From 747d7781d0192c41eac30abc88ffc1f9641cd956 Mon Sep 17 00:00:00 2001 From: Yannick Warnier Date: Thu, 27 Dec 2012 16:37:11 -0500 Subject: [PATCH] Updated order of headers and not-allowed message - refs #5836 --- main/survey/fillsurvey.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/main/survey/fillsurvey.php b/main/survey/fillsurvey.php index aa3590e2fd..d49bdc0d5f 100644 --- a/main/survey/fillsurvey.php +++ b/main/survey/fillsurvey.php @@ -34,9 +34,10 @@ require_once 'survey.lib.php'; if (!empty($_user)) { $interbreadcrumb[] = array('url' => 'survey_list.php?cidReq='.Security::remove_XSS($_GET['course']), 'name' => get_lang('SurveyList')); } - -// Header -Display :: display_header(get_lang('ToolSurvey')); +if (($_GET['invitationcode'] == 'auto' && isset($_GET['scode'])) && ((!(isset($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'], true)))) { + // anonymous users not allowed + api_not_allowed(); +} // getting all the course information if (isset($_GET['course'])) { @@ -51,6 +52,9 @@ if (empty($course_info)) { $course_id = $course_info['real_id']; +// Header +Display :: display_header(get_lang('ToolSurvey')); + // Database table definitions $table_survey = Database :: get_course_table(TABLE_SURVEY); $table_survey_answer = Database :: get_course_table(TABLE_SURVEY_ANSWER); @@ -72,10 +76,6 @@ $invitationcode = $_GET['invitationcode']; // Start auto-invitation feature FS#3403 (all-users-can-do-the-survey-URL handling) if ($invitationcode == 'auto' && isset($_GET['scode'])) { - // Not intended for anonymous users - if (!(isset($_user['user_id']) && $_user['user_id']) || api_is_anonymous($_user['user_id'], true)) { - api_not_allowed(); - } $userid = $_user['user_id']; $scode = Database::escape_string($_GET['scode']); // Survey_code of the survey