[LON-CAPA-cvs] cvs: loncom /auth lonroles.pm /homework grades.pm /imspackages imsimport.pm /interface coursecatalog.pm courseprefs.pm createaccount.pm domainprefs.pm loncommon.pm lonconfigsettings.pm loncourserespicker.pm loncreatecourse.pm loncreateuser.pm londocs.pm lonextresedit.pm lonfeedback.pm lonhtmlcommon.pm lonmodifycourse.pm lonmsgdisplay.pm lonpdfupload.pm lonpopulate.pm lonrequestcourse.pm lonsupportreq.pm lonsyllabus.pm lonuserutils.pm lonwishlist.pm selfenroll.pm /interface/statistics lonstathelpers.pm /localize lonlocal.pm /publisher lonpubmenu.pm
damieng
damieng at source.lon-capa.org
Tue Jun 9 17:23:29 EDT 2015
damieng Tue Jun 9 21:23:29 2015 EDT
Modified files:
/loncom/auth lonroles.pm
/loncom/homework grades.pm
/loncom/imspackages imsimport.pm
/loncom/interface coursecatalog.pm courseprefs.pm createaccount.pm
domainprefs.pm loncommon.pm lonconfigsettings.pm
loncourserespicker.pm loncreatecourse.pm
loncreateuser.pm londocs.pm lonextresedit.pm
lonfeedback.pm lonhtmlcommon.pm
lonmodifycourse.pm lonmsgdisplay.pm
lonpdfupload.pm lonpopulate.pm
lonrequestcourse.pm lonsupportreq.pm
lonsyllabus.pm lonuserutils.pm lonwishlist.pm
selfenroll.pm
/loncom/interface/statistics lonstathelpers.pm
/loncom/localize lonlocal.pm
/loncom/publisher lonpubmenu.pm
Log:
fixed bug 6782, and escaped most localized messages used in Javascript blocks to make sure bugs like that do not happen again
-------------- next part --------------
Index: loncom/auth/lonroles.pm
diff -u loncom/auth/lonroles.pm:1.311 loncom/auth/lonroles.pm:1.312
--- loncom/auth/lonroles.pm:1.311 Mon Apr 13 18:32:43 2015
+++ loncom/auth/lonroles.pm Tue Jun 9 21:22:44 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.311 2015/04/13 18:32:43 raeburn Exp $
+# $Id: lonroles.pm,v 1.312 2015/06/09 21:22:44 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -747,7 +747,7 @@
$cattype = $domdefs{'catauth'};
}
my $funcs = &get_roles_functions($showcount,$cattype);
- $standby=~s/\n/\\n/g;
+ &js_escape(\$standby);
my $noscript='<br /><span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';
$r->print(<<ENDHEADER);
@@ -1760,10 +1760,11 @@
}
sub coursepick_jscript {
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
plsu => "Please use the 'Select Course/Community' link to open a separate pick course window where you may select the course or community you wish to enter.",
youc => 'You can only use this screen to select courses and communities in the current domain.',
);
+ &js_escape(\%js_lt);
my $verify_script = <<"END";
<script type="text/javascript">
// <![CDATA[
@@ -1780,11 +1781,11 @@
}
}
else {
- alert("$lt{'plsu'}");
+ alert("$js_lt{'plsu'}");
}
}
else {
- alert("$lt{'youc'}")
+ alert("$js_lt{'youc'}")
}
}
function getIndex(caller) {
Index: loncom/homework/grades.pm
diff -u loncom/homework/grades.pm:1.735 loncom/homework/grades.pm:1.736
--- loncom/homework/grades.pm:1.735 Wed Mar 18 12:53:24 2015
+++ loncom/homework/grades.pm Tue Jun 9 21:22:48 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# The LON-CAPA Grading handler
#
-# $Id: grades.pm,v 1.735 2015/03/18 12:53:24 raeburn Exp $
+# $Id: grades.pm,v 1.736 2015/06/09 21:22:48 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -857,10 +857,11 @@
my $res_error;
my ($partlist,$handgrade,$responseType) = &response_type($symb,\$res_error);
- my %lt = &Apache::lonlocal::texthash (
+ my %js_lt = &Apache::lonlocal::texthash (
'multiple' => 'Please select a student or group of students before clicking on the Next button.',
'single' => 'Please select the student before clicking on the Next button.',
);
+ &js_escape(\%js_lt);
$request->print(&Apache::lonhtmlcommon::scripttag(<<LISTJAVASCRIPT));
function checkSelect(checkBox) {
var ctr=0;
@@ -871,12 +872,12 @@
ctr++;
}
}
- sense = '$lt{'multiple'}';
+ sense = '$js_lt{'multiple'}';
} else {
if (checkBox.checked) {
ctr = 1;
}
- sense = '$lt{'single'}';
+ sense = '$js_lt{'single'}';
}
if (ctr == 0) {
alert(sense);
@@ -1177,7 +1178,8 @@
#--- Javascript to handle the submission page functionality ---
sub sub_page_js {
my $request = shift;
- my $alertmsg = &mt('A number equal or greater than 0 is expected. Entered value = ');
+ my $alertmsg = &mt('A number equal or greater than 0 is expected. Entered value = ');
+ &js_escape(\$alertmsg);
$request->print(&Apache::lonhtmlcommon::scripttag(<<SUBJAVASCRIPT));
function updateRadio(formname,id,weight) {
var gradeBox = formname["GD_BOX"+id];
@@ -1422,10 +1424,21 @@
my $docopen=&Apache::lonhtmlcommon::javascript_docopen();
$docopen=~s/^document\.//;
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
keyw => 'Keywords list, separated by a space. Add/delete to list if desired.',
plse => 'Please select a word or group of words from document and then click this link.',
adds => 'Add selection to keyword list? Edit if desired.',
+ col1 => 'red',
+ col2 => 'green',
+ col3 => 'blue',
+ siz1 => 'normal',
+ siz2 => '+1',
+ siz3 => '+2',
+ sty1 => 'normal',
+ sty2 => 'italic',
+ sty3 => 'bold',
+ );
+ my %html_js_lt = &Apache::lonlocal::texthash(
comp => 'Compose Message for: ',
incl => 'Include',
type => 'Type',
@@ -1438,21 +1451,15 @@
txtc => 'Text Color',
font => 'Font Size',
fnst => 'Font Style',
- col1 => 'red',
- col2 => 'green',
- col3 => 'blue',
- siz1 => 'normal',
- siz2 => '+1',
- siz3 => '+2',
- sty1 => 'normal',
- sty2 => 'italic',
- sty3 => 'bold',
);
+ &js_escape(\%js_lt);
+ &html_escape(\%html_js_lt);
+ &js_escape(\%html_js_lt);
$request->print(&Apache::lonhtmlcommon::scripttag(<<SUBJAVASCRIPT));
//===================== Show list of keywords ====================
function keywords(formname) {
- var nret = prompt("$lt{'keyw'}",formname.keywords.value);
+ var nret = prompt("$js_lt{'keyw'}",formname.keywords.value);
if (nret==null) return;
formname.keywords.value = nret;
@@ -1479,10 +1486,10 @@
else return;
var cleantxt = txt.replace(new RegExp('([\\f\\n\\r\\t\\v ])+', 'g')," ");
if (cleantxt=="") {
- alert("$lt{'plse'}");
+ alert("$js_lt{'plse'}");
return;
}
- var nret = prompt("$lt{'adds'}",cleantxt);
+ var nret = prompt("$js_lt{'adds'}",cleantxt);
if (nret==null) return;
document.SCORE.keywords.value = document.SCORE.keywords.value+" "+nret;
if (document.SCORE.keywords.value != "") {
@@ -1562,16 +1569,16 @@
pDoc.write("<form action=\\"inactive\\" name=\\"msgcenter\\">");
pDoc.write("<input value=\\""+usrctr+"\\" name=\\"usrctr\\" type=\\"hidden\\">");
- pDoc.write("<h1> $lt{'comp'}\"+fullname+\"<\\/h1>");
+ pDoc.write("<h1> $html_js_lt{'comp'}\"+fullname+\"<\\/h1>");
pDoc.write('<table style="border:1px solid black;"><tr>');
- pDoc.write("<td><b>$lt{'incl'}<\\/b><\\/td><td><b>$lt{'type'}<\\/b><\\/td><td><b>$lt{'mesa'}<\\/td><\\/tr>");
+ pDoc.write("<td><b>$html_js_lt{'incl'}<\\/b><\\/td><td><b>$html_js_lt{'type'}<\\/b><\\/td><td><b>$html_js_lt{'mesa'}<\\/td><\\/tr>");
}
function displaySubject(msg,shwsel) {
pDoc = pWin.document;
pDoc.write("<tr>");
pDoc.write("<td align=\\"center\\"><input name=\\"subchk\\" type=\\"checkbox\\"" +shwsel+"><\\/td>");
- pDoc.write("<td>$lt{'subj'}<\\/td>");
+ pDoc.write("<td>$html_js_lt{'subj'}<\\/td>");
pDoc.write("<td><input name=\\"msgsub\\" type=\\"text\\" value=\\""+msg+"\\"size=\\"40\\" maxlength=\\"80\\"><\\/td><\\/tr>");
}
@@ -1587,7 +1594,7 @@
pDoc = pWin.document;
pDoc.write("<tr>");
pDoc.write("<td align=\\"center\\"><input name=\\"newmsgchk\\" type=\\"checkbox\\"" +shwsel+"><\\/td>");
- pDoc.write("<td align=\\"center\\">$lt{'new'}<\\/td>");
+ pDoc.write("<td align=\\"center\\">$html_js_lt{'new'}<\\/td>");
pDoc.write("<td><textarea name=\\"newmsg\\" cols=\\"60\\" rows=\\"3\\" onchange=\\"javascript:this.form.newmsgchk.checked=true\\" >"+newmsg+"<\\/textarea><\\/td><\\/tr>");
}
@@ -1595,8 +1602,8 @@
pDoc = pWin.document;
//pDoc.write("<\\/table>");
pDoc.write("<\\/td><\\/tr><\\/table> ");
- pDoc.write("<input type=\\"button\\" value=\\"$lt{'save'}\\" onclick=\\"javascript:checkInput()\\"> ");
- pDoc.write("<input type=\\"button\\" value=\\"$lt{'canc'}\\" onclick=\\"self.close()\\"><br /><br />");
+ pDoc.write("<input type=\\"button\\" value=\\"$html_js_lt{'save'}\\" onclick=\\"javascript:checkInput()\\"> ");
+ pDoc.write("<input type=\\"button\\" value=\\"$html_js_lt{'canc'}\\" onclick=\\"self.close()\\"><br /><br />");
pDoc.write("<\\/form>");
pDoc.write('$end_page_msg_central');
pDoc.close();
@@ -1610,15 +1617,15 @@
var redsel = "";
var grnsel = "";
var blusel = "";
- var txtcol1 = "$lt{'col1'}";
- var txtcol2 = "$lt{'col2'}";
- var txtcol3 = "$lt{'col3'}";
- var txtsiz1 = "$lt{'siz1'}";
- var txtsiz2 = "$lt{'siz2'}";
- var txtsiz3 = "$lt{'siz3'}";
- var txtsty1 = "$lt{'sty1'}";
- var txtsty2 = "$lt{'sty2'}";
- var txtsty3 = "$lt{'sty3'}";
+ var txtcol1 = "$js_lt{'col1'}";
+ var txtcol2 = "$js_lt{'col2'}";
+ var txtcol3 = "$js_lt{'col3'}";
+ var txtsiz1 = "$js_lt{'siz1'}";
+ var txtsiz2 = "$js_lt{'siz2'}";
+ var txtsiz3 = "$js_lt{'siz3'}";
+ var txtsty1 = "$js_lt{'sty1'}";
+ var txtsty2 = "$js_lt{'sty2'}";
+ var txtsty3 = "$js_lt{'sty3'}";
if (kwclr=="red") {var redsel="checked='checked'"};
if (kwclr=="green") {var grnsel="checked='checked'"};
if (kwclr=="blue") {var blusel="checked='checked'"};
@@ -1655,10 +1662,10 @@
hDoc.$docopen;
hDoc.write('$start_page_highlight_central');
hDoc.write("<form action=\\"inactive\\" name=\\"hlCenter\\">");
- hDoc.write("<h1>$lt{'kehi'}<\\/h1>");
+ hDoc.write("<h1>$html_js_lt{'kehi'}<\\/h1>");
hDoc.write('<table border="0" width="100%"><tr style="background-color:#A1D676">');
- hDoc.write("<th>$lt{'txtc'}<\\/th><th>$lt{'font'}<\\/th><th>$lt{'fnst'}<\\/th><\\/tr>");
+ hDoc.write("<th>$html_js_lt{'txtc'}<\\/th><th>$html_js_lt{'font'}<\\/th><th>$html_js_lt{'fnst'}<\\/th><\\/tr>");
}
function highlightbody(clrval,clrtxt,clrsel,szval,sztxt,szsel,syval,sytxt,sysel) {
@@ -1676,8 +1683,8 @@
function highlightend() {
var hDoc = hwdWin.document;
hDoc.write("<\\/table><br \\/>");
- hDoc.write("<input type=\\"button\\" value=\\"$lt{'save'}\\" onclick=\\"javascript:updateChoice(1)\\" \\/> ");
- hDoc.write("<input type=\\"button\\" value=\\"$lt{'canc'}\\" onclick=\\"self.close()\\" \\/><br /><br />");
+ hDoc.write("<input type=\\"button\\" value=\\"$html_js_lt{'save'}\\" onclick=\\"javascript:updateChoice(1)\\" \\/> ");
+ hDoc.write("<input type=\\"button\\" value=\\"$html_js_lt{'canc'}\\" onclick=\\"self.close()\\" \\/><br /><br />");
hDoc.write("<\\/form>");
hDoc.write('$end_page_highlight_central');
hDoc.close();
@@ -3379,6 +3386,7 @@
my ($request) = shift;
my $alertmsg = &mt('A number equal or greater than 0 is expected. Entered value = ');
+ &js_escape(\$alertmsg);
$request->print(&Apache::lonhtmlcommon::scripttag(<<VIEWJAVASCRIPT));
function writePoint(partid,weight,point) {
var radioButton = document.classgrade["RADVAL_"+partid];
@@ -4028,6 +4036,8 @@
sub csvupload_javascript_reverse_associate {
my $error1=&mt('You need to specify the username or the student/employee ID');
my $error2=&mt('You need to specify at least one grading field');
+ &js_escape(\$error1);
+ &js_escape(\$error2);
return(<<ENDPICK);
function verify(vf) {
var foundsomething=0;
@@ -4068,6 +4078,8 @@
sub csvupload_javascript_forward_associate {
my $error1=&mt('You need to specify the username or the student/employee ID');
my $error2=&mt('You need to specify at least one grading field');
+ &js_escape(\$error1);
+ &js_escape(\$error2);
return(<<ENDPICK);
function verify(vf) {
var foundsomething=0;
@@ -4176,6 +4188,7 @@
sub checkforfile_js {
my $alertmsg = &mt('Please use the browse button to select a file from your local directory.');
+ &js_escape(\$alertmsg);
my $result = &Apache::lonhtmlcommon::scripttag(<<CSVFORMJS);
function checkUpload(formname) {
if (formname.upfile.value == "") {
@@ -4445,6 +4458,7 @@
my ($request,$symb) = @_;
my $alertmsg = &mt('Please select the student you wish to grade.');
+ &js_escape(\$alertmsg);
$request->print(&Apache::lonhtmlcommon::scripttag(<<LISTJAVASCRIPT));
function checkPickOne(formname) {
@@ -5482,10 +5496,12 @@
my $default_form_data=&defaultFormData($symb);
my $cdom= $env{'course.'.$env{'request.course.id'}.'.domain'};
my $cnum= $env{'course.'.$env{'request.course.id'}.'.num'};
+ my $alertmsg = &mt('Please use the browse button to select a file from your local directory.');
+ &js_escape(\$alertmsg);
$r->print(&Apache::lonhtmlcommon::scripttag('
function checkUpload(formname) {
if (formname.upfile.value == "") {
- alert("'.&mt('Please use the browse button to select a file from your local directory.').'");
+ alert("'.$alertmsg.'");
return false;
}
formname.submit();
@@ -7472,6 +7488,7 @@
my (@ansnums) = @_;
my $ansnumstr = join('","', at ansnums);
my $warning = &mt("A bubble or 'No bubble' selection has not been made for one or more lines.");
+ &js_escape(\$warning);
my $output = &Apache::lonhtmlcommon::scripttag((<<ENDSCRIPT));
function verify_bubble_radio(form) {
var ansnumArray = new Array ("$ansnumstr");
@@ -8662,7 +8679,9 @@
(' 'x2).&mt('(shows course personnel)');
my $default_form_data=&defaultFormData($symb);
my $nofile_alert = &mt('Please use the browse button to select a file from your local directory.');
+ &js_escape(\$nofile_alert);
my $nocourseid_alert = &mt("Please use the 'Select Course' link to open a separate window where you can search for a course to which a file can be uploaded.");
+ &js_escape(\$nocourseid_alert);
$r->print(&Apache::lonhtmlcommon::scripttag('
function checkUpload(formname) {
if (formname.upfile.value == "") {
Index: loncom/imspackages/imsimport.pm
diff -u loncom/imspackages/imsimport.pm:1.46 loncom/imspackages/imsimport.pm:1.47
--- loncom/imspackages/imsimport.pm:1.46 Thu Dec 11 01:07:38 2014
+++ loncom/imspackages/imsimport.pm Tue Jun 9 21:22:51 2015
@@ -1,6 +1,6 @@
# The LearningOnline Network with CAPA
#
-# $Id: imsimport.pm,v 1.46 2014/12/11 01:07:38 raeburn Exp $
+# $Id: imsimport.pm,v 1.47 2015/06/09 21:22:51 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -57,22 +57,26 @@
my $end_page =
&Apache::loncommon::end_page({'js_ready' => 1,});
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
ddir => 'You must choose a destination directory for the import',
cmss => 'You must choose the Course Management System from which the IMS package was exported',
+ );
+ my %html_lt = &Apache::lonlocal::texthash(
loca => 'Location:',
newd => 'New Directory',
nndi => 'Enter the name of the new directory where you will store the contents of your IMS package.',
go => 'Go',
);
+ &js_escape(\%js_lt);
+ &html_escape(\%html_lt);
return <<"END_OF_ONE";
function verify() {
if ((document.forms.$formname.newdir.value == '') || (!document.forms.$formname.newdir.value)) {
- alert('$lt{'ddir'}')
+ alert('$js_lt{'ddir'}')
return false
}
if (document.forms.$formname.source.selectedIndex == 0) {
- alert('$lt{'cmss'}');
+ alert('$js_lt{'cmss'}');
return false
}
return true
@@ -92,15 +96,15 @@
newWindow.document.write("\\n<img border='0' src='/adm/lonInterFace/author.jpg' alt='[Author Header]' />\\n")
newWindow.document.write("<table border='0' cellspacing='0' cellpadding='0' width='600'>\\n")
newWindow.document.write("<tr><td width='2'> </td><td width='3'> </td>\\n")
- newWindow.document.write("<td><h3>$lt{'loca'} <tt>$fullpath</tt></h3><h3>$lt{'newd'}</h3></td></tr>\\n")
+ newWindow.document.write("<td><h3>$html_lt{'loca'} <tt>$fullpath</tt></h3><h3>$html_lt{'newd'}</h3></td></tr>\\n")
newWindow.document.write("<tr><td width='2'> </td><td width='3'> </td>\\n")
newWindow.document.write("<td><form name='fileaction' action='/adm/cfile' method='post'>\\n")
- newWindow.document.write("$lt{'nndi'}<br /><br />")
+ newWindow.document.write("$html_lt{'nndi'}<br /><br />")
newWindow.document.write("<input type='hidden' name='filename' value='$fullpath' />")
newWindow.document.write("<input type='hidden' name='action' value='newdir' />")
newWindow.document.write("<input type='hidden' name='callingmode' value='imsimport' />")
newWindow.document.write("$fullpath<input type='text' name='newfilename' value='' />")
- newWindow.document.write("<input type='button' value='$lt{'go'}' onclick='document.fileaction.submit();' />")
+ newWindow.document.write("<input type='button' value='$html_lt{'go'}' onclick='document.fileaction.submit();' />")
newWindow.document.write("</td></tr>\\n")
newWindow.document.write("</table>")
newWindow.document.write('$end_page')
@@ -133,7 +137,7 @@
$course_list = '"'.join('","', at crslist).'"';
$$numcrs = @crslist;
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
sel => 'Please select',
impto => 'Import topics only',
imptpa => 'Import topics + posts (with author)',
@@ -147,6 +151,7 @@
errte => 'You must select a target course when importing enrollment information.',
errcc => 'You must check at least one Content Type.',
);
+ &js_escape(\%js_lt);
return <<"END_OF_TWO";
function checkCourse() {
@@ -195,7 +200,7 @@
step2Form.targetcourse.length = 0
if (call == 'add') {
step2Form.targetcourse.length = 0
- step2Form.targetcourse.options[0] = new Option("$lt{'sel'}","0",true,true)
+ step2Form.targetcourse.options[0] = new Option("$js_lt{'sel'}","0",true,true)
for (var i=0; i<courseID_array.length; i++) {
step2Form.targetcourse.options[i+1] = new Option(courseTitle_array[i],courseID_array[i],false,false)
}
@@ -215,22 +220,22 @@
opForm.elements[menu].length = 0
if (opForm.elements[itemnum*2].checked == true) {
if (caller == "board") {
- opForm.elements[menu].options[0] = new Option("$lt{'sel'}","-1",true,true)
- opForm.elements[menu].options[1] = new Option("$lt{'impto'}","topics",true,true)
- opForm.elements[menu].options[2] = new Option("$lt{'imptpa'}","allpost",true,true)
- opForm.elements[menu].options[3] = new Option("$lt{'imptpn'}","allanon",true,true)
+ opForm.elements[menu].options[0] = new Option("$js_lt{'sel'}","-1",true,true)
+ opForm.elements[menu].options[1] = new Option("$js_lt{'impto'}","topics",true,true)
+ opForm.elements[menu].options[2] = new Option("$js_lt{'imptpa'}","allpost",true,true)
+ opForm.elements[menu].options[3] = new Option("$js_lt{'imptpn'}","allanon",true,true)
}
else {
if (caller == "users") {
opForm.elements[menu].length = 0
- opForm.elements[menu].options[0] = new Option("$lt{'sel'}","-1",true,true)
- opForm.elements[menu].options[1] = new Option("$lt{'enrst'}","students",true,true)
- opForm.elements[menu].options[2] = new Option("$lt{'enrall'}","all",true,true)
+ opForm.elements[menu].options[0] = new Option("$js_lt{'sel'}","-1",true,true)
+ opForm.elements[menu].options[1] = new Option("$js_lt{'enrst'}","students",true,true)
+ opForm.elements[menu].options[2] = new Option("$js_lt{'enrall'}","all",true,true)
}
}
}
else {
- opForm.elements[menu].options[0] = new Option("$lt{'notreq'}","0",true,true)
+ opForm.elements[menu].options[0] = new Option("$js_lt{'notreq'}","0",true,true)
}
opForm.elements[menu].selectedIndex = 0
if (numCrs > 0) {
@@ -248,7 +253,7 @@
totcheck ++
if (opForm.elements[2*i].name == "board") {
if (opForm.elements[2*i+1].selectedIndex == 0) {
- alert("$lt{'errao'}")
+ alert("$js_lt{'errao'}")
return false
}
if (numCrs == 0) {
@@ -257,14 +262,14 @@
}
else {
if (opForm.targetcourse.selectedIndex == 0) {
- alert("$lt{'errtd'}")
+ alert("$js_lt{'errtd'}")
return false
}
}
}
if (opForm.elements[2*i].name == "users") {
if (opForm.elements[2*i+1].selectedIndex == 0) {
- alert("$lt{'errap'}")
+ alert("$js_lt{'errap'}")
return false
}
if (numCrs == 0) {
@@ -273,7 +278,7 @@
}
else {
if (opForm.targetcourse.selectedIndex == 0) {
- alert("$lt{'errte'}")
+ alert("$js_lt{'errte'}")
return false
}
}
@@ -281,7 +286,7 @@
}
}
if (totcheck == 0) {
- alert("$lt{'errcc'}");
+ alert("$js_lt{'errcc'}");
return false
}
return true
Index: loncom/interface/coursecatalog.pm
diff -u loncom/interface/coursecatalog.pm:1.87 loncom/interface/coursecatalog.pm:1.88
--- loncom/interface/coursecatalog.pm:1.87 Tue May 19 18:07:35 2015
+++ loncom/interface/coursecatalog.pm Tue Jun 9 21:22:55 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler for displaying the course catalog interface
#
-# $Id: coursecatalog.pm,v 1.87 2015/05/19 18:07:35 raeburn Exp $
+# $Id: coursecatalog.pm,v 1.88 2015/06/09 21:22:55 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -295,6 +295,7 @@
if (!$deeper) {
$alert = &mt('Choose a category to display');
}
+ &js_escape(\$alert);
$catjs .= <<ENDJS;
function check_selected() {
if (document.coursecats.$selitem.options[document.coursecats.$selitem.selectedIndex].value == "") {
Index: loncom/interface/courseprefs.pm
diff -u loncom/interface/courseprefs.pm:1.71 loncom/interface/courseprefs.pm:1.72
--- loncom/interface/courseprefs.pm:1.71 Thu May 21 23:26:35 2015
+++ loncom/interface/courseprefs.pm Tue Jun 9 21:22:55 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set configuration settings for a course
#
-# $Id: courseprefs.pm,v 1.71 2015/05/21 23:26:35 raeburn Exp $
+# $Id: courseprefs.pm,v 1.72 2015/06/09 21:22:55 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -2430,6 +2430,7 @@
} else {
$alert = &mt("Use 'Save' in the main window to save course categories");
}
+ &js_escape(\$alert);
$catwin_js = <<ENDSCRIPT;
<script type="text/javascript">
Index: loncom/interface/createaccount.pm
diff -u loncom/interface/createaccount.pm:1.69 loncom/interface/createaccount.pm:1.70
--- loncom/interface/createaccount.pm:1.69 Fri Jan 9 15:41:49 2015
+++ loncom/interface/createaccount.pm Tue Jun 9 21:22:55 2015
@@ -4,7 +4,7 @@
# kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as
# username may be processed automatically, or may be queued for approval.
#
-# $Id: createaccount.pm,v 1.69 2015/01/09 15:41:49 raeburn Exp $
+# $Id: createaccount.pm,v 1.70 2015/06/09 21:22:55 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -389,6 +389,7 @@
}
if (@required) {
my $missprompt = &mt('One or more required fields are currently blank.');
+ &js_escape(\$missprompt);
my $reqstr = join("','", at required);
$requiredchk = <<"ENDCHK";
var requiredfields = new Array('$reqstr');
@@ -452,8 +453,10 @@
sub javascript_checkpass {
my ($now,$context) = @_;
my $nopass = &mt('You must enter a password.');
- my $mismatchpass = &mt('The passwords you entered did not match.').'\\n'.
+ my $mismatchpass = &mt('The passwords you entered did not match.')."\n".
&mt('Please try again.');
+ &js_escape(\$nopass);
+ &js_escape(\$mismatchpass);
my $js = <<"ENDSCRIPT";
<script type="text/javascript">
// <![CDATA[
@@ -487,18 +490,19 @@
}
sub javascript_validmail {
- my %lt = &Apache::lonlocal::texthash (
+ my %js_lt = &Apache::lonlocal::texthash (
email => 'The e-mail address you entered',
notv => 'is not a valid e-mail address',
);
my $output = "\n".'<script type="text/javascript">'."\n".
'// <![CDATA['."\n".
&Apache::lonhtmlcommon::javascript_valid_email()."\n";
+ &js_escape(\%js_lt);
$output .= <<"ENDSCRIPT";
function validate_email(client) {
field = client.uname;
if (validmail(field) == false) {
- alert("$lt{'email'}: "+field.value+" $lt{'notv'}.");
+ alert("$js_lt{'email'}: "+field.value+" $js_lt{'notv'}.");
return false;
}
return true;
Index: loncom/interface/domainprefs.pm
diff -u loncom/interface/domainprefs.pm:1.264 loncom/interface/domainprefs.pm:1.265
--- loncom/interface/domainprefs.pm:1.264 Thu May 21 22:59:16 2015
+++ loncom/interface/domainprefs.pm Tue Jun 9 21:22:55 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: domainprefs.pm,v 1.264 2015/05/21 22:59:16 raeburn Exp $
+# $Id: domainprefs.pm,v 1.265 2015/06/09 21:22:55 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -5486,7 +5486,10 @@
}
my $instcode_reserved = &mt('The name: [_1] is a reserved category.','"instcode"');
my $communities_reserved = &mt('The name: [_1] is a reserved category.','"communities"');
- my $choose_again = '\\n'.&mt('Please use a different name for the new top level category.');
+ my $choose_again = "\n".&mt('Please use a different name for the new top level category.');
+ &js_escape(\$instcode_reserved);
+ &js_escape(\$communities_reserved);
+ &js_escape(\$choose_again);
$output = <<"ENDSCRIPT";
<script type="text/javascript">
// <![CDATA[
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1221 loncom/interface/loncommon.pm:1.1222
--- loncom/interface/loncommon.pm:1.1221 Thu May 21 23:40:09 2015
+++ loncom/interface/loncommon.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1221 2015/05/21 23:40:09 raeburn Exp $
+# $Id: loncommon.pm,v 1.1222 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -7802,6 +7802,7 @@
$newurl .= '&origurl='.$requrl;
}
}
+ &js_escape(\$msg);
$result.=<<OFFLOAD
<meta http-equiv="pragma" content="no-cache" />
<script type="text/javascript">
@@ -9536,7 +9537,7 @@
}
$srchterm = $srch->{'srchterm'};
}
- my %lt=&Apache::lonlocal::texthash(
+ my %html_lt=&Apache::lonlocal::texthash(
'usr' => 'Search criteria',
'doma' => 'Domain/institution to search',
'uname' => 'username',
@@ -9549,6 +9550,8 @@
'exact' => 'is',
'contains' => 'contains',
'begins' => 'begins with',
+ );
+ my %js_lt=&Apache::lonlocal::texthash(
'youm' => "You must include some text to search for.",
'thte' => "The text you are searching for must contain at least two characters when using a 'begins' type search.",
'thet' => "The text you are searching for must contain at least three characters when using a 'contains' type search.",
@@ -9558,6 +9561,8 @@
'whse' => "When searching by last,first you must include at least one character in the first name.",
'thfo' => "The following need to be corrected before the search can be run:",
);
+ &html_escape(\%html_lt);
+ &js_escape(\%js_lt);
my $domform = &select_dom_form($currdom,'srchdomain',1,1);
my $srchinsel = ' <select name="srchin">';
@@ -9572,10 +9577,10 @@
next if ($option eq 'crs' && !$env{'request.course.id'});
if ($curr_selected{'srchin'} eq $option) {
$srchinsel .= '
- <option value="'.$option.'" selected="selected">'.$lt{$option}.'</option>';
+ <option value="'.$option.'" selected="selected">'.$html_lt{$option}.'</option>';
} else {
$srchinsel .= '
- <option value="'.$option.'">'.$lt{$option}.'</option>';
+ <option value="'.$option.'">'.$html_lt{$option}.'</option>';
}
}
$srchinsel .= "\n </select>\n";
@@ -9584,10 +9589,10 @@
foreach my $option ('lastname','lastfirst','uname') {
if ($curr_selected{'srchby'} eq $option) {
$srchbysel .= '
- <option value="'.$option.'" selected="selected">'.$lt{$option}.'</option>';
+ <option value="'.$option.'" selected="selected">'.$html_lt{$option}.'</option>';
} else {
$srchbysel .= '
- <option value="'.$option.'">'.$lt{$option}.'</option>';
+ <option value="'.$option.'">'.$html_lt{$option}.'</option>';
}
}
$srchbysel .= "\n </select>\n";
@@ -9596,10 +9601,10 @@
foreach my $option ('begins','contains','exact') {
if ($curr_selected{'srchtype'} eq $option) {
$srchtypesel .= '
- <option value="'.$option.'" selected="selected">'.$lt{$option}.'</option>';
+ <option value="'.$option.'" selected="selected">'.$html_lt{$option}.'</option>';
} else {
$srchtypesel .= '
- <option value="'.$option.'">'.$lt{$option}.'</option>';
+ <option value="'.$option.'">'.$html_lt{$option}.'</option>';
}
}
$srchtypesel .= "\n </select>\n";
@@ -9684,46 +9689,46 @@
if (srchterm == "") {
checkok = 0;
- msg += "$lt{'youm'}\\n";
+ msg += "$js_lt{'youm'}\\n";
}
if (srchtype== 'begins') {
if (srchterm.length < 2) {
checkok = 0;
- msg += "$lt{'thte'}\\n";
+ msg += "$js_lt{'thte'}\\n";
}
}
if (srchtype== 'contains') {
if (srchterm.length < 3) {
checkok = 0;
- msg += "$lt{'thet'}\\n";
+ msg += "$js_lt{'thet'}\\n";
}
}
if (srchin == 'instd') {
if (srchdomain == '') {
checkok = 0;
- msg += "$lt{'yomc'}\\n";
+ msg += "$js_lt{'yomc'}\\n";
}
}
if (srchin == 'dom') {
if (srchdomain == '') {
checkok = 0;
- msg += "$lt{'ymcd'}\\n";
+ msg += "$js_lt{'ymcd'}\\n";
}
}
if (srchby == 'lastfirst') {
if (srchterm.indexOf(",") == -1) {
checkok = 0;
- msg += "$lt{'whus'}\\n";
+ msg += "$js_lt{'whus'}\\n";
}
if (srchterm.indexOf(",") == srchterm.length -1) {
checkok = 0;
- msg += "$lt{'whse'}\\n";
+ msg += "$js_lt{'whse'}\\n";
}
}
if (checkok == 0) {
- alert("$lt{'thfo'}\\n"+msg);
+ alert("$js_lt{'thfo'}\\n"+msg);
return;
}
if (checkok == 1) {
@@ -9741,10 +9746,10 @@
END_BLOCK
$output .= &Apache::lonhtmlcommon::start_pick_box().
- &Apache::lonhtmlcommon::row_title($lt{'doma'}).
+ &Apache::lonhtmlcommon::row_title($html_lt{'doma'}).
$domform.
&Apache::lonhtmlcommon::row_closure().
- &Apache::lonhtmlcommon::row_title($lt{'usr'}).
+ &Apache::lonhtmlcommon::row_title($html_lt{'usr'}).
$srchbysel.
$srchtypesel.
'<input type="text" size="15" name="srchterm" value="'.$srchterm.'" />'.
Index: loncom/interface/lonconfigsettings.pm
diff -u loncom/interface/lonconfigsettings.pm:1.30 loncom/interface/lonconfigsettings.pm:1.31
--- loncom/interface/lonconfigsettings.pm:1.30 Thu May 21 23:26:35 2015
+++ loncom/interface/lonconfigsettings.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: lonconfigsettings.pm,v 1.30 2015/05/21 23:26:35 raeburn Exp $
+# $Id: lonconfigsettings.pm,v 1.31 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -75,6 +75,7 @@
\@code_order);
if (@code_order) {
my $noinstcodestr = &mt('You indicated cloning based on category, but did not select any categories.');
+ &js_escape(\$noinstcodestr);
$instcode_check = <<"ENDSCRIPT";
if (formname == document.display) {
if (formname.cloners_instcode.length) {
@@ -118,6 +119,7 @@
}
}
my $alert = &mt('You must select at least one functionality type to display.');
+ &js_escape(\$alert);
my $js = '
<script type="text/javascript">
// <![CDATA[
Index: loncom/interface/loncourserespicker.pm
diff -u loncom/interface/loncourserespicker.pm:1.12 loncom/interface/loncourserespicker.pm:1.13
--- loncom/interface/loncourserespicker.pm:1.12 Thu Apr 9 17:57:05 2015
+++ loncom/interface/loncourserespicker.pm Tue Jun 9 21:22:56 2015
@@ -1,6 +1,6 @@
# The LearningOnline Network
#
-# $Id: loncourserespicker.pm,v 1.12 2015/04/09 17:57:05 raeburn Exp $
+# $Id: loncourserespicker.pm,v 1.13 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -592,6 +592,9 @@
my $blankmsg = &mt('An item selected has no filename set in the "Save as ..." column.');
my $dupmsg = &mt('Items selected for copying need unique filenames in the "Save as ..." column.');
my $homemsg = &mt('An Authoring Space needs to be selected.');
+ &js_escape(\$blankmsg);
+ &js_escape(\$dupmsg);
+ &js_escape(\$homemsg);
$scripttag .= <<"EXTRA";
function checkUnique(form,field) {
Index: loncom/interface/loncreatecourse.pm
diff -u loncom/interface/loncreatecourse.pm:1.157 loncom/interface/loncreatecourse.pm:1.158
--- loncom/interface/loncreatecourse.pm:1.157 Fri Feb 28 19:20:06 2014
+++ loncom/interface/loncreatecourse.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Create a course
#
-# $Id: loncreatecourse.pm,v 1.157 2014/02/28 19:20:06 bisitz Exp $
+# $Id: loncreatecourse.pm,v 1.158 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -133,6 +133,8 @@
} else {
my $title_alert = &mt('A Community title is required');
my $coord_alert = &mt('The username of the Coordinator is required');
+ &js_escape(\$title_alert);
+ &js_escape(\$coord_alert);
$javascript_validations = qq|
function validate(formname) {
if (formname.title == '') {
Index: loncom/interface/loncreateuser.pm
diff -u loncom/interface/loncreateuser.pm:1.404 loncom/interface/loncreateuser.pm:1.405
--- loncom/interface/loncreateuser.pm:1.404 Thu Dec 11 01:20:50 2014
+++ loncom/interface/loncreateuser.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.404 2014/12/11 01:20:50 raeburn Exp $
+# $Id: loncreateuser.pm,v 1.405 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -5544,6 +5544,7 @@
butn => 'but no user types have been checked.',
wilf => "Please uncheck 'activate' or check at least one type.",
);
+ &js_escape(\%alerts);
my $selfenroll_js = <<"ENDSCRIPT";
function update_types(caller,num) {
var delidx = getIndexByName('selfenroll_delete');
Index: loncom/interface/londocs.pm
diff -u loncom/interface/londocs.pm:1.593 loncom/interface/londocs.pm:1.594
--- loncom/interface/londocs.pm:1.593 Mon Mar 23 12:51:26 2015
+++ loncom/interface/londocs.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Documents
#
-# $Id: londocs.pm,v 1.593 2015/03/23 12:51:26 droeschl Exp $
+# $Id: londocs.pm,v 1.594 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1353,29 +1353,34 @@
}
sub paste_popup_js {
- my %lt = &Apache::lonlocal::texthash(
+ my %html_js_lt = &Apache::lonlocal::texthash(
show => 'Show Options',
hide => 'Hide Options',
+ );
+ my %js_lt = &Apache::lonlocal::texthash(
none => 'No items selected from clipboard.',
);
+ &html_escape(\%html_js_lt);
+ &js_escape(\%html_js_lt);
+ &js_escape(\%js_lt);
return <<"END";
function showPasteOptions(suffix) {
document.getElementById('pasteoptions_'+suffix).style.display='block';
- document.getElementById('pasteoptionstext_'+suffix).innerHTML = ' <a href="javascript:hidePasteOptions(\\''+suffix+'\\');" class="LC_menubuttons_link">$lt{'hide'}</a>';
+ document.getElementById('pasteoptionstext_'+suffix).innerHTML = ' <a href="javascript:hidePasteOptions(\\''+suffix+'\\');" class="LC_menubuttons_link">$html_js_lt{'hide'}</a>';
return;
}
function hidePasteOptions(suffix) {
document.getElementById('pasteoptions_'+suffix).style.display='none';
- document.getElementById('pasteoptionstext_'+suffix).innerHTML =' <a href="javascript:showPasteOptions(\\''+suffix+'\\')" class="LC_menubuttons_link">$lt{'show'}</a>';
+ document.getElementById('pasteoptionstext_'+suffix).innerHTML =' <a href="javascript:showPasteOptions(\\''+suffix+'\\')" class="LC_menubuttons_link">$html_js_lt{'show'}</a>';
return;
}
function showOptions(caller,suffix) {
if (document.getElementById('pasteoptionstext_'+suffix)) {
if (caller.checked) {
- document.getElementById('pasteoptionstext_'+suffix).innerHTML =' <a href="javascript:showPasteOptions(\\''+suffix+'\\')" class="LC_menubuttons_link">$lt{'show'}</a>';
+ document.getElementById('pasteoptionstext_'+suffix).innerHTML =' <a href="javascript:showPasteOptions(\\''+suffix+'\\')" class="LC_menubuttons_link">$html_js_lt{'show'}</a>';
} else {
document.getElementById('pasteoptionstext_'+suffix).innerHTML ='';
}
@@ -1404,7 +1409,7 @@
if (numchk > 0) {
return true;
} else {
- alert("$lt{'none'}");
+ alert("$js_lt{'none'}");
return false;
}
}
@@ -5794,7 +5799,7 @@
sub editing_js {
my ($udom,$uname,$supplementalflag) = @_;
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
p_mnf => 'Name of New Folder',
t_mnf => 'New Folder',
p_mnp => 'Name of New Page',
@@ -5832,7 +5837,7 @@
noch => 'No changes to settings specified.',
noac => 'No actions selected.',
);
-
+ &js_escape(\%js_lt);
my $crstype = &Apache::loncommon::course_type();
my $docs_folderpath = &HTML::Entities::encode($env{'environment.internal.'.$env{'request.course.id'}.'.docs_folderpath.folderpath'},'<>&"');
my $main_container_page;
@@ -5877,7 +5882,7 @@
return <<ENDNEWSCRIPT;
function makenewfolder(targetform,folderseq) {
- var foldername=prompt('$lt{"p_mnf"}','$lt{"t_mnf"}');
+ var foldername=prompt('$js_lt{"p_mnf"}','$js_lt{"t_mnf"}');
if (foldername) {
targetform.importdetail.value=escape(foldername)+"="+folderseq;
targetform.submit();
@@ -5885,7 +5890,7 @@
}
function makenewpage(targetform,folderseq) {
- var pagename=prompt('$lt{"p_mnp"}','$lt{"t_mnp"}');
+ var pagename=prompt('$js_lt{"p_mnp"}','$js_lt{"t_mnp"}');
if (pagename) {
targetform.importdetail.value=escape(pagename)+"="+folderseq;
targetform.submit();
@@ -5893,7 +5898,7 @@
}
function makeexamupload() {
- var title=prompt('$lt{"p_mxu"}');
+ var title=prompt('$js_lt{"p_mxu"}');
if (title) {
this.document.forms.newexamupload.importdetail.value=
escape(title)+'=/res/lib/templates/examupload.problem';
@@ -5902,7 +5907,7 @@
}
function makesmppage() {
- var title=prompt('$lt{"p_msp"}');
+ var title=prompt('$js_lt{"p_msp"}');
if (title) {
this.document.forms.newsmppg.importdetail.value=
escape(title)+'=/adm/$udom/$uname/new/smppg';
@@ -5911,7 +5916,7 @@
}
function makewebpage(type) {
- var title=prompt('$lt{"p_mwp"}');
+ var title=prompt('$js_lt{"p_mwp"}');
var formname;
if (type == 'supp') {
formname = this.document.forms.supwebpage;
@@ -5926,7 +5931,7 @@
}
function makesmpproblem() {
- var title=prompt('$lt{"p_msb"}');
+ var title=prompt('$js_lt{"p_msb"}');
if (title) {
this.document.forms.newsmpproblem.importdetail.value=
escape(title)+'=/res/lib/templates/simpleproblem.problem';
@@ -5935,7 +5940,7 @@
}
function makedropbox() {
- var title=prompt('$lt{"p_mdb"}');
+ var title=prompt('$js_lt{"p_mdb"}');
if (title) {
this.document.forms.newdropbox.importdetail.value=
escape(title)+'=/res/lib/templates/DropBox.problem';
@@ -5944,7 +5949,7 @@
}
function makebulboard() {
- var title=prompt('$lt{"p_mbb"}');
+ var title=prompt('$js_lt{"p_mbb"}');
if (title) {
this.document.forms.newbul.importdetail.value=
escape(title)+'=/adm/$udom/$uname/new/bulletinboard';
@@ -5953,20 +5958,20 @@
}
function makeabout() {
- var user=prompt("$lt{'p_mab'}");
+ var user=prompt("$js_lt{'p_mab'}");
if (user) {
var comp=new Array();
comp=user.split(':');
if ((typeof(comp[0])!=undefined) && (typeof(comp[1])!=undefined)) {
if ((comp[0]) && (comp[1])) {
this.document.forms.newaboutsomeone.importdetail.value=
- '$lt{"p_mab2"}'+escape(user)+'=/adm/'+comp[1]+'/'+comp[0]+'/aboutme';
+ '$js_lt{"p_mab2"}'+escape(user)+'=/adm/'+comp[1]+'/'+comp[0]+'/aboutme';
this.document.forms.newaboutsomeone.submit();
} else {
- alert("$lt{'p_mab_alrt1'}");
+ alert("$js_lt{'p_mab_alrt1'}");
}
} else {
- alert("$lt{'p_mab_alrt2'}");
+ alert("$js_lt{'p_mab_alrt2'}");
}
}
}
@@ -6004,11 +6009,11 @@
function makeims(imsform) {
if ((imsform.uploaddoc.value == '') || (!imsform.uploaddoc.value)) {
- alert("$lt{'imsfile'}");
+ alert("$js_lt{'imsfile'}");
return;
}
if (imsform.source.selectedIndex == 0) {
- alert("$lt{'imscms'}");
+ alert("$js_lt{'imscms'}");
return;
}
newWindow = window.open('', 'IMSimport',"HEIGHT=700,WIDTH=750,scrollbars=yes");
@@ -6016,7 +6021,7 @@
}
function changename(folderpath,index,oldtitle) {
-var title=prompt('$lt{"p_chn"}',oldtitle);
+var title=prompt('$js_lt{"p_chn"}',oldtitle);
if (title) {
this.document.forms.renameform.markcopy.value='';
this.document.forms.renameform.title.value=title;
@@ -6040,7 +6045,7 @@
picknumtext = document.getElementById('randompicknum_'+index);
}
if (pickitem.checked) {
- var picknum=prompt('$lt{"rpck"}',picknumitem.value);
+ var picknum=prompt('$js_lt{"rpck"}',picknumitem.value);
if (picknum == '' || picknum == null) {
if (caller == 'check') {
pickitem.checked=false;
@@ -6228,14 +6233,14 @@
targetform.markcopy.value=idx+':'+param;
targetform.copyfolder.value=folder+'.'+container;
if (param == 'remove') {
- if (skip_confirm || confirm('$lt{"p_rmr1"}\\n\\n$lt{"p_rmr2a"} "'+oldtitle+'" $lt{"p_rmr2b"}')) {
+ if (skip_confirm || confirm('$js_lt{"p_rmr1"}\\n\\n$js_lt{"p_rmr2a"} "'+oldtitle+'" $js_lt{"p_rmr2b"}')) {
targetform.markcopy.value='';
targetform.copyfolder.value='';
targetform.submit();
}
}
if (param == 'cut') {
- if (skip_confirm || confirm('$lt{"p_ctr1a"}\\n$lt{"p_ctr1b"}\\n\\n$lt{"p_ctr2a"} "'+oldtitle+'" $lt{"p_ctr2b"}')) {
+ if (skip_confirm || confirm('$js_lt{"p_ctr1a"}\\n$js_lt{"p_ctr1b"}\\n\\n$js_lt{"p_ctr2a"} "'+oldtitle+'" $js_lt{"p_ctr2b"}')) {
targetform.submit();
return;
}
@@ -6414,7 +6419,7 @@
}
document.getElementById('multi'+caller).style.display=disp;
if (value == 1) {
- document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',1);" style="text-decoration:none;">$lt{'more'}</a>';
+ document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',1);" style="text-decoration:none;">$js_lt{'more'}</a>';
} else {
document.getElementById('more'+caller).innerHTML = '';
}
@@ -6440,10 +6445,10 @@
function toggleCheckUncheck(caller,more) {
if (more == 1) {
- document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',0);" style="text-decoration:none;">$lt{'less'}</a>';
+ document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',0);" style="text-decoration:none;">$js_lt{'less'}</a>';
document.getElementById('allfields'+caller).style.display='block';
} else {
- document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',1);" style="text-decoration:none;">$lt{'more'}</a>';
+ document.getElementById('more'+caller).innerHTML = ' <a href="javascript:toggleCheckUncheck(\\''+caller+'\\',1);" style="text-decoration:none;">$js_lt{'more'}</a>';
document.getElementById('allfields'+caller).style.display='none';
}
resize_scrollbox('contentscroll','1','1');
@@ -6599,12 +6604,12 @@
if (numchanges > 0) {
if ((cutwarnings > 0) || (remwarnings > 0)) {
if (remwarnings > 0) {
- if (!confirm('$lt{"p_rmr1"}\\n\\n$lt{"p_rmr3a"} '+remwarnings+' $lt{"p_rmr3b"}')) {
+ if (!confirm('$js_lt{"p_rmr1"}\\n\\n$js_lt{"p_rmr3a"} '+remwarnings+' $js_lt{"p_rmr3b"}')) {
return false;
}
}
if (cutwarnings > 0) {
- if (!confirm('$lt{"p_ctr1a"}\\n$lt{"p_ctr1b"}\\n\\n$lt{"p_ctr3a"} '+cutwarnings+' $lt{"p_ctr3b"}')) {
+ if (!confirm('$js_lt{"p_ctr1a"}\\n$js_lt{"p_ctr1b"}\\n\\n$js_lt{"p_ctr3a"} '+cutwarnings+' $js_lt{"p_ctr3b"}')) {
return false;
}
}
@@ -6620,12 +6625,12 @@
}
}
if ((dosettings == 1) && (doactions == 1)) {
- alert("$lt{'noor'}");
+ alert("$js_lt{'noor'}");
} else {
if (dosettings == 1) {
- alert("$lt{'noch'}");
+ alert("$js_lt{'noch'}");
} else {
- alert("$lt{'noac'}");
+ alert("$js_lt{'noac'}");
}
}
return false;
@@ -6740,13 +6745,19 @@
sub dump_switchserver_js {
my @hosts = @_;
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
dump => 'Copying content to Authoring Space requires switching server.',
swit => 'Switch server?',
+ );
+ my %html_js_lt = &Apache::lonlocal::texthash(
+ swit => 'Switch server?',
duco => 'Copying Content to Authoring Space',
yone => 'You need to switch to a server housing an Authoring Space for which you are author or co-author.',
chos => 'Choose server',
);
+ &js_escape(\%js_lt);
+ &html_escape(\%html_js_lt);
+ &js_escape(\%html_js_lt);
my $role = $env{'request.role'};
my $js = <<"ENDSWJS";
<script type="text/javascript">
@@ -6787,7 +6798,7 @@
function dump_needs_switchserver(url) {
if (url!='' && url!= null) {
- if (confirm("$lt{'dump'}\\n$lt{'swit'}")) {
+ if (confirm("$js_lt{'dump'}\\n$js_lt{'swit'}")) {
go(url);
}
}
@@ -6798,13 +6809,13 @@
newWindow = window.open('','ChooseServer','height=400,width=500,scrollbars=yes')
newWindow.document.open();
newWindow.document.writeln('$startpage');
- newWindow.document.write('<h3>$lt{'duco'}<\\/h3>\\n'+
- '<p>$lt{'yone'}<\\/p>\\n'+
- '<div class="LC_left_float"><fieldset><legend>$lt{'chos'}<\\/legend>\\n'+
+ newWindow.document.write('<h3>$html_js_lt{'duco'}<\\/h3>\\n'+
+ '<p>$html_js_lt{'yone'}<\\/p>\\n'+
+ '<div class="LC_left_float"><fieldset><legend>$html_js_lt{'chos'}<\\/legend>\\n'+
'<form name="setserver" method="post" action="" \\/>\\n'+
'$hostpicker\\n'+
'<br \\/><br \\/>\\n'+
- '<input type="button" name="makeswitch" value="$lt{'swit'}" '+
+ '<input type="button" name="makeswitch" value="$html_js_lt{'swit'}" '+
'onclick="write_switchserver();" \\/>\\n'+
'<\\/form><\\/fieldset><\\/div><br clear="all" \\/>\\n');
newWindow.document.writeln('$endpage');
Index: loncom/interface/lonextresedit.pm
diff -u loncom/interface/lonextresedit.pm:1.7 loncom/interface/lonextresedit.pm:1.8
--- loncom/interface/lonextresedit.pm:1.7 Mon Jan 6 12:52:45 2014
+++ loncom/interface/lonextresedit.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Documents
#
-# $Id: lonextresedit.pm,v 1.7 2014/01/06 12:52:45 raeburn Exp $
+# $Id: lonextresedit.pm,v 1.8 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -321,10 +321,11 @@
}
sub extedit_javascript {
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
invurl => 'Invalid URL',
titbl => 'Title is blank',
);
+ &js_escape(\%js_lt);
my $urlregexp = <<'ENDREGEXP';
/^([a-z]([a-z]|\d|\+|-|\.)*):(\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?((\[(|(v[\da-f]{1,}\.(([a-z]|\d|-|\.|_|~)|[!\$&'\(\)\*\+,;=]|:)+))\])|((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=])*)(:\d*)?)(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*|(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|!
@)*)*)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)){0})(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i
@@ -340,7 +341,7 @@
String.prototype.trim = function() {return this.replace(\/^\\s+|\\s+$\/g, "");}; }
var url=extform.exturl.value;
if (title == null || title.trim()=="") {
- alert("$lt{'titbl'}");
+ alert("$js_lt{'titbl'}");
extform.exttitle.focus();
return;
}
@@ -353,7 +354,7 @@
eval("extform.importdetail.value=title+'='+url;extform.submit();");
}
} else {
- alert("$lt{'invurl'}");
+ alert("$js_lt{'invurl'}");
extform.exturl.focus();
return;
}
@@ -379,7 +380,7 @@
if (regexp.test(url)) {
openMyModal(url,500,400,'yes');
} else {
- alert("$lt{'invurl'}");
+ alert("$js_lt{'invurl'}");
}
}
}
Index: loncom/interface/lonfeedback.pm
diff -u loncom/interface/lonfeedback.pm:1.369 loncom/interface/lonfeedback.pm:1.370
--- loncom/interface/lonfeedback.pm:1.369 Tue Feb 11 18:04:47 2014
+++ loncom/interface/lonfeedback.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Feedback
#
-# $Id: lonfeedback.pm,v 1.369 2014/02/11 18:04:47 bisitz Exp $
+# $Id: lonfeedback.pm,v 1.370 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -336,12 +336,15 @@
'aner' => 'An error occurred opening the manifest file.',
'difo' => 'Discussion for',
'aerr' => 'An error occurred opening the export file for posting',
+ 'discussions' => 'DISCUSSIONS'
+ );
+ my %js_lt = &Apache::lonlocal::texthash(
'aysu' => 'Are you sure you want to delete this post?',
'dpwn' => 'Deleted posts will no longer be visible to you and other students',
'bwco' => 'but will continue to be visible to your instructor',
'depo' => 'Deleted posts will no longer be visible to you or anyone else.',
- 'discussions' => 'DISCUSSIONS'
);
+ &js_escape(\%js_lt);
my $currdisp = $lt{'allposts'};
my $currmark = $lt{'onmark'};
@@ -447,12 +450,12 @@
prevparm = "&previous="+previous
}
if (caller == 'studentdelete') {
- if (confirm("$lt{'aysu'}\\n$lt{'dpwn'},\\n$lt{'bwco'}")) {
+ if (confirm("$js_lt{'aysu'}\\n$js_lt{'dpwn'},\\n$js_lt{'bwco'}")) {
document.location.href = "/adm/feedback?hide="+symbparm+prevparm+groupparm
}
} else {
if (caller == 'seeiddelete') {
- if (confirm("$lt{'aysu'}\\n$lt{'depo'}")) {
+ if (confirm("$js_lt{'aysu'}\\n$js_lt{'depo'}")) {
document.location.href = "/adm/feedback?deldisc="+symbparm+prevparm+groupparm
}
}
@@ -1500,6 +1503,7 @@
} else {
$novote = &mt('No voting for hidden posts.');
}
+ &html_escape(\$novote);
$$discussionitems[$idx].=
'<a href="javascript:alert('."'$novote'".');" style="text-decoration: none;">'.
'<img border="0" src="/res/adm/pages/thumbsup_novote.png" alt="'.$novote.'" /> '.
@@ -1900,6 +1904,7 @@
my $latexHelp=&Apache::loncommon::helpLatexCheatsheet(undef,undef,1,($env{'form.modal'}?'popup':0));
my $send=&mt('Send');
my $alert = &mt('Please select a feedback type.');
+ &js_escape(\$alert);
my $js= <<END;
<script type="text/javascript">
//<!--
@@ -2133,6 +2138,11 @@
'yhni' => 'You have not indicated that you wish to change any of the discussion settings',
'ywbr' => 'You will be returned to the previous page if you click OK.'
);
+ my %js_lt = &Apache::lonlocal::texthash(
+ 'yhni' => 'You have not indicated that you wish to change any of the discussion settings',
+ 'ywbr' => 'You will be returned to the previous page if you click OK.'
+ );
+ &js_escape(\%js_lt);
my $dispchangeA = $lt{'unread'};
my $dispchangeB = $lt{'unmark'};
@@ -2226,7 +2236,7 @@
if (chktotal > 0) {
document.modifydisp.submit()
} else {
- if(confirm("$lt{'yhni'}. \\n$lt{'ywbr'}")) {
+ if(confirm("$js_lt{'yhni'}. \\n$js_lt{'ywbr'}")) {
if (prev > 0) {
location.href = "$feedurl?previous=$previous"
} else {
Index: loncom/interface/lonhtmlcommon.pm
diff -u loncom/interface/lonhtmlcommon.pm:1.365 loncom/interface/lonhtmlcommon.pm:1.366
--- loncom/interface/lonhtmlcommon.pm:1.365 Thu May 28 12:20:16 2015
+++ loncom/interface/lonhtmlcommon.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common html routines
#
-# $Id: lonhtmlcommon.pm,v 1.365 2015/05/28 12:20:16 raeburn Exp $
+# $Id: lonhtmlcommon.pm,v 1.366 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -2478,7 +2478,7 @@
if ($totcodes > 0) {
my $numtitles = @$codetitles;
if ($numtitles > 0) {
- $output .= '<label><input type="radio" name="coursepick" value="category" onclick="coursePick(this.form);alert('."'".&mt('Choose categories, from left to right')."'".')" />'.&mt('Pick courses by category:').'</label><br />';
+ $output .= '<label><input type="radio" name="coursepick" value="category" onclick="coursePick(this.form);alert('."'".&html_escape(&mt('Choose categories, from left to right'))."'".')" />'.&mt('Pick courses by category:').'</label><br />';
$output .= '<table><tr><td>'.$$codetitles[0].'<br />'."\n".
'<select name="'.$standardnames->[0].
'" onchange="setPick(this.form);courseSet('."'$$codetitles[0]'".')">'."\n".
@@ -2935,10 +2935,12 @@
sub file_submissionchk_js {
my ($turninpaths,$multiples) = @_;
- my $overwritewarn = &mt('File(s) you uploaded for your submission will overwrite existing file(s) submitted for this item').'\\n'.
+ my $overwritewarn = &mt('File(s) you uploaded for your submission will overwrite existing file(s) submitted for this item')."\n".
&mt('Continue submission and overwrite the file(s)?');
- my $delfilewarn = &mt('You have indicated you wish to remove some files previously included in your submission.').'\\n'.
+ &js_escape(\$overwritewarn);
+ my $delfilewarn = &mt('You have indicated you wish to remove some files previously included in your submission.')."\n".
&mt('Continue submission with these files removed?');
+ &js_escape(\$delfilewarn);
my ($turninpathtext,$multtext,$arrayindexofjs);
if (ref($turninpaths) eq 'HASH') {
foreach my $key (sort(keys(%{$turninpaths}))) {
@@ -3443,8 +3445,9 @@
##############################################
sub javascript_jumpto_resource {
- my $confirm_switch = &mt("Editing requires switching to the resource's home server.").'\n'.
+ my $confirm_switch = &mt("Editing requires switching to the resource's home server.")."\n".
&mt('Switch server?');
+ &js_escape(\$confirm_switch);
return (<<ENDUTILITY)
function go(url) {
Index: loncom/interface/lonmodifycourse.pm
diff -u loncom/interface/lonmodifycourse.pm:1.77 loncom/interface/lonmodifycourse.pm:1.78
--- loncom/interface/lonmodifycourse.pm:1.77 Fri May 22 21:08:42 2015
+++ loncom/interface/lonmodifycourse.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# handler for DC-only modifiable course settings
#
-# $Id: lonmodifycourse.pm,v 1.77 2015/05/22 21:08:42 raeburn Exp $
+# $Id: lonmodifycourse.pm,v 1.78 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1901,6 +1901,8 @@
} elsif ($phase eq 'setquota') {
my $invalid = &mt('The quota you entered contained invalid characters.');
my $alert = &mt('You must enter a number');
+ &js_escape(\$invalid);
+ &js_escape(\$alert);
my $regexp = '/^\s*(\d+\.?\d*|\.\d+)\s*$/';
$js .= <<"ENDSCRIPT";
@@ -1920,6 +1922,8 @@
} elsif ($phase eq 'setanon') {
my $invalid = &mt('The responder threshold you entered is invalid.');
my $alert = &mt('You must enter a positive integer.');
+ &js_escape(\$invalid);
+ &js_escape(\$alert);
my $regexp = ' /^\s*\d+\s*$/';
$js .= <<"ENDSCRIPT";
@@ -1945,6 +1949,9 @@
my $invalid = &mt('The choice entered for disabling the submit button is invalid.');
my $invalidtimeout = &mt('The timeout you entered for disabling the submit button is invalid.');
my $alert = &mt('Enter one of: a positive integer, 0 (for no timeout), or leave blank to use domain default');
+ &js_escape(\$invalid);
+ &js_escape(\$invalidtimeout);
+ &js_escape(\$alert);
my $regexp = ' /^\s*\d+\s*$/';
$js .= <<"ENDSCRIPT";
Index: loncom/interface/lonmsgdisplay.pm
diff -u loncom/interface/lonmsgdisplay.pm:1.180 loncom/interface/lonmsgdisplay.pm:1.181
--- loncom/interface/lonmsgdisplay.pm:1.180 Thu Feb 12 21:22:07 2015
+++ loncom/interface/lonmsgdisplay.pm Tue Jun 9 21:22:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Routines for messaging display
#
-# $Id: lonmsgdisplay.pm,v 1.180 2015/02/12 21:22:07 raeburn Exp $
+# $Id: lonmsgdisplay.pm,v 1.181 2015/06/09 21:22:56 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -120,18 +120,23 @@
sub folderlist {
my ($folder,$msgstatus) = @_;
- my %lt = &Apache::lonlocal::texthash(
+ my %html_lt = &Apache::lonlocal::texthash(
actn => 'Action',
fold => 'Folder',
show => 'Show',
status => 'Message Status',
go => 'Go',
+
+ );
+ &html_escape(\%html_lt);
+ my %js_lt = &Apache::lonlocal::texthash(
nnff => 'New Name for Folder',
newn => 'New Name',
fmnb => 'Folder may not be renamed as it is a folder provided by the system.',
asth => 'Requested name already in use for a system-provided or user-defined folder.',
);
+ &js_escape(\%js_lt);
# set se lastvisit for the new mail check in the toplevel menu
&Apache::lonnet::appenv({'user.mailcheck.lastvisit'=>time});
@@ -179,16 +184,16 @@
if (targetform.folderaction.options[targetform.folderaction.selectedIndex].value == 'rename') {
for (var i=0; i<permfolders_keys.length; i++) {
if (permfolders_keys[i] == targetform.folder.value) {
- alert("'"+permfolders_vals[i]+"' -- $lt{'fmnb'}");
+ alert("'"+permfolders_vals[i]+"' -- $js_lt{'fmnb'}");
return;
}
}
- var foldername=prompt('$lt{'nnff'}','$lt{'newn'}');
+ var foldername=prompt('$js_lt{'nnff'}','$js_lt{'newn'}');
if (foldername) {
targetform.renamed.value=foldername;
for (var i=0; i<allfolders.length; i++) {
if (allfolders[i] == foldername) {
- alert("'"+foldername+"' $lt{'asth'}");
+ alert("'"+foldername+"' $js_lt{'asth'}");
return;
}
}
@@ -204,7 +209,7 @@
if (newname) {
for (var i=0; i<allfolders.length; i++) {
if (allfolders[i] == newname) {
- alert("'"+newname+"' -- $lt{'asth'}");
+ alert("'"+newname+"' -- $js_lt{'asth'}");
return;
}
}
@@ -223,21 +228,21 @@
<legend>'.&mt('Folder Actions').'</legend>
<table border="0" cellspacing="2" cellpadding="8">
<tr>
- <td><b>'.$lt{'fold'}.'</b><br />'."\n".
+ <td><b>'.$html_lt{'fold'}.'</b><br />'."\n".
&Apache::loncommon::select_form($folder,'folder',\%formhash).'
</td>
- <td><b>'.$lt{'show'}.'</b><br />'."\n".
+ <td><b>'.$html_lt{'show'}.'</b><br />'."\n".
&Apache::loncommon::select_form($env{'form.interdis'},'interdis',
\%show).'
</td>
- <td><b>'.$lt{'status'}.'</b><br />'."\n".
+ <td><b>'.$html_lt{'status'}.'</b><br />'."\n".
&Apache::loncommon::select_form($msgstatus,'msgstatus',\%statushash).'
</td>
<td style="padding-right: 40px;">
- <b>'.$lt{'actn'}.'</b><br />'."\n".'
+ <b>'.$html_lt{'actn'}.'</b><br />'."\n".'
<span class="LC_nobreak">'.
&Apache::loncommon::select_form('view','folderaction',\%actions).
- ' <input type="button" value="'.$lt{'go'}.
+ ' <input type="button" value="'.$html_lt{'go'}.
'" onclick="javascript:folder_choice(this.form,'."'change'".');" />
</span>
</td>
@@ -245,7 +250,7 @@
<b>'.&mt('New Folder').'</b><br />'."\n".'
<span class="LC_nobreak">
<input type="text" size="15" name="newfolder" value="" />
- <input type="button" value="'.$lt{'go'}.
+ <input type="button" value="'.$html_lt{'go'}.
'" onclick="javascript:folder_choice(this.form,'."'new'".');" />
</span>
</td>
@@ -1051,11 +1056,12 @@
my %setters = ();
my $numblocked = 0;
my ($startblock,$endblock) = &Apache::loncommon::blockcheck(\%setters,'com');
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
sede => 'Select a destination folder to which the messages will be moved.',
nome => 'No messages have been selected to apply this action to.',
chec => 'Check the checkbox for at least one message.',
);
+ &js_escape(\%js_lt);
my $jscript = &Apache::loncommon::check_uncheck_jscript();
$r->print(<<ENDDISHEADER);
<script type="text/javascript">
@@ -1066,7 +1072,7 @@
document.disall.markedaction.value = document.disall.checkedaction.options[document.disall.checkedaction.selectedIndex].value;
if (document.disall.checkedaction.options[document.disall.checkedaction.selectedIndex].value == 'markedmove') {
if (document.disall.movetofolder.options[document.disall.movetofolder.selectedIndex].value == "") {
- alert("$lt{'sede'}");
+ alert("$js_lt{'sede'}");
return;
}
}
@@ -1083,7 +1089,7 @@
}
}
if (checktotal == 0) {
- alert("$lt{'nome'}\\n$lt{'chec'}");
+ alert("$js_lt{'nome'}\\n$js_lt{'chec'}");
return;
}
document.disall.submit();
Index: loncom/interface/lonpdfupload.pm
diff -u loncom/interface/lonpdfupload.pm:1.24 loncom/interface/lonpdfupload.pm:1.25
--- loncom/interface/lonpdfupload.pm:1.24 Fri Dec 12 14:21:22 2014
+++ loncom/interface/lonpdfupload.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# PDF Form Upload Handler
#
-# $Id: lonpdfupload.pm,v 1.24 2014/12/12 14:21:22 raeburn Exp $
+# $Id: lonpdfupload.pm,v 1.25 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -122,6 +122,7 @@
sub get_javascripts() {
my $message = &mt('Please choose a PDF-File.');
+ &js_escape(\$message);
# simple test if the upload ends with ".pdf"
# it's only for giving a message to the user
Index: loncom/interface/lonpopulate.pm
diff -u loncom/interface/lonpopulate.pm:1.82 loncom/interface/lonpopulate.pm:1.83
--- loncom/interface/lonpopulate.pm:1.82 Fri Dec 12 14:30:47 2014
+++ loncom/interface/lonpopulate.pm Tue Jun 9 21:22:57 2015
@@ -1,5 +1,5 @@
# automated enrollment configuration handler
-# $Id: lonpopulate.pm,v 1.82 2014/12/12 14:30:47 raeburn Exp $
+# $Id: lonpopulate.pm,v 1.83 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -51,7 +51,7 @@
sub choose_header {
my ($action) = @_;
my $notify_check = '/^note_[0-9]+$/';
- my %lt =
+ my %js_lt =
&Apache::lonlocal::texthash(
adds => 'You must select either "Enable" or "Disable" for nightly additions based on classlist changes',
drop => 'You must select either "Enable" or "Disable" for nightly removals based on classlist changes',
@@ -61,8 +61,9 @@
ynot => 'You have indicated that you want notification of roster changes messages to be sent, but you have not selected any recipients.',
atle => 'You must check at least one checkbox, before proceeding to the next page',
);
- $lt{'both'} = &mt('You have selected "No" for both addition and removal of students[_1] in the institutional classlist but not in your LON-CAPA course.[_1]','\\n');
- $lt{'nnot'} = &mt('You have indicated that you do not want notification of roster changes messages to be sent, but [_1] have been checked as recipients.[_2]',"'+totalnote+'",'\\n');
+ $js_lt{'both'} = &mt('You have selected "No" for both addition and removal of students[_1] in the institutional classlist but not in your LON-CAPA course.[_1]',"\n");
+ $js_lt{'nnot'} = &mt('You have indicated that you do not want notification of roster changes messages to be sent, but [_1] have been checked as recipients.[_2]',"'+totalnote+'","\n");
+ &js_escape(\%js_lt);
my $scripttag = <<ENDJSONE;
<script type="text/javascript" language="JavaScript">
@@ -88,11 +89,11 @@
}
}
if (rad1 == 0) {
- alert('$lt{'adds'}');
+ alert('$js_lt{'adds'}');
checker = 0
}
if (rad2 == 0) {
- alert('$lt{'drop'}');
+ alert('$js_lt{'drop'}');
checker = 0
}
}
@@ -116,15 +117,15 @@
}
}
if (rad1 == 0) {
- alert('$lt{'drop'}');
+ alert('$js_lt{'drop'}');
checker = 0;
}
if (rad2 == 0) {
- alert('$lt{'ysno'}');
+ alert('$js_lt{'ysno'}');
checker = 0;
}
if (formName.updatedrops[unenrolldis].checked && formName.updateadds[enrolldis].checked ) {
- alert('$lt{'both'}$lt{'noup'}');
+ alert('$js_lt{'both'}$js_lt{'noup'}');
checker = 0;
}
}
@@ -141,7 +142,7 @@
}
if (totalnote > 0) {
if (formName.notify[1].checked == true) {
- if (confirm('$lt{'nnot'}$lt{'eras'}')) {
+ if (confirm('$js_lt{'nnot'}$js_lt{'eras'}')) {
checker = 1;
} else {
checker = 0;
@@ -149,7 +150,7 @@
}
} else {
if (formName.notify[0].checked == true) {
- alert('$lt{'ynot'}');
+ alert('$js_lt{'ynot'}');
checker = 0;
}
}
@@ -177,7 +178,7 @@
document.forms.studentform.state.value = "process";
}
if (totcheck == 0) {
- alert('$lt{'atle'}')
+ alert('$js_lt{'atle'}')
checker = 0;
}
}
Index: loncom/interface/lonrequestcourse.pm
diff -u loncom/interface/lonrequestcourse.pm:1.88 loncom/interface/lonrequestcourse.pm:1.89
--- loncom/interface/lonrequestcourse.pm:1.88 Mon Jun 8 22:06:52 2015
+++ loncom/interface/lonrequestcourse.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Request a course
#
-# $Id: lonrequestcourse.pm,v 1.88 2015/06/08 22:06:52 raeburn Exp $
+# $Id: lonrequestcourse.pm,v 1.89 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -768,7 +768,7 @@
";
}
}
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
official => 'You are not permitted to request creation of an official course in this domain.',
unofficial => 'You are not permitted to request creation of an unofficial course in this domain.',
community => 'You are not permitted to request creation of a community in this domain.',
@@ -776,33 +776,34 @@
all => 'You must choose a specific course type when making a new course request.',
allt => '"All types" is not allowed.',
);
+ &js_escape(\%js_lt);
$js .= <<END;
if (crschoice == 'official') {
if (official != 1) {
- alert("$lt{'official'}");
+ alert("$js_lt{'official'}");
return false;
}
} else {
if (crschoice == 'unofficial') {
if (unofficial != 1) {
- alert("$lt{'unofficial'}");
+ alert("$js_lt{'unofficial'}");
return false;
}
} else {
if (crschoice == 'community') {
if (community != 1) {
- alert("$lt{'community'}");
+ alert("$js_lt{'community'}");
return false;
}
} else {
if (crschoice == 'textbook') {
if (textbook != 1) {
- alert("$lt{'community'}");
+ alert("$js_lt{'textbook'}");
return false;
}
} else {
if (actionchoice == 'new') {
- alert('$lt{'all'}'+'\\n'+'$lt{'allt'}');
+ alert('$js_lt{'all'}'+'\\n'+'$js_lt{'allt'}');
return false;
}
}
@@ -1175,6 +1176,8 @@
my %alerts = §ion_check_alerts();
my $secname = $alerts{'badsec'};
my $secnone = $alerts{'reserved'};
+ &js_escape(\$secname);
+ &js_escape(\$secnone);
my $output = '
function validateEnrollSections(formname,nextstate) {
var badsectotal = 0;
@@ -1232,8 +1235,10 @@
sub personnel_lcsec_js {
my %alerts = §ion_check_alerts();
- my $secname = $alerts{'badsec'}.'\\n'.$alerts{'separate'};
+ my $secname = $alerts{'badsec'}."\n".$alerts{'separate'};
my $secnone = $alerts{'reserved'};
+ &js_escape(\$secname);
+ &js_escape(\$secnone);
my $output = '
function validatePersonnelSections(formname,nextstate) {
var badsectotal = 0;
@@ -2416,8 +2421,9 @@
}
sub viewcancel_javascript {
- my $alert = &mt('Are you sure you want to cancel this request?').'\\n'.
+ my $alert = &mt('Are you sure you want to cancel this request?')."\n".
&mt('Your request will be removed.');
+ &js_escape(\$alert);
return << "ENDJS";
function nextPage(formname,nextstate) {
if (confirm('$alert')) {
@@ -3059,19 +3065,20 @@
sub courseinfo_form {
my ($dom,$formname,$crstype,$next,$description) = @_;
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
official => 'You must provide a (brief) course description.',
community => 'You must provide a (brief) community description.'
);
- $lt{'unofficial'} = $lt{'official'};
- $lt{'textbook'} = $lt{'official'};
+ &js_escape(\%js_lt);
+ $js_lt{'unofficial'} = $js_lt{'official'};
+ $js_lt{'textbook'} = $js_lt{'official'};
my $js_validate = <<"ENDJS";
<script type="text/javascript">
// <![CDATA['
function validateForm() {
if ((document.$formname.cdescr.value == "") || (document.$formname.cdescr.value == "undefined")) {
- alert('$lt{$crstype}');
+ alert('$js_lt{$crstype}');
return;
}
nextPage(document.$formname,'$next');
@@ -4881,13 +4888,14 @@
my ($numprefab,$numcurrent) = @_;
return unless (ref($numprefab) eq 'HASH');
return if (!$numprefab->{'textbooks'} && !$numprefab->{'templates'} && !$numcurrent);
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
choose => 'Please select a content option.',
textbook => 'Please select a textbook, or choose a different option.',
template => 'Please select a template, or choose a different option.',
existing => 'Please select one of your existing courses to copy, or choose a different option.',
title => 'Please enter a course title.',
);
+ &js_escape(\%js_lt);
return <<"ENDSCRIPT";
function cloneChoice() {
if (document.requestcourse.cloning) {
@@ -4965,7 +4973,7 @@
var radioLength = document.requestcourse.cloning.length;
if (radioLength == undefined) {
if (document.requestcourse.cloning.checked == false) {
- alert("$lt{'choose'}");
+ alert("$js_lt{'choose'}");
return false;
} else {
cloneChoice = document.requestcourse.cloning.value;
@@ -4978,7 +4986,7 @@
}
}
if (cloneChoice == 0) {
- alert("$lt{'choose'}");
+ alert("$js_lt{'choose'}");
return false;
}
}
@@ -5010,12 +5018,12 @@
}
if (chosen == 0) {
if (cloneChoice == 'textbook') {
- alert("$lt{'textbook'}");
+ alert("$js_lt{'textbook'}");
} else {
if (cloneChoice == 'template') {
- alert("$lt{'template'}");
+ alert("$js_lt{'template'}");
} else {
- alert("$lt{'existing'}");
+ alert("$js_lt{'existing'}");
}
}
return false;
@@ -5023,7 +5031,7 @@
}
}
if (document.requestcourse.cdescr.value == '') {
- alert("$lt{'title'}");
+ alert("$js_lt{'title'}");
return false;
}
return true;
Index: loncom/interface/lonsupportreq.pm
diff -u loncom/interface/lonsupportreq.pm:1.78 loncom/interface/lonsupportreq.pm:1.79
--- loncom/interface/lonsupportreq.pm:1.78 Mon Jan 20 17:25:41 2014
+++ loncom/interface/lonsupportreq.pm Tue Jun 9 21:22:57 2015
@@ -1,5 +1,5 @@
#
-# $Id: lonsupportreq.pm,v 1.78 2014/01/20 17:25:41 bisitz Exp $
+# $Id: lonsupportreq.pm,v 1.79 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -116,11 +116,13 @@
my $sourceurl = $machine.$origurl;
$server = $machine.&Apache::loncommon::cleanup_html($origurl);
$server =~ s/\?.*$//;
- my %lt = &Apache::lonlocal::texthash (
+ my %js_lt = &Apache::lonlocal::texthash (
email => 'The e-mail address you entered',
notv => 'is not a valid e-mail address',
rsub => 'You must include a subject',
rdes => 'You must include a description',
+ );
+ my %html_lt = &Apache::lonlocal::texthash (
name => 'Name',
subm => 'Submit Request',
emad => 'Your e-mail address',
@@ -147,18 +149,20 @@
fini => 'Finish',
clfm => 'Clear Form',
);
+ &js_escape(\%js_lt);
+ &html_escape(\%html_lt);
my $scripttag = (<<"END");
function validate() {
if (validmail(document.logproblem.email) == false) {
- alert("$lt{'email'}: "+document.logproblem.email.value+" $lt{'notv'}.");
+ alert("$js_lt{'email'}: "+document.logproblem.email.value+" $js_lt{'notv'}.");
return;
}
if (document.logproblem.subject.value == '') {
- alert("$lt{'rsub'}.");
+ alert("$js_lt{'rsub'}.");
return;
}
if (document.logproblem.description.value == '') {
- alert("$lt{'rdes'}.");
+ alert("$js_lt{'rdes'}.");
return;
}
document.logproblem.submit();
@@ -299,7 +303,7 @@
&mt('(All fields marked with * are required.)').
'</span>'.
&Apache::lonhtmlcommon::row_closure().
- &Apache::lonhtmlcommon::row_title($lt{'name'},undef,$css[$num])."\n";
+ &Apache::lonhtmlcommon::row_title($html_lt{'name'},undef,$css[$num])."\n";
my $fullname = '';
if ((defined($lastname) && $lastname ne '') && (defined($firstname) && $firstname ne '')) {
$fullname = "$firstname $lastname";
@@ -312,13 +316,13 @@
}
$output .= '<input type="text" size="20" name="username" value="'.&HTML::Entities::encode($fullname,'"<>&').'" />'."\n";
}
- $output .= ' <input type="button" value="'.$lt{'subm'}.'" onclick="validate()" /> '.
+ $output .= ' <input type="button" value="'.$html_lt{'subm'}.'" onclick="validate()" /> '.
&Apache::lonhtmlcommon::row_closure()."\n";
$num ++;
$i = $num%2;
$output .= &Apache::lonhtmlcommon::row_title(
'<span title="'.&mt('required').'">'.
- $lt{'emad'}.' <span class="LC_info">*</span></span>'
+ $html_lt{'emad'}.' <span class="LC_info">*</span></span>'
,undef,$css[$i]).
'<input type="text" size="20" name="email" value="'.
&HTML::Entities::encode($email,'"<>&').'" /><br />'."\n".
@@ -327,61 +331,61 @@
$i = $num%2;
if (($env{'user.name'} =~ /^$match_username$/) && (!$public)) {
if ($homeserver) {
- $output .= &Apache::lonhtmlcommon::row_title($lt{'emac'},undef,$css[$i]).
+ $output .= &Apache::lonhtmlcommon::row_title($html_lt{'emac'},undef,$css[$i]).
'<input type="text" size="50" name="cc" value="" /><br />'."\n".
&Apache::lonhtmlcommon::row_closure();
$num ++;
$i = $num%2;
}
}
- $output .= &Apache::lonhtmlcommon::row_title("$lt{'unme'}/$lt{'doma'}",undef,$css[$i]);
+ $output .= &Apache::lonhtmlcommon::row_title("$html_lt{'unme'}/$html_lt{'doma'}",undef,$css[$i]);
my $udom_input = '<input type="hidden" name="udom" value="'.
&HTML::Entities::encode($udom,'"<>&').'" />'."\n";
my $uname_input = '<input type="hidden" name="uname" value="'.
&HTML::Entities::encode($uname,'"<>&').'" />'."\n";
if (($env{'user.name'} =~ /^$match_username$/) &&
($env{'user.domain'} =~ /^$match_domain$/) && (!$public)) {
- $output .= '<i>'.$lt{'unme'}.'</i>: '.$uname.' <i>'.$lt{'doma'}.'</i>: '.$udom.$udom_input.$uname_input;
+ $output .= '<i>'.$html_lt{'unme'}.'</i>: '.$uname.' <i>'.$html_lt{'doma'}.'</i>: '.$udom.$udom_input.$uname_input;
} else {
my $udomform = '';
my $unameform = '';
if (($env{'user.domain'} =~ /^$match_domain$/) && (!$public)) {
- $output .= $lt{'entu'};
+ $output .= $html_lt{'entu'};
} elsif (($env{'user.name'} =~ /^$match_username$/) && (!$public)) {
- $output .= $lt{'chdo'};
+ $output .= $html_lt{'chdo'};
} else {
- $output .= $lt{'entr'};
+ $output .= $html_lt{'entr'};
}
$output .= '<br />'."\n";
if (!$public) {
if ($env{'user.domain'} =~ /^$match_domain$/) {
- $udomform = '<i>'.$lt{'doma'}.'</i>: '.$udom.$udom_input;
+ $udomform = '<i>'.$html_lt{'doma'}.'</i>: '.$udom.$udom_input;
} elsif ($env{'user.name'} =~ /^$match_username$/) {
- $unameform = '<i>'.$lt{'unme'}.'</i>: '.$uname.' '.$uname_input;
+ $unameform = '<i>'.$html_lt{'unme'}.'</i>: '.$uname.' '.$uname_input;
}
}
if ($udomform eq '') {
- $udomform = '<i>'.$lt{'doma'}.'</i>: ';
+ $udomform = '<i>'.$html_lt{'doma'}.'</i>: ';
$udomform .= &Apache::loncommon::select_dom_form($codedom,'udom')."\n";
}
if ($unameform eq '') {
- $unameform= '<i>'.$lt{'unme'}.'</i>: <input type="text" size="20" name="uname" value="'.$uname.'" /> ';
+ $unameform= '<i>'.$html_lt{'unme'}.'</i>: <input type="text" size="20" name="uname" value="'.$uname.'" /> ';
}
$output .= $unameform.$udomform;
}
$output .= &Apache::lonhtmlcommon::row_closure();
$num ++;
$i = $num%2;
- $output .= &Apache::lonhtmlcommon::row_title("$lt{'urlp'}",undef,$css[$i]).
+ $output .= &Apache::lonhtmlcommon::row_title("$html_lt{'urlp'}",undef,$css[$i]).
$server."\n".'<input type="hidden" name="sourceurl" value="'.
&HTML::Entities::encode($sourceurl,'"<>&').'" />'."\n".
&Apache::lonhtmlcommon::row_closure().
- &Apache::lonhtmlcommon::row_title("$lt{'phon'}",undef,'LC_evenrow_value').
+ &Apache::lonhtmlcommon::row_title("$html_lt{'phon'}",undef,'LC_evenrow_value').
'<input type="text" size="15" name="phone" /><br />'."\n".
&Apache::lonhtmlcommon::row_closure();
$num ++;
$i = $num%2;
- $output .= &Apache::lonhtmlcommon::row_title("$lt{'crsd'}$details_title",undef,$css[$i]);
+ $output .= &Apache::lonhtmlcommon::row_title("$html_lt{'crsd'}$details_title",undef,$css[$i]);
if ($cnum) {
if ($coursecodes{$cnum}) {
foreach my $item (@codetitles) {
@@ -389,14 +393,14 @@
}
$output .= ' <input type="hidden" name="coursecode" value="'.&HTML::Entities::encode($coursecodes{$cnum},'"<>&').'" />'."\n";
} else {
- $output .= $lt{'enin'}.':
+ $output .= $html_lt{'enin'}.':
<input type="text" name="coursecode" size="15" value="" />'."\n";
}
} else {
if ($totcodes > 0) {
my $numtitles = @codetitles;
if ($numtitles == 0) {
- $output .= $lt{'enin'}.':
+ $output .= $html_lt{'enin'}.':
<input type="text" name="coursecode" size="15" value="" />'."\n";
} else {
my @standardnames = &Apache::loncommon::get_standard_codeitems();
@@ -406,7 +410,7 @@
}
$output .= '<table><tr><td>'.$codetitles[0].'<br />'."\n".
'<select name="'.$standardnames[0].'" onchange="courseSet('."'$codetitles[0]'".')">'."\n".
- ' <option value="-1">'.$lt{'sele'}."</option>\n";
+ ' <option value="-1">'.$html_lt{'sele'}."</option>\n";
my @items = ();
my @longitems = ();
if ($idlist{$codetitles[0]} =~ /","/) {
@@ -435,7 +439,7 @@
for (my $i=1; $i<$numtitles; $i++) {
$output .= '<td>'.$codetitles[$i].'<br />'."\n".
'<select name="'.$standardnames[$i].'" onchange="courseSet('."'$codetitles[$i]'".')">'."\n".
- '<option value="-1"><-'.$lt{'pick'}.' '.$codetitles[$i-1].'</option>'."\n".
+ '<option value="-1"><-'.$html_lt{'pick'}.' '.$codetitles[$i-1].'</option>'."\n".
'</select>'."\n".
'</td>'."\n";
}
@@ -443,30 +447,30 @@
if ($numtitles > 4) {
$output .= '<br /><br />'.$codetitles[$numtitles].'<br />'."\n".
'<select name="'.$standardnames[$numtitles].'" onchange="courseSet('."'$codetitles[$numtitles]'".')">'."\n".
- '<option value="-1"><-'.$lt{'pick'}.' '.$codetitles[$numtitles-1].'</option>'."\n".
+ '<option value="-1"><-'.$html_lt{'pick'}.' '.$codetitles[$numtitles-1].'</option>'."\n".
'</select>'."\n";
}
}
} else {
- $output .= $lt{'enin'}.':
+ $output .= $html_lt{'enin'}.':
<input type="text" name="coursecode" size="15" value="" />'."\n";
}
}
if ($ctitle) {
- $output .= '<br /><i>'.$lt{'titl'}.'</i>: '.$ctitle.
+ $output .= '<br /><i>'.$html_lt{'titl'}.'</i>: '.$ctitle.
'<input type="hidden" name="title" value="'.
&HTML::Entities::encode($ctitle,'"<>&').'" />'."\n";
} else {
- $output .= '<br />'.$lt{'enct'}.':
+ $output .= '<br />'.$html_lt{'enct'}.':
<input type="text" name="title" size="25" value="" />'."\n";
}
$output .= &Apache::lonhtmlcommon::row_closure();
$num ++;
$i = $num%2;
- $output .= &Apache::lonhtmlcommon::row_title($lt{'secn'},undef,$css[$i]);
+ $output .= &Apache::lonhtmlcommon::row_title($html_lt{'secn'},undef,$css[$i]);
if ($sectionlist) {
$output .= "<select name=\"section\"\n>".
- " <option value=\"\" selected=\"selected\">$lt{'sele'}</option>\n";
+ " <option value=\"\" selected=\"selected\">$html_lt{'sele'}</option>\n";
foreach my $id (sort(keys(%groupid))) {
if ($id eq $groupid{$id} || $groupid{$id} eq '') {
$output .= " <option value=".
@@ -475,7 +479,7 @@
} else {
$output .= " <option value=".
&HTML::Entities::encode($id,'"<>&').
- " >$id - ($lt{'lsec'}: $groupid{$id})</option>\n";
+ " >$id - ($html_lt{'lsec'}: $groupid{$id})</option>\n";
}
}
$output .= "</select>";
@@ -487,13 +491,13 @@
$i = $num%2;
$output .= &Apache::lonhtmlcommon::row_title(
'<span title="'.&mt('required').'">'.
- $lt{'subj'}.' <span class="LC_info">*</span></span>'
+ $html_lt{'subj'}.' <span class="LC_info">*</span></span>'
,undef,'LC_oddrow_value').
'<input type="text" size="40" name="subject" />'."\n".
&Apache::lonhtmlcommon::row_closure().
&Apache::lonhtmlcommon::row_title(
'<span title="'.&mt('required').'">'.
- $lt{'detd'}.' <span class="LC_info">*</span></span>'
+ $html_lt{'detd'}.' <span class="LC_info">*</span></span>'
,undef,'LC_evenrow_value').
'<textarea rows="10" cols="45" name="description" style="word-wrap:normal;">'.
'</textarea>'."\n".
@@ -502,9 +506,9 @@
$i = $num%2;
if (($env{'user.name'} =~ /^$match_username$/) && (!$public)) {
if ($homeserver) {
- $output .= &Apache::lonhtmlcommon::row_title($lt{'opfi'},undef,$css[$i]).
+ $output .= &Apache::lonhtmlcommon::row_title($html_lt{'opfi'},undef,$css[$i]).
' <input type="file" name="screenshot" size="20" /><br />'.
- "\n".$lt{'uplf'}."\n".
+ "\n".$html_lt{'uplf'}."\n".
&Apache::lonhtmlcommon::row_closure();
$num ++;
$i = $num%2;
@@ -525,17 +529,17 @@
$i = $num%2;
}
}
- $output .= &Apache::lonhtmlcommon::row_title($lt{'fini'},undef,$css[$i]);
+ $output .= &Apache::lonhtmlcommon::row_title($html_lt{'fini'},undef,$css[$i]);
$output .= <<END;
<table border="0" cellpadding="8" cellspacing="0">
<tr>
<td>
<input type="hidden" name="command" value="process" />
- <input type="button" value="$lt{'subm'}" onclick="validate()" />
+ <input type="button" value="$html_lt{'subm'}" onclick="validate()" />
</td>
<td> </td>
<td>
- <input type="reset" value="$lt{'clfm'}" />
+ <input type="reset" value="$html_lt{'clfm'}" />
</td>
</tr>
</table>
Index: loncom/interface/lonsyllabus.pm
diff -u loncom/interface/lonsyllabus.pm:1.137 loncom/interface/lonsyllabus.pm:1.138
--- loncom/interface/lonsyllabus.pm:1.137 Tue Jun 17 23:22:14 2014
+++ loncom/interface/lonsyllabus.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Syllabus
#
-# $Id: lonsyllabus.pm,v 1.137 2014/06/17 23:22:14 raeburn Exp $
+# $Id: lonsyllabus.pm,v 1.138 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -580,6 +580,7 @@
my $checkedstr = "var include = new Array('".join("','", at checked)."');";
my $uncheckedstr = "var exclude = new Array('".join("','", at unchecked)."');";
my $invurl = &mt('Invalid URL');
+ &js_escape(\$invurl);
my $urlregexp = <<'ENDREGEXP';
/^([a-z]([a-z]|\d|\+|-|\.)*):(\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?((\[(|(v[\da-f]{1,}\.(([a-z]|\d|-|\.|_|~)|[!\$&'\(\)\*\+,;=]|:)+))\])|((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=])*)(:\d*)?)(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*|(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|!
@)*)*)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)){0})(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i
ENDREGEXP
@@ -1627,11 +1628,12 @@
}
sub editbutton_js {
- my %lt = &Apache::lonlocal::texthash(
+ my %js_lt = &Apache::lonlocal::texthash(
min => 'Are you sure you want to delete the contents of the syllabus template?',
file => 'Are you sure you want to delete the uploaded syllabus file?',
noundo => 'This action cannot be reversed.'
);
+ &js_escape(\%js_lt);
return <<ENDJS;
<script type="text/javascript">
// <![CDATA[
@@ -1642,12 +1644,12 @@
if (document.getElementById('deleteuploaded_'+caller)) {
document.getElementById('deleteuploaded_'+caller).value=1;
if (caller == 'minimal') {
- if (confirm("$lt{'min'}"+"\\n"+"$lt{'noundo'}")) {
+ if (confirm("$js_lt{'min'}"+"\\n"+"$js_lt{'noundo'}")) {
document.syllabus.submit();
}
}
if (caller == 'file') {
- if (confirm("$lt{'file'}"+"\\n"+"$lt{'noundo'}")) {
+ if (confirm("$js_lt{'file'}"+"\\n"+"$js_lt{'noundo'}")) {
document.syllabus.submit();
}
}
Index: loncom/interface/lonuserutils.pm
diff -u loncom/interface/lonuserutils.pm:1.169 loncom/interface/lonuserutils.pm:1.170
--- loncom/interface/lonuserutils.pm:1.169 Mon Dec 15 01:11:49 2014
+++ loncom/interface/lonuserutils.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.169 2014/12/15 01:11:49 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.170 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -450,6 +450,7 @@
if (($mode eq 'upload') && ($context eq 'domain')) {
$alert{'inststatus'} = &mt('The optional affiliation field was not specified');
}
+ &js_escape(\%alert);
my $function_name = <<"END";
$setsections_js
@@ -642,8 +643,9 @@
$numbuttons ++;
}
if (!$can_assign->{'int'}) {
- my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.').'\n'.
+ my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.')."\n".
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -781,6 +783,7 @@
if (!$can_assign->{'int'}) {
my $warning = &mt('You may not specify an initial password, as this is only available when new users use LON-CAPA internal authentication.\n').
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -3173,6 +3176,10 @@
my $noaction = &mt("You need to select an action to take for the user(s) you have selected");
my $singconfirm = &mt(' for a single user?');
my $multconfirm = &mt(' for multiple users?');
+ &js_escape(\$alert);
+ &js_escape(\$noaction);
+ &js_escape(\$singconfirm);
+ &js_escape(\$multconfirm);
my $output = <<"ENDJS";
function verify_action (field) {
var numchecked = 0;
@@ -5215,18 +5222,25 @@
sub section_check_js {
my $groupslist= &get_groupslist();
+ my %js_lt = &Apache::lonlocal::texthash(
+ mayn => 'may not be used as the name for a section, as it is a reserved word.',
+ plch => 'Please choose a different section name.',
+ mnot => 'may not be used as a section name, as it is the name of a course group.',
+ secn => 'Section names and group names must be distinct. Please choose a different section name.',
+ );
+ &js_escape(\%js_lt);
return <<"END";
function validate(caller) {
var groups = new Array($groupslist);
var secname = caller.value;
if ((secname == 'all') || (secname == 'none')) {
- alert("'"+secname+"' may not be used as the name for a section, as it is a reserved word.\\nPlease choose a different section name.");
+ alert("'"+secname+"' $js_lt{'mayn'}\\n$js_lt{'plch'}");
return 'error';
}
if (secname != '') {
for (var k=0; k<groups.length; k++) {
if (secname == groups[k]) {
- alert("'"+secname+"' may not be used as the name for a section, as it is the name of a course group.\\nSection names and group names must be distinct. Please choose a different section name.");
+ alert("'"+secname+"' $js_lt{'mnot'}\\n$js_lt{'secn'}");
return 'error';
}
}
@@ -5385,7 +5399,8 @@
mnot => 'may not be used as a section name, as it is the name of a course group.',
secn => 'Section names and group names must be distinct. Please choose a different section name.',
nonw => 'Section names may only contain letters or numbers.',
- );
+ );
+ &js_escape(\%alerts);
$setsection_js .= <<"ENDSECCODE";
function setSections(formname,crstype) {
@@ -6022,6 +6037,7 @@
thwa => 'There was a problem with your course selection',
thwc => 'There was a problem with your community selection',
);
+ &js_escape(\%alerts);
return %alerts;
}
@@ -6032,6 +6048,7 @@
krb => 'You need to specify the Kerberos domain.',
ipass => 'You need to specify the initial password.',
);
+ &js_escape(\%alerts);
return %alerts;
}
Index: loncom/interface/lonwishlist.pm
diff -u loncom/interface/lonwishlist.pm:1.24 loncom/interface/lonwishlist.pm:1.25
--- loncom/interface/lonwishlist.pm:1.24 Sat Dec 20 15:35:40 2014
+++ loncom/interface/lonwishlist.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility-routines for wishlist
#
-# $Id: lonwishlist.pm,v 1.24 2014/12/20 15:35:40 raeburn Exp $
+# $Id: lonwishlist.pm,v 1.25 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -536,12 +536,16 @@
' Paths to LON-CAPA resources must be of the form /res/domain/user/...'.
' Paths to external websites must contain the network protocol, e.g. http://...');
my $warningLinkNotAllowed2 = &mt('The following link is not allowed:').' ';
- my $warningLink = &mt('You must insert a title and a path!');
- my $warningFolder = &mt('You must insert a title!');
my $warningDelete = &mt('Are you sure you want to delete the selected entries? Deleting a folder also deletes all entries within this folder!');
my $warningSave = &mt('You have unsaved changes. You can either save these changes now by clicking "OK" or click "Cancel" if you do not want to save your changes.');
my $warningMoveS = &mt('You must select at minimum one entry to move!');
my $warningMoveD = &mt('You must select a destination folder!');
+ &js_escape(\$warningLinkNotAllowed1);
+ &js_escape(\$warningLinkNotAllowed2);
+ &js_escape(\$warningDelete);
+ &js_escape(\$warningSave);
+ &js_escape(\$warningMoveS);
+ &js_escape(\$warningMoveD);
$foldersOption = '';
my $js = &Apache::lonhtmlcommon::scripttag(<<JAVASCRIPT);
@@ -1661,6 +1665,8 @@
' or to external websites.'.
' Paths to LON-CAPA resources must be of the form /res/domain/user/...'.
' Paths to external websites must contain the network protocol, e.g. http://...');
+ &js_escape(\$warningLink);
+ &js_escape(\$warningLinkNotAllowed1);
my $inPageWishlistlink1 = '<h1>'.&mt('Save to Stored Links').'</h1>';
# If no title is delivered, 'New Link' is called up from the wishlist-interface, so after
@@ -1764,7 +1770,7 @@
'bgcolor' => '#FFFFFF',});
my $warningFolder = &mt('You must insert a title!');
-
+ &js_escape(\$warningFolder);
my $inPageNewFolder = '<h1>'.&mt('New Folder').'</h1>'.
'<form method="post" name="newfolder" action="/adm/wishlist" target="wishlist" '.
Index: loncom/interface/selfenroll.pm
diff -u loncom/interface/selfenroll.pm:1.31 loncom/interface/selfenroll.pm:1.32
--- loncom/interface/selfenroll.pm:1.31 Sun Apr 6 14:11:01 2014
+++ loncom/interface/selfenroll.pm Tue Jun 9 21:22:57 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Allow users to self-enroll in a course
#
-# $Id: selfenroll.pm,v 1.31 2014/04/06 14:11:01 raeburn Exp $
+# $Id: selfenroll.pm,v 1.32 2015/06/09 21:22:57 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -221,7 +221,8 @@
if ($sso_url eq '') {
$sso_url = $login_path;
}
- $missing_formitem = &mt('The link to the requested page could not be followed.')."\\n".&mt('The placeholder for the courseID is absent.');
+ $missing_formitem = &mt('The link to the requested page could not be followed.')."\n".&mt('The placeholder for the courseID is absent.');
+ &js_escape(\$missing_formitem);
if ($knownuser) {
if (keys(%curr_role)) {
$r->print('<h3>'.&mt('Self-enrollment unavailable').'</h3>'.
Index: loncom/interface/statistics/lonstathelpers.pm
diff -u loncom/interface/statistics/lonstathelpers.pm:1.73 loncom/interface/statistics/lonstathelpers.pm:1.74
--- loncom/interface/statistics/lonstathelpers.pm:1.73 Fri Feb 28 19:20:17 2014
+++ loncom/interface/statistics/lonstathelpers.pm Tue Jun 9 21:23:02 2015
@@ -1,6 +1,6 @@
# The LearningOnline Network with CAPA
#
-# $Id: lonstathelpers.pm,v 1.73 2014/02/28 19:20:17 bisitz Exp $
+# $Id: lonstathelpers.pm,v 1.74 2015/06/09 21:23:02 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -286,7 +286,8 @@
END
if (ref($anoncounter) eq 'HASH') {
if (keys(%{$anoncounter}) > 0) {
- my $anonwarning = &mt('Your selection includes both problems with and without anonymous submissions.').'\n'.&mt('You must select either only anonymous or only named problems.').'\n\n'.&mt('If a selection contains both anonymous and named parts,[_1]use the Anonymous/Named buttons to ensure selections will be either all anonymous[_1]or all named.','\n');
+ my $anonwarning = &mt('Your selection includes both problems with and without anonymous submissions.')."\n".&mt('You must select either only anonymous or only named problems.')."\n\n".&mt('If a selection contains both anonymous and named parts,[_1]use the Anonymous/Named buttons to ensure selections will be either all anonymous[_1]or all named.',"\n");
+ &js_escape(\$anonwarning);
$checkanonjs = <<"END";
<script type="text/javascript" language="JavaScript">
Index: loncom/localize/lonlocal.pm
diff -u loncom/localize/lonlocal.pm:1.65 loncom/localize/lonlocal.pm:1.66
--- loncom/localize/lonlocal.pm:1.65 Thu Dec 11 01:47:25 2014
+++ loncom/localize/lonlocal.pm Tue Jun 9 21:23:15 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Localization routines
#
-# $Id: lonlocal.pm,v 1.65 2014/12/11 01:47:25 raeburn Exp $
+# $Id: lonlocal.pm,v 1.66 2015/06/09 21:23:15 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -171,7 +171,7 @@
require Exporter;
our @ISA = qw (Exporter);
-our @EXPORT = qw(mt mtn ns mt_user);
+our @EXPORT = qw(mt mtn ns mt_user js_escape html_escape);
my %mtcache=();
@@ -575,6 +575,79 @@
$$str_ref =~s/([\[\]])/~$1/g;
}
+=pod
+
+=item * js_escape
+
+js_escape takes a string, string reference or hash reference,
+and escapes the values so that they can be used within a <script> element.
+It replaces all instances of \ by \\, ' by \', " by \" and \n by \\n.
+It is typically used with localized strings, which might contain quotes.
+
+=cut
+
+sub js_escape {
+ my ($v) = @_;
+ my $ref = ref($v);
+ if ($ref eq 'SCALAR') {
+ $$v =~ s/\\/\\\\/g;
+ $$v =~ s/'/\\'/g;
+ $$v =~ s/"/\\"/g;
+ $$v =~ s/\n/\\n/g;
+ } elsif ($ref eq 'HASH') {
+ foreach my $key (keys %$v) {
+ $v->{$key} =~ s/\\/\\\\/g;
+ $v->{$key} =~ s/'/\\'/g;
+ $v->{$key} =~ s/"/\\"/g;
+ $v->{$key} =~ s/\n/\\n/g;
+ }
+ } else {
+ $v =~ s/\\/\\\\/g;
+ $v =~ s/'/\\'/g;
+ $v =~ s/"/\\"/g;
+ $v =~ s/\n/\\n/g;
+ return $v;
+ }
+}
+
+=pod
+
+=item * html_escape
+
+js_escape takes a string, string reference or hash reference,
+and escapes the values so that they can be used as HTML.
+It encodes <, >, &, ' and ".
+
+=cut
+
+sub html_escape {
+ my ($v) = @_;
+ my $ref = ref($v);
+ if ($ref eq 'SCALAR') {
+ $$v =~ s/&/&/g;
+ $$v =~ s/</</g;
+ $$v =~ s/>/>/g;
+ $$v =~ s/'/'/g;
+ $$v =~ s/"/"/g;
+ } elsif ($ref eq 'HASH') {
+ foreach my $key (keys %$v) {
+ $v->{$key} =~ s/&/&/g;
+ $v->{$key} =~ s/</</g;
+ $v->{$key} =~ s/>/>/g;
+ $v->{$key} =~ s/'/'/g;
+ $v->{$key} =~ s/"/"/g;
+ }
+ } else {
+ $v =~ s/&/&/g;
+ $v =~ s/</</g;
+ $v =~ s/>/>/g;
+ $v =~ s/'/'/g;
+ $v =~ s/"/"/g;
+ return $v;
+ }
+ # NOTE: we could also turn \n into <br> if needed
+}
+
=pod
=item * choose_language
Index: loncom/publisher/lonpubmenu.pm
diff -u loncom/publisher/lonpubmenu.pm:1.6 loncom/publisher/lonpubmenu.pm:1.7
--- loncom/publisher/lonpubmenu.pm:1.6 Thu Feb 26 16:10:49 2009
+++ loncom/publisher/lonpubmenu.pm Tue Jun 9 21:23:27 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Construction Space Buttons for Top Frame
#
-# $Id: lonpubmenu.pm,v 1.6 2009/02/26 16:10:49 schafran Exp $
+# $Id: lonpubmenu.pm,v 1.7 2015/06/09 21:23:27 damieng Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -34,10 +34,13 @@
sub handler {
my $r = shift;
- my %lt=&Apache::lonlocal::texthash(
+ my %js_lt=&Apache::lonlocal::texthash(
cnpd => 'Cannot publish directory',
cnrd => 'Cannot retrieve directory',
mcdi => 'Must create new subdirectory inside a directory',
+ );
+ &js_escape(\%js_lt);
+ my %html_lt=&Apache::lonlocal::texthash(
pubr => 'Publish this Resource',
pubd => 'Publish this Directory',
rtrv => 'Retrieve Old Version',
@@ -63,6 +66,7 @@
go => 'Go',
prnt => 'Print'
);
+ &html_escape(\%html_lt);
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['disp']);
my $disp = $env{'form.disp'};
# set defaults for parent directory in case frameloc is unable to determine directory
@@ -121,7 +125,7 @@
if ((document.fileaction.filename.value.charAt(
document.fileaction.filename.value.length-1)!='/') &&
(document.fileaction.filename.value.indexOf('/adm/pubdir')==-1)) {
- alert('$lt{'mcdi'}');
+ alert('$js_lt{'mcdi'}');
return;
}
}
@@ -208,7 +212,7 @@
(document.publisher.filename.value.indexOf('/adm/pubdir')==-1)) {
document.publisher.submit();
} else {
- alert('$lt{'cnpd'}');
+ alert('$js_lt{'cnpd'}');
}
}
@@ -219,7 +223,7 @@
(document.rpublisher.filename.value.indexOf('/adm/pubdir')==-1)) {
document.rpublisher.submit();
} else {
- alert('$lt{'cnrd'}');
+ alert('$js_lt{'cnrd'}');
}
}
@@ -245,14 +249,14 @@
<form name="publishdir" action="/adm/publish" target="_parent" method="post">
<input type="hidden" name="filename" value="" />
<input type="hidden" name="forcerepub" value="NO" />
- <input type="button" value="'.$lt{'pubd'}.'" onclick="getdirname();" />
+ <input type="button" value="'.$html_lt{'pubd'}.'" onclick="getdirname();" />
</form>
');
} else {
$r->print('
<form name="publisher" action="/adm/publish" target="_parent" method="post">
<input type="hidden" name="filename" value="" />
- <input type="button" value="'.$lt{'pubr'}.'" onclick="getfilename();" />
+ <input type="button" value="'.$html_lt{'pubr'}.'" onclick="getfilename();" />
</form>
');
}
@@ -262,7 +266,7 @@
<td bgcolor="#ccddaa" align="center">
<form name="dpublisher" action="/adm/pubdir" target="LONCAPAToBePublished" method="post">
<input type="hidden" name="filename" value="" />
- <input type="button" value="$lt{'list'}" onclick="getdfilename();" />
+ <input type="button" value="$html_lt{'list'}" onclick="getdfilename();" />
</form>
</td>
<td bgcolor="#ccddaa" valign="top" align="center">
@@ -270,7 +274,7 @@
method="post" enctype="multipart/form-data">
<input type="hidden" name="filename" value="" />
<input type="file" name="upfile" size="20" />
- <input type="button" value="$lt{'uplo'}" onclick="getufilename();" />
+ <input type="button" value="$html_lt{'uplo'}" onclick="getufilename();" />
</form>
</td>
<td rowspan="2" bgcolor="#ccddaa" align="center">
@@ -278,7 +282,7 @@
<input type="hidden" name="postdata" value="" />
<input type="hidden" name="curseed" value="" />
<input type="hidden" name="problemtype" value="" />
- <input type="button" value="$lt{'prnt'}" onclick="getpostdata();" />
+ <input type="button" value="$html_lt{'prnt'}" onclick="getpostdata();" />
</form>
</td>
</tr>
@@ -291,13 +295,13 @@
<input type="hidden" name="filename" value="" />
<input type="hidden" name="forcerepub" value="NO" />
<input type="hidden" name="pubrec" value="1" />
- <input type="button" value="$lt{'pubs'}" onclick="getsubdirname();" />
+ <input type="button" value="$html_lt{'pubs'}" onclick="getsubdirname();" />
</form>
</td>
<td bgcolor="#ccddaa">
<form name="editcat" action="/adm/cfile" target="_parent" method="post">
<input type="hidden" name="filename" value="" />
- <input type="button" value="$lt{'edit'}" onclick="geteditcat();" />
+ <input type="button" value="$html_lt{'edit'}" onclick="geteditcat();" />
</form>
</td>
ENDDIR
@@ -306,14 +310,14 @@
<td bgcolor="#ccddaa" align="center">
<form name="rpublisher" action="/adm/retrieve" target="_parent" method="post">
<input type="hidden" name="filename" value="" />
- <input type="button" value="$lt{'rtrv'}" onclick="getrfilename();" />
+ <input type="button" value="$html_lt{'rtrv'}" onclick="getrfilename();" />
</form>
</td>
<td bgcolor="#ccddaa">
<form name="del" action="/adm/cfile" target="_parent" method="post">
<input type="hidden" name="filename" value="" />
<input type="hidden" name="action" value="delete" />
- <input type="button" value="$lt{'dele'}" onclick="getdelfilename();" />
+ <input type="button" value="$html_lt{'dele'}" onclick="getdelfilename();" />
</form>
</td>
ENDFILE
@@ -324,26 +328,26 @@
<nobr>
<input type="hidden" name="filename" value="" />
<select name="action">
- <option value="Select Action">$lt{'sela'}</option>
- <option value="newfile">$lt{'nfil'}:</option>
- <option value="newhtmlfile">$lt{'nhtm'}:</option>
- <option value="newproblemfile">$lt{'nprb'}:</option>
- <option value="newpagefile">$lt{'npag'}:</option>
- <option value="newsequencefile">$lt{'nseq'}:</option>
- <option value="newrightsfile">$lt{'ncrf'}:</option>
- <option value="newstyfile">$lt{'nsty'}:</option>
- <option value="newlibraryfile">$lt{'nlib'}:</option>
- <option value="newdir">$lt{'nsub'}:</option>
+ <option value="Select Action">$html_lt{'sela'}</option>
+ <option value="newfile">$html_lt{'nfil'}:</option>
+ <option value="newhtmlfile">$html_lt{'nhtm'}:</option>
+ <option value="newproblemfile">$html_lt{'nprb'}:</option>
+ <option value="newpagefile">$html_lt{'npag'}:</option>
+ <option value="newsequencefile">$html_lt{'nseq'}:</option>
+ <option value="newrightsfile">$html_lt{'ncrf'}:</option>
+ <option value="newstyfile">$html_lt{'nsty'}:</option>
+ <option value="newlibraryfile">$html_lt{'nlib'}:</option>
+ <option value="newdir">$html_lt{'nsub'}:</option>
ENDOPTIONS
if ($disp ne 'dir') {
$r->print(<<"ENDPROBOPS");
- <option value="rename">$lt{'renm'}:</option>
- <option value="move">$lt{'move'}:</option>
- <option value="copy">$lt{'copy'}:</option>
+ <option value="rename">$html_lt{'renm'}:</option>
+ <option value="move">$html_lt{'move'}:</option>
+ <option value="copy">$html_lt{'copy'}:</option>
ENDPROBOPS
}
$r->print(<<"ENDPAGE");
- </select> <input type="text" name="newfilename" value="$lt{'type'}" onfocus="if (this.value == '$lt{'type'}') this.value=''" /> <input type="button" value="$lt{'go'}" onclick="getactionfilename();" />
+ </select> <input type="text" name="newfilename" value="$html_lt{'type'}" onfocus="if (this.value == '$html_lt{'type'}') this.value=''" /> <input type="button" value="$html_lt{'go'}" onclick="getactionfilename();" />
</nobr>
</form>
</td>
More information about the LON-CAPA-cvs
mailing list