--- rat/lonsequence.pm 2006/11/02 21:27:58 1.29 +++ rat/lonsequence.pm 2007/01/16 21:19:11 1.30 @@ -2,7 +2,7 @@ # # Sequence Handler # -# $Id: lonsequence.pm,v 1.29 2006/11/02 21:27:58 albertel Exp $ +# $Id: lonsequence.pm,v 1.30 2007/01/16 21:19:11 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -37,6 +37,7 @@ use LONCAPA::map(); use Apache::lonpageflip(); use Apache::loncommon(); use Apache::lonlocal; +use HTML::Entities(); my %selhash; my $successtied; @@ -169,10 +170,15 @@ ENDSELECT $r->print('
'); } my ($title,$url)=split(/\:/,$_); - $title=~s/\&colon\;/\:/g; - $url=~s/\&colon\;/\:/g; - unless ($title) { $title=(split(/\//,$url))[-1] }; - unless ($title) { $title=''.&mt('Empty').''; } + $title = &LONCAPA::map::qtescape($title); + unless ($title) { $title=(split(/\//,$url))[-1] }; + my $enc_title = &HTML::Entities::encode($title,'\'"<>&'); + unless ($title) { + $title=''.&mt('Empty').''; + $enc_title = &mt('Empty'); + } + $url = &LONCAPA::map::qtescape($url); + my $enc_url = &HTML::Entities::encode($url,'\'"<>&'); if ($url) { if ($successtied) { my $checked=''; @@ -181,16 +187,17 @@ ENDSELECT } $selhash{"pre_${idx}_link"}=$url; $selhash{"pre_${idx}_title"}=$title; - + + $url = &HTML::Entities::encode($url, '\'"<>&'); $r->print(< - +value='$enc_url' onClick='javascript:queue("form$idx")'$checked /> + ENDCHECKBOX } - $r->print(''); + $r->print(''); } - $r->print(&LONCAPA::map::qtescape($title)); + $r->print($enc_title); if ($url) { $r->print(''); } if ($successtied) { $r->print('');