--- loncom/homework/grades.pm 2012/01/02 05:15:46 1.669 +++ loncom/homework/grades.pm 2017/05/19 19:25:05 1.740 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # The LON-CAPA Grading handler # -# $Id: grades.pm,v 1.669 2012/01/02 05:15:46 raeburn Exp $ +# $Id: grades.pm,v 1.740 2017/05/19 19:25:05 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -54,6 +54,7 @@ use POSIX qw(floor); my %perm=(); +my %old_essays=(); # These variables are used to recover from ssi errors @@ -202,6 +203,7 @@ sub get_display_part { sub reset_caches { &reset_analyze_cache(); &reset_perm(); + &reset_old_essays(); } { @@ -328,6 +330,8 @@ sub cleanRecord { my $grayFont = ''; if ($response =~ /^(option|rank)$/) { my %answer=&Apache::lonnet::str2hash($answer); + my @answer = %answer; + %answer = map {&HTML::Entities::encode($_, '"<>&')} @answer; my %grading=&Apache::lonnet::str2hash($record->{$version."resource.$partid.$respid.submissiongrading"}); my ($toprow,$bottomrow); foreach my $foil (@$order) { @@ -344,6 +348,8 @@ sub cleanRecord { $bottomrow.''; } elsif ($response eq 'match') { my %answer=&Apache::lonnet::str2hash($answer); + my @answer = %answer; + %answer = map {&HTML::Entities::encode($_, '"<>&')} @answer; my %grading=&Apache::lonnet::str2hash($record->{$version."resource.$partid.$respid.submissiongrading"}); my @items=&Apache::lonnet::str2array($record->{$version."resource.$partid.$respid.submissionitems"}); my ($toprow,$middlerow,$bottomrow); @@ -366,6 +372,8 @@ sub cleanRecord { $bottomrow.''; } elsif ($response eq 'radiobutton') { my %answer=&Apache::lonnet::str2hash($answer); + my @answer = %answer; + %answer = map {&HTML::Entities::encode($_, '"<>&')} @answer; my ($toprow,$bottomrow); my $correct = &get_radiobutton_correct_foil($partid,$respid,$symb,$uname,$udom,$type,$trial,$rndseed); @@ -398,10 +406,11 @@ sub cleanRecord { $env{'form.kwstyle'} = $keyhash{$loginuser.'_kwstyle'} ne '' ? $keyhash{$loginuser.'_kwstyle'} : ''; $env{'form.'.$symb} = 1; # so that we don't have to read it from disk for multiple sub of the same prob. } - $answer =~ s-\n-
-g; return '

'.&keywords_highlight($answer).'
'; + } elsif ( $response eq 'organic') { - my $result='Smile representation: "'.$answer.'"'; + my $result=&mt('Smile representation: [_1]', + '"'.&HTML::Entities::encode($answer, '"<>&').'"'); my $jme=$record->{$version."resource.$partid.$respid.molecule"}; $result.=&Apache::chemresponse::jme_img($jme,$answer,400); return $result; @@ -435,12 +444,14 @@ sub cleanRecord { $result.=''; return $result; } - } elsif ( $response =~ m/(?:numerical|formula)/) { + } elsif ( $response =~ m/(?:numerical|formula|custom)/) { + # Respect multiple input fields, see Bug #5409 $answer = &Apache::loncommon::format_previous_attempt_value('submission', $answer); + return $answer; } - return $answer; + return &HTML::Entities::encode($answer, '"<>&'); } #-- A couple of common js functions @@ -681,7 +692,11 @@ sub compute_points { # sub most_similar { - my ($uname,$udom,$uessay,$old_essays)=@_; + my ($uname,$udom,$symb,$uessay)=@_; + + unless ($symb) { return ''; } + + unless (ref($old_essays{$symb}) eq 'HASH') { return ''; } # ignore spaces and punctuation @@ -698,11 +713,11 @@ sub most_similar { my $scrsid=''; my $sessay=''; # go through all essays ... - foreach my $tkey (keys(%$old_essays)) { + foreach my $tkey (keys(%{$old_essays{$symb}})) { my ($tname,$tdom,$tcrsid)=map {&unescape($_)} (split(/\./,$tkey)); # ... except the same student next if (($tname eq $uname) && ($tdom eq $udom)); - my $tessay=$old_essays->{$tkey}; + my $tessay=$old_essays{$symb}{$tkey}; $tessay=~s/\W+/ /gs; # String similarity gives up if not even limit my $tsimilar=&String::Similarity::similarity($uessay,$tessay,$limit); @@ -712,7 +727,7 @@ sub most_similar { $sname=$tname; $sdom=$tdom; $scrsid=$tcrsid; - $sessay=$old_essays->{$tkey}; + $sessay=$old_essays{$symb}{$tkey}; } } if ($limit>0.6) { @@ -730,7 +745,7 @@ sub most_similar { sub initialverifyreceipt { my ($request,$symb) = @_; &commonJSfunctions($request); - return '
'. + return ''. &Apache::lonnet::recprefix($env{'request.course.id'}). '-'. ''."\n". @@ -842,10 +857,11 @@ sub listStudents { my $res_error; my ($partlist,$handgrade,$responseType) = &response_type($symb,\$res_error); - my %lt = &Apache::lonlocal::texthash ( + my %js_lt = &Apache::lonlocal::texthash ( 'multiple' => 'Please select a student or group of students before clicking on the Next button.', 'single' => 'Please select the student before clicking on the Next button.', ); + &js_escape(\%js_lt); $request->print(&Apache::lonhtmlcommon::scripttag(< '. - &mt('last submission only').' '."\n". + &mt('last submission').' '."\n". ''. ''."\n". + &mt('last submission with details').' '."\n". ''. ''."\n". + &mt('all submissions').''."\n". ''. ''; - $gradeTable .= &Apache::lonhtmlcommon::row_title(&mt('Submissions')) + &mt('all submissions with details').''; + $gradeTable .= &Apache::lonhtmlcommon::row_title(&mt('View Submissions')) .$submission_options .&Apache::lonhtmlcommon::row_closure(); @@ -1078,7 +1094,7 @@ LISTJAVASCRIPT if ($submitonly eq 'graded' ) { $submissions = 'ungraded submissions'; } if ($submitonly eq 'queued' ) { $submissions = 'queued submissions'; } $gradeTable='
 '. - &mt('No '.$submissions.' found for this resource for any students. ([_1] students checked for '.$submissions.')', + &mt('No '.$submissions.' found for this resource for any students. ([quant,_1,student] checked for '.$submissions.')', $num_students). '
'; } @@ -1162,7 +1178,8 @@ sub processGroup { #--- Javascript to handle the submission page functionality --- sub sub_page_js { my $request = shift; - my $alertmsg = &mt('A number equal or greater than 0 is expected. Entered value = '); + my $alertmsg = &mt('A number equal or greater than 0 is expected. Entered value = '); + &js_escape(\$alertmsg); $request->print(&Apache::lonhtmlcommon::scripttag(< 'Keywords list, separated by a space. Add/delete to list if desired.', plse => 'Please select a word or group of words from document and then click this link.', adds => 'Add selection to keyword list? Edit if desired.', + col1 => 'red', + col2 => 'green', + col3 => 'blue', + siz1 => 'normal', + siz2 => '+1', + siz3 => '+2', + sty1 => 'normal', + sty2 => 'italic', + sty3 => 'bold', + ); + my %html_js_lt = &Apache::lonlocal::texthash( comp => 'Compose Message for: ', incl => 'Include', type => 'Type', @@ -1426,11 +1452,14 @@ INNERJS font => 'Font Size', fnst => 'Font Style', ); + &js_escape(\%js_lt); + &html_escape(\%html_js_lt); + &js_escape(\%html_js_lt); $request->print(&Apache::lonhtmlcommon::scripttag(<"); pDoc.write(""); - pDoc.write("

 $lt{'comp'}\"+fullname+\"<\\/span><\\/h3>

"); + pDoc.write("

 $html_js_lt{'comp'}\"+fullname+\"<\\/h1>"); - pDoc.write('
'); - pDoc.write(''); - pDoc.write("
$lt{'type'}<\\/b><\\/td>$lt{'incl'}<\\/b><\\/td>$lt{'mesa'}<\\/td><\\/tr>"); + pDoc.write(''); + pDoc.write(""); - pDoc.write(""); pDoc.write(""); - pDoc.write(""); pDoc.write("
$html_js_lt{'incl'}<\\/b><\\/td>$html_js_lt{'type'}<\\/b><\\/td>$html_js_lt{'mesa'}<\\/td><\\/tr>"); } function displaySubject(msg,shwsel) { pDoc = pWin.document; - pDoc.write("
$lt{'subj'}<\\/td>"); + pDoc.write("
<\\/td>"); - pDoc.write("<\\/td><\\/tr>"); + pDoc.write("$html_js_lt{'subj'}<\\/td>"); + pDoc.write("<\\/td><\\/tr>"); } function displaySavedMsg(ctr,msg,shwsel) { pDoc = pWin.document; - pDoc.write("
"+ctr+"<\\/td>"); + pDoc.write("
<\\/td>"); + pDoc.write(""+ctr+"<\\/td>"); pDoc.write("