lesson: MDL-20705 Fix XSRF issues.

Uses new require_sesskey funciton from MDL-20702.

diff --git a/mod/lesson/action/addcluster.php b/mod/lesson/action/addcluster.php
index 0e34c1485d232375179e9427da2bf6bf008c311b..8a3a709092a74e11ba24144022c47e3579a9a8ad 100644 (file)
--- a/mod/lesson/action/addcluster.php
+++ b/mod/lesson/action/addcluster.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     // first get the preceeding page
     // if $pageid = 0, then we are inserting a new page at the beginning of the lesson

diff --git a/mod/lesson/action/addendofbranch.php b/mod/lesson/action/addendofbranch.php
index c47fb157bffad968b87b8133b5f0cf3a848b0f32..b6bb3be4c0123277272e3341342ea93bc81bee14 100644 (file)
--- a/mod/lesson/action/addendofbranch.php
+++ b/mod/lesson/action/addendofbranch.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     // first get the preceeding page
     $pageid = required_param('pageid', PARAM_INT);

diff --git a/mod/lesson/action/addendofcluster.php b/mod/lesson/action/addendofcluster.php
index eef19b3eca06a239debd6fefb4f7a713fd12d607..41509501cd758e7df32d30912567e832f03dc75b 100644 (file)
--- a/mod/lesson/action/addendofcluster.php
+++ b/mod/lesson/action/addendofcluster.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     // first get the preceeding page
     $pageid = required_param('pageid', PARAM_INT);

diff --git a/mod/lesson/action/confirmdelete.php b/mod/lesson/action/confirmdelete.php
index 2b903f1a22eca7b9ce4f019a904c95045df7c3d1..8daa9fee054439b456d8477e131eae4560a6a49e 100644 (file)
--- a/mod/lesson/action/confirmdelete.php
+++ b/mod/lesson/action/confirmdelete.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     $pageid = required_param('pageid', PARAM_INT);
     if (!$thispage = $DB->get_record("lesson_pages", array ("id" => $pageid))) {

diff --git a/mod/lesson/action/continue.php b/mod/lesson/action/continue.php
index 93ed99d46c408cd4eb576558bdb857c0ecad53c3..f14f267bef8339f0609ab1077144eb42b09fcbf3 100644 (file)
--- a/mod/lesson/action/continue.php
+++ b/mod/lesson/action/continue.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     // left menu code
     // check to see if the user can see the left menu

diff --git a/mod/lesson/action/delete.php b/mod/lesson/action/delete.php
index 45b875da4912312d0d7acfbd5162876b3a343540..2ba5c4d1c7032b6d61d382f717f0e146fcd3edff 100644 (file)
--- a/mod/lesson/action/delete.php
+++ b/mod/lesson/action/delete.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     $pageid = required_param('pageid', PARAM_INT);
     if (!$thispage = $DB->get_record("lesson_pages", array("id" => $pageid))) {

diff --git a/mod/lesson/action/insertpage.php b/mod/lesson/action/insertpage.php
index c955d2c8517cccd77d44fa3989d7b51a5a18ee9b..6fa694ebed804df6c7cadd9791ee541a76f77662 100644 (file)
--- a/mod/lesson/action/insertpage.php
+++ b/mod/lesson/action/insertpage.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     // check to see if the cancel button was pushed
     if (optional_param('cancel', '', PARAM_ALPHA)) {

diff --git a/mod/lesson/action/moveit.php b/mod/lesson/action/moveit.php
index 4a8d4e9085a83e7c231e315d3baec9f476274b06..1c81fe7d97718fcab53252eed785ba11a449b2b5 100644 (file)
--- a/mod/lesson/action/moveit.php
+++ b/mod/lesson/action/moveit.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     $pageid = required_param('pageid', PARAM_INT); //  page to move
     if (!$page = $DB->get_record("lesson_pages", array("id" => $pageid))) {

diff --git a/mod/lesson/action/updatepage.php b/mod/lesson/action/updatepage.php
index b40e2a3f72185c0b0f1e7d69221b0d7b98e1e997..55780bb0c3b43d13a9f0160cd4047867ee2b1447 100644 (file)
--- a/mod/lesson/action/updatepage.php
+++ b/mod/lesson/action/updatepage.php
@@ -5,7 +5,7 @@
  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  * @package lesson
  **/
-    confirm_sesskey();
+    require_sesskey();
 
     $redirect = optional_param('redirect', '', PARAM_ALPHA);
 

diff --git a/mod/lesson/essay.php b/mod/lesson/essay.php
index 4fcf64fe23609264b5f1bc7e75b6b23abdbf9928..45629aeccd33f9ef55816bea66613b8ad2e21647 100644 (file)
--- a/mod/lesson/essay.php
+++ b/mod/lesson/essay.php
@@ -70,7 +70,7 @@
             }
             break;
         case 'grade':  // Grading form - get the necessary data
-            confirm_sesskey();
+            require_sesskey();
 
             $attemptid = required_param('attemptid', PARAM_INT);
 
@@ -142,7 +142,7 @@
             }
             break;
         case 'email': // Sending an email(s) to a single user or all
-            confirm_sesskey();
+            require_sesskey();
 
             // Get our users (could be singular)
             if ($userid = optional_param('userid', 0, PARAM_INT)) {