version 1.111, 2003/12/16 16:47:16
|
version 1.112, 2004/01/19 16:31:25
|
Line 1278 sub update_full_student_data {
|
Line 1278 sub update_full_student_data {
|
while (my ($part_id,$hash2) = each (%$hash1)) { |
while (my ($part_id,$hash2) = each (%$hash1)) { |
while (my ($resp_id,$hash3) = each (%$hash2)) { |
while (my ($resp_id,$hash3) = each (%$hash2)) { |
while (my ($transaction,$data) = each (%$hash3)) { |
while (my ($transaction,$data) = each (%$hash3)) { |
$store_command .= "('".join("','",$symb_id,$part_id, |
my $submission = $data->{'submission'}; |
$resp_id,$student_id, |
# We have to be careful with user supplied input. |
$transaction, |
# most of the time we are okay because it is escaped. |
$data->{'awarddetail'}, |
# However, there is one wrinkle: submissions which end in |
$data->{'response_specific'}, |
# and odd number of '\' cause insert errors to occur. |
$data->{'response_specific_value'}, |
# Best trap this somehow... |
$data->{'submission'})."'),"; |
$submission = $dbh->quote($submission); |
|
$store_command .= "('". |
|
join("','",$symb_id,$part_id, |
|
$resp_id,$student_id, |
|
$transaction, |
|
$data->{'awarddetail'}, |
|
$data->{'response_specific'}, |
|
$data->{'response_specific_value'}). |
|
"',".$submission."),"; |
$store_rows++; |
$store_rows++; |
} |
} |
} |
} |