From: stronk7 Date: Sat, 9 Oct 2004 19:08:01 +0000 (+0000) Subject: course/unenrol.php is using sesskey. X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=967cd1164b27c8a45bfa1a4efe7c8c917179c5e1;p=moodle.git course/unenrol.php is using sesskey. Merged from MOODLE_14_STABLE --- diff --git a/course/unenrol.php b/course/unenrol.php index 8dac96525b..3450588cc5 100644 --- a/course/unenrol.php +++ b/course/unenrol.php @@ -28,7 +28,7 @@ error("You are not allowed to unenroll"); } - if (isset($confirm)) { + if (isset($confirm) and confirm_sesskey()) { if (! unenrol_student($user->id, $course->id)) { error("An error occurred while trying to unenrol you."); @@ -56,7 +56,7 @@ $strunenrolsure = get_string("unenrolsure", "", fullname($user, true)); } - notice_yesno ($strunenrolsure, "unenrol.php?id=$id&user=$user->id&confirm=yes", "$HTTP_REFERER"); + notice_yesno ($strunenrolsure, "unenrol.php?id=$id&user=$user->id&confirm=yes&sesskey=$USER->sesskey", "$HTTP_REFERER"); print_footer();