chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #4854 from christianbeeznest/ofaj-20905-3

Browse Source 
Survey: Fix access to survey by user invitation - refs BT#20905
pull/4855/head
christianbeeznest 1 year ago committed by GitHub
parent 060c166dc2 9ffbe193a4
commit e1a70c5475
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 8 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      public/main/survey/fillsurvey.php
  2. 15
      public/main/survey/survey.lib.php

8
public/main/survey/fillsurvey.php
Unescape View File

@ -76,6 +76,10 @@ if ((!isset($_GET['course']) || !isset($_GET['invitationcode'])) && !isset($_GET
$repo = Container::getSurveyRepository();
$surveyId = isset($_GET['iid']) ? (int) $_GET['iid'] : 0;
if (empty($surveyId) && (isset($_POST['language']) && is_numeric($_POST['language']))) {
$surveyId = (int) $_POST['language'];
}
/** @var CSurvey $survey */
$survey = $repo->find($surveyId);
if (null === $survey) {
@ -197,7 +201,7 @@ $sql = "SELECT * FROM $table_survey
$result = Database::query($sql);
if (Database::num_rows($result) > 1) {
if ($_POST['language']) {
if (isset($_POST['language'])) {
$survey_invitation['survey_id'] = $_POST['language'];
} else {
Display::display_header(get_lang('Surveys'));
@ -210,7 +214,7 @@ if (Database::num_rows($result) > 1) {
echo '<form id="language" name="language" method="POST" action="'.$frmLangUrl.'">';
echo '<select name="language">';
while ($row = Database::fetch_array($result, 'ASSOC')) {
echo '<option value="'.$row['survey_id'].'">'.$row['lang'].'</option>';
echo '<option value="'.$row['iid'].'">'.$row['lang'].'</option>';
}
echo '</select>';
echo '<button type="submit" name="Submit" class="next">'.get_lang('Validate').'</button>';

15
public/main/survey/survey.lib.php
Unescape View File

@ -2212,15 +2212,18 @@ class SurveyManager
$sessionId = 0,
$groupId = 0
) {
$invitationRepo = Database::getManager()->getRepository(CSurveyInvitation::class);
$em = Database::getManager();
$invitationRepo = $em->getRepository(CSurveyInvitation::class);
$surveyRepo = $em->getRepository(CSurvey::class);
$survey = $surveyRepo->findBy(['code' => $surveyCode]);
return $invitationRepo->findBy(
[
'user' => $userId,
'cId' => $courseId,
'sessionId' => $sessionId,
'groupId' => $groupId,
'surveyCode' => $surveyCode,
'user' => api_get_user_entity($userId),
'course' => api_get_course_entity($courseId),
'session' => api_get_session_entity($sessionId),
'group' => api_get_group_entity($groupId),
'survey' => $survey,
],
['invitationDate' => 'DESC']
);

Write Preview
Loading…
Cancel
Save