moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Now actions for meta-courses (add, delete...) are using sesskey.

Browse source
This commit is contained in:
stronk7 2005-02-02 19:13:24 +00:00
parent e5a7b7082c
commit 9da0673aba
2 changed files with 5 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
course/importstudents.html
View file

@ -1,6 +1,7 @@
<form name="studentform" id="studentform" method="post" action="importstudents.php"> <form name="studentform" id="studentform" method="post" action="importstudents.php">
<input type="hidden" name="previoussearch" value="<?php echo $previoussearch ?>"> <input type="hidden" name="previoussearch" value="<?php echo $previoussearch ?>">
<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>">
<input type="hidden" name="id" value="<?php echo $id?>"> <input type="hidden" name="id" value="<?php echo $id?>">
<table align="center" border="0" cellpadding="5" cellspacing="0"> <table align="center" border="0" cellpadding="5" cellspacing="0">
<tr> <tr>

8
course/importstudents.php
View file

@ -63,20 +63,20 @@
/// A form was submitted so process the input /// A form was submitted so process the input
} else { } else {
if (!empty($frm->add) and !empty($frm->addselect)) { if (!empty($frm->add) and !empty($frm->addselect) and confirm_sesskey()) {
$timestart = $timeend = 0; $timestart = $timeend = 0;
foreach ($frm->addselect as $addcourse) { foreach ($frm->addselect as $addcourse) {
if (!add_to_metacourse($course->id,$addcourse)) { if (!add_to_metacourse($course->id,$addcourse)) {
error("Could not add the selected course to this meta course!"); error("Could not add the selected course to this meta course!");
} }
} }
} else if (!empty($frm->remove) and !empty($frm->removeselect)) { } else if (!empty($frm->remove) and !empty($frm->removeselect) and confirm_sesskey()) {
foreach ($frm->removeselect as $removecourse) { foreach ($frm->removeselect as $removecourse) {
if (! remove_from_metacourse($course->id,$removecourse)) { if (! remove_from_metacourse($course->id,$removecourse)) {
error("Could not remove the selected course to this meta course!"); error("Could not remove the selected course to this meta course!");
} }
} }
} else if (!empty($frm->showall)) { } else if (!empty($frm->showall) and confirm_sesskey()) {
unset($frm->searchtext); unset($frm->searchtext);
$frm->previoussearch = 0; $frm->previoussearch = 0;
} }
@ -93,7 +93,7 @@
/// Get search results excluding any users already in this course /// Get search results excluding any users already in this course
if (!empty($frm->searchtext) and $previoussearch) { if (!empty($frm->searchtext) and $previoussearch and confirm_sesskey()) {
$searchcourses = get_courses_search(explode(" ",$frm->searchtext),'fullname ASC',0,99999,$numcourses); $searchcourses = get_courses_search(explode(" ",$frm->searchtext),'fullname ASC',0,99999,$numcourses);
foreach ($searchcourses as $tmp) { foreach ($searchcourses as $tmp) {
if (array_key_exists($tmp->id,$alreadycourses)) { if (array_key_exists($tmp->id,$alreadycourses)) {