chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Blocking master exercise edition in a session see #6837

Browse Source
1.9.x
Julio Montoya 12 years ago
parent c9fac12553
commit e6e97e028f
2 changed files with 16 additions and 8 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      main/exercice/admin.php
  2. 8
      main/exercice/overview.php

16
main/exercice/admin.php
Unescape View File

@ -66,6 +66,7 @@ $this_section = SECTION_COURSES;
api_protect_course_script(true); api_protect_course_script(true);
$is_allowedToEdit = api_is_allowed_to_edit(null,true); $is_allowedToEdit = api_is_allowed_to_edit(null,true);
$sessionId = api_get_session_id();
if (!$is_allowedToEdit) { if (!$is_allowedToEdit) {
api_not_allowed(true); api_not_allowed(true);
@ -166,7 +167,7 @@ if (!empty($_GET['action']) && $_GET['action'] == 'exportqti2' && !empty($_GET['
exit; //otherwise following clicks may become buggy exit; //otherwise following clicks may become buggy
} }
// intializes the Exercise object // Exercise object creation.
if (!is_object($objExercise)) { if (!is_object($objExercise)) {
// construction of the Exercise object // construction of the Exercise object
$objExercise = new Exercise(); $objExercise = new Exercise();
@ -176,7 +177,14 @@ if (!is_object($objExercise)) {
$objExercise->read($exerciseId); $objExercise->read($exerciseId);
} }
// saves the object into the session // saves the object into the session
Session::write('objExercise',$objExercise); Session::write('objExercise', $objExercise);
}
// Exercise can be edited in their course.
if ($objExercise->sessionId != $sessionId) {
api_not_allowed(true);
/*header('Location: '.api_get_path(WEB_CODE_PATH).'exercice/exercice.php?'.api_get_cidreq());
exit;*/
} }
// doesn't select the exercise ID if we come from the question pool // doesn't select the exercise ID if we come from the question pool
@ -189,7 +197,7 @@ if (!$fromExercise) {
$nbrQuestions = $objExercise->selectNbrQuestions(); $nbrQuestions = $objExercise->selectNbrQuestions();
// intializes the Question object // Question object creation.
if ($editQuestion || $newQuestion || $modifyQuestion || $modifyAnswers) { if ($editQuestion || $newQuestion || $modifyQuestion || $modifyAnswers) {
if ($editQuestion || $newQuestion) { if ($editQuestion || $newQuestion) {
@ -219,7 +227,7 @@ if ($cancelExercise) {
} else { } else {
// new exercise // new exercise
// goes back to the exercise list // goes back to the exercise list
header('Location: exercice.php'); header('Location: '.api_get_path(WEB_CODE_PATH).'exercice/exercice.php?'.api_get_cidreq());
exit(); exit();
} }
} }

8
main/exercice/overview.php
Unescape View File

@ -27,7 +27,7 @@ $this_section = SECTION_COURSES;
// Notice for unauthorized people. // Notice for unauthorized people.
api_protect_course_script(true); api_protect_course_script(true);
$sessionId = api_get_session_id();
$exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : 0; $exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : 0;
$objExercise = new Exercise(); $objExercise = new Exercise();
@ -72,14 +72,14 @@ if ($origin != 'learnpath') {
$html = ''; $html = '';
$message = ''; $message = '';
$is_allowed_to_edit = api_is_allowed_to_edit(null,true); $is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$edit_link = ''; $edit_link = '';
if ($is_allowed_to_edit) { if ($is_allowed_to_edit && $objExercise->sessionId == $sessionId) {
$edit_link = Display::url(Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL), api_get_path(WEB_CODE_PATH).'exercice/admin.php?'.api_get_cidreq().'&id_session='.api_get_session_id().'&exerciseId='.$objExercise->id); $edit_link = Display::url(Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL), api_get_path(WEB_CODE_PATH).'exercice/admin.php?'.api_get_cidreq().'&id_session='.api_get_session_id().'&exerciseId='.$objExercise->id);
} }
//Exercise name //Exercise name
$html .= Display::page_header( $objExercise->name.' '.$edit_link); $html .= Display::page_header($objExercise->name.' '.$edit_link);
//Exercise description //Exercise description
if (!empty($objExercise->description)) { if (!empty($objExercise->description)) {

Write Preview
Loading…
Cancel
Save