mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-19 07:25:30 +02:00
Code Issues Projects Releases Wiki Activity

[MDL-14442] Resolve reopened bug for importing database records as CSV by applying "MDL-14442-clean_param.patch" (see tracker). Don't use PARAM_NOTAGS anymore. Merged from MOODLE_19_STABLE.

Browse Source
This commit is contained in:
robertall 2008-05-28 13:10:58 +00:00
parent aa40f47a87
commit 8f31ccd51a
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
mod/data/import.php
View File

@ -126,16 +126,27 @@
$content = new object();
$content->fieldid = $field->id;
$content->recordid = $recordid;
if ($field->type == 'textarea') {
// the only field type where HTML is possible
$value = clean_param($value, PARAM_CLEANHTML);
} else {
// remove potential HTML:
$patterns[] = '/</';
$replacements[] = '&lt;';
$patterns[] = '/>/';
$replacements[] = '&gt;';
$value = preg_replace($patterns, $replacements, $value);
}
$value = addslashes($value);
// for now, only for "latlong" and "url" fields, but that should better be looked up from
// $CFG->dirroot . '/mod/data/field/' . $field->type . '/field.class.php'
// once there is stored how many contents the field can have.
$value = addslashes($value);
if (preg_match("/^(latlong|url)$/", $field->type)) {
$values = explode(" ", clean_param($value, PARAM_NOTAGS), 2);
$values = explode(" ", $value, 2);
$content->content = $values[0];
$content->content1 = $values[1];
} else {
$content->content = clean_param($value, PARAM_NOTAGS);
$content->content = $value;
}
$oldcontent = get_record('data_content', 'fieldid', $field->id, 'recordid', $recordid);
$content->id = $oldcontent->id;