Code improvements to tolerate using other disk for courses directory - needs widescale testing and possibly further improvements (closes #2511)

main/course_home/course_home.php

@@ -35,7 +35,7 @@ $language_file = 'course_home';
 $use_anonymous = true;
 
 // Inlcuding the global initialization file.
-require '../../main/inc/global.inc.php';
+require dirname(__FILE__).'/../inc/global.inc.php';
 
 // Delete LP sessions
 unset($_SESSION['oLP']);

main/inc/lib/add_course.lib.inc.php

@@ -204,7 +204,7 @@ function prepare_course_repository($course_repository, $course_code) {
     \$cidReq = \"$course_code\";
     \$dbname = \"$course_code\";
 
-    include(\"../../main/course_home/course_home.php\");
+    include(\"".api_get_path(SYS_CODE_PATH)."course_home/course_home.php\");
     ?>");
     fwrite($fd, $string);
     @chmod(api_get_path(SYS_COURSE_PATH).$course_repository . '/index.php',$perm_file);

main/inc/lib/security.lib.php

@@ -42,6 +42,7 @@ class Security {
 	 * @return	bool	True if the path is under the checker, false otherwise
 	 */
 	public static function check_abs_path ($abs_path,$checker_path) {
+		global $_configuration;
 		if (empty($checker_path)) {return false;} //checker path must be set
 
 		$true_path=str_replace("\\", "/", realpath($abs_path));
@@ -49,6 +50,13 @@ class Security {
 		$found = strpos($true_path.'/',$checker_path);
 		if ($found===0) {
 			return true;
+                } else {
+                    //code specific to courses directory stored on other disk
+                    $checker_path = str_replace(api_get_path(SYS_COURSE_PATH),$_configuration['symbolic_course_folder_abs'],$checker_path);
+                    $found = strpos($true_path.'/',$checker_path);
+                    if ($found === 0) {
+                        return true;
+                    }
 		}
         return false;
 	}
@@ -240,4 +248,4 @@ class Security {
             return $purifier[$user_status]->purify($var);
         }
 	}
-}
+}