[LON-CAPA-cvs] cvs: loncom /interface lonaboutme.pm lonbulletin.pm lonsimplepage.pm lonsyllabus.pm

albertel lon-capa-cvs@mail.lon-capa.org
Wed, 16 Aug 2006 19:40:49 -0000 

albertel		Wed Aug 16 15:40:49 2006 EDT

  Modified files:              
    /loncom/interface	lonaboutme.pm lonbulletin.pm lonsimplepage.pm 
                     	lonsyllabus.pm 
  Log:
  - need to html encode things that go in textareas
  
  
Index: loncom/interface/lonaboutme.pm
diff -u loncom/interface/lonaboutme.pm:1.51 loncom/interface/lonaboutme.pm:1.52
--- loncom/interface/lonaboutme.pm:1.51	Tue Aug  8 13:24:07 2006
+++ loncom/interface/lonaboutme.pm	Wed Aug 16 15:40:46 2006
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # "About Me" Personal Information
 #
-# $Id: lonaboutme.pm,v 1.51 2006/08/08 17:24:07 albertel Exp $
+# $Id: lonaboutme.pm,v 1.52 2006/08/16 19:40:46 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -37,6 +37,7 @@
 use Apache::lonrss();
 use Apache::lonlocal;
 use Apache::lonmsgdisplay();
+use HTML::Entities();
 
 sub handler {
     my $r = shift;
@@ -206,7 +207,7 @@
 	      }
               if ($allowed) {
                  $r->print('<br /><textarea cols="80" rows="6" name="'.$_.'">'.
-			   $syllabus{$_}.
+			   &HTML::Entities::encode($syllabus{$_},'"&<>').
            '</textarea><input type="submit" name="storesyl" value="'.
 			   &mt('Store').'" />');
 	      }
Index: loncom/interface/lonbulletin.pm
diff -u loncom/interface/lonbulletin.pm:1.38 loncom/interface/lonbulletin.pm:1.39
--- loncom/interface/lonbulletin.pm:1.38	Thu Jul 20 18:50:50 2006
+++ loncom/interface/lonbulletin.pm	Wed Aug 16 15:40:46 2006
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Bulletin Board Handler
 #
-# $Id: lonbulletin.pm,v 1.38 2006/07/20 22:50:50 raeburn Exp $
+# $Id: lonbulletin.pm,v 1.39 2006/08/16 19:40:46 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,6 +36,7 @@
 use Apache::lonfeedback;
 use Apache::lonlocal;
 use Apache::lonhtmlcommon;
+use HTML::Entities();
 use LONCAPA;
 
 sub handler {
@@ -264,7 +265,7 @@
 		}
                  if ($allowed) {
                 $r->print('<br /><textarea cols="80" rows="10" name="'.$_.'">'.
-			   $syllabus{$_}.
+			  &HTML::Enitites::encode($syllabus{$_},'&"<>').
            '</textarea><input type="submit" name="storesyl" value="'.&mt('Store').'" />');
 	        }
 	    } else {
@@ -276,7 +277,7 @@
                 if ($allowed) {
                  $r->print(
                 '<br />'.&mt('Topic').'<br /><textarea cols="80" rows="2" name="'.$_.'">'.
-			   $syllabus{$_}.
+			  &HTML::Enitites::encode($syllabus{$_},'&"<>').
            '</textarea><input type="submit" name="storesyl" value="'.&mt('Store').'" />');
                 }
             }
Index: loncom/interface/lonsimplepage.pm
diff -u loncom/interface/lonsimplepage.pm:1.46 loncom/interface/lonsimplepage.pm:1.47
--- loncom/interface/lonsimplepage.pm:1.46	Thu Jul 20 11:03:01 2006
+++ loncom/interface/lonsimplepage.pm	Wed Aug 16 15:40:46 2006
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Simple Page Editor
 #
-# $Id: lonsimplepage.pm,v 1.46 2006/07/20 15:03:01 raeburn Exp $
+# $Id: lonsimplepage.pm,v 1.47 2006/08/16 19:40:46 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -38,6 +38,7 @@
 use Apache::lonprintout;
 use Apache::lonxml;
 use Apache::longroup;
+use HTML::Entities();
 use LONCAPA;
 
 sub handler {
@@ -285,7 +286,7 @@
                         if ($env{'form.grade_target'} ne 'tex') {
                             $r->print(
                                       '<br />Title<br /><textarea cols="80" rows="2" name="'.$_.'">'.
-                                      $syllabus{$_}.
+                                      &HTML::Entities::encode($syllabus{$_},'"&<>').
                                       '</textarea><input type="submit" name="storesyl" value="Store" />');
                         } else {
                             my $safeinit;
@@ -311,7 +312,7 @@
 		    if ($allowed) {
 			if ($target ne 'tex') {
 			    $r->print('<br /><textarea cols="80" rows="24" name="'.$_.'" id="'.$_.'">'.
-				      $syllabus{$_}.
+                                      &HTML::Entities::encode($syllabus{$_},'"&<>').
 				      '</textarea><input type="submit" name="storesyl" value="Store" />');
 			} else {
 			    my $safeinit;
Index: loncom/interface/lonsyllabus.pm
diff -u loncom/interface/lonsyllabus.pm:1.53 loncom/interface/lonsyllabus.pm:1.54
--- loncom/interface/lonsyllabus.pm:1.53	Tue Aug  1 09:55:07 2006
+++ loncom/interface/lonsyllabus.pm	Wed Aug 16 15:40:46 2006
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Syllabus
 #
-# $Id: lonsyllabus.pm,v 1.53 2006/08/01 13:55:07 albertel Exp $
+# $Id: lonsyllabus.pm,v 1.54 2006/08/16 19:40:46 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -38,6 +38,7 @@
 use Apache::lonlocal;
 use Apache::lonhtmlcommon;
 use Apache::lonspeller();
+use HTML::Entities();
 
 sub handler {
     my $r = shift;
@@ -321,7 +322,7 @@
               if ($allowed) {
                  $r->print(
 	   '<br /><textarea cols="80" rows="12" name="'.$_.'" id="'.$_.'">'.
-			   $syllabus{$_}.
+			   &HTML::Entities::encode($syllabus{$_},'"&<>').
            '</textarea> <input type="submit" name="storesyl" value="Store" />');
 	      }
 	  }