|
|
|
@ -506,8 +506,9 @@ switch ($action) { |
|
|
|
case 'send_legal': |
|
|
|
case 'send_legal': |
|
|
|
$isBoss = UserManager::userIsBossOfStudent(api_get_user_id(), $student_id); |
|
|
|
$isBoss = UserManager::userIsBossOfStudent(api_get_user_id(), $student_id); |
|
|
|
// @ofaj |
|
|
|
// @ofaj |
|
|
|
if ($isBoss || api_is_platform_admin()) { |
|
|
|
if (($isBoss || api_is_platform_admin()) && Security::check_token('get')) { |
|
|
|
LegalManager::sendLegal($student_id); |
|
|
|
LegalManager::sendLegal($student_id); |
|
|
|
|
|
|
|
Security::clear_token(); |
|
|
|
/* |
|
|
|
/* |
|
|
|
$currentUserInfo = api_get_user_info(); |
|
|
|
$currentUserInfo = api_get_user_info(); |
|
|
|
$subject = get_lang('SendLegalSubject'); |
|
|
|
$subject = get_lang('SendLegalSubject'); |
|
|
|
@ -525,7 +526,7 @@ switch ($action) { |
|
|
|
break; |
|
|
|
break; |
|
|
|
case 'delete_legal': |
|
|
|
case 'delete_legal': |
|
|
|
$isBoss = UserManager::userIsBossOfStudent(api_get_user_id(), $student_id); |
|
|
|
$isBoss = UserManager::userIsBossOfStudent(api_get_user_id(), $student_id); |
|
|
|
if ($isBoss || api_is_platform_admin()) { |
|
|
|
if (($isBoss || api_is_platform_admin()) && Security::check_token('get')) { |
|
|
|
$extraFieldValue = new ExtraFieldValue('user'); |
|
|
|
$extraFieldValue = new ExtraFieldValue('user'); |
|
|
|
$value = $extraFieldValue->get_values_by_handler_and_field_variable( |
|
|
|
$value = $extraFieldValue->get_values_by_handler_and_field_variable( |
|
|
|
$student_id, |
|
|
|
$student_id, |
|
|
|
@ -535,6 +536,7 @@ switch ($action) { |
|
|
|
if ($result) { |
|
|
|
if ($result) { |
|
|
|
Display::addFlash(Display::return_message(get_lang('Deleted'))); |
|
|
|
Display::addFlash(Display::return_message(get_lang('Deleted'))); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
Security::clear_token(); |
|
|
|
} |
|
|
|
} |
|
|
|
break; |
|
|
|
break; |
|
|
|
case 'reset_lp': |
|
|
|
case 'reset_lp': |
|
|
|
@ -1152,13 +1154,13 @@ $userInfo = [ |
|
|
|
$icon = Display::return_icon('accept.png').' '.api_get_local_time($legalTime); |
|
|
|
$icon = Display::return_icon('accept.png').' '.api_get_local_time($legalTime); |
|
|
|
$icon .= ' '.Display::url( |
|
|
|
$icon .= ' '.Display::url( |
|
|
|
get_lang('DeleteLegal'), |
|
|
|
get_lang('DeleteLegal'), |
|
|
|
api_get_self().'?action=delete_legal&student='.$student_id.'&course='.$course_code, |
|
|
|
api_get_self().'?action=delete_legal&sec_token='.$token.'&student='.$student_id.'&course='.$course_code, |
|
|
|
['class' => 'btn btn-danger btn-xs'] |
|
|
|
['class' => 'btn btn-danger btn-xs'] |
|
|
|
); |
|
|
|
); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
$icon .= ' '.Display::url( |
|
|
|
$icon .= ' '.Display::url( |
|
|
|
get_lang('SendLegal'), |
|
|
|
get_lang('SendLegal'), |
|
|
|
api_get_self().'?action=send_legal&student='.$student_id.'&course='.$course_code, |
|
|
|
api_get_self().'?action=send_legal&sec_token='.$token.'&student='.$student_id.'&course='.$course_code, |
|
|
|
['class' => 'btn btn-primary btn-xs'] |
|
|
|
['class' => 'btn btn-primary btn-xs'] |
|
|
|
); |
|
|
|
); |
|
|
|
} |
|
|
|
} |
|
|
|
|
NicoDucou
3 years ago