From: tjhunt <tjhunt>
Date: Wed, 9 Jul 2008 17:00:26 +0000 (+0000)
Subject: MDL-15535 - URLs are changing from attempt.php?id=XXX to attempt.php?attempt =YYY... 
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=b1103f2bf2079c2687f9932934a5029b77a22f75;p=moodle.git

MDL-15535 - URLs are changing from attempt.php?id=XXX to attempt.php?attempt =YYY - implement a sensible redirect if we recieve an old-style URL, since they are stored in a few places like the logs. Also update all URLs we generate that point to attempt.php.
---

diff --git a/mod/quiz/attempt.php b/mod/quiz/attempt.php
index 786fec1176..ed64dc3527 100644
--- a/mod/quiz/attempt.php
+++ b/mod/quiz/attempt.php
@@ -13,7 +13,17 @@
     require_once(dirname(__FILE__) . '/../../config.php');
     require_once($CFG->dirroot . '/mod/quiz/locallib.php');
 
-/// remember the current time as the time any responses were submitted
+/// Look for old-style URLs, such as may be in the logs, and redirect them to startattemtp.php 
+    if ($id = optional_param('id', 0, PARAM_INTEGER)) {
+        redirect($CFG->wwwroot . '/mod/quiz/startattempt.php?cmid=' . $id . '&sesskey=' . sesskey());
+    } else if ($qid = optional_param('q', 0, PARAM_INTEGER)) {
+        if (!$cm = get_coursemodule_from_instance('quiz', $qid)) {
+            print_error('invalidquizid', 'quiz');
+        }
+        redirect($CFG->wwwroot . '/mod/quiz/startattempt.php?cmid=' . $cm->id . '&sesskey=' . sesskey());
+    }
+
+/// Remember the current time as the time any responses were submitted
 /// (so as to make sure students don't get penalized for slow processing on this page)
     $timenow = time();
 
diff --git a/mod/quiz/reviewquestion.php b/mod/quiz/reviewquestion.php
index 588a477d15..30f4d8455a 100644
--- a/mod/quiz/reviewquestion.php
+++ b/mod/quiz/reviewquestion.php
@@ -58,7 +58,7 @@
 
     if (!has_capability('mod/quiz:viewreports', $context)) {
         if (!$attempt->timefinish) {
-            redirect('attempt.php?q='.$quiz->id);
+            redirect('attempt.php?attempt='.$attempt->id);
         }
         // If not even responses are to be shown in review then we
         // don't allow any review
diff --git a/mod/quiz/startattempt.php b/mod/quiz/startattempt.php
index 7c9f9e25e9..e881d75cb8 100644
--- a/mod/quiz/startattempt.php
+++ b/mod/quiz/startattempt.php
@@ -28,8 +28,11 @@ if (!$quiz = $DB->get_record('quiz', array('id' => $cm->instance))) {
 
 $quizobj = new quiz($quiz, $cm, $course);
 
-/// Check login and get contexts.
+/// Check login and sesskey.
 require_login($quizobj->get_courseid(), false, $quizobj->get_cm());
+if (!confirm_sesskey()) {
+    throw new moodle_exception('confirmsesskeybad', 'error', $quizobj->view_url());
+}
 
 /// if no questions have been set up yet redirect to edit.php
 if (!$quizobj->get_question_ids() && $quizobj->has_capability('mod/quiz:manage')) {
@@ -42,14 +45,6 @@ if ($quizobj->is_preview_user() && $forcenew) {
     $accessmanager->clear_password_access();
 }
 
-// This page should only respond to post requests, if not, redirect to the view page.
-// However, becuase 'secure' mode opens in a new window, we cannot do enforce this rule for them.
-if (!data_submitted() && !$accessmanager->securewindow_required($quizobj->is_preview_user())) {
-    $accessmanager->back_to_view_page($quizobj->is_preview_user());
-}
-if (!confirm_sesskey()) {
-    throw new moodle_exception('confirmsesskeybad', 'error', $quizobj->view_url());
-}
 
 /// Check capabilites.
 if (!$quizobj->is_preview_user()) {
@@ -109,11 +104,11 @@ if (!$attempt->id = $DB->insert_record('quiz_attempts', $attempt)) {
 
 /// Log the new attempt.
 if ($attempt->preview) {
-    add_to_log($course->id, 'quiz', 'preview', "attempt.php?id=$cm->id",
-            "$quiz->id", $cm->id);
+    add_to_log($course->id, 'quiz', 'preview', 'view.php?id=' . $quizobj->get_cmid(),
+            $quizobj->get_quizid(), $quizobj->get_cmid());
 } else {
-    add_to_log($course->id, 'quiz', 'attempt', "review.php?attempt=$attempt->id",
-            "$quiz->id", $cm->id);
+    add_to_log($course->id, 'quiz', 'attempt', 'review.php?attempt=' . $attempt->id,
+            $quizobj->get_quizid(), $quizobj->get_cmid());
 }
 
 /// Fully load all the questions in this quiz.
diff --git a/mod/quiz/tabs.php b/mod/quiz/tabs.php
index 3b6a023131..456a043f0f 100644
--- a/mod/quiz/tabs.php
+++ b/mod/quiz/tabs.php
@@ -38,7 +38,7 @@ if (has_capability('mod/quiz:viewreports', $context)) {
     $row[] = new tabobject('reports', "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id", get_string('results', 'quiz'));
 }
 if (has_capability('mod/quiz:preview', $context)) {
-    $row[] = new tabobject('preview', "$CFG->wwwroot/mod/quiz/attempt.php?q=$quiz->id", get_string('preview', 'quiz'));
+    $row[] = new tabobject('preview', "$CFG->wwwroot/mod/quiz/startattempt.php?q=$quiz->id", get_string('preview', 'quiz'));
 }
 if (has_capability('mod/quiz:manage', $context)) {
     $row[] = new tabobject('edit', "$CFG->wwwroot/mod/quiz/edit.php?cmid=$cm->id", get_string('edit'));