chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Block page for unauthorized users.

Browse Source
pull/2495/head
jmontoyaa 8 years ago
parent 568d5fd2d5
commit 6ab526dcf1
6 changed files with 28 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/admin/user_import.php
  2. 2
      main/admin/user_update_import.php
  3. 9
      main/course_info/maintenance.php
  4. 10
      main/exercise/exercise_report.php
  5. 6
      main/exercise/question_create.php
  6. 5
      main/work/work.php

2
main/admin/user_import.php
Unescape View File

@ -387,7 +387,7 @@ function parse_xml_data($file)
}
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(true, null, 'login');
api_protect_admin_script(true, null);
api_protect_limit_for_session_admin();
$defined_auth_sources[] = PLATFORM_AUTH_SOURCE;

2
main/admin/user_update_import.php
Unescape View File

@ -337,7 +337,7 @@ function parse_xml_data($file)
}
$this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(true, null, 'login');
api_protect_admin_script(true, null);
$defined_auth_sources[] = PLATFORM_AUTH_SOURCE;

9
main/course_info/maintenance.php
Unescape View File

@ -13,7 +13,12 @@ $nameTools = get_lang('Maintenance');
api_protect_course_script(true);
api_block_anonymous_users();
Display :: display_header($nameTools);
// Check access rights (only teachers are allowed here)
if (!api_is_allowed_to_edit()) {
api_not_allowed(true);
}
Display::display_header($nameTools);
echo Display::page_header($nameTools);
?>
@ -46,5 +51,5 @@ echo Display::page_header($nameTools);
<div class="sectioncomment"><?php echo get_lang('DescriptionDeleteCourse'); ?></div>
<?php
// Footer
Display::display_footer();

10
main/exercise/exercise_report.php
Unescape View File

@ -60,8 +60,14 @@ if (empty($exercise_id)) {
api_not_allowed(true);
}
if (!$is_allowedToEdit && !$allowCoachFeedbackExercises) {
api_not_allowed(true);
if ($is_tutor) {
if (!$allowCoachFeedbackExercises) {
api_not_allowed(true);
}
} else {
if (!$is_allowedToEdit) {
api_not_allowed(true);
}
}
if (!empty($exercise_id)) {

6
main/exercise/question_create.php
Unescape View File

@ -14,6 +14,12 @@ $this_section = SECTION_COURSES;
// notice for unauthorized people.
api_protect_course_script(true);
$allow = api_is_allowed_to_edit();
if (!$allow) {
api_not_allowed(true);
}
// breadcrumbs
$interbreadcrumb[] = ["url" => "exercise.php", "name" => get_lang('Exercises')];

5
main/work/work.php
Unescape View File

@ -157,6 +157,11 @@ switch ($action) {
header('Location: '.$currentUrl);
exit;
}
if (!$is_allowed_to_edit) {
api_not_allowed(true);
}
$studentDeleteOwnPublication = api_get_course_setting('student_delete_own_publication') == 1 ? 1 : 0;
/* Display of tool options */
$content = settingsForm(

Write Preview
Loading…
Cancel
Save