Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

changed all the POST with option/required_param functions

  • Loading branch information...
commit 7b8732344eca9d24a6a091d9552c02d891c37f25 1 parent 281d70a
bobopinna authored
View
9 mod/scorm/aicc.php
@@ -2,10 +2,13 @@
require_once('../../config.php');
require_once('lib.php');
- //require_login($course->id, false, $cm);
+ $command = required_param('command', '', PARAM_ALPHA);
+ $sessionid = required_param('session_id', '', PARAM_ALPHA);
+
+ require_login($course->id, false, $cm);
- if (isset($_POST['command']) && confirm_sesskey($_POST['session_id'])) {
- $command = strtolower($_POST['command']);
+ if (!empty($command) && confirm_sesskey($sessionid)) {
+ $command = strtolower($command);
if (isset($SESSION->scorm_scoid)) {
$scoid = $SESSION->scorm_scoid;
View
17 mod/scorm/api.php
@@ -3,25 +3,22 @@
require_once("../../config.php");
require_once("lib.php");
- optional_variable($id); // Course Module ID, or
- optional_variable($a); // scorm ID
- require_variable($scoid); // sco ID
- optional_variable($mode); // navigation mode
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $a = optional_param('a', '', PARAM_INT); // scorm ID
+ $scoid = required_param('scoid', '', PARAM_INT); // sco ID
+ $mode = optional_param('mode', '', PARAM_ALPHA); // navigation mode
- if ($id) {
+ if (!empty($id)) {
if (! $cm = get_record("course_modules", "id", $id)) {
error("Course Module ID was incorrect");
}
-
if (! $course = get_record("course", "id", $cm->course)) {
error("Course is misconfigured");
}
-
if (! $scorm = get_record("scorm", "id", $cm->instance)) {
error("Course module is incorrect");
}
-
- } else {
+ } else if (!empty($a)) {
if (! $scorm = get_record("scorm", "id", $a)) {
error("Course module is incorrect");
}
@@ -31,6 +28,8 @@
if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
View
38 mod/scorm/datamodel.php
@@ -2,35 +2,37 @@
require_once('../../config.php');
require_once('lib.php');
- optional_variable($id); // Course Module ID, or
- optional_variable($a); // scorm IDa
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $a = optional_param('a', '', PARAM_INT); // scorm ID
+ $scoid = required_param('scoid', '', PARAM_INT); // sco ID
- if ($id) {
- if (! $cm = get_record('course_modules', 'id', $id)) {
- error('Course Module ID was incorrect');
+ if (!empty($id)) {
+ if (! $cm = get_record("course_modules", "id", $id)) {
+ error("Course Module ID was incorrect");
}
- if (! $course = get_record('course', 'id', $cm->course)) {
- error('Course is misconfigured');
+ if (! $course = get_record("course", "id", $cm->course)) {
+ error("Course is misconfigured");
}
- if (! $scorm = get_record('scorm', 'id', $cm->instance)) {
- error('Course module is incorrect');
+ if (! $scorm = get_record("scorm", "id", $cm->instance)) {
+ error("Course module is incorrect");
}
- } else {
- if (! $scorm = get_record('scorm', 'id', $a)) {
- error('Course module is incorrect');
+ } else if (!empty($a)) {
+ if (! $scorm = get_record("scorm", "id", $a)) {
+ error("Course module is incorrect");
}
- if (! $course = get_record('course', 'id', $scorm->course)) {
- error('Course is misconfigured');
+ if (! $course = get_record("course", "id", $scorm->course)) {
+ error("Course is misconfigured");
}
- if (! $cm = get_coursemodule_from_instance('scorm', $scorm->id, $course->id)) {
- error('Course Module ID was incorrect');
+ if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
+ error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
- if (confirm_sesskey() && (isset($_POST['scoid']))) {
- $scoid = $_POST['scoid'];
+ if (confirm_sesskey() && (!empty($scoid))) {
$result = true;
foreach ($_POST as $element => $value) {
if (substr($element,0,3) == 'cmi') {
View
10 mod/scorm/index.php
@@ -2,10 +2,14 @@
require_once("../../config.php");
- require_variable($id); // course
+ $id = required_param('id', '', PARAM_INT); // course id
- if (! $course = get_record("course", "id", $id)) {
- error("Course ID is incorrect");
+ if (!empty($id)) {
+ if (! $course = get_record("course", "id", $id)) {
+ error("Course ID is incorrect");
+ }
+ } else {
+ error('A required parameter is missing');
}
require_course_login($course);
View
17 mod/scorm/loadSCO.php
@@ -2,25 +2,22 @@
require_once("../../config.php");
require_once("lib.php");
- optional_variable($id); // Course Module ID, or
- optional_variable($a); // scorm ID
- optional_variable($scoid); // sco ID
- optional_variable($mode); // lesson mode
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $a = optional_param('a', '', PARAM_INT); // scorm ID
+ $scoid = optional_param('scoid', '', PARAM_INT); // sco ID
+ $mode = optional_param('mode', '', PARAM_ALPHA); // navigation mode
- if ($id) {
+ if (!empty($id)) {
if (! $cm = get_record("course_modules", "id", $id)) {
error("Course Module ID was incorrect");
}
-
if (! $course = get_record("course", "id", $cm->course)) {
error("Course is misconfigured");
}
-
if (! $scorm = get_record("scorm", "id", $cm->instance)) {
error("Course module is incorrect");
}
-
- } else {
+ } else if (!empty($a)) {
if (! $scorm = get_record("scorm", "id", $a)) {
error("Course module is incorrect");
}
@@ -30,6 +27,8 @@
if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
View
2  mod/scorm/mod.html
@@ -15,7 +15,7 @@
if (empty($form->auto)) {
$form->auto = "";
}
- if (empty($form->auto)) {
+ if (empty($form->popup)) {
$form->popup = "0";
}
if (empty($form->datadir)) {
View
150 mod/scorm/playscorm.php
@@ -5,38 +5,58 @@
require_once('../../config.php');
require_once('lib.php');
- optional_variable($id); // Course Module ID, or
- optional_variable($a); // scorm ID
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $a = optional_param('a', '', PARAM_INT); // scorm ID
+ $scoid = required_param('scoid', '', PARAM_INT); // sco ID
+ $mode = optional_param('mode', '', PARAM_ALPHA); // navigation mode
+ $currentorg = optional_param('currentorg', '', PARAM_); // selected organization
+
+ //
+ // Checkin script parameters
+ //
+ $modestring = '';
+ $scoidstring = '';
+ $currentorgstring = '';
+ if (!empty($mode)) {
+ $modestring = '&mode='.$mode;
+ }
+ if (!empty($scoid)) {
+ $scoidstring = '&scoid='.$scoid;
+ }
+ if (!empty($currentorg)) {
+ $currentorgstring = '&currentorg='.$currentorg;
+ }
- if ($id) {
- if (! $cm = get_record('course_modules', 'id', $id)) {
- error('Course Module ID was incorrect');
+ if (!empty($id)) {
+ if (! $cm = get_record("course_modules", "id", $id)) {
+ error("Course Module ID was incorrect");
}
-
- if (! $course = get_record('course', 'id', $cm->course)) {
- error('Course is misconfigured');
+ if (! $course = get_record("course", "id", $cm->course)) {
+ error("Course is misconfigured");
}
-
- if (! $scorm = get_record('scorm', 'id', $cm->instance)) {
- error('Course module is incorrect');
+ if (! $scorm = get_record("scorm", "id", $cm->instance)) {
+ error("Course module is incorrect");
}
-
- } else {
- if (! $scorm = get_record('scorm', 'id', $a)) {
- error('Course module is incorrect');
+ } else if (!empty($a)) {
+ if (! $scorm = get_record("scorm", "id", $a)) {
+ error("Course module is incorrect");
}
- if (! $course = get_record('course', 'id', $scorm->course)) {
- error('Course is misconfigured');
+ if (! $course = get_record("course", "id", $scorm->course)) {
+ error("Course is misconfigured");
}
- if (! $cm = get_coursemodule_from_instance('scorm', $scorm->id, $course->id)) {
- error('Course Module ID was incorrect');
+ if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
+ error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
$strscorms = get_string('modulenameplural', 'scorm');
$strscorm = get_string('modulename', 'scorm');
+ $strexpand = get_string('expcoll','scorm');
+ $strpopup = get_string('popup','scorm');
if ($course->category) {
$navigation = "<a target=\"{$CFG->framename}\" href=\"../../course/view.php?id=$course->id\">$course->shortname</a> ->
@@ -54,31 +74,6 @@
}
//
- // Checkin script parameters
- //
- $mode = '';
- $scoid='';
- $currentorg='';
- $modestring = '';
- $scoidstring = '';
- $currentorgstring = '';
- if (!empty($_POST['mode'])) {
- $mode = $_POST['mode'];
- $modestring = '&mode='.$mode;
- }
- if (!empty($_POST['scoid'])) {
- $scoid = $_POST['scoid'];
- $scoidstring = '&scoid='.$scoid;
- }
- if (!empty($_POST['currentorg'])) {
- $currentorg = $_POST['currentorg'];
- $currentorgstring = '&currentorg='.$currentorg;
- }
-
- $strexpand = get_string('expcoll','scorm');
- $strpopup = get_string('popup','scorm');
-
- //
// TOC processing
//
$result = scorm_get_toc($scorm,'structurelist',$currentorg,$scoid,$mode,true);
@@ -110,51 +105,58 @@
?>
<script language="JavaScript" type="text/javascript" src="request.js"></script>
<script language="JavaScript" type="text/javascript" src="api.php?id=<?php echo $cm->id.$scoidstring.$modestring ?>"></script>
+
<table class="fullscreen">
- <tr><td class="top">
- <?php echo $mode == 'browse' ? '<p>'.get_string('browsemode','scorm').'</p>' : ''; ?>
- <table class='generalbox' cellpadding='5' cellspacing='0'>
+ <tr>
<?php
if ($scorm->hidetoc == 0) {
?>
- <tr>
- <th>
- <div class="structurehead"><?php print_string('coursestruct','scorm') ?></div>
- </th>
- </tr>
- <tr>
- <td class="top">
- <?php
- echo $result->toc;
- ?>
- </td>
- </tr>
+ <td class="top">
+ <table class='generalbox'>
+ <tr>
+ <td class="structurehead"><?php print_string('coursestruct','scorm') ?></td>
+ </tr>
+ <tr>
+ <td><?php echo $result->toc; ?></td>
+ </tr>
+ </table>
+ </td>
<?php
}
+ $browseclass = '';
+ if ($scorm->popup == 0) {
+ $browseclass = 'class="left"';
+ }
?>
- <tr><td class="center">
+ <td class="top">
+ <table class="fullscreen">
+ <tr>
+ <?php echo $mode == 'browse' ? '<td '.$browseclass.'>'.get_string('browsemode','scorm').'</td>' : ''; ?>
+ <td class="right">
<form name="navform" method="post" action="playscorm.php?id=<?php echo $cm->id ?>" target="_top">
- <input name="scoid" type="hidden" />
- <input name="currentorg" type="hidden" value="<?php echo $currentorg ?>" />
- <input name="mode" type="hidden" value="<?php echo $mode ?>" />
- <input name="prev" type="<?php if (($sco->prev == 0) || ($sco->showprev == 1)) { echo 'hidden'; } else { echo 'button'; } ?>" value="<?php print_string('prev','scorm') ?>" onClick="prevSCO();" />
- <input name="next" type="<?php if (($sco->next == 0) || ($sco->shownext == 1)) { echo 'hidden'; } else { echo 'button'; } ?>" value="<?php print_string('next','scorm') ?>" onClick="nextSCO();" />
- <input name="exit" type="button" value="<?php print_string('exit','scorm') ?>" onClick="playSCO(0)" />
- </form>
- </td></tr>
- </table>
- </td>
+ <input name="scoid" type="hidden" />
+ <input name="currentorg" type="hidden" value="<?php echo $currentorg ?>" />
+ <input name="mode" type="hidden" value="<?php echo $mode ?>" />
+ <input name="prev" type="<?php if (($sco->prev == 0) || ($sco->showprev == 1)) { echo 'hidden'; } else { echo 'button'; } ?>" value="<?php print_string('prev','scorm') ?>" onClick="prevSCO();" />
+ <input name="next" type="<?php if (($sco->next == 0) || ($sco->shownext == 1)) { echo 'hidden'; } else { echo 'button'; } ?>" value="<?php print_string('next','scorm') ?>" onClick="nextSCO();" />
+ <input name="exit" type="button" value="<?php print_string('exit','scorm') ?>" onClick="playSCO(0)" />
+ </form>
+ </td>
+ </tr>
<?php
if ($scorm->popup == 0) {
?>
- <td class="top" width="<?php echo $scorm->width<=100 ? $scorm->width.'%' : $scorm->width ?>">
- <iframe name="main" class="scoframe" width="<?php echo $scorm->width<=100 ? $scorm->width.'%' : $scorm->width ?>" height="<?php echo $scorm->height<=100 ? $scorm->height.'%' : $scorm->height ?>" src="loadSCO.php?id=<?php echo $cm->id.$scoidstring.$modestring ?>"></iframe>
- </td>
+ <tr><td class="right">
+ <iframe name="main" class="scoframe" width="<?php echo $scorm->width<=100 ? $scorm->width.'%' : $scorm->width ?>" height="<?php echo $scorm->height<=100 ? $scorm->height.'%' : $scorm->height ?>" src="loadSCO.php?id=<?php echo $cm->id.$scoidstring.$modestring ?>"></iframe>
+ </td></tr>
+ </table>
<?php
}
?>
+ </td>
</tr>
</table>
+
<script language="javascript" type="text/javascript">
<!--
<?php
@@ -199,4 +201,4 @@ function expandCollide(which,list) {
-->
</script>
</body>
-</html>
+</html>
View
16 mod/scorm/report.php
@@ -5,11 +5,11 @@
require_once("../../config.php");
require_once("lib.php");
- optional_variable($id); // Course Module ID, or
- optional_variable($b); // SCO ID
- optional_variable($user); // User ID
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $b = optional_param('b', '', PARAM_INT); // sco ID
+ $user = optional_param('user', '', PARAM_INT); // user ID
- if ($id) {
+ if (!empty($id)) {
if (! $cm = get_record("course_modules", "id", $id)) {
error("Course Module ID was incorrect");
}
@@ -19,12 +19,12 @@
if (! $scorm = get_record("scorm", "id", $cm->instance)) {
error("Course module is incorrect");
}
- } else if (isset($b)) {
+ } else if (!empty($b)) {
if (! $sco = get_record("scorm_scoes", "id", $b)) {
- error("Scorm activity is incorrect");
+ error("Course module is incorrect");
}
if (! $scorm = get_record("scorm", "id", $sco->scorm)) {
- error("Course module is incorrect");
+ error("Scorm activity is incorrect");
}
if (! $course = get_record("course", "id", $scorm->course)) {
error("Course is misconfigured");
@@ -32,6 +32,8 @@
if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
View
14 mod/scorm/styles.php
@@ -1,9 +1,20 @@
.top {
vertical-align: top;
}
+.left {
+ float: left;
+}
.center {
text-align: center;
}
+.right {
+ float: right;
+}
+
+.scoframe {
+
+}
+
.fullscreen {
width: 100%;
}
@@ -25,9 +36,6 @@
text-indent:-4ex;
font-size: small;
}
-#mod-scorm-playscorm .popupbutton {
- float: right;
-}
#mod-scorm-view .structurehead {
font-weight: bold;
View
25 mod/scorm/validate.php
@@ -1,16 +1,25 @@
<?php // $Id$
-require_once("../../config.php");
-require_once("lib.php");
+ require_once("../../config.php");
+ require_once("lib.php");
-require_login();
+ $courseid = required_param('id', '', PARAM_INT); // Course Module ID, or
+ $reference = required_param('reference', '', PARAM_PATH); // Package path
+ $scormid = optional_param('instance', '', PARAM_INT); // scorm ID
-if (confirm_sesskey()) {
- $reference = clean_param($_POST["reference"], PARAM_PATH);
- $courseid = $_POST["id"];
+ require_login($course->id, false, $cm);
+
+if (confirm_sesskey() && !empty($courseid)) {
$launch = 0;
- if (isset($_POST["instance"])) {
- $scormid = $_POST["instance"];
+ $validation = new stdClass();
+ if (empty($reference)) {
+ $launch = -1;
+ $validation->result = "packagefile";
+ }
+ if (!empty($scormid)) {
+ //
+ // SCORM Update
+ //
if (is_file($CFG->dataroot.'/'.$courseid.'/'.$reference)) {
$fp = fopen($CFG->dataroot.'/'.$courseid.'/'.$reference,"r");
$fstat = fstat($fp);
View
22 mod/scorm/view.php
@@ -6,10 +6,11 @@
require_once("../../config.php");
require_once("lib.php");
- optional_variable($id); // Course Module ID, or
- optional_variable($a); // scorm ID
+ $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
+ $a = optional_param('a', '', PARAM_INT); // scorm ID
+ $organization = optional_param('organization', '', PARAM_INT); // organization ID
- if ($id) {
+ if (!empty($id)) {
if (! $cm = get_record("course_modules", "id", $id)) {
error("Course Module ID was incorrect");
}
@@ -19,7 +20,7 @@
if (! $scorm = get_record("scorm", "id", $cm->instance)) {
error("Course module is incorrect");
}
- } else {
+ } else if (!empty($a)) {
if (! $scorm = get_record("scorm", "id", $a)) {
error("Course module is incorrect");
}
@@ -29,6 +30,8 @@
if (! $cm = get_coursemodule_from_instance("scorm", $scorm->id, $course->id)) {
error("Course Module ID was incorrect");
}
+ } else {
+ error('A required parameter is missing');
}
require_login($course->id, false, $cm);
@@ -86,15 +89,14 @@
?>
<div class="structurehead"><?php print_string('coursestruct','scorm') ?></div>
<?php
- $organization = $scorm->launch;
+ if (empty($organization)) {
+ $organization = $scorm->launch;
+ }
if ($orgs = get_records_select_menu('scorm_scoes',"scorm='$scorm->id' AND organization='' AND launch=''",'id','id,title')) {
- if (count($orgs) > 1) {
- if (isset($_POST['organization'])) {
- $organization = $_POST['organization'];
- }
+ if (count($orgs) > 1) {
?>
<div class='center'>
- <?php print_string('organizations','scorm') ?>
+ <?php print_string('organizations','scorm') ?>
<form name='changeorg' method='post' action='view.php?id=<?php echo $cm->id ?>'>
<?php choose_from_menu($orgs, 'organization', "$organization", '','submit()') ?>
</form>
Please sign in to comment.
Something went wrong with that request. Please try again.