mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-14 04:52:36 +02:00
Code Issues Projects Releases Wiki Activity

MDL-16613 sesskey cleanup

Browse Source
This commit is contained in:
skodak 2009-01-02 10:51:26 +00:00
parent d877685831
commit 973d2660e6
28 changed files with 51 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
admin/modules.php
View File

@ -205,7 +205,7 @@
// took out hspace="\10\", because it does not validate. don't know what to replace with.
$icon = "<img src=\"$CFG->modpixpath/$module->name/icon.gif\" class=\"icon\" alt=\"\" />";
$delete = "<a href=\"modules.php?delete=$module->name&amp;sesskey=$USER->sesskey\">$strdelete</a>";
$delete = "<a href=\"modules.php?delete=$module->name&amp;sesskey=".sesskey()."\">$strdelete</a>";
if (file_exists("$CFG->dirroot/mod/$module->name/settings.php") ||
file_exists("$CFG->dirroot/mod/$module->name/settingstree.php")) {
@ -224,11 +224,11 @@
}
if ($module->visible) {
$visible = "<a href=\"modules.php?hide=$module->name&amp;sesskey=$USER->sesskey\" title=\"$strhide\">".
$visible = "<a href=\"modules.php?hide=$module->name&amp;sesskey=".sesskey()."\" title=\"$strhide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" class=\"icon\" alt=\"$strhide\" /></a>";
$class = "";
} else {
$visible = "<a href=\"modules.php?show=$module->name&amp;sesskey=$USER->sesskey\" title=\"$strshow\">".
$visible = "<a href=\"modules.php?show=$module->name&amp;sesskey=".sesskey()."\" title=\"$strshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" class=\"icon\" alt=\"$strshow\" /></a>";
$class = " class=\"dimmed_text\"";
}

2
admin/timezone.php
View File

@ -40,7 +40,7 @@
echo '<center><form action="timezone.php" method="post">';
echo "$strusers ($strall): ";
choose_from_menu ($timezones, "zone", $current, get_string("serverlocaltime"), "", "99");
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
echo '<input type="submit" value="'.s($strsavechanges).'" />';
echo "</form></center>";

4
admin/user.php
View File

@ -225,7 +225,7 @@
$deletebutton = "";
} else {
if (has_capability('moodle/user:delete', $sitecontext)) {
$deletebutton = "<a href=\"user.php?delete=$user->id&amp;sesskey=$USER->sesskey\">$strdelete</a>";
$deletebutton = "<a href=\"user.php?delete=$user->id&amp;sesskey=".sesskey()."\">$strdelete</a>";
} else {
$deletebutton ="";
}
@ -234,7 +234,7 @@
if (has_capability('moodle/user:update', $sitecontext) and ($user->id==$USER->id or $user->id != $mainadmin->id) and !is_mnet_remote_user($user)) {
$editbutton = "<a href=\"$securewwwroot/user/editadvanced.php?id=$user->id&amp;course=$site->id\">$stredit</a>";
if ($user->confirmed == 0) {
$confirmbutton = "<a href=\"user.php?confirmuser=$user->id&amp;sesskey=$USER->sesskey\">" . get_string('confirm') . "</a>";
$confirmbutton = "<a href=\"user.php?confirmuser=$user->id&amp;sesskey=".sesskey()."\">" . get_string('confirm') . "</a>";
} else {
$confirmbutton = "";
}

3
blocks/tags/block_tags.php
View File

@ -230,6 +230,7 @@ class block_tags extends block_base {
$buttonadd = get_string('add', $tagslang);
$arrowtitle = get_string('arrowtitle', $tagslang);
$coursetaghelpbutton = helpbutton('addtags', 'adding tags', $tagslang, TRUE, FALSE, '', TRUE);
$sesskey = sesskey();
$this->content->footer .= <<<EOT
<hr />
<form action="{$CFG->wwwroot}/tag/coursetags_add.php" method="post" id="coursetag"
@ -237,7 +238,7 @@ class block_tags extends block_base {
<div style="display: none;">
<input type="hidden" name="entryid" value="$COURSE->id" />
<input type="hidden" name="userid" value="$USER->id" />
<input type="hidden" name="sesskey" value="$USER->sesskey" />
<input type="hidden" name="sesskey" value="$sesskey" />
</div>
<div><label for="coursetag_new_tag">$tagthisunit</label></div>
<div class="coursetag_form_wrapper">

2
course/index.php
View File

@ -332,7 +332,7 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $
unset($tempdisplaylist[$key]);
}
}
popup_form ("index.php?move=$category->id&amp;sesskey=$USER->sesskey&amp;moveto=", $tempdisplaylist, "moveform$category->id", $category->parent, '', '', '', false);
popup_form ("index.php?move=$category->id&amp;sesskey=".sesskey()."&amp;moveto=", $tempdisplaylist, "moveform$category->id", $category->parent, '', '', '', false);
}
echo '</td>';
echo '</tr>';

8
course/search.php
View File

@ -188,7 +188,7 @@
///add the module parameter to the paging bar if they exists
$modulelink = "";
if (!empty($modulelist) and confirm_sesskey()) {
$modulelink = "&amp;modulelist=".$modulelist."&amp;sesskey=".$USER->sesskey;
$modulelink = "&amp;modulelist=".$modulelist."&amp;sesskey=".sesskey();
}
print_navigation_bar($totalcount, $page, $perpage, $encodedsearch, $modulelink);
@ -205,7 +205,7 @@
} else {
/// Show editing UI.
echo "<form id=\"movecourses\" action=\"search.php\" method=\"post\">\n";
echo "<div><input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />\n";
echo "<div><input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />\n";
echo "<input type=\"hidden\" name=\"search\" value=\"".s($search)."\" />\n";
echo "<input type=\"hidden\" name=\"page\" value=\"$page\" />\n";
echo "<input type=\"hidden\" name=\"perpage\" value=\"$perpage\" /></div>\n";
@ -277,10 +277,10 @@
// checks whether user can change visibility
if (has_capability('moodle/course:visibility', $coursecontext)) {
if (!empty($course->visible)) {
echo "<a title=\"".get_string("hide")."\" href=\"search.php?search=$encodedsearch&amp;perpage=$perpage&amp;page=$page&amp;hide=$course->id&amp;sesskey=$USER->sesskey\">\n<img".
echo "<a title=\"".get_string("hide")."\" href=\"search.php?search=$encodedsearch&amp;perpage=$perpage&amp;page=$page&amp;hide=$course->id&amp;sesskey=".sesskey()."\">\n<img".
" src=\"$pixpath/t/hide.gif\" class=\"iconsmall\" alt=\"".get_string("hide")."\" /></a>\n ";
} else {
echo "<a title=\"".get_string("show")."\" href=\"search.php?search=$encodedsearch&amp;perpage=$perpage&amp;page=$page&amp;show=$course->id&amp;sesskey=$USER->sesskey\">\n<img".
echo "<a title=\"".get_string("show")."\" href=\"search.php?search=$encodedsearch&amp;perpage=$perpage&amp;page=$page&amp;show=$course->id&amp;sesskey=".sesskey()."\">\n<img".
" src=\"$pixpath/t/show.gif\" class=\"iconsmall\" alt=\"".get_string("show")."\" /></a>\n ";
}
}

6
grade/edit/outcome/index.php
View File

@ -107,7 +107,7 @@ switch ($action) {
"index.php?id={$courseid}", "index.php?id={$courseid}",
array('outcomeid' => $outcome->id,
'action'=> 'delete',
'sesskey' => $USER->sesskey,
'sesskey' => sesskey(),
'deleteconfirmed'=> 1)
);
print_footer();
@ -176,7 +176,7 @@ if ($courseid and $outcomes = grade_outcome::fetch_all_local($courseid)) {
$buttons .= "<a title=\"$stredit\" href=\"edit.php?courseid=$courseid&amp;id=$outcome->id\"><img".
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
if ($outcome->can_delete()) {
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;outcomeid=$outcome->id&amp;action=delete&amp;sesskey=$USER->sesskey\"><img".
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;outcomeid=$outcome->id&amp;action=delete&amp;sesskey=".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
@ -233,7 +233,7 @@ if ($outcomes = grade_outcome::fetch_all_global()) {
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
}
if (has_capability('moodle/grade:manage', get_context_instance(CONTEXT_SYSTEM)) and $outcome->can_delete()) {
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;outcomeid=$outcome->id&amp;action=delete&amp;sesskey=$USER->sesskey\"><img".
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;outcomeid=$outcome->id&amp;action=delete&amp;sesskey=".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;

4
grade/edit/scale/index.php
View File

@ -112,7 +112,7 @@ if ($courseid and $scales = grade_scale::fetch_all_local($courseid)) {
$buttons .= "<a title=\"$stredit\" href=\"edit.php?courseid=$courseid&amp;id=$scale->id\"><img".
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
if (!$used) {
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;scaleid=$scale->id&amp;action=delete&amp;sesskey=$USER->sesskey\"><img".
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;scaleid=$scale->id&amp;action=delete&amp;sesskey=".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;
@ -142,7 +142,7 @@ if ($scales = grade_scale::fetch_all_global()) {
" src=\"$CFG->pixpath/t/edit.gif\" class=\"iconsmall\" alt=\"$stredit\" /></a> ";
}
if (!$used and has_capability('moodle/course:managescales', get_context_instance(CONTEXT_SYSTEM))) {
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;scaleid=$scale->id&amp;action=delete&amp;sesskey=$USER->sesskey\"><img".
$buttons .= "<a title=\"$strdelete\" href=\"index.php?id=$courseid&amp;scaleid=$scale->id&amp;action=delete&amp;sesskey=".sesskey()."\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" class=\"iconsmall\" alt=\"$strdelete\" /></a> ";
}
$line[] = $buttons;

4
grade/lib.php
View File

@ -1166,7 +1166,7 @@ class grade_seq extends grade_structure {
global $USER, $CFG;
$this->courseid = $courseid;
$this->commonvars = "&amp;sesskey=$USER->sesskey&amp;id=$this->courseid";
$this->commonvars = "&amp;sesskey=".sesskey()."&amp;id=$this->courseid";
$this->context = get_context_instance(CONTEXT_COURSE, $courseid);
// get course grade tree
@ -1310,7 +1310,7 @@ class grade_tree extends grade_structure {
global $USER, $CFG;
$this->courseid = $courseid;
$this->commonvars = "&amp;sesskey=$USER->sesskey&amp;id=$this->courseid";
$this->commonvars = "&amp;sesskey=".sesskey()."&amp;id=$this->courseid";
$this->levels = array();
$this->context = get_context_instance(CONTEXT_COURSE, $courseid);

2
index.php
View File

@ -156,7 +156,7 @@
if (ismoving($SITE->id)) {
$stractivityclipboard = strip_tags(get_string('activityclipboard', '', $USER->activitycopyname));
echo '<p><font size="2">';
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"course/mod.php?cancelcopy=true&amp;sesskey=$USER->sesskey\">". get_string('cancel') .'</a>)';
echo "$stractivityclipboard&nbsp;&nbsp;(<a href=\"course/mod.php?cancelcopy=true&amp;sesskey=".sesskey()."\">". get_string('cancel') .'</a>)';
echo '</font></p>';
}

2
lib/weblib.php
View File

@ -5335,7 +5335,7 @@ function update_categories_search_button($search,$page,$perpage) {
return "<form $CFG->frametarget method=\"get\" action=\"$CFG->wwwroot/course/search.php\">".
'<div>'.
"<input type=\"hidden\" name=\"edit\" value=\"$edit\" />".
"<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />".
"<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />".
"<input type=\"hidden\" name=\"search\" value=\"".s($search, true)."\" />".
"<input type=\"hidden\" name=\"page\" value=\"$page\" />".
"<input type=\"hidden\" name=\"perpage\" value=\"$perpage\" />".

2
mod/chat/report.php
View File

@ -60,7 +60,7 @@
if ($deletesession and has_capability('mod/chat:deletelog', $context)) {
notice_yesno(get_string('deletesessionsure', 'chat'),
"report.php?id=$cm->id&amp;deletesession=1&amp;confirmdelete=1&amp;start=$start&amp;end=$end&amp;sesskey=$USER->sesskey",
"report.php?id=$cm->id&amp;deletesession=1&amp;confirmdelete=1&amp;start=$start&amp;end=$end&amp;sesskey=".sesskey(),
"report.php?id=$cm->id");
}

10
mod/feedback/complete_guest.php
View File

@ -77,9 +77,7 @@
}
//check whether the user has a session
if(!isset($USER->sesskey) OR !$USER->sesskey) {
print_error('error');
}
// there used to be a sesskey test - this could not work - sorry
//check whether the feedback is located and! started from the mainsite
if($course->id == SITEID AND !$courseid) {
@ -150,7 +148,7 @@
//check, if all required items have a value
if(feedback_check_values($_POST, $startitempos, $lastitempos)) {
$userid = $USER->id; //arb
if($completedid = feedback_save_guest_values($_POST, $USER->sesskey)){
if($completedid = feedback_save_guest_values($_POST, sesskey())){
add_to_log($course->id, 'feedback', 'startcomplete', 'view.php?id='.$cm->id, $feedback->id); //arb: log even guest submissions or at least the startcomplete since the other add log event is elsewhere
if(!$gonextpage AND !$gopreviouspage) $preservevalues = false;//es kann gespeichert werden
@ -220,7 +218,7 @@
$firstpagebreak = false;
}
$maxitemcount = $DB->count_records('feedback_item', array('feedback'=>$feedback->id));
$feedbackcompletedtmp = feedback_get_current_completed($feedback->id, true, $courseid, $USER->sesskey);
$feedbackcompletedtmp = feedback_get_current_completed($feedback->id, true, $courseid, sesskey());
/// Print the main part of the page
///////////////////////////////////////////////////////////////////////////
@ -308,7 +306,7 @@
$value = isset($formdata->{$frmvaluename})?$formdata->{$frmvaluename}:NULL;
}else {
if(isset($feedbackcompletedtmp->id)) {
$value = feedback_get_item_value($feedbackcompletedtmp->id, $feedbackitem->id, $USER->sesskey);
$value = feedback_get_item_value($feedbackcompletedtmp->id, $feedbackitem->id, sesskey());
}
}
echo '<tr>';

4
mod/feedback/delete_template.php
View File

@ -114,7 +114,7 @@
echo '<input type="hidden" name="deletetempl" value="'.$template->id.'" />';
echo '<input type="hidden" name="shoulddelete" value="1" />';
echo '<input type="hidden" name="id" value="'.$id.'" />';
echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '</form>';
echo '</td></tr>';
}
@ -122,7 +122,7 @@
}
?>
<form name="frm" action="<?php echo $ME;?>" method="post">
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey;?>" />
<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<input type="hidden" name="id" value="<?php echo $id;?>" />
<input type="hidden" name="canceldelete" value="0" />
<button type="button" onclick="this.form.canceldelete.value=1;this.form.submit();"><?php print_string('cancel');?></button>

4
mod/feedback/edit.php
View File

@ -408,7 +408,7 @@
$query = 'id='.$id;
$query .= '&do_show='.$tab;
//$query .= '&sesskey='.$USER->sesskey;
//$query .= '&sesskey='.sesskey();
return $query;
}
@ -416,7 +416,7 @@
function feedback_edit_print_default_form_values($id, $tab) {
global $USER;
echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<input type="hidden" name="id" value="'.$id.'" />';
echo '<input type="hidden" name="do_show" value="'.$tab.'" />';
}

2
mod/feedback/edit_item.php
View File

@ -185,7 +185,7 @@
// print_simple_box_start('center');
print_box_start('generalbox boxwidthwide boxaligncenter');
echo '<form action="'.$ME.'" method="post">';
echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
//this div makes the buttons stand side by side
echo '<div>';

8
mod/feedback/show_entries.php
View File

@ -193,7 +193,7 @@
<td align="right">
<?php
$show_button_link = $ME;
$show_button_options = array('sesskey'=>$USER->sesskey, 'userid'=>$student->id, 'do_show'=>'showoneentry', 'id'=>$id);
$show_button_options = array('sesskey'=>sesskey(), 'userid'=>$student->id, 'do_show'=>'showoneentry', 'id'=>$id);
$show_button_label = get_string('show_entries', 'feedback');
print_single_button($show_button_link, $show_button_options, $show_button_label, 'post');
?>
@ -204,7 +204,7 @@
<td align="right">
<?php
$delete_button_link = 'delete_completed.php';
$delete_button_options = array('sesskey'=>$USER->sesskey, 'completedid'=>$feedbackcompleted->id, 'do_show'=>'showoneentry', 'id'=>$id);
$delete_button_options = array('sesskey'=>sesskey(), 'completedid'=>$feedbackcompleted->id, 'do_show'=>'showoneentry', 'id'=>$id);
$delete_button_label = get_string('delete_entry', 'feedback');
print_single_button($delete_button_link, $delete_button_options, $delete_button_label, 'post');
?>
@ -228,7 +228,7 @@
<td align="right">
<?php
$show_anon_button_link = 'show_entries_anonym.php';
$show_anon_button_options = array('sesskey'=>$USER->sesskey, 'userid'=>0, 'do_show'=>'showoneentry', 'id'=>$id);
$show_anon_button_options = array('sesskey'=>sesskey(), 'userid'=>0, 'do_show'=>'showoneentry', 'id'=>$id);
$show_anon_button_label = get_string('show_entries', 'feedback');
print_single_button($show_anon_button_link, $show_anon_button_options, $show_anon_button_label, 'post');
?>
@ -259,7 +259,7 @@
// print_simple_box_start("center", '50%');
print_box_start('generalbox boxaligncenter boxwidthnormal');
echo '<form>';
echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<table width="100%">';
$itemnr = 0;
foreach($feedbackitems as $feedbackitem){

4
mod/feedback/show_entries_anonym.php
View File

@ -98,7 +98,7 @@
<table>
<tr>
<td>
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey;?>" />
<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<select name="completedid" size="<?php echo (sizeof($feedbackcompleteds)>10)?10:5;?>">
<?php
if(is_array($feedbackcompleteds)) {
@ -142,7 +142,7 @@
// print_simple_box_start("center", '50%');
print_box_start('generalbox boxaligncenter boxwidthnormal');
echo '<form>';
echo '<input type="hidden" name="sesskey" value="' . $USER->sesskey . '" />';
echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
echo '<table width="100%">';
$itemnr = 0;
foreach($feedbackitems as $feedbackitem){

2
mod/feedback/view.php
View File

@ -186,7 +186,7 @@
//if the user is not known so we cannot save the values temporarly
if(!isset($USER->username) OR $USER->username == 'guest') {
$completefile = 'complete_guest.php';
$guestid = $USER->sesskey;
$guestid = sesskey();
}else {
$completefile = 'complete.php';
$guestid = false;

7
mod/hotpot/index.php
View File

@ -18,12 +18,7 @@
add_to_log($course->id, "hotpot", "view all", "index.php?id=$course->id", "");
// Moodle 1.4+ requires sesskey to be passed in forms
if (isset($USER->sesskey)) {
$sesskey = '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
} else {
$sesskey = '';
}
$sesskey = '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
// get message strings for titles
$strmodulenameplural = get_string("modulenameplural", "hotpot");

4
mod/quiz/editlib.php
View File

@ -447,7 +447,7 @@ function quiz_print_question_list($quiz, $pageurl, $allowdelete=true,
<form method="post" action="edit.php"><div>
<fieldset class="invisiblefieldset" style="display: block;">
<label for="<?php echo "inputq$qnum" ?>"><?php echo $strgrade; ?></label>:<br />
<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
<?php echo $pageurl->hidden_params_out(); ?>
<input type="hidden" name="savechanges" value="save" />
<?php
@ -1499,7 +1499,7 @@ function quiz_print_grading_form($quiz, $pageurl, $tabindex){
$strsave=get_string('save',"quiz");
echo "<form method=\"post\" action=\"edit.php\"><div>";
echo '<fieldset class="invisiblefieldset" style="display: block;">';
echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />";
echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
echo $pageurl->hidden_params_out();
$a='<input type="text" id="inputmaxgrade" name="maxgrade" size="' . ($quiz->decimalpoints + 2) . '" tabindex="'.($tabindex)
.'" value="'.quiz_format_grade($quiz, $quiz->grade).'" />';

2
mod/resource/type/ims/resource.class.php
View File

@ -384,7 +384,7 @@ class resource_ims extends resource_base {
$options['courseid'] = $course->id;
$options['cmid'] = $cm->id;
$options['file'] = $resource->reference;
$options['sesskey'] = $USER->sesskey;
$options['sesskey'] = sesskey();
$options['inpopup'] = $inpopup;
if ($errorcode == 3) {
$label = get_string ('deploy', 'resource');

2
mod/scorm/datamodels/aicc.js.php
View File

@ -527,7 +527,7 @@ function AICCapi() {
}
//popupwin(datastring);
var myRequest = NewHttpReq();
result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
results = result.split('\n');
errorCode = results[1];
return results[0];

2
mod/scorm/datamodels/scorm_12.js.php
View File

@ -585,7 +585,7 @@ function SCORMapi1_2() {
datastring += '&scoid=<?php echo $scoid ?>';
var myRequest = NewHttpReq();
result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
results = String(result).split('\n');
errorCode = results[1];
return results[0];

2
mod/scorm/datamodels/scorm_13.js.php
View File

@ -1237,7 +1237,7 @@ function SCORMapi1_3() {
// }
?>
var myRequest = NewHttpReq();
var result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php p($USER->sesskey) ?>"+datastring);
var result = DoRequest(myRequest,"<?php p($CFG->wwwroot) ?>/mod/scorm/datamodel.php","id=<?php p($id) ?>&sesskey=<?php echo sesskey() ?>"+datastring);
<?php
// if (scorm_debugging($scorm)) {
// echo 'popupwin(result);';

2
question/editlib.php
View File

@ -338,7 +338,7 @@ function question_list($contexts, $pageurl, $categoryandcontext, $cm = null,
if (question_has_capability_on($question, 'edit', $question->category)) {
// hide-feature
if($question->hidden) {
echo "<a title=\"$strrestore\" href=\"edit.php?".$pageurl->get_query_string()."&amp;unhide=$question->id&amp;sesskey=$USER->sesskey\"><img
echo "<a title=\"$strrestore\" href=\"edit.php?".$pageurl->get_query_string()."&amp;unhide=$question->id&amp;sesskey=".sesskey()."\"><img
src=\"$CFG->pixpath/t/restore.gif\" alt=\"$strrestore\" /></a>";
} else {
echo "<a title=\"$strdelete\" href=\"edit.php?".$pageurl->get_query_string()."&amp;deleteselected=$question->id&amp;q$question->id=1\"><img

5
tag/coursetags_edit.php
View File

@ -117,13 +117,14 @@ print_header_simple($title, '', $nav, '', '', false);
$script = coursetag_get_jscript();
$addtagshelp = helpbutton('addtags', 'adding tags', $tagslang, TRUE, FALSE, '', TRUE);
$edittagthisunit = get_string('edittagthisunit', $tagslang);
$arrowtitle = get_string('arrowtitle', $tagslang);
$arrowtitle = get_string('arrowtitle', $tagslang);
$sesskey = sesskey();
$outstr .= <<<EOT
$script
<form action="$CFG->wwwroot/tag/coursetags_edit.php" method="post" id="coursetag">
<div style="display: none;">
<input type="hidden" name="courseid" value="$course->id" />
<input type="hidden" name="sesskey" value="$USER->sesskey" />
<input type="hidden" name="sesskey" value="$sesskey" />
</div>
<div class="coursetag_edit_centered">
<div class="coursetag_edit_row">

2
theme/index.php
View File

@ -57,7 +57,7 @@
print_heading($strthemes);
$themes = get_list_of_plugins("theme");
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
$sesskey = sesskey();
echo "<table style=\"margin-left:auto;margin-right:auto;\" cellpadding=\"7\" cellspacing=\"5\">\n";