--- loncom/interface/lonhtmlcommon.pm 2006/03/21 20:19:41 1.123 +++ loncom/interface/lonhtmlcommon.pm 2006/06/01 19:30:49 1.131 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # a pile of common html routines # -# $Id: lonhtmlcommon.pm,v 1.123 2006/03/21 20:19:41 albertel Exp $ +# $Id: lonhtmlcommon.pm,v 1.131 2006/06/01 19:30:49 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -60,6 +60,8 @@ use Time::Local; use Time::HiRes; use Apache::lonlocal; use Apache::lonnet; +use lib '/home/httpd/lib/perl/'; +use LONCAPA; ############################################## ############################################## @@ -93,7 +95,7 @@ sub authorbombs { sub recent_filename { my $area=shift; - return 'nohist_recent_'.&Apache::lonnet::escape($area); + return 'nohist_recent_'.&escape($area); } sub store_recent { @@ -115,7 +117,7 @@ sub store_recent { } # store new value &Apache::lonnet::put($file,{ $name => - time.'&'.&Apache::lonnet::escape($value) }); + time.'&'.&escape($value) }); } sub remove_recent { @@ -134,7 +136,7 @@ sub select_recent { unless ($_=~/^error\:/) { my $escaped = &Apache::loncommon::escape_url($_); $return.="\n'; } } @@ -158,7 +160,7 @@ sub get_recent { my $idx = 1; foreach (reverse sort keys %time_hash) { $return_hash{$time_hash{$_}} = - &Apache::lonnet::unescape((split(/\&/,$recent{$_}))[1]); + &unescape((split(/\&/,$recent{$_}))[1]); if ($n && ($idx++ >= $n)) {last;} } @@ -178,6 +180,7 @@ sub get_recent { sub textbox { my ($name,$value,$size,$special) = @_; $size = 40 if (! defined($size)); + $value = &HTML::Entities::encode($value,'<>&"'); my $Str = ''; return $Str; @@ -524,7 +527,7 @@ sub get_date_from_form { if (($year<70) || ($year>137)) { return undef; } if (defined($sec) && defined($min) && defined($hour) && defined($day) && defined($month) && defined($year) && - eval(&timelocal($sec,$min,$hour,$day,$month,$year))) { + eval('&timelocal($sec,$min,$hour,$day,$month,$year)')) { return &timelocal($sec,$min,$hour,$day,$month,$year); } else { return undef; @@ -817,10 +820,10 @@ sub Create_PrgWin { function openpopwin () { popwin=open(\'\',\'popwin\',\'width=400,height=100\');". "popwin.document.writeln(\'".$start_page. - "