Minor: Improve apiBlockInactiveUser() - refs BT#17891 - #3566

5 years ago · 515d07cc09
parent 1493d16b6d
commit 515d07cc09
5 changed files with 8 additions and 23 deletions
--- a/main/auth/profile.php
+++ b/main/auth/profile.php
@ -13,7 +13,6 @@ use ChamiloSession as Session;
 */
 $cidReset = true;
 require_once __DIR__.'/../inc/global.inc.php';
-// see BT#17891
 apiBlockInactiveUser();

 $this_section = SECTION_MYPROFILE;
--- a/main/calendar/agenda_js.php
+++ b/main/calendar/agenda_js.php
@ -13,7 +13,6 @@ if ('personal' == $type || 'admin' == $type) {
    $cidReset = true; // fixes #5162
 }
 require_once __DIR__.'/../inc/global.inc.php';
-// see BT#17891
 apiBlockInactiveUser();

 $current_course_tool = TOOL_CALENDAR_EVENT;
--- a/main/gradebook/my_certificates.php
+++ b/main/gradebook/my_certificates.php
@ -10,7 +10,6 @@
 $cidReset = true;

 require_once __DIR__.'/../inc/global.inc.php';
-// see BT#17891
 apiBlockInactiveUser();

 $logInfo = [
--- a/main/inc/lib/api.lib.php
+++ b/main/inc/lib/api.lib.php
@ -1249,7 +1249,6 @@ function api_protect_course_script($print_headers = false, $allow_session_admins

        return false;
    }
-    // see BT#17891
    apiBlockInactiveUser();

    return true;
@ -1278,32 +1277,29 @@ function api_protect_admin_script($allow_sessions_admins = false, $allow_drh = f
        return false;
    }

-    // see BT#17891
    apiBlockInactiveUser();

    return true;
 }

 /**
- * Function used to protect an inactive user.
+ * Blocks inactive users with a currently active session from accessing more 
+ * pages "live".
 *
- * Function to determine an inactive user by the database
- *
- * @param int $user_id
- *
- * @return bool
+ * @return bool Returns true if the feature is disabled or the user account is still enabled. Returns false (and shows a message) if the feature is enabled *and* the user is disabled.
 */
 function apiBlockInactiveUser()
 {
    $data = true;
+    if (api_get_configuration_value('security_block_inactive_users_immediately') != 1) {
+        return $data;
+    }
+
    $userId = api_get_user_id();
    $homeUrl = api_get_path(WEB_PATH);
    if (($userId) == 0) {
        return $data;
    }
-    if (api_get_configuration_value('security_block_inactive_users_immediately') != 1) {
-        return $data;
-    }

    $sql = "SELECT active FROM ".Database::get_main_table(TABLE_MAIN_USER)."
            WHERE id = $userId";
@ -1327,13 +1323,7 @@ function apiBlockInactiveUser()
        );

        $msg .= '<p class="text-center">
-                 <a class="btn btn-default" href="'.$homeUrl.'">'.get_lang('BackHome').'</a>
-                 </p>';
-        /*
-        if (!empty($message)) {
-            $msg = $message;
-        }
-        */
+                 <a class="btn btn-default" href="'.$homeUrl.'">'.get_lang('BackHome').'</a></p>';

        if (api_is_anonymous()) {
            $form = api_get_not_allowed_login_form();
@ -1386,7 +1376,6 @@ function api_block_anonymous_users($printHeaders = true)

        return false;
    }
-    // see BT#17891
    apiBlockInactiveUser();

    return true;
--- a/whoisonline.php
+++ b/whoisonline.php
@ -9,7 +9,6 @@ if (!isset($_GET['cidReq'])) {
 }

 require_once './main/inc/global.inc.php';
-// see BT#17891
 apiBlockInactiveUser();

 if (isset($_GET['cidReq']) && strlen($_GET['cidReq']) > 0) {