Security: Announcement: fix verification if user is subscribed to course -refs BT#21329

1 year ago · 7baea1c2a5
parent 83846c0aa9
commit 7baea1c2a5
1 changed files with 1 additions and 1 deletions
--- a/main/inc/ajax/announcement.ajax.php
+++ b/main/inc/ajax/announcement.ajax.php
@ -28,7 +28,7 @@ if (!empty($groupId)) {
 switch ($action) {
    case 'preview':
        $userInCourse = false;
-        if (CourseManager::is_user_subscribed_in_course($currentUserId, CourseManager::get_course_code_from_course_id($courseId), $sessionId)) {
+        if ($courseId != 0 && CourseManager::is_user_subscribed_in_course($currentUserId, CourseManager::get_course_code_from_course_id($courseId), $sessionId)) {
            $userInCourse = true;
        }
        $allowToEdit = (