../../config.php'); require_once('lib.php'); - require_variable($id); // course module ID - require_variable($entry); // Entry ID - optional_variable($confirm); // confirmation + $id = required_param('id', PARAM_INT); // course module ID + $entry = required_param('entry', 0, PARAM_INT); // Entry ID + $confirm = optional_param('confirm', 0, PARAM_INT); // confirmation - $hook = optional_param('hook'); - $mode = optional_param('mode'); + $hook = optional_param('hook', '', PARAM_ALPHANUM); + $mode = optional_param('mode', '', PARAM_ALPHA); global $USER, $CFG; diff --git a/mod/glossary/formats.php b/mod/glossary/formats.php index ef5d3444645..f78fd0f3304 100644 --- a/mod/glossary/formats.php +++ b/mod/glossary/formats.php @@ -5,8 +5,7 @@ require_once("lib.php"); global $CFG; - require_variable($id); - + $id = required_param('id', PARAM_INT); $mode = optional_param('mode'); require_login(); diff --git a/mod/glossary/import.php b/mod/glossary/import.php index d053b0d1229..585bed78017 100644 --- a/mod/glossary/import.php +++ b/mod/glossary/import.php @@ -5,15 +5,15 @@ require_once("$CFG->dirroot/course/lib.php"); global $CFG, $USER; - require_variable($id); // Course Module ID + $id = required_param('id', PARAM_INT); // Course Module ID - optional_variable($step,0); - optional_variable($dest,"current"); // current | new - optional_variable($file); // file to import - optional_variable($catsincl,0); // Import Categories too? + $step = optional_param('step', 0, PARAM_INT); + $current = optional_param('dest', 'current', PARAM_ALPHA); // current | new + $file = optional_param('file', '', PARAM_FILE); // file to import + $catsincl = optional_param('catsincl', 0, PARAM_INT); // Import Categories too? - optional_variable($mode,'letter'); - optional_variable($hook,"ALL"); + $mode = optional_param('mode', 'letter', PARAM_ALPHA ); + $hook = optional_param('hook', 'ALL', PARAM_ALPHANUM); if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); diff --git a/mod/glossary/index.php b/mod/glossary/index.php index 92d70bc64a5..03fdd3df2d6 100644 --- a/mod/glossary/index.php +++ b/mod/glossary/index.php @@ -7,7 +7,7 @@ require_once("lib.php"); require_once("$CFG->libdir/rsslib.php"); - require_variable($id); // course + $id = required_param('id', PARAM_INT); // course if (! $course = get_record("course", "id", $id)) { error("Course ID is incorrect"); diff --git a/mod/glossary/print.php b/mod/glossary/print.php index 0933ce4adc2..fff3987554a 100644 --- a/mod/glossary/print.php +++ b/mod/glossary/print.php @@ -5,14 +5,14 @@ require_once("../../config.php"); require_once("lib.php"); - require_variable($id); // Course Module ID - optional_variable($sortorder,"asc"); // Sorting order - optional_variable($offset,0,PARAM_INT); // number of entries to bypass - optional_variable($displayformat,-1); + $id = required_param('id', PARAM_INT); // Course Module ID + $sortorder = optional_param('sortorder', 'asc', PARAM_ALPHA); // Sorting order + $offset = optional_param('offset', 0, PARAM_INT); // number of entries to bypass + $displayformat = optional_param('displayformat',-1, PARAM_INT); - $mode = required_param('mode'); // mode to show the entries - $hook = optional_param('hook','ALL'); // what to show - $sortkey = optional_param('sortkey','UPDATE'); // Sorting key + $mode = required_param('mode', PARAM_ALPHA); // mode to show the entries + $hook = optional_param('hook','ALL', PARAM_ALPHANUM); // what to show + $sortkey = optional_param('sortkey','UPDATE', PARAM_ALPHA); // Sorting key if (! $cm = get_record("course_modules", "id", $id)) { error("Course Module ID was incorrect"); diff --git a/mod/glossary/rate.php b/mod/glossary/rate.php index 647e26a52da..3f123a4b340 100644 --- a/mod/glossary/rate.php +++ b/mod/glossary/rate.php @@ -7,7 +7,7 @@ require_once("lib.php"); - require_variable($id); // The course these ratings are part of + $id = required_param('id', PARAM_INT); // The course these ratings are part of if (! $course = get_record("course", "id", $id)) { error("Course ID was incorrect"); diff --git a/mod/glossary/report.php b/mod/glossary/report.php index eb950745c18..459278e71d2 100644 --- a/mod/glossary/report.php +++ b/mod/glossary/report.php @@ -4,7 +4,7 @@ require_once("../../config.php"); require_once("lib.php"); - require_variable($id); + $id = required_param('id', PARAM_INT); global $USER; if (! $entry = get_record("glossary_entries", "id", $id)) { diff --git a/mod/glossary/showentry.php b/mod/glossary/showentry.php index 6d9251c7d0a..3dd4467b299 100644 --- a/mod/glossary/showentry.php +++ b/mod/glossary/showentry.php @@ -2,10 +2,10 @@ require_once("../../config.php"); require_once("lib.php"); - optional_variable($concept); - optional_variable($courseid,0); - optional_variable($eid,0); // glossary entry id - optional_variable($displayformat,-1); + $concept = optional_param('concept', '', PARAM_ALPHANUM); + $courseid = optional_param('courseid', 0, PARAM_INT); + $eid = optional_param('eid', 0, PARAM_INT); // glossary entry id + $displayformat = optional_param('displayformat',-1, PARAM_INT); if ($CFG->forcelogin) { require_login(); diff --git a/mod/glossary/view.php b/mod/glossary/view.php index a72092ae6bb..d8ff828ea85 100644 --- a/mod/glossary/view.php +++ b/mod/glossary/view.php @@ -4,21 +4,20 @@ require_once("lib.php"); require_once("$CFG->libdir/rsslib.php"); - optional_variable($id); // Course Module ID - optional_variable($g); // Glossary ID + $id = optional_param('id', 0, PARAM_INT); // Course Module ID + $g = optional_param('g', 0, PARAM_INT); // Glossary ID - optional_variable($tab,GLOSSARY_NO_VIEW); // browsing entries by categories? + $tab = optional_param('tab', GLOSSARY_NO_VIEW, PARAM_ALPHA); // browsing entries by categories? + $displayformat = optional_param('displayformat',-1, PARAM_INT); // override of the glossary display format - optional_variable($displayformat,-1); // override of the glossary display format - - $mode = optional_param('mode'); // term entry cat date letter search author approval - $hook = optional_param('hook'); // the term, entry, cat, etc... to look for based on mode - $fullsearch = optional_param('fullsearch',0);// full search (concept and definition) when searching? - $sortkey = optional_param('sortkey'); // Sorted view: CREATION | UPDATE | FIRSTNAME | LASTNAME... - $sortorder = optional_param('sortorder'); // it defines the order of the sorting (ASC or DESC) - $offset = optional_param('offset',0,PARAM_INT); // entries to bypass (for paging purpouses) - $page = optional_param('page',0,PARAM_INT); // Page to show (for paging purpouses) - $show = optional_param('show'); // [ concept | alias ] => mode=term hook=$show + $mode = optional_param('mode', 'approval', PARAM_ALPHA); // term entry cat date letter search author approval + $hook = optional_param('hook', 'ALL', PARAM_CLEAN); // the term, entry, cat, etc... to look for based on mode + $fullsearch = optional_param('fullsearch', 0,PARAM_INT); // full search (concept and definition) when searching? + $sortkey = optional_param('sortkey', 'CREATION', PARAM_ALPHA);// Sorted view: CREATION | UPDATE | FIRSTNAME | LASTNAME... + $sortorder = optional_param('sortorder', 'ASC', PARAM_ALPHA); // it defines the order of the sorting (ASC or DESC) + $offset = optional_param('offset', 0,PARAM_INT); // entries to bypass (for paging purposes) + $page = optional_param('page', 0,PARAM_INT); // Page to show (for paging purposes) + $show = optional_param('show', '', PARAM_ALPHA); // [ concept | alias ] => mode=term hook=$show if (!empty($id)) { if (! $cm = get_record("course_modules", "id", $id)) { @@ -252,7 +251,7 @@ echo ' '; if ($mode == 'search') { - echo ' '; + echo ' '; } else { echo ' '; } diff --git a/mod/quiz/questiontypes/datasetdependent/categorydatasetdefinitions.php b/mod/quiz/questiontypes/datasetdependent/categorydatasetdefinitions.php index 6b7a5ed9dec..eecc4b851a0 100644 --- a/mod/quiz/questiontypes/datasetdependent/categorydatasetdefinitions.php +++ b/mod/quiz/questiontypes/datasetdependent/categorydatasetdefinitions.php @@ -6,8 +6,8 @@ require_once("$CFG->dirroot/config.php"); - require_variable($category); - optional_variable($question); + $category = required_param('category', PARAM_ALPHANUM); + $question = optional_param('question', '', PARAM_INT); if (! $category = get_record("quiz_categories", "id", $category)) { error("This wasn't a valid category!"); diff --git a/mod/wiki/view.php b/mod/wiki/view.php index fb3a760eeed..2880be7ffce 100644 --- a/mod/wiki/view.php +++ b/mod/wiki/view.php @@ -6,19 +6,21 @@ require_once("../../config.php"); require_once("lib.php"); -# require_once("$CFG->dirroot/course/lib.php"); // For side-blocks + #require_once("$CFG->dirroot/course/lib.php"); // For side-blocks - optional_variable($ewiki_action,""); // Action on Wiki-Page - optional_variable($id); // Course Module ID, or - optional_variable($wid); // Wiki ID - optional_variable($page, false); // Wiki Page Name - optional_variable($q,""); // Search Context - optional_variable($userid, 0); // User wiki. - optional_variable($groupid, 0); // Group wiki. - optional_variable($canceledit,""); // Editing has been cancelled + $ewiki_action = optional_param('ewiki_action', '', PARAM_ALPHA); // Action on Wiki-Page + $id = optional_param('id', 0, PARAM_INT); // Course Module ID, or + $wid = optional_param('wid', 0, PARAM_INT); // Wiki ID + $page = optional_param('page', false, PARAM_ALPHANUM); // Wiki Page Name + $q = optional_param('q',"", PARAM_ALPHANUM); // Search Context + $userid = optional_param('userid', 0, PARAM_INT); // User wiki. + $groupid = optional_param('groupid', 0, PARAM_INT); // Group wiki. + $canceledit = optional_param('canceledit','', PARAM_INT); // Editing has been cancelled + + // Only want to add edit log entries if we have made some changes ie submitted a form + $editsave = optional_param('thankyou', '', PARAM_INT); + -/// Only want to add edit log entries if we have made some changes ie submitted a form - $editsave = optional_param('thankyou'); if ($id) { if (! $cm = get_record("course_modules", "id", $id)) {