if (!$msg->containsErrors()) {\r
$_POST['word'] = $addslashes($_POST['word']);\r
$_POST['definition'] = $addslashes($_POST['definition']);\r
+ $_POST['gid'] = intval($_POST['gid']);\r
\r
$sql = "UPDATE ".TABLE_PREFIX."glossary SET word='$_POST[word]', definition='$_POST[definition]', related_word_id=$_POST[related_term] WHERE word_id=$_POST[gid] AND course_id=$_SESSION[course_id]";\r
\r
</div>\r
</form>\r
\r
-<?php require (AT_INCLUDE_PATH.'footer.inc.php'); ?>
\ No newline at end of file
+<?php require (AT_INCLUDE_PATH.'footer.inc.php'); ?>\r
\r
if ($no_error) // add into gradebook\r
{\r
+ $_POST["selected_grade_scale_id"] = intval($_POST["selected_grade_scale_id"]);\r
$sql_insert = "INSERT INTO ".TABLE_PREFIX."gradebook_tests (id, type, grade_scale_id)\r
VALUES (". $test_id. ", 'ATutor Test', ".$_POST["selected_grade_scale_id"].")";\r
$result_insert = mysql_query($sql_insert, $db) or die(mysql_error());\r
function add_assignment($assignment_id)\r
{\r
global $db;\r
+ $_POST["selected_grade_scale_id"] = intval($_POST["selected_grade_scale_id"]);\r
\r
$sql_insert = "INSERT INTO ".TABLE_PREFIX."gradebook_tests (id, type, grade_scale_id)\r
VALUES (". $assignment_id. ", 'ATutor Assignment', ".$_POST["selected_grade_scale_id"].")";\r
\r
if (!$msg->containsErrors()) \r
{\r
+ $_POST["year_due"] = intval($_POST["year_due"]);\r
+ $_POST["month_due"] = intval($_POST["month_due"]);\r
+ $_POST["day_due"] = intval($_POST["day_due"]);\r
+ $_POST["hour_due"] = intval($_POST["hour_due"]);\r
+ $_POST["min_due"] = intval($_POST["min_due"]);\r
+ $_POST["title"] = $addslashes($_POST["title"]);\r
+ $_POST["selected_grade_scale_id"] = intval($_POST["selected_grade_scale_id"]);\r
+ \r
if ($_POST["has_due_date"] == 'true')\r
$date_due = $_POST["year_due"]. '-' .str_pad ($_POST["month_due"], 2, "0", STR_PAD_LEFT). '-' .str_pad ($_POST["day_due"], 2, "0", STR_PAD_LEFT). ' '.str_pad ($_POST["hour_due"], 2, "0", STR_PAD_LEFT). ':' .str_pad ($_POST["min_due"], 2, "0", STR_PAD_LEFT) . ':00';\r
\r
\r
<div class="row">\r
<span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="title"><?php echo _AT('title'); ?></label><br />\r
- <input type="text" name="title" id="title" size="30" value="<?php echo $_POST['title']; ?>" />\r
+ <input type="text" name="title" id="title" size="30" value="<?php echo AT_print($_POST['title'], 'input.title'); ?>" />\r
</div>\r
\r
<div class="row">\r
else if (isset($_POST['save'])) \r
{\r
$missing_fields = array();\r
+ $_POST["selected_grade_scale_id"] = intval($_POST["selected_grade_scale_id"]);\r
+ $_REQUEST["gradebook_test_id"] = intval($_REQUEST["gradebook_test_id"]);\r
+ $_GET['gradebook_test_id'] = intval($_GET['gradebook_test_id']);\r
+ $_POST["year_due"] = intval($_POST["year_due"]);\r
+ $_POST["month_due"] = intval($_POST["month_due"]);\r
+ $_POST["day_due"] = intval($_POST["day_due"]);\r
+ $_POST["hour_due"] = intval($_POST["hour_due"]);\r
+ $_POST["min_due"] = intval($_POST["min_due"]);\r
\r
if (isset($_POST['title']) && $_POST['title'] == '') {\r
$missing_fields[] = _AT('title');\r