|
|
|
@ -199,20 +199,20 @@ if (api_get_path(LIBRARY_PATH) == '/lib/') { |
|
|
|
* |
|
|
|
* |
|
|
|
* This is only the first proposal, test and improve! |
|
|
|
* This is only the first proposal, test and improve! |
|
|
|
* @param boolean Option to print headers when displaying error message. Default: false |
|
|
|
* @param boolean Option to print headers when displaying error message. Default: false |
|
|
|
|
|
|
|
* @return boolean True if the user has access to the current course or is out of a course context, false otherwise |
|
|
|
* @todo replace global variable |
|
|
|
* @todo replace global variable |
|
|
|
* @author Roan Embrechts |
|
|
|
* @author Roan Embrechts |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
function api_protect_course_script($print_headers=false) { |
|
|
|
function api_protect_course_script($print_headers=false) { |
|
|
|
global $is_allowed_in_course; |
|
|
|
global $is_allowed_in_course; |
|
|
|
//if (!isset ($_SESSION["_course"]) || !$is_allowed_in_course) |
|
|
|
|
|
|
|
if (!$is_allowed_in_course) { |
|
|
|
if (!$is_allowed_in_course) { |
|
|
|
api_not_allowed($print_headers); |
|
|
|
api_not_allowed($print_headers); |
|
|
|
|
|
|
|
return false; |
|
|
|
|
|
|
|
} else { |
|
|
|
|
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
/** |
|
|
|
* Function used to protect an admin script. |
|
|
|
* Function used to protect an admin script. |
|
|
|
* The function blocks access when the user has no platform admin rights. |
|
|
|
* The function blocks access when the user has no platform admin rights. |
|
|
|
@ -224,6 +224,9 @@ function api_protect_admin_script($allow_sessions_admins=false) { |
|
|
|
if (!api_is_platform_admin($allow_sessions_admins)) { |
|
|
|
if (!api_is_platform_admin($allow_sessions_admins)) { |
|
|
|
include (api_get_path(INCLUDE_PATH)."header.inc.php"); |
|
|
|
include (api_get_path(INCLUDE_PATH)."header.inc.php"); |
|
|
|
api_not_allowed(); |
|
|
|
api_not_allowed(); |
|
|
|
|
|
|
|
return false; |
|
|
|
|
|
|
|
}else{ |
|
|
|
|
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
@ -238,6 +241,9 @@ function api_block_anonymous_users() { |
|
|
|
if (!(isset ($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'],true)) { |
|
|
|
if (!(isset ($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'],true)) { |
|
|
|
include (api_get_path(INCLUDE_PATH)."header.inc.php"); |
|
|
|
include (api_get_path(INCLUDE_PATH)."header.inc.php"); |
|
|
|
api_not_allowed(); |
|
|
|
api_not_allowed(); |
|
|
|
|
|
|
|
return false; |
|
|
|
|
|
|
|
}else{ |
|
|
|
|
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
@ -830,7 +836,7 @@ function api_session_clear() { |
|
|
|
* Destroy the session |
|
|
|
* Destroy the session |
|
|
|
* |
|
|
|
* |
|
|
|
* @author Olivier Brouckaert |
|
|
|
* @author Olivier Brouckaert |
|
|
|
*/ |
|
|
|
**/ |
|
|
|
function api_session_destroy() { |
|
|
|
function api_session_destroy() { |
|
|
|
session_unset(); |
|
|
|
session_unset(); |
|
|
|
$_SESSION = array (); |
|
|
|
$_SESSION = array (); |
|
|
|
|
Ricardo Rodriguez
17 years ago