// so we can strip them from the submitted data BEFORE handling it.
$hiddendata = array(
'block' => $blockid,
- 'sesskey' => $USER->sesskey
+ 'sesskey' => sesskey()
);
/// If data submitted, then process and store.
$count = $DB->count_records('block_instance', array('blockid'=>$blockid, 'pagetype'=>'course-view'));
if ($count>0) {
- $blocklist = "<a href=\"{$CFG->wwwroot}/course/search.php?blocklist=$blockid&sesskey={$USER->sesskey}\" ";
+ $blocklist = "<a href=\"{$CFG->wwwroot}/course/search.php?blocklist=$blockid&sesskey=".sesskey()."\" ";
$blocklist .= "title=\"$strshowblockcourse\" >$totalcount</a>";
}
else {
print_error('confirmsesskeybad', 'error');
}
if ($enrolment->process_config($frm)) {
- redirect("enrol.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
+ redirect("enrol.php?sesskey=".sesskey(), get_string("changessaved"), 1);
}
} else {
$frm = $CFG;
if (!$confirm) {
notice_yesno(get_string("moduledeleteconfirm", "", $strmodulename),
- "modules.php?delete=$delete&confirm=1&sesskey=$USER->sesskey",
+ "modules.php?delete=$delete&confirm=1&sesskey=".sesskey(),
"modules.php");
admin_externalpage_print_footer();
exit;
$count = $DB->count_records_select($module->name, "course<>0");
if ($count>0) {
$countlink = "<a href=\"{$CFG->wwwroot}/course/search.php?modulelist=$module->name" .
- "&sesskey={$USER->sesskey}\" title=\"$strshowmodulecourse\">$count</a>";
+ "&sesskey=".sesskey()."\" title=\"$strshowmodulecourse\">$count</a>";
}
else {
$countlink = "$count";
$deletebutton = get_string($accessctrl, 'mnet');
if (has_capability('moodle/user:delete', $sitecontext)) {
// TODO: this should be under a separate capability
- $deletebutton .= " (<a href=\"?acl={$user->id}&accessctrl=$changeaccessto&sesskey={$USER->sesskey}\">"
+ $deletebutton .= " (<a href=\"?acl={$user->id}&accessctrl=$changeaccessto&sesskey=".sesskey()."\">"
. get_string($changeaccessto, 'mnet') . " access</a>)";
}
// mnet info in edit column
projects / moodle.git / commitdiff