--- loncom/interface/lonhelper.pm	2004/02/27 19:51:46	1.64
+++ loncom/interface/lonhelper.pm	2004/03/31 05:23:59	1.67
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # .helper XML handler to implement the LON-CAPA helper
 #
-# $Id: lonhelper.pm,v 1.64 2004/02/27 19:51:46 albertel Exp $
+# $Id: lonhelper.pm,v 1.67 2004/03/31 05:23:59 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -230,7 +230,7 @@ my $paramHash;
 # In the debugger, this means that breakpoints are ignored until you step into
 # a function and get out of what must be a "faked up scope" in the Apache->
 # mod_perl connection. In this code, it was manifesting itself in the existence
-# of two seperate file-scoped $helper variables, one set to the value of the
+# of two separate file-scoped $helper variables, one set to the value of the
 # helper in the helper constructor, and one referenced by the handler on the
 # "$helper->process()" line. Using the debugger, one could actually
 # see the two different $helper variables, as hashes at completely
@@ -462,11 +462,11 @@ sub _saveVars {
     my $self = shift;
     my $result = "";
     $result .= '<input type="hidden" name="CURRENT_STATE" value="' .
-        HTML::Entities::encode($self->{STATE}) . "\" />\n";
+        HTML::Entities::encode($self->{STATE},'<>&"') . "\" />\n";
     $result .= '<input type="hidden" name="TOKEN" value="' .
         $self->{TOKEN} . "\" />\n";
     $result .= '<input type="hidden" name="RETURN_PAGE" value="' .
-        HTML::Entities::encode($self->{RETURN_PAGE}) . "\" />\n";
+        HTML::Entities::encode($self->{RETURN_PAGE},'<>&"') . "\" />\n";
 
     return $result;
 }
@@ -1264,7 +1264,7 @@ BUTTONS
         $result .= "<tr>\n<td width='20'>&nbsp;</td>\n";
         $result .= "<td valign='top'><input type='$type' name='$var.forminput'"
             . "' value='" . 
-            HTML::Entities::encode($choice->[1]) 
+            HTML::Entities::encode($choice->[1],'<>&"') 
             . "'";
         if ($checkedChoices{$choice->[1]}) {
             $result .= " checked ";
@@ -1419,7 +1419,7 @@ sub render {
     $result .= "<select name='${var}.forminput'>\n";
     foreach my $choice (@{$self->{CHOICES}}) {
         $result .= "<option value='" . 
-            HTML::Entities::encode($choice->[1]) 
+            HTML::Entities::encode($choice->[1],'<>&"') 
             . "'";
         if ($checkedChoices{$choice->[1]}) {
             $result .= " selected";
@@ -1777,6 +1777,7 @@ sub start_resource {
     $paramHash->{'suppressEmptySequences'} = $token->[2]{'suppressEmptySequences'};
     $paramHash->{'toponly'} = $token->[2]{'toponly'};
     $paramHash->{'addstatus'} = $token->[2]{'addstatus'};
+    $paramHash->{'closeallpages'} = $token->[2]{'closeallpages'};
     return '';
 }
 
@@ -1945,7 +1946,7 @@ BUTTONS
 		$checked = 1;
 	    }
             $col .= "value='" . 
-                HTML::Entities::encode(&$valueFunc($resource)) 
+                HTML::Entities::encode(&$valueFunc($resource),'<>&"') 
                 . "' /></td>";
             return $col;
         }
@@ -1962,6 +1963,7 @@ BUTTONS
                                        'showParts' => 0,
                                        'filterFunc' => $filterFunc,
                                        'resource_no_folder_link' => 1,
+				       'closeAllPages' => $self->{'closeallpages'},
                                        'suppressEmptySequences' => $self->{'suppressEmptySequences'},
                                        'iterator_map' => $mapUrl }
                                        );
@@ -2190,17 +2192,17 @@ BUTTONS
             $checked = 1;
         }
         $result .=
-            " value='" . HTML::Entities::encode($choice->[0] . ':' . $choice->[2] . ':' . $choice->[1] . ':' . $choice->[3])
+            " value='" . HTML::Entities::encode($choice->[0] . ':' . $choice->[2] . ':' . $choice->[1] . ':' . $choice->[3],'<>&"')
             . "' /></td><td>"
-            . HTML::Entities::encode($choice->[1])
+            . HTML::Entities::encode($choice->[1],'<>&"')
             . "</td><td align='center'>" 
-            . HTML::Entities::encode($choice->[2])
+            . HTML::Entities::encode($choice->[2],'<>&"')
             . "</td>\n<td>" 
-	    . HTML::Entities::encode($choice->[3])
+	    . HTML::Entities::encode($choice->[3],'<>&"')
             . "</td>\n<td>" 
-	    . HTML::Entities::encode($choice->[4])
+	    . HTML::Entities::encode($choice->[4],'<>&"')
             . "</td>\n<td>" 
-	    . HTML::Entities::encode($choice->[0])
+	    . HTML::Entities::encode($choice->[0],'<>&"')
 	    . "</td></tr>\n";
     }
 
@@ -2496,7 +2498,7 @@ BUTTONS
             }
             $result .= '<tr><td align="right"' . " bgcolor='$color'>" .
                 "<input $onclick type='$type' name='" . $var
-            . ".forminput' value='" . HTML::Entities::encode($fileName) .
+            . ".forminput' value='" . HTML::Entities::encode($fileName,'<>&"').
                 "'";
             if (!$self->{'multichoice'} && $choices == 0) {
                 $result .= ' checked';
@@ -3164,7 +3166,7 @@ sub render {
         $result .= "<li>for section <b>$section</b></li>";
         $level -= 3;
         $result .= "<input type='hidden' name='csec' value='" .
-            HTML::Entities::encode($section) . "' />\n";
+            HTML::Entities::encode($section,'<>&"') . "' />\n";
     } else {
         # FIXME: This is probably wasteful! Store the name!
         my $classlist = Apache::loncoursedata::get_classlist();
@@ -3176,9 +3178,9 @@ sub render {
         $level -= 6;
         my ($uname, $udom) = split /:/, $vars->{USER_NAME};
         $result .= "<input type='hidden' name='uname' value='".
-            HTML::Entities::encode($uname) . "' />\n";
+            HTML::Entities::encode($uname,'<>&"') . "' />\n";
         $result .= "<input type='hidden' name='udom' value='".
-            HTML::Entities::encode($udom) . "' />\n";
+            HTML::Entities::encode($udom,'<>&"') . "' />\n";
     }
 
     # Print value