chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Replacing is_allowed_in_course validation with the more complete function: api_protect_course_script()

Browse Source
skala
Julio Montoya 14 years ago
parent f206fcdd46
commit 1e82c10b07
7 changed files with 37 additions and 31 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      main/newscorm/back_compat.inc.php
  2. 1
      main/newscorm/learnpath.class.php
  3. 6
      main/newscorm/lp_controller.php
  4. 4
      main/newscorm/lp_edit.php
  5. 3
      main/newscorm/lp_list.php
  6. 15
      main/newscorm/lp_view.php
  7. 4
      main/newscorm/scorm_admin.php

1
main/newscorm/back_compat.inc.php
Unescape View File

@ -11,7 +11,6 @@
* Code * Code
*/ */
require_once '../inc/global.inc.php'; require_once '../inc/global.inc.php';
require_once api_get_path(LIBRARY_PATH).'database.lib.php';
require_once api_get_path(LIBRARY_PATH).'document.lib.php'; require_once api_get_path(LIBRARY_PATH).'document.lib.php';
require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php'; require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php'; // replace_dangerous_char() require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php'; // replace_dangerous_char()

1
main/newscorm/learnpath.class.php
Unescape View File

@ -2589,7 +2589,6 @@ class learnpath {
'type' => $this->items[$item_id]->get_type(), 'type' => $this->items[$item_id]->get_type(),
'description' => $this->items[$item_id]->get_description(), 'description' => $this->items[$item_id]->get_description(),
'path' => $this->items[$item_id]->get_path(), 'path' => $this->items[$item_id]->get_path(),
); );
} }
if ($this->debug > 2) { if ($this->debug > 2) {

6
main/newscorm/lp_controller.php
Unescape View File

@ -78,9 +78,11 @@ if ($debug > 0) error_log('New LP - Included back_compat', 0);
$session_id = api_get_session_id(); $session_id = api_get_session_id();
if (!$is_allowed_in_course) { api_protect_course_script(true);
/*if (!$is_allowed_in_course) {
api_not_allowed(true); api_not_allowed(true);
} }*/
require_once api_get_path(LIBRARY_PATH).'fckeditor/fckeditor.php'; require_once api_get_path(LIBRARY_PATH).'fckeditor/fckeditor.php';
$lpfound = false; $lpfound = false;

4
main/newscorm/lp_edit.php
Unescape View File

@ -14,7 +14,9 @@ $show_description_field = false; //for now
$nameTools = get_lang('Doc'); $nameTools = get_lang('Doc');
$this_section = SECTION_COURSES; $this_section = SECTION_COURSES;
event_access_tool(TOOL_LEARNPATH); event_access_tool(TOOL_LEARNPATH);
if (! $is_allowed_in_course) api_not_allowed();
api_protect_course_script();
//if (! $is_allowed_in_course) api_not_allowed();
if (isset($_SESSION['gradebook'])) { if (isset($_SESSION['gradebook'])) {
$gradebook = $_SESSION['gradebook']; $gradebook = $_SESSION['gradebook'];

3
main/newscorm/lp_list.php
Unescape View File

@ -39,7 +39,8 @@ function confirmation(name) {
$nameTools = get_lang('LearningPaths'); $nameTools = get_lang('LearningPaths');
event_access_tool(TOOL_LEARNPATH); event_access_tool(TOOL_LEARNPATH);
if (!$is_allowed_in_course) api_not_allowed(); api_protect_course_script();
//if (!$is_allowed_in_course) api_not_allowed();
/** /**
* Display * Display

15
main/newscorm/lp_view.php
Unescape View File

@ -31,7 +31,8 @@ require_once 'scorm.lib.php';
require_once 'learnpath.class.php'; require_once 'learnpath.class.php';
require_once 'learnpathItem.class.php'; require_once 'learnpathItem.class.php';
if (!$is_allowed_in_course) api_not_allowed(); api_protect_course_script();
//if (!$is_allowed_in_course) api_not_allowed();
$oLearnpath = false; $oLearnpath = false;
$course_code = api_get_course_id(); $course_code = api_get_course_id();
@ -342,17 +343,17 @@ if ($_SESSION['oLP']->mode == 'embedframe' ||$_SESSION['oLP']->get_hide_toc_fram
<div id="media" <?php echo $style_media; ?>> <div id="media" <?php echo $style_media; ?>>
<?php echo (!empty($mediaplayer)) ? $mediaplayer : '&nbsp;' ?> <?php echo (!empty($mediaplayer)) ? $mediaplayer : '&nbsp;' ?>
</div> </div>
<!-- end media player layaout --> <!-- end media player layout -->
<!-- toc layout --> <!-- TOC layout -->
<!-- hub 26-05-2010 remove height for lp toc height resizable <!-- hub 26-05-2010 remove height for lp toc height resizable
<div id="toc_id" name="toc_name" style="overflow: auto; padding:0;margin-top:20px;height:60%;width:100%"> <div id="toc_id" name="toc_name" style="overflow: auto; padding:0;margin-top:20px;height:60%;width:100%">
--> -->
<div id="toc_id" name="toc_name" style="overflow: auto; padding:0;margin-top:20px;width:100%"> <div id="toc_id" name="toc_name" style="overflow: auto; padding:0;margin-top:20px;width:100%">
<div id="learning_path_toc" style="font-size:9pt;margin:0;"><?php echo $_SESSION['oLP']->get_html_toc(); ?> <div id="learning_path_toc" style="font-size:9pt;margin:0;">
<?php echo $_SESSION['oLP']->get_html_toc(); ?>
<?php if (!empty($_SESSION['oLP']->scorm_debug)) { //only show log <?php if (!empty($_SESSION['oLP']->scorm_debug)) { //only show log ?>
?>
<!-- log message layout --> <!-- log message layout -->
<div id="lp_log_name" name="lp_log_name" class="lp_log" style="height:150px;overflow:auto;margin:4px"> <div id="lp_log_name" name="lp_log_name" class="lp_log" style="height:150px;overflow:auto;margin:4px">
<div id="log_content"></div> <div id="log_content"></div>
@ -362,7 +363,7 @@ if ($_SESSION['oLP']->mode == 'embedframe' ||$_SESSION['oLP']->get_hide_toc_fram
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
<!-- end toc layout --> <!-- end TOC layout -->
</div> </div>
<!-- end left Zone --> <!-- end left Zone -->

4
main/newscorm/scorm_admin.php
Unescape View File

@ -54,7 +54,9 @@ $dialogbox = '';
$course_id = api_get_course_int_id(); $course_id = api_get_course_int_id();
if (! $is_allowed_in_course) api_not_allowed(); api_protect_course_script();
//if (! $is_allowed_in_course) api_not_allowed();
$is_allowedToUnzip = $is_courseAdmin; $is_allowedToUnzip = $is_courseAdmin;
/* Main code */ /* Main code */

Write Preview
Loading…
Cancel
Save