|
|
|
|
@ -12,7 +12,7 @@ api_block_anonymous_users(); |
|
|
|
|
$export = isset($_GET['export']) ? $_GET['export'] : false; |
|
|
|
|
$sessionId = isset($_GET['id_session']) ? intval($_GET['id_session']) : 0; |
|
|
|
|
$origin = isset($_GET['origin']) ? Security::remove_XSS($_GET['origin']) : ''; |
|
|
|
|
$course_code = isset($_GET['course']) ? Security :: remove_XSS($_GET['course']) : null; |
|
|
|
|
$course_code = isset($_GET['course']) ? Security :: remove_XSS($_GET['course']) : ''; |
|
|
|
|
$courseInfo = api_get_course_info($course_code); |
|
|
|
|
$student_id = intval($_GET['student']); |
|
|
|
|
|
|
|
|
|
@ -25,15 +25,26 @@ if ( |
|
|
|
|
!api_is_platform_admin() |
|
|
|
|
) { |
|
|
|
|
if (empty($sessionId)) { |
|
|
|
|
if (!$is_courseAdmin) { |
|
|
|
|
// Check if the user is tutor of the course |
|
|
|
|
$userCourseStatus = CourseManager::get_tutor_in_course_status( |
|
|
|
|
$isTeacher = false; |
|
|
|
|
// Check if is current teacher if set |
|
|
|
|
if (!empty($courseInfo)) { |
|
|
|
|
$isTeacher = CourseManager::is_course_teacher( |
|
|
|
|
api_get_user_id(), |
|
|
|
|
api_get_course_int_id() |
|
|
|
|
$courseInfo['code'] |
|
|
|
|
); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!api_is_course_admin() && $isTeacher == false) { |
|
|
|
|
if (!empty($courseInfo)) { |
|
|
|
|
// Check if the user is tutor of the course |
|
|
|
|
$userCourseStatus = CourseManager::get_tutor_in_course_status( |
|
|
|
|
api_get_user_id(), |
|
|
|
|
$courseInfo['real_id'] |
|
|
|
|
); |
|
|
|
|
|
|
|
|
|
if ($userCourseStatus != 1) { |
|
|
|
|
$allowedToTrackUser = false; |
|
|
|
|
if ($userCourseStatus != 1) { |
|
|
|
|
$allowedToTrackUser = false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
|
jmontoyaa
8 years ago