Skip to content

Commit

Permalink
Escape ' in course, module, lticontent, etc.
Browse files Browse the repository at this point in the history 
 - both for module/xerte/play.php and modules/site/play.php
  • Loading branch information
@torinfo
torinfo committed Nov 30, 2022
1 parent aa930ba commit a3b1dd1
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 8 deletions.
14 changes: 11 additions & 3 deletions modules/site/play.php
View file
Expand Up @@ -215,15 +215,23 @@ function show_template($row, $xapi_enabled=false){
}
if (isset($xerte_toolkits_site->group))
{
$tracking .= " var groupname = '" . $xerte_toolkits_site->group . "';\n";
$tracking .= " var groupname = '" . str_replace("'", "\'", $xerte_toolkits_site->group) . "';\n";
}
if (isset($xerte_toolkits_site->course))
{
$tracking .= " var coursename = '" . $xerte_toolkits_site->course . "';\n";
$tracking .= " var coursename = '" . str_replace("'", "\'", $xerte_toolkits_site->course) . "';\n";
}
if (isset($xerte_toolkits_site->module))
{
$tracking .= " var modulename = '" . $xerte_toolkits_site->module . "';\n";
$tracking .= " var modulename = '" . str_replace("'", "\'", $xerte_toolkits_site->module) . "';\n";
}
if (isset($xerte_toolkits_site->lti_context_id))
{
$tracking .= " var lti_context_id = '" . str_replace("'", "\'", $xerte_toolkits_site->lti_context_id) . "';\n";
}
if (isset($xerte_toolkits_site->lti_context_name))
{
$tracking .= " var lti_context_name = '" . str_replace("'", "\'", $xerte_toolkits_site->lti_context_name) . "';\n";
}
}
$tracking .= "</script>\n";
Expand Down
10 changes: 5 additions & 5 deletions modules/xerte/play.php
View file
Expand Up @@ -347,23 +347,23 @@ function show_template_page($row, $datafile="", $xapi_enabled = false)
}
if (isset($xerte_toolkits_site->group))
{
$tracking .= " var groupname = '" . $xerte_toolkits_site->group . "';\n";
$tracking .= " var groupname = '" . str_replace("'", "\'", $xerte_toolkits_site->group) . "';\n";
}
if (isset($xerte_toolkits_site->course))
{
$tracking .= " var coursename = '" . $xerte_toolkits_site->course . "';\n";
$tracking .= " var coursename = '" . str_replace("'", "\'", $xerte_toolkits_site->course) . "';\n";
}
if (isset($xerte_toolkits_site->module))
{
$tracking .= " var modulename = '" . $xerte_toolkits_site->module . "';\n";
$tracking .= " var modulename = '" . str_replace("'", "\'", $xerte_toolkits_site->module) . "';\n";
}
if (isset($xerte_toolkits_site->lti_context_id))
{
$tracking .= " var lti_context_id = '" . $xerte_toolkits_site->lti_context_id . "';\n";
$tracking .= " var lti_context_id = '" . str_replace("'", "\'", $xerte_toolkits_site->lti_context_id) . "';\n";
}
if (isset($xerte_toolkits_site->lti_context_name))
{
$tracking .= " var lti_context_name = '" . $xerte_toolkits_site->lti_context_name . "';\n";
$tracking .= " var lti_context_name = '" . str_replace("'", "\'", $xerte_toolkits_site->lti_context_name) . "';\n";
}
}
$tracking .= "</script>\n";
Expand Down

0 comments on commit a3b1dd1

Please sign in to comment.