--- loncom/homework/edit.pm 2005/04/07 06:56:21 1.92
+++ loncom/homework/edit.pm 2005/06/07 01:33:19 1.93
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# edit mode helpers
#
-# $Id: edit.pm,v 1.92 2005/04/07 06:56:21 albertel Exp $
+# $Id: edit.pm,v 1.93 2005/06/07 01:33:19 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -654,12 +654,12 @@ sub select_arg {
foreach my $option (@$list) {
my ($text,$value);
if ( ref($option) eq 'ARRAY') {
- $value='value="'.$$option[0].'"';
+ $value='value="'.&HTML::Entities::encode($$option[0]).'"';
$text=$$option[1];
$option=$$option[0];
} else {
$text=$option;
- $value='value="'.$option.'"';
+ $value='value="'.&HTML::Entities::encode($option,'\'"&<>').'"';
}
if ( $selected eq $option ) {
$optionlist.="\n";
@@ -683,12 +683,12 @@ sub select_or_text_arg {
foreach my $option (@$list) {
my ($text,$value);
if ( ref($option) eq 'ARRAY') {
- $value='value="'.$$option[0].'"';
+ $value='value="'.&HTML::Entities::encode($$option[0]).'"';
$text=$$option[1];
$option=$$option[0];
} else {
$text=$option;
- $value='value="'.$option.'"';
+ $value='value="'.&HTML::Entities::encode($option,'\'"&<>').'"';
}
if ( $selected eq $option ) {
$optionlist.="\n";