/** * Update an existing user record * @access public * @param testID, title, description * @return user id, if successful * false and add error into global var $msg, if unsuccessful * @author Cindy Qi Li */ public function Update($testID, $title, $description) { global $addslashes; $title = Utility::validateLength($addslashes(trim($title)), 100); $description = $addslashes(trim($description)); if ($this->isFieldsValid($title)) { $sql = "UPDATE " . TABLE_PREFIX . "tests " . "SET title='{$title}', \n\t\t\t description='{$description}' \n\t\t\t WHERE test_id={$testID}"; return $this->execute($sql); } }
foreach ($this->categories as $category) { ?> <option value="<?php echo $category['category_id']; ?> " <?php if ($_GET['catid'] == $category['category_id']) { echo 'selected'; } ?> title="<?php echo $category['category_name']; ?> "> <?php echo Utility::validateLength($category['category_name'], TR_MAX_LAN_CATEGORY_NAME, 1); ?> </option> <?php } ?> <option value="0" <?php if ($_GET['catid'] == 0 && $_GET['catid'] != '') { echo 'selected'; } ?> ><?php echo _AT('cats_uncategorized'); ?> </option> </select>
function importQTI($_POST) { require_once TR_INCLUDE_PATH . 'classes/DAO/DAO.class.php'; require_once TR_INCLUDE_PATH . 'classes/Utility.class.php'; global $msg, $db, $_course_id; // $_POST = $this->_POST; if ($_POST['question'] == '') { $msg->addError(array('EMPTY_FIELDS', _AT('question'))); } //Multiple answer can have 0+ answers, in the QTIImport.class, if size(answer) < 2, answer will be came a scalar. //The following code will change $_POST[answer] back to a vector. $_POST['answer'] = $_POST['answers']; if (!$msg->containsErrors()) { $choice_new = array(); // stores the non-blank choices $answer_new = array(); // stores the associated "answer" for the choices foreach ($_POST['choice'] as $choiceNum => $choiceOpt) { $choiceOpt = Utility::validateLength($choiceOpt, 255); $choiceOpt = trim($choiceOpt); $_POST['answer'][$choiceNum] = intval($_POST['answer'][$choiceNum]); if ($choiceOpt == '') { /* an empty option can't be correct */ $_POST['answer'][$choiceNum] = 0; } else { /* filter out empty choices/ remove gaps */ $choice_new[] = $choiceOpt; if (in_array($choiceNum, $_POST['answer'])) { $answer_new[] = 1; } else { $answer_new[] = 0; } if ($_POST['answer'][$choiceNum] != 0) { $has_answer = TRUE; } } } if ($has_answer != TRUE) { $hidden_vars['required'] = htmlspecialchars($_POST['required']); $hidden_vars['feedback'] = htmlspecialchars($_POST['feedback']); $hidden_vars['question'] = htmlspecialchars($_POST['question']); $hidden_vars['category_id'] = htmlspecialchars($_POST['category_id']); for ($i = 0; $i < count($choice_new); $i++) { $hidden_vars['answer[' . $i . ']'] = htmlspecialchars($answer_new[$i]); $hidden_vars['choice[' . $i . ']'] = htmlspecialchars($choice_new[$i]); } $msg->addConfirm('NO_ANSWER', $hidden_vars); } else { //add slahes throughout - does that fix it? $_POST['answer'] = $answer_new; $_POST['choice'] = $choice_new; $_POST['answer'] = array_pad($_POST['answer'], 10, 0); $_POST['choice'] = array_pad($_POST['choice'], 10, ''); // $_POST['feedback'] = $addslashes($_POST['feedback']); // $_POST['question'] = $addslashes($_POST['question']); $sql_params = array($_POST['category_id'], $_course_id, $_POST['feedback'], $_POST['question'], $_POST['choice'][0], $_POST['choice'][1], $_POST['choice'][2], $_POST['choice'][3], $_POST['choice'][4], $_POST['choice'][5], $_POST['choice'][6], $_POST['choice'][7], $_POST['choice'][8], $_POST['choice'][9], $_POST['answer'][0], $_POST['answer'][1], $_POST['answer'][2], $_POST['answer'][3], $_POST['answer'][4], $_POST['answer'][5], $_POST['answer'][6], $_POST['answer'][7], $_POST['answer'][8], $_POST['answer'][9]); $sql = vsprintf(TR_SQL_QUESTION_MULTIANSWER, $sql_params); // $result = mysql_query($sql, $db); // if ($result==true){ $dao = new DAO(); if ($dao->execute($sql)) { return mysql_insert_id(); } } } }
} if (!$msg->containsErrors()) { $_POST['question'] = $addslashes($_POST['question']); $_POST['feedback'] = $addslashes($_POST['feedback']); $choice_new = array(); // stores the non-blank choices $answer_new = array(); // stores the non-blank answers $order = 0; // order count for ($i = 0; $i < 10; $i++) { /** * Db defined it to be 255 length, chop strings off it it's less than that * @harris */ $_POST['choice'][$i] = Utility::validateLength($_POST['choice'][$i], 255); $_POST['choice'][$i] = $addslashes(trim($_POST['choice'][$i])); if ($_POST['choice'][$i] != '') { /* filter out empty choices/ remove gaps */ $choice_new[] = $_POST['choice'][$i]; $answer_new[] = $order++; } } $_POST['choice'] = array_pad($choice_new, 10, ''); $answer_new = array_pad($answer_new, 10, 0); $sql = "UPDATE " . TABLE_PREFIX . "tests_questions SET\n\t\t\tcategory_id={$_POST['category_id']},\n\t\t\tfeedback='{$_POST['feedback']}',\n\t\t\tquestion='{$_POST['question']}',\n\t\t\tchoice_0='{$_POST[choice][0]}',\n\t\t\tchoice_1='{$_POST[choice][1]}',\n\t\t\tchoice_2='{$_POST[choice][2]}',\n\t\t\tchoice_3='{$_POST[choice][3]}',\n\t\t\tchoice_4='{$_POST[choice][4]}',\n\t\t\tchoice_5='{$_POST[choice][5]}',\n\t\t\tchoice_6='{$_POST[choice][6]}',\n\t\t\tchoice_7='{$_POST[choice][7]}',\n\t\t\tchoice_8='{$_POST[choice][8]}',\n\t\t\tchoice_9='{$_POST[choice][9]}',\n\t\t\tanswer_0={$answer_new['0']},\n\t\t\tanswer_0={$answer_new['1']},\n\t\t\tanswer_0={$answer_new['2']},\n\t\t\tanswer_0={$answer_new['3']},\n\t\t\tanswer_0={$answer_new['4']},\n\t\t\tanswer_0={$answer_new['5']},\n\t\t\tanswer_0={$answer_new['6']},\n\t\t\tanswer_0={$answer_new['7']},\n\t\t\tanswer_0={$answer_new['8']},\n\t\t\tanswer_0={$answer_new['9']}\n\n\t\t\tWHERE question_id={$_POST['qid']}"; if ($testsQuestionsDAO->execute($sql)) { $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); if ($_POST['tid']) { header('Location: questions.php?tid=' . $_POST['tid'] . '&_course_id=' . $_course_id); } else {
//ouput questions $rows = $testsQuestionsDAO->getByCourseIDAndCategoryID($_course_id, $cat['category_id']); if (is_array($rows)) { $question_flag = TRUE; echo '<tr>'; echo '<th colspan="' . $cols . '">'; echo '<input type="checkbox" name="cat' . $cat['category_id'] . '" id="cat' . $cat['category_id'] . '" onclick="javascript:selectCat(' . $cat['category_id'] . ', this);" /><label for="cat' . $cat['category_id'] . '">' . $cat['title'] . '</label>'; echo '</th>'; echo '</tr>'; foreach ($rows as $row) { echo '<tr onmousedown="document.form[\'q' . $row['question_id'] . '\'].checked = !document.form[\'q' . $row['question_id'] . '\'].checked; togglerowhighlight(this, \'q' . $row['question_id'] . '\');" id="rq' . $row['question_id'] . '">'; echo '<td>'; echo '<input type="checkbox" value="' . $row['question_id'] . '|' . $row['type'] . '" name="questions[' . $cat['category_id'] . '][]" id="q' . $row['question_id'] . '" onmouseup="this.checked=!this.checked" /></td>'; echo '<td>'; echo '<a title="' . htmlentities_utf8($row[question], ENT_QUOTES, 'UTF-8') . '">'; echo AT_print(htmlentities_utf8(Utility::validateLength($row['question'], 100, 1), ENT_QUOTES, 'UTF-8'), 'tests_questions.question'); echo '</a>'; echo '</td>'; echo '<td>'; $o = TestQuestions::getQuestion($row['type']); $o->printName(); echo '</td>'; echo '</tr>'; } } } if (!$question_flag) { echo '<tr><td colspan="' . $cols . '">' . _AT('none_found') . '</td></tr>'; } ?> </tbody>