diff --git a/main/exercice/exercise.lib.php b/main/exercice/exercise.lib.php
index fc58f52043..a6b645e73b 100755
--- a/main/exercice/exercise.lib.php
+++ b/main/exercice/exercise.lib.php
@@ -500,9 +500,9 @@ function exercise_time_control_is_valid($exercise_id) {
$sql = "SELECT expired_time FROM $TBL_EXERCICES WHERE id = $exercise_id";
$result = Database::query($sql);
$row = Database::fetch_array($result, 'ASSOC');
- if (!empty($row['expired_time']) ) {
- $current_expired_time_key = get_time_control_key($exercise_id);
- if (isset($_SESSION['expired_time'][$current_expired_time_key])) {
+ if (!empty($row['expired_time']) ) {
+ $current_expired_time_key = get_time_control_key($exercise_id);
+ if (isset($_SESSION['expired_time'][$current_expired_time_key])) {
$current_time = time();
$expired_time = api_strtotime($_SESSION['expired_time'][$current_expired_time_key], 'UTC');
$total_time_allowed = $expired_time + 30;
@@ -537,8 +537,17 @@ function generate_time_control_key($exercise_id) {
}
/**
Returns the time controller key
+ @todo this function is the same as generate_time_control_key
*/
-function get_time_control_key($exercise_id){
+function get_time_control_key($exercise_id) {
$exercise_id = intval($exercise_id);
return api_get_course_int_id().'_'.api_get_session_id().'_'.$exercise_id.'_'.api_get_user_id();
}
+/**
+ * @todo use this function instead of get_time_control_key
+ */
+function get_session_time_control_key($exercise_id) {
+ $time_control_key = get_time_control_key($exercise_id);
+ $return_value = $_SESSION['expired_time'][$time_control_key];
+ return $return_value;
+}
diff --git a/main/exercice/exercise_show.php b/main/exercice/exercise_show.php
index 3e8791b675..9780652a6a 100755
--- a/main/exercice/exercise_show.php
+++ b/main/exercice/exercise_show.php
@@ -61,7 +61,7 @@ if ( empty ( $nbrQuestions ) ) { $nbrQuestions = $_REQUEST['nbrQuestion
if ( empty ( $questionList ) ) { $questionList = $_SESSION['questionList'];}
if ( empty ( $objExercise ) ) { $objExercise = $_SESSION['objExercise'];}
if ( empty ( $exeId ) ) { $exeId = $_REQUEST['id'];}
-if ( empty ( $action ) ) { $action = $_GET['action']; }
+if ( empty ( $action ) ) { $action = $_REQUEST['action']; }
//$emailId = $_REQUEST['email'];
$id = intval($_REQUEST['id']); //exe id
@@ -95,7 +95,9 @@ if (empty($objExercise)) {
$objExercise->read($exercise_id);
}
-if (!exercise_time_control_is_valid($exercise_id)) {
+//If is not valid
+$session_control_key = get_session_time_control_key($exercise_id);
+if (isset($session_control_key) && !exercise_time_control_is_valid($exercise_id) && !in_array($action, array('qualify','edit'))) {
$sql_fraud = "UPDATE $TBL_TRACK_ATTEMPT SET answer = 0, marks=0, position=0 WHERE exe_id = $id ";
Database::query($sql_fraud);
}
@@ -895,6 +897,7 @@ if (is_array($arrid) && is_array($arrmarks)) {
if ($is_allowedToEdit) {
if (in_array($origin, array('tracking_course','user_course','correct_exercise_in_lp'))) {
+
echo '