record upon showing the quiz, and completing it upon submit.
Two new fields in quiz_attempts... should be upgrade friendly.
(Old attempts will show up as being of duration zero)
Also some small fixes here and there.
HTML text allow the same range of HTML tags (so it doesn't matter is you
switch from one to the other).
<IMG> and <A> are now ALLOWED in Moodle text. However, the clean_text
function now checks for and removes any embedded javascript triggers
to avoid cross-site scripting attacks that way.
clean_text() should be called on ANY text that comes in from students.
up smileys etc if the text has been edited at any stage using the
richtext editor.
I realise it's possible for students to really mess up forums display
etc if they wanted to include a huge picture ... I'm not sure if there
are any cross-site scripting attacks possible with images in there.
But there is also now the HTML format for most things, which is editable
using an ordinary form, so this problem is currently already exposed.
I think it's OK as long as can find a filter to strip all javascript
out of ANY format text in Moodle.
THIS IS A BIG CHANGE!
I've renamed the "reading" module to "resource".
This meant changing quite a few references throughout Moodle.
The automatic upgrade process should work OK (it worked OK on my
development server) and there shouldn't be any problems.
BUT PLEASE PROCEED WITH CAUTION AND KEEP BACKUPS OF EVERYTHING
UNTIL I HAVE A FEW MORE TESTS! If you upgrade please let me know.
One thing that will break are any hard-coded links within forum messages.
What I will be doing to fix this on my apache server is to add this to
httpd.conf:
Redirect /mod/reading/ http://moodle.com/mod/resource/
Sorry about any inconvenience, but it's better this is done sooner than later.
