Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MDL-37896 qtype_essay: correct PARAM_CLEANHTML -> PARAM_RAW.

It turns out that you should almost never use PARAM_CLEANHTML.
  • Loading branch information...
commit 772979e593a5edbcdc83b820eee6025dc9f59df9 1 parent c192132
@timhunt timhunt authored
View
6 lib/moodlelib.php
@@ -116,7 +116,11 @@
define('PARAM_CAPABILITY', 'capability');
/**
- * PARAM_CLEANHTML - cleans submitted HTML code. use only for text in HTML format. This cleaning may fix xhtml strictness too.
+ * PARAM_CLEANHTML - cleans submitted HTML code. Note that you almost never want
+ * to use this. The normal mode of operation is to use PARAM_RAW when recieving
+ * the input (required/optional_param or formslib) and then sanitse the HTML
+ * using format_text on output. This is for the rare cases when you want to
+ * sanitise the HTML on input. This cleaning may also fix xhtml strictness.
*/
define('PARAM_CLEANHTML', 'cleanhtml');
View
6 question/engine/questionattempt.php
@@ -64,7 +64,7 @@ class question_attempt {
* @var string special value to indicate a response variable that is uploaded
* files.
*/
- const PARAM_CLEANHTML_FILES = 'paramcleanhtmlfiles';
+ const PARAM_RAW_FILES = 'paramrawfiles';
/** @var integer if this attempts is stored in the question_attempts table, the id of that row. */
protected $id = null;
@@ -888,8 +888,8 @@ public function get_submitted_var($name, $type, $postdata = null) {
case self::PARAM_FILES:
return $this->process_response_files($name, $name, $postdata);
- case self::PARAM_CLEANHTML_FILES:
- $var = $this->get_submitted_var($name, PARAM_CLEANHTML, $postdata);
+ case self::PARAM_RAW_FILES:
+ $var = $this->get_submitted_var($name, PARAM_RAW, $postdata);
return $this->process_response_files($name, $name . ':itemid', $postdata, $var);
default:
View
4 question/type/essay/question.php
@@ -55,9 +55,7 @@ public function get_format_renderer(moodle_page $page) {
public function get_expected_data() {
if ($this->responseformat == 'editorfilepicker') {
- $expecteddata = array('answer' => question_attempt::PARAM_CLEANHTML_FILES);
- } else if ($this->responseformat == 'editor') {
- $expecteddata = array('answer' => PARAM_CLEANHTML);
+ $expecteddata = array('answer' => question_attempt::PARAM_RAW_FILES);
} else {
$expecteddata = array('answer' => PARAM_RAW);
}
Please sign in to comment.
Something went wrong with that request. Please try again.