From 293050010463553284f7a81c760c2edff01874b6 Mon Sep 17 00:00:00 2001
From: tjhunt <tjhunt>
Date: Fri, 26 Sep 2008 10:49:31 +0000
Subject: [PATCH] MDL-16706 - eliminate miscellaneous inine JavaScript This
 does the quiz (apart from the bloody 'secure' window), the question bank and
 a couple of others.

---
 lib/weblib.php           | 41 ++++++++++++++++++++++++++++------------
 message/refresh.php      | 20 +++++---------------
 mod/quiz/accessrules.php |  8 ++------
 mod/quiz/quiz.js         |  4 ++--
 mod/quiz/review.php      |  6 ++----
 question/export.php      | 13 ++-----------
 6 files changed, 42 insertions(+), 50 deletions(-)

diff --git a/lib/weblib.php b/lib/weblib.php
index 0bf3b5f40b0..2d479110987 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -2720,6 +2720,33 @@ function print_js_call($function, $args = array(), $return = false) {
     }
 }
 
+/**
+ * Generate the HTML for calling a javascript funtion after a time delay.
+ * In other respects, this function is the same as print_js_call.
+ *
+ * @param integer $delay the desired delay in seconds.
+ * @param string $function the name of the JavaScript function to call.
+ * @param array $args an optional list of arguments to the function call.
+ * @param boolean $return if true, return the HTML code, otherwise output it.
+ * @return mixed string if $return is true, otherwise nothing.
+ */
+function print_delayed_js_call($delay, $function, $args = array(), $return = false) {
+    $quotedargs = array();
+    foreach ($args as $arg) {
+        $quotedargs[] = json_encode($arg);
+    }
+    $html = '';
+    $html .= '<script type="text/javascript">//<![CDATA[' . "\n";
+    $html .= 'setTimeout(function() {' . $function . '(' .
+            implode(', ', $quotedargs) . ');}, ' . ($delay * 1000) . ");\n";
+    $html .= "//]]></script>\n";
+    if ($return) {
+        return $html;
+    } else {
+        echo $html;
+    }
+}
+
 /**
  * Sometimes you need access to some values in your JavaScript that you can only
  * get from PHP code. You can handle this by generating your JS in PHP, but a
@@ -6144,7 +6171,7 @@ function redirect($url, $message='', $delay=-1) {
         @header('Location: '.$url);
         //another way for older browsers and already sent headers (eg trailing whitespace in config.php)
         echo '<meta http-equiv="refresh" content="'. $delay .'; url='. $encodedurl .'" />';
-        echo '<script type="text/javascript">'. "\n" .'//<![CDATA['. "\n". "location.replace('".addslashes_js($url)."');". "\n". '//]]>'. "\n". '</script>';   // To cope with Mozilla bug
+        print_js_call('document.location.replace', array($url));
         die;
     }
 
@@ -6164,17 +6191,7 @@ function redirect($url, $message='', $delay=-1) {
     echo '</div>';
 
     if (!$errorprinted) {
-?>
-<script type="text/javascript">
-//<![CDATA[
-
-  function redirect() {
-      document.location.replace('<?php echo addslashes_js($url) ?>');
-  }
-  setTimeout("redirect()", <?php echo ($delay * 1000) ?>);
-//]]>
-</script>
-<?php
+        print_delayed_js_call($delay, 'document.location.replace', array($url));
     }
 
     $CFG->docroot = false; // to prevent the link to moodle docs from being displayed on redirect page.
diff --git a/message/refresh.php b/message/refresh.php
index b2c10748759..009c7c3a110 100644
--- a/message/refresh.php
+++ b/message/refresh.php
@@ -129,18 +129,8 @@
     }
 
     // Javascript for Mozilla to cope with the redirect bug from editor being on in this page
-    ?>
-
-<script type="text/javascript">
-<!--
-
-  function redirect() {
-    document.location.replace('refresh.php?id=<?php echo $userid ?>&name=<?php echo urlencode($userfullname) ?>&wait=<?php echo $wait ?>');
-  }
-
-  setTimeout("redirect()", <?php echo ($wait*1000) ?>);
--->
-</script>
-
-</body>
-</html>
+    print_delayed_js_call($wait, 'document.location.replace', array(
+            "refresh.php?id=$userid&name=" . urlencode($userfullname) . "&wait=$wait"));
+    echo '</body>'."\n";
+    echo '</html>'."\n";
+?>
\ No newline at end of file
diff --git a/mod/quiz/accessrules.php b/mod/quiz/accessrules.php
index dab4edd7ca7..4940e8e2c25 100644
--- a/mod/quiz/accessrules.php
+++ b/mod/quiz/accessrules.php
@@ -168,9 +168,7 @@ class quiz_access_manager {
         /// Make sure the timer starts just above zero. If $timeleft was <= 0, then
         /// this will just have the effect of causing the quiz to be submitted immediately.
             $timerstartvalue = max($timeleft, 1);
-            echo '<script type="text/javascript">';
-            echo "quiz_timer.initialise('", get_string('timesup','quiz'), "', ", $timerstartvalue, ");";
-            echo "</script>\n";
+            print_js_call('quiz_timer.initialise', array(get_string('timesup','quiz'), $timerstartvalue));
         }
     }
 
@@ -232,9 +230,7 @@ class quiz_access_manager {
                 $delay = 0;
             }
             print_box_end();
-            echo '<script type="text/javascript">';
-            echo 'quiz_secure_window.close(', addslashes_js(htmlspecialchars($url)), ', ', $delay, ')';
-            echo '</script>';
+            print_js_call('quiz_secure_window.close', array($url, $delay));
             print_footer('empty');
             die();
         } else {
diff --git a/mod/quiz/quiz.js b/mod/quiz/quiz.js
index 74e08402f7c..93b484e70bc 100644
--- a/mod/quiz/quiz.js
+++ b/mod/quiz/quiz.js
@@ -185,7 +185,7 @@ quiz_secure_window = {
             document.captureEvents(Event.MOUSEDOWN);
         }
         document.onmousedown = quiz_secure_window.intercept_click;
-        document.oncontextmenu = new Function("alert(quiz_secure_window.protection_message); return false")
+        document.oncontextmenu = function() {alert(quiz_secure_window.protection_message); return false;};
     },
 
     // Code for secure window. This used to be in protect_js.php. I don't understand it,
@@ -213,7 +213,7 @@ quiz_secure_window = {
             quiz_secure_window.close_next_url = url;
         }
         if (delay > 0) {
-            setTimeout('quiz_close_securewindow("", 0)', delay*1000);
+            setTimeout(function() {quiz_secure_window.close('eval (x)', 0);}, delay*1000);
         } else {
             if (window.opener) {
                 window.opener.document.location.reload();
diff --git a/mod/quiz/review.php b/mod/quiz/review.php
index f481b6f1afe..7316a0ad6a5 100644
--- a/mod/quiz/review.php
+++ b/mod/quiz/review.php
@@ -232,10 +232,8 @@
                 '<input type="submit" id="savingflagssubmit" name="savingflags" value="' .
                 get_string('saveflags', 'question') . '" />' .
                 "</div>\n" .
-                "\n</div></form>\n" .
-                '<script type="text/javascript">' .
-                "\nquestion_flag_changer.init_flag_save_form('savingflagssubmit');\n" .
-                "</script>\n";
+                "\n</div></form>\n";
+        print_js_call('question_flag_changer.init_flag_save_form', array('savingflagssubmit'));
     }
 
 /// Print a link to the next page.
diff --git a/question/export.php b/question/export.php
index 7836e4a4b9c..24b5de9da87 100644
--- a/question/export.php
+++ b/question/export.php
@@ -118,17 +118,8 @@
         } else {
             $efile = get_file_url($filename, null, 'questionfile');
             echo '<p><div class="boxaligncenter">' .
-                    get_string('yourfileshoulddownload', 'question', $efile) . '</a></div></p>';
-            echo '
-<script type="text/javascript">
-//<![CDATA[
-
-  function redirect() {
-      document.location.replace("' .  addslashes_js($efile) . '");
-  }
-  setTimeout("redirect()", 1000);
-//]]>
-</script>';
+                    get_string('yourfileshoulddownload', 'question', $efile) . '</div></p>';
+            print_delayed_js_call(1, 'document.location.replace', array($efile));
         }
 
         print_continue('edit.php?' . $thispageurl->get_query_string());