diff --git a/main/survey/addanother.php b/main/survey/addanother.php
index a036f65f21..1f86932b43 100644
--- a/main/survey/addanother.php
+++ b/main/survey/addanother.php
@@ -23,7 +23,7 @@
 ==============================================================================
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: addanother.php 10578 2006-12-31 17:01:58Z pcool $
+* 	@version $Id: addanother.php 10583 2007-01-02 14:47:19Z pcool $
 ==============================================================================
 */
 
@@ -50,11 +50,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
diff --git a/main/survey/attach_existingsurvey.php b/main/survey/attach_existingsurvey.php
index 8f52d2221e..aebcbffc47 100644
--- a/main/survey/attach_existingsurvey.php
+++ b/main/survey/attach_existingsurvey.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: attach_existingsurvey.php 10567 2006-12-28 23:10:27Z pcool $
+* 	@version $Id: attach_existingsurvey.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -46,11 +46,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
diff --git a/main/survey/attach_question.php b/main/survey/attach_question.php
index 49918d65f0..21829e3056 100644
--- a/main/survey/attach_question.php
+++ b/main/survey/attach_question.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: attach_question.php 10567 2006-12-28 23:10:27Z pcool $
+* 	@version $Id: attach_question.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -46,11 +46,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
diff --git a/main/survey/attach_survey.php b/main/survey/attach_survey.php
index 42bb3b7b17..87393ceb6e 100644
--- a/main/survey/attach_survey.php
+++ b/main/survey/attach_survey.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: attach_survey.php 10567 2006-12-28 23:10:27Z pcool $
+* 	@version $Id: attach_survey.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -46,11 +46,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
diff --git a/main/survey/blank.php b/main/survey/blank.php
index 095e650b36..2d2a8afeff 100644
--- a/main/survey/blank.php
+++ b/main/survey/blank.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: blank.php 10571 2006-12-29 15:35:13Z pcool $
+* 	@version $Id: blank.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -36,11 +36,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // $_GET and $_POST
 /** @todo replace $_REQUEST with $_GET or $_POST */
diff --git a/main/survey/bluebreeze.php b/main/survey/bluebreeze.php
index 4fa1336c7f..c896bbe6b3 100644
--- a/main/survey/bluebreeze.php
+++ b/main/survey/bluebreeze.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: bluebreeze.php 10571 2006-12-29 15:35:13Z pcool $
+* 	@version $Id: bluebreeze.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -36,11 +36,22 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // $_GET and $_POST
 /** @todo replace $_REQUEST with $_GET or $_POST */
diff --git a/main/survey/complete_report.php b/main/survey/complete_report.php
index 60b3c2a122..aba611877b 100644
--- a/main/survey/complete_report.php
+++ b/main/survey/complete_report.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: complete_report.php 10578 2006-12-31 17:01:58Z pcool $
+* 	@version $Id: complete_report.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -41,11 +41,22 @@ require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
diff --git a/main/survey/create_from_existing_survey.php b/main/survey/create_from_existing_survey.php
index 30413119ab..51b6192845 100644
--- a/main/survey/create_from_existing_survey.php
+++ b/main/survey/create_from_existing_survey.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: create_from_existing_survey.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: create_from_existing_survey.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -33,12 +33,25 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-//api_protect_admin_script();
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 $cidReq = $_REQUEST['cidReq'];
 $db_name = $_REQUEST['db_name'];
diff --git a/main/survey/create_new_group.php b/main/survey/create_new_group.php
index da5045079f..aef7158f7f 100644
--- a/main/survey/create_new_group.php
+++ b/main/survey/create_new_group.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: create_new_group.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: create_new_group.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -37,11 +37,25 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
+
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
diff --git a/main/survey/create_new_survey.php b/main/survey/create_new_survey.php
index f37f3ebe88..9f2b850c7f 100644
--- a/main/survey/create_new_survey.php
+++ b/main/survey/create_new_survey.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: create_new_survey.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: create_new_survey.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -58,15 +58,22 @@ $table_course 				= Database :: get_main_table(TABLE_MAIN_COURSE);
 $table_course_survey_rel 	= Database :: get_main_table(TABLE_MAIN_COURSE_SURVEY);
 
 
+/** @todo replace this with the correct code */
 /*
------------------------------------------------------------
-	some permissions stuff (???)
------------------------------------------------------------
-*/
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
 
 /*
diff --git a/main/survey/existing_surveys_new.php b/main/survey/existing_surveys_new.php
index 56de0ebaea..b2ab4ff880 100644
--- a/main/survey/existing_surveys_new.php
+++ b/main/survey/existing_surveys_new.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: existing_surveys_new.php 10549 2006-12-24 16:08:47Z pcool $
+* 	@version $Id: existing_surveys_new.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -33,13 +33,26 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-//api_protect_admin_script();
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $table_survey = Database :: get_course_table('survey');
diff --git a/main/survey/group_edit.php b/main/survey/group_edit.php
index 16836e8c98..b7d7a352d2 100644
--- a/main/survey/group_edit.php
+++ b/main/survey/group_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: group_edit.php 10549 2006-12-24 16:08:47Z pcool $
+* 	@version $Id: group_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -37,11 +37,25 @@ require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $table_group = Database :: get_course_table('survey_group');
diff --git a/main/survey/group_list.php b/main/survey/group_list.php
index 0f203fa892..a70f40f427 100644
--- a/main/survey/group_list.php
+++ b/main/survey/group_list.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: group_list.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: group_list.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -34,13 +34,26 @@ $language_file = 'survey';
 //$newsurveyid=11;
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-//api_protect_admin_script();
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $table_survey = Database :: get_course_table('survey');
diff --git a/main/survey/mcma.php b/main/survey/mcma.php
index 0d7837fca1..56ee008b61 100644
--- a/main/survey/mcma.php
+++ b/main/survey/mcma.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcma.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: mcma.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -37,12 +37,28 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
+
+
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $add_question = $_REQUEST['add_question'];
diff --git a/main/survey/mcma_edit.php b/main/survey/mcma_edit.php
index d7fad20994..1559d2232a 100644
--- a/main/survey/mcma_edit.php
+++ b/main/survey/mcma_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcma_edit.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: mcma_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -33,12 +33,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $n=$_REQUEST['n'];
 $interbreadcrumb[] = array ("url" => "survey_list.php?cidReq=$cidReq&n=$n", "name" => get_lang('Survey'));
 $cidReq = $_REQUEST['cidReq'];
diff --git a/main/survey/mcma_view.php b/main/survey/mcma_view.php
index 52984b6f6d..33954f66e6 100644
--- a/main/survey/mcma_view.php
+++ b/main/survey/mcma_view.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcma_view.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: mcma_view.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -28,13 +28,27 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
+
 $cidReq = $_REQUEST['cidReq'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 $surveyid=$_REQUEST['surveyid'];
 $groupid=$_REQUEST['groupid'];
 $ques_type = $_GET['qtype'];
diff --git a/main/survey/mcsa.php b/main/survey/mcsa.php
index 7507f105f4..1e5e815bb9 100644
--- a/main/survey/mcsa.php
+++ b/main/survey/mcsa.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcsa.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: mcsa.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -37,13 +37,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
-//$tool_name = get_lang('QuestionType');
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $add_question = $_REQUEST['add_question'];
diff --git a/main/survey/mcsa_edit.php b/main/survey/mcsa_edit.php
index 22811044c2..7b95099626 100644
--- a/main/survey/mcsa_edit.php
+++ b/main/survey/mcsa_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcsa_edit.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: mcsa_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -34,12 +34,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $n=$_REQUEST['n'];
 $interbreadcrumb[] = array ("url" => "survey_list.php?cidReq=$cidReq&n=$n", "name" => get_lang('Survey'));
 $cidReq = $_REQUEST['cidReq'];
diff --git a/main/survey/mcsa_view.php b/main/survey/mcsa_view.php
index 8915ca55ae..b90a5a4e23 100644
--- a/main/survey/mcsa_view.php
+++ b/main/survey/mcsa_view.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: mcsa_view.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: mcsa_view.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -28,13 +28,27 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
+
 $cidReq = $_REQUEST['cidReq'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 $table_category = Database :: get_main_table(TABLE_MAIN_CATEGORY);
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
diff --git a/main/survey/numbered.php b/main/survey/numbered.php
index 6abc0a04de..99d2e8026f 100644
--- a/main/survey/numbered.php
+++ b/main/survey/numbered.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: numbered.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: numbered.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -37,12 +37,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $add_question = $_REQUEST['add_question'];
diff --git a/main/survey/numbered_view.php b/main/survey/numbered_view.php
index 2c9d299eaf..1edb989b03 100644
--- a/main/survey/numbered_view.php
+++ b/main/survey/numbered_view.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: numbered_view.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: numbered_view.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -28,13 +28,28 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 $table_category = Database :: get_main_table(TABLE_MAIN_CATEGORY);
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
diff --git a/main/survey/open.php b/main/survey/open.php
index 760e984830..651f366333 100644
--- a/main/survey/open.php
+++ b/main/survey/open.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: open.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: open.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -38,12 +38,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $interbreadcrumb[] = array ("url" => "survey_list.php?cidReq=$cidReq&n=$n", "name" => get_lang('Survey'));
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
diff --git a/main/survey/open_edit.php b/main/survey/open_edit.php
index 352692eb00..9f4bb50986 100644
--- a/main/survey/open_edit.php
+++ b/main/survey/open_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: open_edit.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: open_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -39,12 +39,26 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $interbreadcrumb[] = array ("url" => "survey_list.php?cidReq=$cidReq&n=$n", "name" => get_lang('Survey'));
 $cidReq=$_GET['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
diff --git a/main/survey/open_view.php b/main/survey/open_view.php
index 03243b738e..bb953db5a7 100644
--- a/main/survey/open_view.php
+++ b/main/survey/open_view.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: open_view.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: open_view.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -28,13 +28,28 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
 $table_category = Database :: get_main_table(TABLE_MAIN_CATEGORY);
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
diff --git a/main/survey/preview_yesno.php b/main/survey/preview_yesno.php
index f40805e508..ad7dce7d35 100644
--- a/main/survey/preview_yesno.php
+++ b/main/survey/preview_yesno.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: preview_yesno.php 10549 2006-12-24 16:08:47Z pcool $
+* 	@version $Id: preview_yesno.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -37,17 +37,32 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 $table_category = Database :: get_main_table(TABLE_MAIN_CATEGORY);
-$table_survey = Database :: get_main_table(TABLE_MAIN_SURVEY);
-$table_group =  Database :: get_main_table(TABLE_MAIN_GROUP);
+$table_survey 	= Database :: get_main_table(TABLE_MAIN_SURVEY);
+$table_group 	= Database :: get_main_table(TABLE_MAIN_GROUP);
 $table_question = Database :: get_main_table(TABLE_MAIN_SURVEYQUESTION);
+
+
 $tool_name = get_lang('ViewQuestions');
 $header1 = get_lang('SurveyName');
 $header2 = get_lang('GroupName');
diff --git a/main/survey/question.php b/main/survey/question.php
index ff87b7eb0b..ffe7cc1f3b 100644
--- a/main/survey/question.php
+++ b/main/survey/question.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: question.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: question.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 // name of the language file that needs to be included 
@@ -28,13 +28,28 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
 $surveyid=$_REQUEST['surveyid'];
 $groupid=$_REQUEST['groupid'];
 $ques_type = $_GET['qtype'];
diff --git a/main/survey/question_edit.php b/main/survey/question_edit.php
index 5fb6703d22..50f39fda73 100644
--- a/main/survey/question_edit.php
+++ b/main/survey/question_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: question_edit.php 10223 2006-11-27 14:45:59Z pcool $
+* 	@version $Id: question_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -33,19 +33,33 @@ $language_file = 'survey';
 
 require ('../inc/global.inc.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
-//api_protect_admin_script();
+
 $cidReq = $_REQUEST['cidReq'];
 $curr_dbname = $_REQUEST['curr_dbname'];
 $groupid=$_REQUEST['groupid'];
 $surveyid=$_REQUEST['surveyid'];
 $qid=$_REQUEST['qid'];
 $qtype=$_REQUEST['qtype'];
-require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
+
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
 $table_question = Database :: get_course_table('questions');
diff --git a/main/survey/question_list.php b/main/survey/question_list.php
index 0c72eed95d..b295065a1c 100644
--- a/main/survey/question_list.php
+++ b/main/survey/question_list.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: question_list.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: question_list.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -35,11 +35,25 @@ require ('../inc/global.inc.php');
 //api_protect_admin_script();
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
+
 $interbreadcrumb[] = array ("url" => "survey_list.php", "name" => get_lang('Survey'));
 $cidReq = $_REQUEST['cidReq'];
 $db_name = $_REQUEST['db_name'];
diff --git a/main/survey/question_list_new.php b/main/survey/question_list_new.php
index de22633e6d..e5ed5a55dd 100644
--- a/main/survey/question_list_new.php
+++ b/main/survey/question_list_new.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: question_list_new.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: question_list_new.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 
@@ -36,11 +36,25 @@ require ('../inc/global.inc.php');
 //api_protect_admin_script();
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
+}
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
 }
+
 $interbreadcrumb[] = array ("url" => "survey_list.php", "name" => get_lang('Survey'));
 $cidReq = $_REQUEST['cidReq'];
 $db_name = $_REQUEST['db_name'];
diff --git a/main/survey/select_question_group-uploaded.php b/main/survey/select_question_group-uploaded.php
index a5a9e2dbf7..9de606cc13 100644
--- a/main/survey/select_question_group-uploaded.php
+++ b/main/survey/select_question_group-uploaded.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: select_question_group-uploaded.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: select_question_group-uploaded.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 
@@ -38,16 +38,25 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-/*
-echo "<pre>";
-print_r($_SESSION);
-echo "</pre>";
 */
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
 $table_question = Database :: get_course_table('questions');
diff --git a/main/survey/select_question_group.php b/main/survey/select_question_group.php
index 5daccfb7bb..d160daeeae 100644
--- a/main/survey/select_question_group.php
+++ b/main/survey/select_question_group.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: select_question_group.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: select_question_group.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 
@@ -38,16 +38,25 @@ require_once (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(CONFIGURATION_PATH) ."/add_course.conf.php");
 require_once (api_get_path(LIBRARY_PATH)."/add_course.lib.inc.php");
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-/*
-echo "<pre>";
-print_r($_SESSION);
-echo "</pre>";
 */
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $table_survey = Database :: get_course_table('survey');
 $table_group =  Database :: get_course_table('survey_group');
 $table_question = Database :: get_course_table('questions');
diff --git a/main/survey/survey.php b/main/survey/survey.php
index 56d01b0c55..afc957f9f6 100644
--- a/main/survey/survey.php
+++ b/main/survey/survey.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: survey.php 10559 2006-12-27 10:52:50Z pcool $
+* 	@version $Id: survey.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 
@@ -52,17 +52,24 @@ $cidReq = $_GET['cidReq'];
 */
 $table_survey = Database :: get_course_table('survey');
 
+/** @todo replace this with the correct code */
 /*
------------------------------------------------------------
-	some permissions stuff (?)
------------------------------------------------------------
-*/
 $status = surveymanager::get_status();
 api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 
 /*
 -----------------------------------------------------------
diff --git a/main/survey/survey_all_courses.php b/main/survey/survey_all_courses.php
index 12d9db0bd1..f91de15da2 100644
--- a/main/survey/survey_all_courses.php
+++ b/main/survey/survey_all_courses.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: survey_all_courses.php 10549 2006-12-24 16:08:47Z pcool $
+* 	@version $Id: survey_all_courses.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -54,11 +54,24 @@ $table_course_survey_rel 	= Database :: get_main_table(TABLE_MAIN_COURSE_SURVEY)
 	some permissions stuff (?)
 -----------------------------------------------------------
 */
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 $cidReq = $_REQUEST['cidReq'];
 
 
diff --git a/main/survey/survey_edit.php b/main/survey/survey_edit.php
index 28e64b79eb..793288590b 100644
--- a/main/survey/survey_edit.php
+++ b/main/survey/survey_edit.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: survey_edit.php 10550 2006-12-24 16:17:25Z pcool $
+* 	@version $Id: survey_edit.php 10583 2007-01-02 14:47:19Z pcool $
 */
 /*
 ==============================================================================
@@ -34,12 +34,26 @@ include ('../inc/global.inc.php');
 //api_protect_admin_script();
 include (api_get_path(LIBRARY_PATH).'/fileManage.lib.php');
 require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
+require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+
+/** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
+api_protect_course_script();
 if($status==5)
 {
-api_protect_admin_script();
+	api_protect_admin_script();
 }
-require_once (api_get_path(LIBRARY_PATH)."/usermanager.lib.php");
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
+
 // the variables for the days and the months
 // Defining the months of the year to allow translation of the months
 $MonthsLong = array(get_lang('JanuaryLong'), get_lang('FebruaryLong'), get_lang('"MarchLong'), get_lang('AprilLong'), get_lang('MayLong'), get_lang('JuneLong'), get_lang('JulyLong'), get_lang('AugustLong'), get_lang('SeptemberLong'), get_lang('OctoberLong'), get_lang('NovemberLong'), get_lang('DecemberLong')); 
diff --git a/main/survey/survey_list.php b/main/survey/survey_list.php
index 1eea90445a..fb6b8aa1a0 100644
--- a/main/survey/survey_list.php
+++ b/main/survey/survey_list.php
@@ -20,7 +20,7 @@
 /**
 *	@package dokeos.survey
 * 	@author 
-* 	@version $Id: survey_list.php 10582 2006-12-31 17:27:50Z pcool $
+* 	@version $Id: survey_list.php 10583 2007-01-02 14:47:19Z pcool $
 */
 
 /*
@@ -39,17 +39,27 @@ require_once (api_get_path(LIBRARY_PATH)."/surveymanager.lib.php");
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 
 /** @todo replace this with the correct code */
+/*
 $status = surveymanager::get_status();
 api_protect_course_script();
 if($status==5)
 {
 	api_protect_admin_script();
 }
+*/
+/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
+if (!api_is_allowed_to_edit())
+{
+	Display :: display_header();
+	Display :: display_error_message(get_lang('NotAllowedHere'));
+	Display :: display_footer();
+	exit;
+}
 
 // Database table definitions
 /** @todo use database constants for the survey tables */
 $table_survey 	= Database :: get_course_table('survey');
-$table_group 	=  Database :: get_course_table('survey_group');
+$table_group 	= Database :: get_course_table('survey_group');
 $table_question = Database :: get_course_table('questions');
 $table_course 	= Database :: get_main_table(TABLE_MAIN_COURSE);