Moodle in English: Does grade_update() clean or escape input for the feedback field?

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation
Search

Search
Moodle Sites

Moodle.org

В начало

Does grade_update() clean or escape input for the feedback field?

◄ Is there a problem with re-purposing grade_grades 'feedbackformat' for some activities?
Students grades not showing in gradebook ►

Обсуждение было заблокировано, поэтому на него нельзя больше отвечать.

Does grade_update() clean or escape input for the feedback field?

от Matt Bury - понедельник, 8 февраля 2010, 02:27

Hi,

I'm using lib/gradelib.php::update_grade() to push grades into Moodle's grade book. The grades are being sent from Flash including the 'feedback' parameter.

My question is, is the text in 'feedback' escaped or cleaned or do I have to call a text cleaning function manually?

So far it works and links get automatically added in str_feedback output but I'm concerned about security.

Thanks in advance.

◄ Is there a problem with re-purposing grade_grades 'feedbackformat' for some activities?
Students grades not showing in gradebook ►

Gradebook

Does grade_update() clean or escape input for the feedback field?

Does grade_update() clean or escape input for the feedback field?

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world