$selected = ' selected="selected"';\r
}\r
?>\r
- <option value="<?php echo $file['file_id'];?>" <?php echo $selected; ?>><?php echo _AT('revision'); ?> <?php echo $file['num_revisions']; ?>. <?php echo $file['file_name']; ?> - <?php echo $file['num_comments']; ?> <?php echo _AT('comments'); ?></option>\r
+ <option value="<?php echo $file['file_id'];?>" <?php echo $selected; ?>><?php echo _AT('revision'); ?> <?php echo $file['num_revisions']; ?>. <?php echo htmlentities_utf8($file['file_name']); ?> - <?php echo $file['num_comments']; ?> <?php echo _AT('comments'); ?></option>\r
<?php endforeach; ?>\r
</select>\r
</div>\r
\r
<div class="input-form">\r
<div class="row">\r
- <h3><?php echo $current_file['file_name']; ?> <small> - <?php echo _AT('revision'); ?> <?php echo $current_file['num_revisions']; ?></small></h3>\r
+ <h3><?php echo htmlentities_utf8($current_file['file_name']); ?> <small> - <?php echo _AT('revision'); ?> <?php echo $current_file['num_revisions']; ?></small></h3>\r
<span style="font-size: small"><?php echo get_display_name($current_file['member_id']); ?> - <?php echo AT_date(_AT('filemanager_date_format'), $current_file['date'], AT_DATE_MYSQL_DATETIME); ?></span>\r
<p><?php echo nl2br(htmlspecialchars($current_file['description'])); ?></p>\r
</div>\r
</form>\r
<?php endif; ?>\r
\r
-<?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>
\ No newline at end of file
+<?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>\r
'alt'=>_AT('download'),
'thumb'=>'images/application_get.png',
'link'=>'<a href="bounce.php?course='.$row['owner_id'].'&p='.urlencode('mods/_standard/file_storage/index.php?download=1'.SEP.'files[]='. $row['file_id']).'"'.
- (strlen($filetext) > SUBLINK_TEXT_LEN ? ' title="'.$filetext.'"' : '') .'>'.
- validate_length($filetext, SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY) .'</a>');
+ (strlen($filetext) > SUBLINK_TEXT_LEN ? ' title="'.AT_print($filetext, 'input.text').'"' : '') .'>'.
+ AT_print(validate_length($filetext, SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY), 'input.text') .'</a>');
}
}
return $news;
}
-?>
\ No newline at end of file
+?>
}
$list[] = '<a href="'.url_rewrite('mods/_standard/file_storage/index.php?download=1'.SEP.'files[]='. $row['file_id'], AT_PRETTY_URL_IS_HEADER).'"'.
- (strlen($filetext) > SUBLINK_TEXT_LEN ? ' title="'.AT_print($filetext, 'text.input').'"' : '') .'>'.
- AT_print(validate_length($filetext, SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY), 'text.input') .'</a>';
+ (strlen($filetext) > SUBLINK_TEXT_LEN ? ' title="'.AT_print($filetext, 'input.text').'"' : '') .'>'.
+ AT_print(validate_length($filetext, SUBLINK_TEXT_LEN, VALIDATE_LENGTH_FOR_DISPLAY), 'input.text') .'</a>';
}
return $list;
} else {
return 0;
}
-?>
\ No newline at end of file
+?>