mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity

quiz: fix URL escaping issues.

Browse Source
This commit is contained in:
tjhunt 2009-07-22 09:49:48 +00:00
parent 82fd2e8bfb
commit d4ad9adf22
4 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
mod/quiz/attempt.php
View File

@ -34,7 +34,11 @@
/// Check that this attempt belongs to this user.
if ($attemptobj->get_userid() != $USER->id) {
redirect($attemptobj->review_url(0, $page));
if ($attemptobj->has_capability('mod/quiz:viewreports')) {
redirect($attemptobj->review_url(0, $page));
} else {
quiz_error($attemptobj->get_quiz(), 'notyourattempt');
}
}
/// Check capabilites.
@ -110,17 +114,10 @@
$accessmanager->print_messages($messages);
print_box_end();
}
} else {
/// Just a heading.
if ($attemptobj->get_num_attempts_allowed() != 1) {
print_heading(format_string($attemptobj->get_quiz_name()).' - '.$title);
} else {
print_heading(format_string($attemptobj->get_quiz_name()));
}
}
// Start the form
echo '<form id="responseform" method="post" action="', $attemptobj->processattempt_url(),
echo '<form id="responseform" method="post" action="', s($attemptobj->processattempt_url()),
'" enctype="multipart/form-data" accept-charset="utf-8">', "\n";
// A quiz page with a lot of questions can take a long time to load, and we

6
mod/quiz/attemptlib.php
View File

@ -725,7 +725,7 @@ class quiz_attempt extends quiz {
$attemptlist[] = '<strong>' . $at->attempt . '</strong>';
} else {
$changedurl = preg_replace($search, 'attempt=' . $at->id, $url);
$attemptlist[] = '<a href="' . $changedurl . '">' . $at->attempt . '</a>';
$attemptlist[] = '<a href="' . s($changedurl) . '">' . $at->attempt . '</a>';
}
}
return implode(', ', $attemptlist);
@ -817,9 +817,9 @@ class quiz_attempt extends quiz {
}
$param = '';
if ($showall) {
$param = '&amp;showall=1';
$param = '&showall=1';
} else if ($page > 0) {
$param = '&amp;page=' . $page;
$param = '&page=' . $page;
}
return $param . $fragment;
}

4
mod/quiz/review.php
View File

@ -204,7 +204,7 @@
/// Form for saving flags if necessary.
if ($options->flags == QUESTION_FLAGSEDITABLE) {
echo '<form action="' . $attemptobj->review_url(0, $page, $showall) .
echo '<form action="' . s($attemptobj->review_url(0, $page, $showall)) .
'" method="post"><div>';
echo '<input type="hidden" name="sesskey" value="' . sesskey() . '" />';
}
@ -236,7 +236,7 @@
if ($lastpage) {
$accessmanager->print_finish_review_link($attemptobj->is_preview_user());
} else {
link_arrow_right(get_string('next'), $attemptobj->review_url(0, $page + 1));
link_arrow_right(get_string('next'), s($attemptobj->review_url(0, $page + 1)));
}
echo "</div>";

4
mod/quiz/summary.php
View File

@ -91,7 +91,7 @@ foreach ($attemptobj->get_question_iterator() as $number => $question) {
$flag = ' <img src="' . $OUTPUT->old_icon_url('i/flagged') . '" alt="' .
get_string('flagged', 'question') . '" class="questionflag" />';
}
$row = array('<a href="' . $attemptobj->attempt_url($question->id) . '">' . $number . $flag . '</a>',
$row = array('<a href="' . s($attemptobj->attempt_url($question->id)) . '">' . $number . $flag . '</a>',
get_string($attemptobj->get_question_status($question->id), 'quiz'));
if ($scorescolumn) {
$row[] = $attemptobj->get_question_score($question->id);
@ -114,7 +114,7 @@ $options = array(
'questionids' => '',
'sesskey' => sesskey(),
);
print_single_button($attemptobj->processattempt_url(), $options, get_string('finishattempt', 'quiz'),
print_single_button(s($attemptobj->processattempt_url()), $options, get_string('finishattempt', 'quiz'),
'post', '', false, '', false, get_string('confirmclose', 'quiz'), 'responseform');
echo "</div>\n";