chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Improve block page to unauthorized users

Browse Source
pull/2495/head
jmontoyaa 8 years ago
parent cdaf3abee9
commit 1394684773
2 changed files with 58 additions and 40 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 19
      main/course_description/index.php
  2. 79
      main/link/link.php

19
main/course_description/index.php
Unescape View File

@ -75,6 +75,13 @@ if ($description_type >= 9) {
// course description controller object
$course_description_controller = new CourseDescriptionController();
// block access
if (in_array($action, ['add', 'edit', 'delete']) &&
!api_is_allowed_to_edit(null, true)
) {
api_not_allowed(true);
}
// Actions to controller
switch ($action) {
case 'listing':
@ -84,19 +91,13 @@ switch ($action) {
$course_description_controller->listing(true);
break;
case 'add':
if (api_is_allowed_to_edit(null, true)) {
$course_description_controller->add();
}
$course_description_controller->add();
break;
case 'edit':
if (api_is_allowed_to_edit(null, true)) {
$course_description_controller->edit($id, $description_type);
}
$course_description_controller->edit($id, $description_type);
break;
case 'delete':
if (api_is_allowed_to_edit(null, true)) {
$course_description_controller->destroy($id);
}
$course_description_controller->destroy($id);
break;
default:
$course_description_controller->listing();

79
main/link/link.php
Unescape View File

@ -101,21 +101,41 @@ $linkListUrl = api_get_self().'?'.api_get_cidreq().'&category_id='.$categoryId.'
$content = '';
$token = Security::get_existing_token();
$protectedActions = [
'addlink',
'editlink',
'addcategory',
'editcategory',
'deletelink',
'deletecategory',
'visible',
'invisible',
'up',
'down',
'move_link_up',
'move_link_down',
];
// block access
if (in_array($action, $protectedActions) &&
!api_is_allowed_to_edit(null, true)
) {
api_not_allowed(true);
}
switch ($action) {
case 'addlink':
if (api_is_allowed_to_edit(null, true)) {
$form = Link::getLinkForm(null, 'addlink', $token);
if ($form->validate() && Security::check_token('get')) {
// Here we add a link
$linkId = Link::addlinkcategory('link');
Skill::saveSkills($form, ITEM_TYPE_LINK, $linkId);
Security::clear_token();
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
$form = Link::getLinkForm(null, 'addlink', $token);
if ($form->validate() && Security::check_token('get')) {
// Here we add a link
$linkId = Link::addlinkcategory('link');
Skill::saveSkills($form, ITEM_TYPE_LINK, $linkId);
Security::clear_token();
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
break;
case 'editlink':
$form = Link::getLinkForm($id, 'editlink');
@ -128,31 +148,28 @@ switch ($action) {
$content = $form->returnForm();
break;
case 'addcategory':
if (api_is_allowed_to_edit(null, true)) {
$form = Link::getCategoryForm(null, 'addcategory');
if ($form->validate()) {
// Here we add a category
Link::addlinkcategory('category');
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
$form = Link::getCategoryForm(null, 'addcategory');
if ($form->validate()) {
// Here we add a category
Link::addlinkcategory('category');
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
break;
case 'editcategory':
if (api_is_allowed_to_edit(null, true)) {
$form = Link::getCategoryForm($id, 'editcategory');
$form = Link::getCategoryForm($id, 'editcategory');
if ($form->validate()) {
// Here we edit a category
Link::editCategory($id, $form->getSubmitValues());
if ($form->validate()) {
// Here we edit a category
Link::editCategory($id, $form->getSubmitValues());
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
header('Location: '.$linkListUrl);
exit;
}
$content = $form->returnForm();
break;
case 'deletelink':
// Here we delete a link

Write Preview
Loading…
Cancel
Save