chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixing document visibility see #2198

Browse Source
skala
Julio Montoya 15 years ago
parent 3bc9db090c
commit 6b90406b98
3 changed files with 7 additions and 7 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/document/download.php
  2. 2
      main/document/showinframes.php
  3. 10
      main/inc/lib/document.lib.php

2
main/document/download.php
Unescape View File

@ -75,7 +75,7 @@ $full_file_name = $sys_course_path.$_course['path'].'/document'.str_replace('+',
// Check visibility of document and paths
$is_allowed_to_edit = api_is_allowed_to_edit();
if (!$is_allowed_to_edit && !DocumentManager::is_visible($doc_url, $_course)) {
if (!$is_allowed_to_edit && !DocumentManager::is_visible($doc_url, $_course, api_get_session_id())) {
Display::display_error_message(get_lang('ProtectedDocument'));//api_not_allowed backbutton won't work.
exit; // You shouldn't be here anyway.
}

2
main/document/showinframes.php
Unescape View File

@ -170,7 +170,7 @@ echo '<a href="'.$file_url_web.'" target="_blank">'.get_lang('_cut_paste_link').
//echo '<div>';
if (file_exists($file_url_sys)) {
echo '<iframe border="0" frameborder="0" scrolling="auto" style="width:100%;" id="mainFrame" name="mainFrame" src="'.$file_url_web.'?'.api_get_cidreq().'&rand='.mt_rand(1, 10000).'"></iframe>';
echo '<iframe border="0" frameborder="0" scrolling="auto" style="width:100%;" id="mainFrame" name="mainFrame" src="'.$file_url_web.'&rand='.mt_rand(1, 10000).'"></iframe>';
} else {
echo '<frame name="mainFrame" id="mainFrame" src=showinframes.php?nopages=1 />';
}

10
main/inc/lib/document.lib.php
Unescape View File

@ -1057,9 +1057,9 @@ class DocumentManager {
$session_id = intval($session_id);
$condition = "AND id_session = $session_id";
// The " d.filetype='file' " let the user see a file even if the folder is hidden see #2198
$sql = "SELECT path FROM $docTable d, $propTable ip " .
"WHERE d.id=ip.ref AND ip.tool='".TOOL_DOCUMENT."' AND visibility=0 $condition AND locate(concat(path,'/'),'".$doc_path."/')=1";
"WHERE d.id=ip.ref AND ip.tool='".TOOL_DOCUMENT."' AND visibility=0 $condition AND d.filetype='file' AND locate(concat(path,'/'),'".$doc_path."/')=1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$row = Database::fetch_array($result);
@ -1083,9 +1083,9 @@ class DocumentManager {
$session_id = intval($session_id);
$condition = "AND id_session = $session_id";
echo $sql = "SELECT path FROM $docTable d, $propTable ip " .
"WHERE d.id=ip.ref AND ip.tool='".TOOL_DOCUMENT."' AND visibility=0 $condition AND d.id = $id";
// The " d.filetype='file' " let the user see a file even if the folder is hidden see #2198
$sql = "SELECT path FROM $docTable d, $propTable ip " .
"WHERE d.id=ip.ref AND ip.tool='".TOOL_DOCUMENT."' AND d.filetype='file' AND visibility=0 $condition AND d.id = $id";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$row = Database::fetch_array($result);

Write Preview
Loading…
Cancel
Save