Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge branch 'MDL-27675_22_wip' of git://github.com/grabs/moodle into…

… MOODLE_22_STABLE
  • Loading branch information...
commit e5d6cd54616007b5593f7833b001fd51fa94136c 2 parents dcd5d08 + 64258fa
@samhemelryk samhemelryk authored
View
8 mod/feedback/complete.php
@@ -507,11 +507,8 @@
//get the value
$frmvaluename = $feedbackitem->typ . '_'. $feedbackitem->id;
if (isset($savereturn)) {
- if (isset($formdata->{$frmvaluename})) {
- $value = $formdata->{$frmvaluename};
- } else {
- $value = null;
- }
+ $value = isset($formdata->{$frmvaluename}) ? $formdata->{$frmvaluename} : null;
+ $value = feedback_clean_input_value($feedbackitem, $value);
} else {
if (isset($feedbackcompletedtmp->id)) {
$value = feedback_get_item_value($feedbackcompletedtmp->id,
@@ -530,6 +527,7 @@
feedback_print_item_complete($feedbackitem, $value, $highlightrequired);
echo $OUTPUT->box_end();
}
+
echo $OUTPUT->box_end();
$lastbreakposition = $feedbackitem->position; //last item-pos (item or pagebreak)
View
12 mod/feedback/complete_guest.php
@@ -72,7 +72,7 @@
!isset($formdata->gonextpage) AND
!isset($formdata->gopreviouspage)) {
- $gopage = $formdata->lastpage;
+ $gopage = (int) $formdata->lastpage;
}
if (isset($formdata->savevalues)) {
$savevalues = true;
@@ -441,13 +441,10 @@
echo $OUTPUT->box_start('feedback_item_box_'.$align.$dependstyle);
$value = '';
//get the value
- $frmvaluename = $feedbackitem->typ.'_'.$feedbackitem->id;
+ $frmvaluename = $feedbackitem->typ . '_'. $feedbackitem->id;
if (isset($savereturn)) {
- if (isset($formdata->{$frmvaluename})) {
- $value = $formdata->{$frmvaluename};
- } else {
- $value = null;
- }
+ $value = isset($formdata->{$frmvaluename}) ? $formdata->{$frmvaluename} : null;
+ $value = feedback_clean_input_value($feedbackitem, $value);
} else {
if (isset($feedbackcompletedtmp->id)) {
$value = feedback_get_item_value($feedbackcompletedtmp->id,
@@ -466,6 +463,7 @@
feedback_print_item_complete($feedbackitem, $value, $highlightrequired);
echo $OUTPUT->box_end();
}
+
echo $OUTPUT->box_end();
$lastbreakposition = $feedbackitem->position; //last item-pos (item or pagebreak)
View
4 mod/feedback/item/captcha/lib.php
@@ -326,4 +326,8 @@ public function get_hasvalue() {
public function can_switch_require() {
return false;
}
+
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_RAW);
+ }
}
View
12 mod/feedback/item/feedback_item_class.php
@@ -128,6 +128,14 @@ public function value_is_array() {
*/
abstract public function print_item_show_value($item, $value = '');
+ /**
+ * cleans the userinput while submitting the form
+ *
+ * @param mixed $value
+ * @return mixed
+ */
+ abstract function clean_input_value($value);
+
}
//a dummy class to realize pagebreaks
@@ -175,7 +183,7 @@ public function print_item_show_value($item, $value = '') {
}
public function can_switch_require() {
}
+ public function clean_input_value($value) {
+ }
}
-
-
View
4 mod/feedback/item/info/lib.php
@@ -388,4 +388,8 @@ public function get_hasvalue() {
public function can_switch_require() {
return false;
}
+
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_INT);
+ }
}
View
3  mod/feedback/item/label/lib.php
@@ -270,4 +270,7 @@ public function get_printval($item, $value) {
}
public function get_analysed($item, $groupid = false, $courseid = false) {
}
+ public function clean_input_value($value) {
+ return '';
+ }
}
View
8 mod/feedback/item/multichoice/lib.php
@@ -826,4 +826,12 @@ public function value_type() {
public function value_is_array() {
return true;
}
+
+ function can_switch_require() {
+ return true;
+ }
+
+ function clean_input_value($value) {
+ return clean_param_array($value, PARAM_INT);
+ }
}
View
3  mod/feedback/item/multichoicerated/lib.php
@@ -678,4 +678,7 @@ public function can_switch_require() {
return true;
}
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_INT);
+ }
}
View
4 mod/feedback/item/numeric/lib.php
@@ -534,4 +534,8 @@ public function get_hasvalue() {
public function can_switch_require() {
return true;
}
+
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_FLOAT);
+ }
}
View
4 mod/feedback/item/textarea/lib.php
@@ -333,4 +333,8 @@ public function get_hasvalue() {
public function can_switch_require() {
return true;
}
+
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_CLEANHTML);
+ }
}
View
4 mod/feedback/item/textfield/lib.php
@@ -320,4 +320,8 @@ public function get_hasvalue() {
public function can_switch_require() {
return true;
}
+
+ function clean_input_value($value) {
+ return clean_param($value, PARAM_CLEANHTML);
+ }
}
View
11 mod/feedback/lib.php
@@ -2064,6 +2064,17 @@ function feedback_get_page_to_continue($feedbackid, $courseid = false, $guestid
//functions to handle the values
////////////////////////////////////////////////
+/**
+ * cleans the userinput while submitting the form.
+ *
+ * @param mixed $value
+ * @return mixed
+ */
+function feedback_clean_input_value($item, $value) {
+ $itemobj = feedback_get_item_class($item->typ);
+ return $itemobj->clean_input_value($value);
+}
+
/**
* this saves the values of an completed.
* if the param $tmp is set true so the values are saved temporary in table feedback_valuetmp.
Please sign in to comment.
Something went wrong with that request. Please try again.