moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

course/view.php is using sesskey

Browse source 
(changes in blocks done, please check them)

Merged from MOODLE_14_STABLE
This commit is contained in:
stronk7 2004-10-09 20:16:05 +00:00
parent 967cd1164b
commit 5b224948aa
5 changed files with 28 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

14
course/format/topics/format.php
View file

@ -31,7 +31,7 @@
}
}
if (isteacher($course->id) and isset($marker)) {
if (isteacher($course->id) and isset($marker) and confirm_sesskey()) {
$course->marker = $marker;
if (! set_field("course", "marker", $marker, "id", $course->id)) {
error("Could not mark that topic for this course");
@ -222,28 +222,28 @@
if (isediting($course->id)) {
if ($course->marker == $section) { // Show the "light globe" on/off
echo "<a href=\"view.php?id=$course->id&amp;marker=0\" title=\"$strmarkedthistopic\">".
echo "<a href=\"view.php?id=$course->id&amp;marker=0&amp;sesskey=$USER->sesskey\" title=\"$strmarkedthistopic\">".
"<img src=\"$CFG->pixpath/i/marked.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&amp;marker=$section\" title=\"$strmarkthistopic\">".
echo "<a href=\"view.php?id=$course->id&amp;marker=$section&amp;sesskey=$USER->sesskey\" title=\"$strmarkthistopic\">".
"<img src=\"$CFG->pixpath/i/marker.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
}
if ($thissection->visible) { // Show the hide/show eye
echo "<a href=\"view.php?id=$course->id&amp;hide=$section\" title=\"$strtopichide\">".
echo "<a href=\"view.php?id=$course->id&amp;hide=$section&amp;sesskey=$USER->sesskey\" title=\"$strtopichide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&amp;show=$section\" title=\"$strtopicshow\">".
echo "<a href=\"view.php?id=$course->id&amp;show=$section&amp;sesskey=$USER->sesskey\" title=\"$strtopicshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
}
if ($section > 1) { // Add a arrow to move section up
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=-1\" title=\"$strmoveup\">".
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=-1&amp;sesskey=$USER->sesskey\" title=\"$strmoveup\">".
"<img src=\"$CFG->pixpath/t/up.gif\" vspace=\"3\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a><br />";
}
if ($section < $course->numsections) { // Add a arrow to move section down
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=1\" title=\"$strmovedown\">".
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=1&amp;sesskey=$USER->sesskey\" title=\"$strmovedown\">".
"<img src=\"$CFG->pixpath/t/down.gif\" vspace=\"3\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a><br />";
}

8
course/format/weeks/format.php
View file

@ -215,20 +215,20 @@
if (isediting($course->id)) {
if ($thissection->visible) { // Show the hide/show eye
echo "<a href=\"view.php?id=$course->id&amp;hide=$section\" title=\"$strweekhide\">".
echo "<a href=\"view.php?id=$course->id&amp;hide=$section&amp;sesskey=$USER->sesskey\" title=\"$strweekhide\">".
"<img src=\"$CFG->pixpath/i/hide.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
} else {
echo "<a href=\"view.php?id=$course->id&amp;show=$section\" title=\"$strweekshow\">".
echo "<a href=\"view.php?id=$course->id&amp;show=$section&amp;sesskey=$USER->sesskey\" title=\"$strweekshow\">".
"<img src=\"$CFG->pixpath/i/show.gif\" vspace=\"3\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a><br />";
}
if ($section > 1) { // Add a arrow to move section up
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=-1\" title=\"$strmoveup\">".
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=-1&amp;sesskey=$USER->sesskey\" title=\"$strmoveup\">".
"<img src=\"$CFG->pixpath/t/up.gif\" vspace=\"3\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a><br />";
}
if ($section < $course->numsections) { // Add a arrow to move section down
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=1\" title=\"$strmovedown\">".
echo "<a href=\"view.php?id=$course->id&amp;section=$section&amp;move=1&amp;sesskey=$USER->sesskey\" title=\"$strmovedown\">".
"<img src=\"$CFG->pixpath/t/down.gif\" vspace=\"3\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a><br />";
}

8
course/view.php
View file

@ -75,15 +75,15 @@
$editing = $USER->editing;
if (isset($hide)) {
if (isset($hide) and confirm_sesskey()) {
set_section_visible($course->id, $hide, '0');
}
if (isset($show)) {
if (isset($show) and confirm_sesskey()) {
set_section_visible($course->id, $show, '1');
}
if (isset($_GET['blockaction'])) {
if (isset($_GET['blockaction']) and confirm_sesskey()) {
if (isset($_GET['blockid'])) {
block_action($course, $leftblocks, $rightblocks, strtolower($_GET['blockaction']), intval($_GET['blockid']));
}
@ -118,7 +118,7 @@
}
if (!empty($section)) {
if (!empty($move)) {
if (!empty($move) and confirm_sesskey()) {
if (!move_section($course, $section, $move)) {
notify("An error occurred while moving a section");
}