From f7f630bce744a5d96ce97c9569b6f29f415847fe Mon Sep 17 00:00:00 2001 From: gbateson Date: Thu, 28 Sep 2006 13:24:36 +0000 Subject: [PATCH] added PARAM types to calls using "required_param" and "optional_param" functions --- mod/hotpot/show.php | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/mod/hotpot/show.php b/mod/hotpot/show.php index 6acdc341e71..13122c3102d 100644 --- a/mod/hotpot/show.php +++ b/mod/hotpot/show.php @@ -1,19 +1,20 @@ action = required_param('action'); - $params->course = required_param('course'); - $params->reference = required_param('reference'); + + $params = new stdClass(); + $params->action = required_param('action', PARAM_ALPHA); + $params->course = required_param('course', PARAM_INT); + $params->reference = required_param('reference', PARAM_PATH); + require_login($params->course); + if (!has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $params->course))) { error("You are not allowed to view this page!"); } if (has_capability('mod/hotpot:viewreport', get_context_instance(CONTEXT_SYSTEM, SITEID))) { - $params->location = optional_param('location', HOTPOT_LOCATION_COURSEFILES); + $params->location = optional_param('location', HOTPOT_LOCATION_COURSEFILES, PARAM_INT); } else { $params->location = HOTPOT_LOCATION_COURSEFILES; } @@ -49,7 +50,9 @@ print htmlspecialchars($hp->source); break; case 'showxmltree': - print_r($hp->xml); + if (isset($hp->xml)) { + print_r($hp->xml); + } break; case 'showhtmlsource': print htmlspecialchars($hp->html);