[svn r18544] Minor - Fixed a student can't qualify a thread into forum - see FS#3510

17 years ago · 1b3cbb22d9
parent b2ecfdc4cc
commit 1b3cbb22d9
3 changed files with 24 additions and 18 deletions
--- a/main/forum/viewthread_flat.inc.php
+++ b/main/forum/viewthread_flat.inc.php
@ -73,14 +73,16 @@ foreach ($rows as $row) {
 	$userinf=api_get_user_info($row['user_id']);
 	$user_status=api_get_status_of_user_in_course($row['user_id'],api_get_course_id());
 	$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$row['poster_id'],$_GET['thread']);
-	if( isset($_GET['gradebook'])){
-		if ($increment>0 && $user_status!=1 ) {
-			$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
-			echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$info_thread['forum_id']."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."&gradebook=".$_GET['gradebook']."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
-		 }
-	} else {
-		if ($increment>0 && $user_status!=1 ) {
-			echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";				
+	if (api_is_allowed_to_edit()) {
+		if( isset($_GET['gradebook'])){
+			if ($increment>0 && $user_status!=1 ) {
+				$info_thread=get_thread_information(Security::remove_XSS($_GET['thread']));
+				echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".$info_thread['forum_id']."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."&gradebook=".$_GET['gradebook']."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
+			 }
+		} else {
+			if ($increment>0 && $user_status!=1 ) {
+				echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$row['post_id']."&amp;user=".$row['poster_id']."&user_id=".$row['poster_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";				
+			}
 		}
 	}		
 	echo '<br /><br />';
--- a/main/forum/viewthread_nested.inc.php
+++ b/main/forum/viewthread_nested.inc.php
@ -80,9 +80,11 @@ foreach ($rows as $post) {
 	}
 	$userinf=api_get_user_info($post['user_id']);
 	$user_status=api_get_status_of_user_in_course($post['user_id'],api_get_course_id());
-	if ($count>0 && $user_status!=1) {						
-		$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$post['user_id'],$_GET['thread']);
-		echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$post['post_id']."&amp;user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
+	if (api_is_allowed_to_edit()) {	
+		if ($count>0 && $user_status!=1) {						
+			$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$post['user_id'],$_GET['thread']);
+			echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$post['post_id']."&amp;user=".$post['user_id']."&user_id=".$post['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
+		}
 	}
 	echo '<br /><br />';
 	//if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())
--- a/main/forum/viewthread_threaded.inc.php
+++ b/main/forum/viewthread_threaded.inc.php
@ -260,13 +260,15 @@ if (api_is_allowed_to_edit(false,true)  && !(api_is_course_coach() && $current_f
 }
 $userinf=api_get_user_info($rows[$display_post_id]['user_id']);
 $user_status=api_get_status_of_user_in_course($rows[$display_post_id]['user_id'],api_get_course_id());
-if($post_id>$post_minor )
-{
-	if($user_status!=1)
-	{			
-		$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$rows[$display_post_id]['user_id'],$_GET['thread']);
-		echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$rows[$display_post_id]['post_id']."&amp;user=".$rows[$display_post_id]['user_id']."&user_id=".$rows[$display_post_id]['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
-	}	
+if (api_is_allowed_to_edit()) {
+	if($post_id>$post_minor )
+	{
+		if($user_status!=1)
+		{			
+			$current_qualify_thread=show_qualify('1',$_GET['cidReq'],$_GET['forum'],$rows[$display_post_id]['user_id'],$_GET['thread']);
+			echo "<a href=\"forumqualify.php?".api_get_cidreq()."&forum=".Security::remove_XSS($_GET['forum'])."&amp;thread=".Security::remove_XSS($_GET['thread'])."&amp;action=list&amp;post=".$rows[$display_post_id]['post_id']."&amp;user=".$rows[$display_post_id]['user_id']."&user_id=".$rows[$display_post_id]['user_id']."&origin=".$origin."&idtextqualify=".$current_qualify_thread."\" >".icon('../img/new_test_small.gif',get_lang('Qualify'))."</a>\n";			
+		}	
+	}
 }
 echo '<br /><br />';
 //if (($current_forum_category['locked']==0 AND $current_forum['locked']==0 AND $current_thread['locked']==0) OR api_is_allowed_to_edit())