From: moodler <moodler>
Date: Mon, 13 Aug 2007 13:45:14 +0000 (+0000)
Subject: Make sure require_login is being called from reports  MDL-10833
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=a0501fc36a91e0e033e48cfb00f99f56f52e3f05;p=moodle.git

Make sure require_login is being called from reports  MDL-10833
---

diff --git a/course/report.php b/course/report.php
index b846ac0fad..5954b3f597 100644
--- a/course/report.php
+++ b/course/report.php
@@ -9,7 +9,9 @@
         error("That's an invalid course id");
     }
 
-    require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $id));
+    require_login($course->id);
+
+    require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id));
 
     $strreports = get_string('reports');
 
diff --git a/course/report/log/index.php b/course/report/log/index.php
index 9f984c4be8..a2dcc54f29 100644
--- a/course/report/log/index.php
+++ b/course/report/log/index.php
@@ -33,8 +33,6 @@
     $chooselog   = optional_param('chooselog', 0, PARAM_INT);
     $logformat   = optional_param('logformat', 'showashtml', PARAM_ALPHA);
 
-    require_login();
-
     if ($hostid == $CFG->mnet_localhost_id) {
         if (!$course = get_record('course', 'id', $id) ) {
             error('That\'s an invalid course id'.$id);
@@ -46,6 +44,8 @@
         $course->fullname  = $course_stub->coursename;
     }
 
+    require_login($course->id);
+
     $context = get_context_instance(CONTEXT_COURSE, $course->id);
 
     require_capability('moodle/site:viewreports', $context);
diff --git a/course/report/outline/index.php b/course/report/outline/index.php
index c4c45fdfbd..99c5461bd5 100644
--- a/course/report/outline/index.php
+++ b/course/report/outline/index.php
@@ -11,12 +11,12 @@
     $page    = optional_param('page', 0, PARAM_INT);
     $perpage = optional_param('perpage', 100, PARAM_INT);
 
-    require_login();
-
     if (! $course = get_record("course", "id", $id)) {
         error("Course id is incorrect.");
     }
 
+    require_login($course->id);
+
     require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id));
 
     add_to_log($course->id, "course", "report outline", "report/outline/index.php?id=$course->id", $course->id); 
@@ -119,4 +119,4 @@ function print_outline_row($mod, $instance, $result) {
     echo "</tr>";
 }
 
-?>
\ No newline at end of file
+?>
diff --git a/course/report/stats/index.php b/course/report/stats/index.php
index 187e815036..f4a5292faf 100644
--- a/course/report/stats/index.php
+++ b/course/report/stats/index.php
@@ -38,7 +38,7 @@
         }
     }
 
-    require_login();
+    require_login($course->id);
     $context = get_context_instance(CONTEXT_COURSE, $course->id);
     
     if (!has_capability('moodle/site:viewreports', $context)) {