Commit b120b6d4 authored by chealer's avatar chealer

[FIX] HTML special chars encoding

parent 002bea36
......@@ -8,7 +8,7 @@
{button href="tiki-edit_quiz.php" _text="{tr}Admin Quizzes{/tr}"}
</div>
<h2>{tr}Create/edit options for question{/tr}: <a href="tiki-edit_quiz_questions.php?quizId={$question_info.quizId}&amp;questionId={$question_info.questionId}">{$question_info.question}</a></h2>
<h2>{tr}Create/edit options for question{/tr}: <a href="tiki-edit_quiz_questions.php?quizId={$question_info.quizId}&amp;questionId={$question_info.questionId}">{$question_info.question|escape}</a></h2>
<form action="tiki-edit_question_options.php" method="post">
<input type="hidden" name="optionId" value="{$optionId|escape}" />
<input type="hidden" name="questionId" value="{$questionId|escape}" />
......@@ -35,7 +35,7 @@
{section name=user loop=$channels}
<tr>
<td class="{cycle advance=false}">{$channels[user].optionId}</td>
<td class="{cycle advance=false}">{$channels[user].optionText}</td>
<td class="{cycle advance=false}">{$channels[user].optionText|escape}</td>
<td class="{cycle advance=false}">{$channels[user].points}</td>
<td class="{cycle}">
<a class="link" href="tiki-edit_question_options.php?questionId={$questionId}&amp;offset={$offset}&amp;sort_mode={$sort_mode}&amp;optionId={$channels[user].optionId}">{icon _id='page_edit' alt='{tr}Edit{/tr}'}</a>
......
......@@ -41,7 +41,7 @@
<tr class="{cycle}">
<td>{$channels[user].quizId}</td>
<td>
{$channels[user].name}
{$channels[user].name|escape}
<div class="subcomment">
{$channels[user].description}
</div>
......
......@@ -14,7 +14,7 @@
{button href="tiki-edit_quiz.php" _text="{tr}Admin Quizzes{/tr}"}
</div>
<h2>{tr}Create/edit questions for quiz{/tr}: <a href="tiki-edit_quiz.php?quizId={$quiz_info.quizId}" >{$quiz_info.name}</a></h2>
<h2>{tr}Create/edit questions for quiz{/tr}: <a href="tiki-edit_quiz.php?quizId={$quiz_info.quizId}" >{$quiz_info.name|escape}</a></h2>
<form action="tiki-edit_quiz_questions.php" method="post">
<input type="hidden" name="quizId" value="{$quizId|escape}" />
......@@ -102,7 +102,7 @@
<tr>
<td class="{cycle advance=false}">{$channels[user].questionId}</td>
<td class="{cycle advance=false}">{$channels[user].position}</td>
<td class="{cycle advance=false}">{$channels[user].question}</td>
<td class="{cycle advance=false}">{$channels[user].question|escape}</td>
<td class="{cycle advance=false}">{$channels[user].options}</td>
<td class="{cycle advance=false}">{$channels[user].maxPoints}</td>
<td class="{cycle}">
......
......@@ -36,7 +36,7 @@
{if ($tiki_p_admin eq 'y') or ($channels[user].individual eq 'n' and $tiki_p_take_quiz eq 'y') or ($channels[user].individual_tiki_p_take_quiz eq 'y')}
<tr>
<td class="{cycle advance=false}">
<a class="tablename" href="tiki-take_quiz.php?quizId={$channels[user].quizId}">{$channels[user].name}</a>
<a class="tablename" href="tiki-take_quiz.php?quizId={$channels[user].quizId}">{$channels[user].name|escape}</a>
<div class="subcomment">
{$channels[user].description|escape|nl2br}
</div>
......
......@@ -27,15 +27,15 @@ settimeleft(itid);
{/if}
{/if}
<h2>{$quiz_info.name}</h2>
<h2>{$quiz_info.name|escape}</h2>
<div class="description">{$quiz_info.description|escape}</div>
{if $ans eq 'n'}
{section name=ix loop=$questions}
<div class="questionblock">
<div class="quizquestion">{$questions[ix].question}</div>
<div class="quizquestion">{$questions[ix].question|escape}</div>
<div class="quizoptions">
{section name=jx loop=$questions[ix].options}
<input type="radio" value="{$questions[ix].options[jx].optionId|escape}" name="question_{$questions[ix].questionId}" />{$questions[ix].options[jx].optionText}<br />
<input type="radio" value="{$questions[ix].options[jx].optionId|escape}" name="question_{$questions[ix].questionId}" />{$questions[ix].options[jx].optionText|escape}<br />
{/section}
</div>
{if $questions[ix].type eq "f" }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment