--- loncom/interface/loncommon.pm 2014/07/27 20:11:10 1.1075.2.81
+++ loncom/interface/loncommon.pm 2014/12/21 16:42:38 1.1075.2.83
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1075.2.81 2014/07/27 20:11:10 raeburn Exp $
+# $Id: loncommon.pm,v 1.1075.2.83 2014/12/21 16:42:38 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -7672,10 +7672,12 @@ function set_wishlistlink(title, path) {
title = title.replace(/^LON-CAPA /,'');
}
title = encodeURIComponent(title);
+ title = title.replace("'","\\\'");
if (!path) {
path = location.pathname;
}
path = encodeURIComponent(path);
+ path = path.replace("'","\\\'");
Win = window.open('/adm/wishlist?mode=newLink&setTitle='+title+'&setPath='+path,
'wishlistNewLink','width=560,height=350,scrollbars=0');
}
@@ -7718,6 +7720,7 @@ var modalWindow = {
};
var openMyModal = function(source,width,height,scrolling,transparency,style)
{
+ source = source.replace("'","'");
modalWindow.windowId = "myModal";
modalWindow.width = width;
modalWindow.height = height;
@@ -14488,7 +14491,7 @@ sub escape_url {
my ($url) = @_;
my @urlslices = split(/\//, $url,-1);
my $lastitem = &escape(pop(@urlslices));
- return join('/',@urlslices).'/'.$lastitem;
+ return &HTML::Entities::encode(join('/',@urlslices),"'").'/'.$lastitem;
}
sub compare_arrays {
@@ -14964,7 +14967,12 @@ sub build_filters {
$output .= ''."\n".
''."\n";
- } elsif ($formname ne 'quotacheck') {
+ } elsif ($formname eq 'quotacheck') {
+ $output .= qq|
+
+
+|;
+ } else {
my $name_input;
if ($cnameelement ne '') {
$name_input = '