--- loncom/interface/lonmodifycourse.pm	2015/03/07 23:17:15	1.75
+++ loncom/interface/lonmodifycourse.pm	2015/06/09 21:22:56	1.78
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # handler for DC-only modifiable course settings
 #
-# $Id: lonmodifycourse.pm,v 1.75 2015/03/07 23:17:15 raeburn Exp $
+# $Id: lonmodifycourse.pm,v 1.78 2015/06/09 21:22:56 damieng Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -208,7 +208,7 @@ sub print_course_selection_page {
     my %courses = &Apache::loncommon::search_courses($dom,$type,$filter,$numtitles,
                                                      undef,undef,undef,\@codetitles);
     &Apache::lonpickcourse::display_matched_courses($r,$type,0,$action,undef,undef,undef,
-                                                    %courses);
+                                                    undef,undef,%courses);
     return;
 }
 
@@ -1711,7 +1711,7 @@ sub modify_postsubmit_config {
                        );
             my $putreply = &Apache::lonnet::put('environment',\%cenv,$cdom,$cnum);
             if ($putreply eq 'ok') {
-                $r->print(&mt('Submit buttin will not be disabled after student submission'));
+                $r->print(&mt('Submit button will not be disabled after student submission'));
             } else {
                 $r->print($lt{'erro'});
             }
@@ -1901,6 +1901,8 @@ function hide_searching() {
     } elsif ($phase eq 'setquota') {
         my $invalid = &mt('The quota you entered contained invalid characters.');
         my $alert = &mt('You must enter a number');
+        &js_escape(\$invalid);
+        &js_escape(\$alert);
         my $regexp = '/^\s*(\d+\.?\d*|\.\d+)\s*$/';
         $js .= <<"ENDSCRIPT";
 
@@ -1920,6 +1922,8 @@ ENDSCRIPT
     } elsif ($phase eq 'setanon') {
         my $invalid = &mt('The responder threshold you entered is invalid.');
         my $alert = &mt('You must enter a positive integer.');
+        &js_escape(\$invalid);
+        &js_escape(\$alert);
         my $regexp = ' /^\s*\d+\s*$/';
         $js .= <<"ENDSCRIPT";
 
@@ -1945,6 +1949,9 @@ ENDSCRIPT
         my $invalid = &mt('The choice entered for disabling the submit button is invalid.');
         my $invalidtimeout = &mt('The timeout you entered for disabling the submit button is invalid.');
         my $alert = &mt('Enter one of: a positive integer, 0 (for no timeout), or leave blank to use domain default');
+        &js_escape(\$invalid);
+        &js_escape(\$invalidtimeout);
+        &js_escape(\$alert);
         my $regexp = ' /^\s*\d+\s*$/';
 
         $js .= <<"ENDSCRIPT";