moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merged from MOODLE_15_STABLE: Fixing bug 4199: import course data should only allow you to import from a course that you're already a teacher in, unless you're at least a creator

Browse source
This commit is contained in:
mjollnir_ 2005-10-20 00:19:42 +00:00
parent 188130e59d
commit 65f05987fd
1 changed files with 18 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
course/import.php
View file

@ -24,7 +24,15 @@ $filename = optional_param('filename',0,PARAM_INT);
error("You need to be a teacher or an admin to use this page"); error("You need to be a teacher or an admin to use this page");
} }
// if we're not a course creator , we can only import from our own courses.
if (iscreator()) {
$creator = true;
}
if ($from = get_record("course","id",$fromcourse)) { if ($from = get_record("course","id",$fromcourse)) {
if (!isteacheredit($fromcourse)) {
error("You need to be a course creator, or a teacher in the course you are importing data from, as well");
}
if (!empty($filename) && file_exists($CFG->dataroot.'/'.$filename) && !empty($SESSION->import_preferences)) { if (!empty($filename) && file_exists($CFG->dataroot.'/'.$filename) && !empty($SESSION->import_preferences)) {
$restore = backup_to_restore_array($SESSION->import_preferences); $restore = backup_to_restore_array($SESSION->import_preferences);
$restore->restoreto = 1; $restore->restoreto = 1;
@ -44,7 +52,9 @@ $filename = optional_param('filename',0,PARAM_INT);
print_header("$course->fullname: $strimport", "$course->fullname: $strimport", "$course->shortname"); print_header("$course->fullname: $strimport", "$course->fullname: $strimport", "$course->shortname");
$taught_courses = get_my_courses($USER->id,"visible DESC,sortorder ASC",0,1); $taught_courses = get_my_courses($USER->id,"visible DESC,sortorder ASC",0,1);
if (!empty($creator)) {
$cat_courses = get_courses($course->category); $cat_courses = get_courses($course->category);
}
print_heading(get_string("importdatafrom")); print_heading(get_string("importdatafrom"));
$options = array(); $options = array();
@ -78,11 +88,14 @@ $filename = optional_param('filename',0,PARAM_INT);
choose_from_menu($options,"fromcourse","","choose","","0",true), choose_from_menu($options,"fromcourse","","choose","","0",true),
$submit); $submit);
} }
if (!empty($creator)) {
$table->data[] = array($fm.'<b>'.get_string('searchcourses').'</b>', $table->data[] = array($fm.'<b>'.get_string('searchcourses').'</b>',
'<input type="text" name="fromcoursesearch" />', '<input type="text" name="fromcoursesearch" />',
'<input type="submit" value="'.get_string('searchcourses').'" />'); '<input type="submit" value="'.get_string('searchcourses').'" />');
}
if (!empty($fromcoursesearch)) { if (!empty($fromcoursesearch) && !empty($creator)) {
$totalcount = 0; $totalcount = 0;
$courses = get_courses_search(explode(" ",$fromcoursesearch),"fullname ASC",$page,50,$totalcount); $courses = get_courses_search(explode(" ",$fromcoursesearch),"fullname ASC",$page,50,$totalcount);
if (is_array($courses) and count($courses) > 0) { if (is_array($courses) and count($courses) > 0) {