mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-22 00:42:54 +02:00
Code Issues Projects Releases Wiki Activity

updategrade now cleans params correctly now (i hope)

Browse Source
This commit is contained in:
michaelpenne 2005-03-10 20:42:09 +00:00
parent 801697d170
commit d0b8bcdc8b
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
mod/lesson/view.php
View File

@ -1669,9 +1669,9 @@
confirm_sesskey();
$form = lesson_clean_data_submitted();
$form = data_submitted();
if (!$essay = get_record("lesson_attempts", "id", $form->attemptid)) {
if (!$essay = get_record("lesson_attempts", "id", clean_param($form->attemptid, PARAM_INT))) {
error("Error: could not find essay");
}
@ -1682,11 +1682,11 @@
$essayinfo = new stdClass;
$essayinfo = unserialize($essay->useranswer);
$essayinfo->graded = 1;
$essayinfo->score = $form->score;
$essayinfo->response = stripslashes_safe($form->response);
$essayinfo->graded = 1;
$essayinfo->score = clean_param($form->score, PARAM_INT);
$essayinfo->response = clean_param(stripslashes_safe($form->response), PARAM_CLEANHTML);
$essayinfo->sent = 0;
if (!$lesson->custom && $form->score == 1) {
if (!$lesson->custom && $essayinfo->score == 1) {
$essay->correct = 1;
} else {
$essay->correct = 0;