Permalink
Browse files

access to $_GET parameters now done using required_param()

HTML tags made XHTML compatible
  • Loading branch information...
1 parent 2ea55bc commit fcf0a80b37b4263976d33fc730c150d77fded3c2 gbateson committed May 17, 2005
Showing with 44 additions and 44 deletions.
  1. +44 −44 mod/hotpot/show.php
View
@@ -5,28 +5,32 @@
require_login();
- // check variables are all there
- if (isset($_GET['course']) && isset($_GET['reference']) && isset($_GET['action'])) {
+ // fetch and clean the required $_GET parameters
+ // (script stops here if any parameters are missing)
+ unset($params);
+ $params->action = required_param('action');
+ $params->course = required_param('course');
+ $params->reference = required_param('reference');
- require_login($_GET['course']);
-
- if (!isteacher($_GET['course'])) {
- error("You are not allowed to view this page!");
- }
+ require_login($params->course);
- // decode the reference (not usually necessary)
- $_GET['reference'] = urldecode($_GET['reference']);
+ if (!isteacher($params->course)) {
+ error("You are not allowed to view this page!");
+ }
+
+ // decode the reference (not usually necessary)
+ $params->reference = urldecode($params->reference);
- if (isadmin()) {
- $_GET['location'] = nvl($_GET['location'], HOTPOT_LOCATION_COURSEFILES);
- } else {
- $_GET['location'] = HOTPOT_LOCATION_COURSEFILES;
- }
+ if (isadmin()) {
+ $params->location = optional_param('location', HOTPOT_LOCATION_COURSEFILES);
+ } else {
+ $params->location = HOTPOT_LOCATION_COURSEFILES;
+ }
- $title = get_string($_GET['action'], 'hotpot').': '.$_GET['reference'];
- print_header($title, $title);
+ $title = get_string($params->action, 'hotpot').': '.$params->reference;
+ print_header($title, $title);
- hotpot_print_show_links($_GET['course'], $_GET['location'], $_GET['reference']);
+ hotpot_print_show_links($params->course, $params->location, $params->reference);
?>
<SCRIPT>
<!--
@@ -49,33 +53,29 @@ function copy_contents(id) {
-->
</SCRIPT>
<?php
- print_simple_box_start("center", "96%");
- if($hp = new hotpot_xml_quiz($_GET)) {
- print '<PRE id="contents">';
- switch ($_GET['action']) {
- case 'showxmlsource':
- print htmlspecialchars($hp->source);
- break;
- case 'showxmltree':
- print_r($hp->xml);
- break;
- case 'showhtmlsource':
- print htmlspecialchars($hp->html);
- break;
- case 'showhtmlquiz':
- print $hp->html;
- break;
- }
- print '</PRE>';
- } else {
- print_simple_box("Could not open Hot Potatoes XML file", "center", "", "#FFBBBB");
+ print_simple_box_start("center", "96%");
+ if($hp = new hotpot_xml_quiz($_GET)) {
+ print '<pre id="contents">';
+ switch ($params->action) {
+ case 'showxmlsource':
+ print htmlspecialchars($hp->source);
+ break;
+ case 'showxmltree':
+ print_r($hp->xml);
+ break;
+ case 'showhtmlsource':
+ print htmlspecialchars($hp->html);
+ break;
+ case 'showhtmlquiz':
+ print $hp->html;
+ break;
}
-
- print_simple_box_end();
- print '<BR>';
- close_window_button();
-
- } else { // no form data given
- error("This script was called incorrectly");
+ print '</pre>';
+ } else {
+ print_simple_box("Could not open Hot Potatoes XML file", "center", "", "#FFBBBB");
}
+
+ print_simple_box_end();
+ print '<br />';
+ close_window_button();
?>

0 comments on commit fcf0a80

Please sign in to comment.