[svn r12219] Updated call to api_not_allowed() calls, part 2/2 -this also prevents api_not_allowed message without stylesheets

18 years ago · e33158b0b4
parent 14efa1a1c3
commit e33158b0b4
18 changed files with 58 additions and 63 deletions
--- a/main/course_info/delete_course.php
+++ b/main/course_info/delete_course.php
@ -1,5 +1,5 @@
 <?php
-// $Id: delete_course.php 11317 2007-03-01 23:51:07Z yannoo $
+// $Id: delete_course.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -46,7 +46,7 @@ $currentCourseName = $_course['name'];

 if (!api_is_allowed_to_edit())
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }
 $tool_name = get_lang('DelCourse');
 if (isset($_GET['delete']) && $_GET['delete'] == 'yes')
--- a/main/course_info/infocours.php
+++ b/main/course_info/infocours.php
@ -1,5 +1,5 @@
 <?php
-// $Id: infocours.php 12051 2007-04-18 13:26:45Z elixir_julian $
+// $Id: infocours.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
@ -96,7 +96,7 @@ $course_access_settings = CourseManager :: get_access_settings($course_code);

 if (!$is_allowedToEdit)
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }

 $table_course_category = Database :: get_main_table(TABLE_MAIN_CATEGORY);
--- a/main/coursecopy/backup.php
+++ b/main/coursecopy/backup.php
@ -1,5 +1,5 @@
 <?php
-// $Id: backup.php 11791 2007-03-30 07:14:33Z pcool $
+// $Id: backup.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ============================================================================== 
 	Dokeos - elearning and course management software
@ -38,6 +38,11 @@ $language_file = array('coursebackup','admin');
 // including the global file
 include ('../inc/global.inc.php');

+// Check access rights (only teachers allowed)
+if (!api_is_allowed_to_edit())
+{
+	api_not_allowed(true);
+}
 // section for the tabs
 $this_section=SECTION_COURSES;

@ -51,11 +56,6 @@ Display::display_header($nameTools);
 // Display the tool title
 api_display_tool_title($nameTools);

-// Check access rights (only teachers allowed)
-if (!api_is_allowed_to_edit())
-{
-	api_not_allowed();
-}
 /*
 ==============================================================================
 		MAIN CODE
--- a/main/coursecopy/copy_course.php
+++ b/main/coursecopy/copy_course.php
@ -1,5 +1,5 @@
 <?php
-// $Id: copy_course.php 11376 2007-03-03 22:48:24Z yannoo $
+// $Id: copy_course.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ============================================================================== 
 	Dokeos - elearning and course management software
@ -43,14 +43,17 @@ include_once(api_get_path(LIBRARY_PATH) . 'fileManage.lib.php');
 require_once ('classes/CourseBuilder.class.php');
 require_once ('classes/CourseRestorer.class.php');
 require_once ('classes/CourseSelectForm.class.php');
+
+if (!api_is_allowed_to_edit())
+{
+	api_not_allowed(true);
+}
+
 $nameTools = get_lang('CopyCourse');
 $interbreadcrumb[] = array ("url" => "../course_info/maintenance.php", "name" => get_lang('Maintenance'));
+
 Display::display_header($nameTools);
 //api_display_tool_title($nameTools);
-if (!api_is_allowed_to_edit())
-{
-	api_not_allowed();
-}
 /*
 ==============================================================================
 		MAIN CODE
--- a/main/coursecopy/create_backup.php
+++ b/main/coursecopy/create_backup.php
@ -1,5 +1,5 @@
 <?php
-// $Id: create_backup.php 11998 2007-04-12 19:23:11Z pcool $
+// $Id: create_backup.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ============================================================================== 
 	Dokeos - elearning and course management software
@ -38,6 +38,11 @@ $language_file = array ('admin','coursebackup');
 // including the global file
 include ('../inc/global.inc.php');

+// Check access rights (only teachers are allowed here)
+if (!api_is_allowed_to_edit())
+{
+	api_not_allowed(true);
+}
 // section for the tabs
 $this_section=SECTION_COURSES;

@ -58,11 +63,6 @@ require_once ('classes/CourseSelectForm.class.php');
 // Display the tool title
 api_display_tool_title($nameTools);

-// Check access rights (only teachers are allowed here)
-if (!api_is_allowed_to_edit())
-{
-	api_not_allowed();
-}
 /*
 ==============================================================================
 		MAIN CODE
--- a/main/coursecopy/import_backup.php
+++ b/main/coursecopy/import_backup.php
@ -1,4 +1,4 @@
-<?php // $Id: import_backup.php 11791 2007-03-30 07:14:33Z pcool $
+<?php // $Id: import_backup.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ============================================================================== 
 	Dokeos - elearning and course management software
@ -41,6 +41,12 @@ $language_file = array('coursebackup','admin');
 // including the global file
 include ('../inc/global.inc.php');

+// Check access rights (only teachers are allowed here)
+if( ! api_is_allowed_to_edit())
+{
+	api_not_allowed(true);	
+}
+
 // section for the tabs
 $this_section=SECTION_COURSES;

@ -61,11 +67,6 @@ require_once('classes/CourseSelectForm.class.php');
 // Display the tool title
 api_display_tool_title($nameTools);

-// Check access rights (only teachers are allowed here)
-if( ! api_is_allowed_to_edit())
-{
-	api_not_allowed();	
-}
 /*
 ==============================================================================
 		MAIN CODE
--- a/main/coursecopy/recycle_course.php
+++ b/main/coursecopy/recycle_course.php
@ -1,4 +1,4 @@
-<?php // $Id: recycle_course.php 11791 2007-03-30 07:14:33Z pcool $
+<?php // $Id: recycle_course.php 12219 2007-05-01 18:46:59Z yannoo $
 /*
 ============================================================================== 
 	Dokeos - elearning and course management software
@ -37,6 +37,11 @@ $language_file = array ('admin','course_info','coursebackup');
 // including the global file
 include ('../inc/global.inc.php');

+// Check access rights (only teachers are allowed here)
+if( ! api_is_allowed_to_edit())
+{
+	api_not_allowed(true);	
+}
 // section for the tabs
 $this_section=SECTION_COURSES;

@ -56,11 +61,6 @@ require_once('classes/CourseSelectForm.class.php');
 // Display the tool title
 api_display_tool_title($nameTools);

-// Check access rights (only teachers are allowed here)
-if( ! api_is_allowed_to_edit())
-{
-	api_not_allowed();	
-}
 /*
 ==============================================================================
 		MAIN CODE
--- a/main/exercice/admin.php
+++ b/main/exercice/admin.php
@ -60,7 +60,7 @@
 *
 *	@package dokeos.exercise
 * 	@author Olivier Brouckaert
-* 	@version $Id: admin.php 11760 2007-03-29 07:46:40Z pcool $
+* 	@version $Id: admin.php 12219 2007-05-01 18:46:59Z yannoo $
 */


@ -169,7 +169,7 @@ $TBL_DOCUMENT          = Database::get_course_table(TABLE_DOCUMENT);

 if(!$is_allowedToEdit)
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }

 // intializes the Exercise object
--- a/main/exercice/adminhp.php
+++ b/main/exercice/adminhp.php
@ -22,7 +22,7 @@
 *	HotPotatoes administration.
 *	@package dokeos.exercise
 * 	@author Istvan Mandak
-* 	@version $Id: adminhp.php 10789 2007-01-18 19:18:27Z pcool $
+* 	@version $Id: adminhp.php 12219 2007-05-01 18:46:59Z yannoo $
 */


@ -84,7 +84,7 @@ $dbTable					= $TBL_DOCUMENT;

 if(!$is_allowedToEdit)
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }

 $interbreadcrumb[]=array("url" => "exercice.php","name" => get_lang('Exercices'));
--- a/main/exercice/exercise_admin.php
+++ b/main/exercice/exercise_admin.php
@ -43,7 +43,7 @@ $this_section=SECTION_COURSES;

 if(!api_is_allowed_to_edit())
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }


--- a/main/exercice/question_pool.php
+++ b/main/exercice/question_pool.php
@ -24,7 +24,7 @@
 * 	One question can be in several exercises
 *	@package dokeos.exercise
 * 	@author Olivier Brouckaert
-* 	@version $Id: question_pool.php 12070 2007-04-20 09:43:41Z elixir_julian $
+* 	@version $Id: question_pool.php 12219 2007-05-01 18:46:59Z yannoo $
 */

 // name of the language file that needs to be included
@ -112,10 +112,10 @@ $nameTools=get_lang('QuestionPool');

 $interbreadcrumb[]=array("url" => "exercice.php","name" => get_lang('Exercices'));

-Display::display_header($nameTools,"Exercise");
 // if admin of course
 if($is_allowedToEdit)
 {
+	Display::display_header($nameTools,"Exercise");
 ?>

 <h3>
@ -348,12 +348,11 @@ if($is_allowedToEdit)
 </form>

 <?php
+	Display::display_footer();
 }
 // if not admin of course
 else
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }
-
-Display::display_footer();
 ?>
--- a/main/group/group.php
+++ b/main/group/group.php
@ -78,11 +78,8 @@ if( api_get_setting('allow_group_categories') == 'false')
 */
 if (!isset ($_GET['origin']) || $_GET['origin'] != 'learnpath')
 { //so we are not in learnpath tool
-	Display::display_header($nameTools,"Group");
 	event_access_tool(TOOL_GROUP);
-	//api_display_tool_title($nameTools);
-
-	if (! $is_allowed_in_course) api_not_allowed();
+	if (! $is_allowed_in_course) api_not_allowed(true);
 }
 else
 {
--- a/main/group/group_edit.php
+++ b/main/group/group_edit.php
@ -67,7 +67,7 @@ $interbreadcrumb[] = array ("url" => "group.php", "name" => get_lang('GroupManag

 if (!api_is_allowed_to_edit())
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }
 /*
 ============================================================================== 
--- a/main/group/group_overview.php
+++ b/main/group/group_overview.php
@ -98,12 +98,7 @@ if( isset($_GET['action']))
 $interbreadcrumb[]=array("url" => "group.php","name" => get_lang('GroupManagement'));
 if (!isset ($_GET['origin']) || $_GET['origin'] != 'learnpath')
 { //so we are not in learnpath tool
-Display::display_header($nameTools,"Group");
-	//event_access_tool($nameTools);
-
-	api_display_tool_title($nameTools);
-	
-	if (! $is_allowed_in_course) api_not_allowed();
+	if (! $is_allowed_in_course) api_not_allowed(true);	
 }
 else
 {
--- a/main/messaging/email_editor.php
+++ b/main/messaging/email_editor.php
@ -33,7 +33,7 @@ include_once("../inc/global.inc.php");

 if(empty($_user['user_id']))
 {
-	api_not_allowed();
+	api_not_allowed(true);
 }

 //api_protect_course_script(); //not a course script, so no protection
--- a/main/upload/index.php
+++ b/main/upload/index.php
@ -68,7 +68,7 @@ function check_unzip() {

 $is_allowed_to_edit = api_is_allowed_to_edit();
 if(!$is_allowed_to_edit){
-	api_not_allowed();
+	api_not_allowed(true);
 }


--- a/main/upload/upload.php
+++ b/main/upload/upload.php
@ -22,7 +22,7 @@ if(empty($_SESSION['my_tool'])){header('location:index.php');}
 $is_allowed_to_edit = api_is_allowed_to_edit();

 if(!$is_allowed_to_edit){
-	api_not_allowed();
+	api_not_allowed(true);
 }


--- a/main/upload/upload_ppt.php
+++ b/main/upload/upload_ppt.php
@ -49,18 +49,18 @@ if(isset($_POST['convert'])){
 event_access_tool(TOOL_UPLOAD);


-$interbreadcrumb[]= array ("url"=>"../newscorm/lp_controller.php?action=list", "name"=> get_lang("Doc"));
-$nameTools = get_lang("OogieConversionPowerPoint");
-Display :: display_header($nameTools);
-
-
 // check access permissions (edit permission is needed to add a document or a LP)
 $is_allowed_to_edit = api_is_allowed_to_edit();

 if(!$is_allowed_to_edit){
-	api_not_allowed();
+	api_not_allowed(true);
 }

+$interbreadcrumb[]= array ("url"=>"../newscorm/lp_controller.php?action=list", "name"=> get_lang("Doc"));
+$nameTools = get_lang("OogieConversionPowerPoint");
+Display :: display_header($nameTools);
+
+
 ?>

 <img src="../img/oogie.gif"><br>